Cppcheck

F

fresta

Bardzo aktywny
Dołączył
8 Październik 2010
Posty
406
Reakcje/Polubienia
471
Cppcheck to narzędzie do analizy statycznej kodu C / C ++. W przeciwieństwie do kompilatorów C / C ++ i wielu innych narzędzi analitycznych nie wykrywa błędów składniowych w kodzie. Cppcheck wykrywa przede wszystkim rodzaje błędów, których zwykle nie wykrywają kompilatory. Celem jest wykrycie tylko rzeczywistych błędów w kodzie (tj. Zero zerowych wyników fałszywie dodatnich). Przeznaczony dla programistów.

Cechy:
- Sprawdzanie poza zakresem,
- Sprawdź kod dla każdej klasy,
- Sprawdzanie bezpieczeństwa wyjątków,
- Sprawdzanie wycieków pamięci,
- Ostrzegaj, jeśli używane są przestarzałe funkcje,
- Sprawdź, czy użycie STL jest nieprawidłowe,
- Sprawdź niezainicjowane zmienne i nieużywane funkcje

Link do oficjalnej strony:
Zaloguj lub Zarejestruj się aby zobaczyć!
 
C

Camel1965

Bardzo aktywny
Zasłużony
Dołączył
8 Wrzesień 2010
Posty
41331
Reakcje/Polubienia
35159

Cppcheck 2.10​

What's new in Cppcheck 2.9

August 28, 2022
  • restored check for negative allocation (new[]) and negative VLA sizes from cppcheck 1.87 (LCppC backport)
  • replaced hardcoded check for pipe() buffer size by library configuration option (LCppC backport)
  • on Windows the callstack is now being written to the output specific via "--exception-handling"
  • make it possible to disable the various exception handling parts via the CMake options "NO_UNIX_SIGNAL_HANDLING", "NO_UNIX_BACKTRACE_SUPPORT" and "NO_WINDOWS_SEH"
  • detect more redundant calls of std::string::c_str(), std::string::substr(), and unnecessary copies of containers
  • Add a match function to addon similiar to Token::Match used internally by cppcheck:
  • | for either-or tokens(ie struct|class to match either struct or class)
  • !! to negate a token
  • It supports the %any%, %assign%, %comp%, %name%, %op%, %or%, %oror%, and %var% keywords
  • It supports (*), {*},
  • , and <*> to match links
  • @ can be added to bind the token to a name
  • ** can be used to match until a token
  • Add math functions which can be used in library function definition. This enables evaluation of more math functions in ValueFlow
  • Further improve lifetime analysis with this pointers
  • Propagate condition values from outer function calls
  • Add debug intrinsics debug_valueflow and debug_valuetype to show more detail including source backtraces
Kliknij aby rozwinąć...
Zaloguj lub Zarejestruj się aby zobaczyć!
 
C

Camel1965

Bardzo aktywny
Zasłużony
Dołączył
8 Wrzesień 2010
Posty
41331
Reakcje/Polubienia
35159

Cppcheck 2.11

New checks:

pop_back on empty container is UB

Improved checking:

Improve useStlAlgorithm check to handle many more conditions in the loop for any_of, all_of and none_of algorithms
ValueFlow can evaluate the return value of functions even when conditionals are used
ValueFlow will now forward the container sizes being returned from a function
ValueFlow can infer possible values from possible symbolic values
Improve valueflow after pushing to container

GUI:

The platform type 'Unspecified' within .cppcheck projects has been deprecated and will be removed in Cppcheck 2.14. Please use 'unspecified' instead.
Do not replace relative paths with absolute paths in suppressions in the project file dialog

Interface:

The new option --check-level= has been added that controls how much checking is made by Cppcheck. The default checking level is "normal". If you feel that you can wait longer on results you can use --check-level=exhaustive.
It is no longer necessary to run "--check-config" to get detailed "missingInclude" and "missingIncludeSystem" messages. They will always be issued in the regular analysis if "missingInclude" is enabled.
"missingInclude" and "missingIncludeSystem" are reported with "-j" is > 1 and processes are used in the backend (default in non-Windows binaries)
"missingInclude" and "missingIncludeSystem" will now cause the "--error-exitcode" to be applied
"--enable=information" will no longer implicitly enable "missingInclude" starting with 2.16. Please enable it explicitly if you require it.
The constParameter and constVariable checks have been split into 3 different IDs based on if the variable is a pointer, a reference, or local. The different IDs will allow users to suppress different const warning based on variable type.
constParameter
constParameterReference
constParameterPointer
constVariable
constVariableReference
constVariablePointer
More command-line parameters will now check if the given integer argument is actually valid. Several other internal string-to-integer conversions will now be error checked.
scanning projects (with -j1) will now defer the analysis of markup files until the whole code was processed
Kliknij aby rozwinąć...
Zaloguj lub Zarejestruj się aby zobaczyć!
 
C

Camel1965

Bardzo aktywny
Zasłużony
Dołączył
8 Wrzesień 2010
Posty
41331
Reakcje/Polubienia
35159

Cppcheck 2.12​

September 10, 2023
  • New checks:
  • uselessOverride finds overriding functions that either duplicate code from or delegate back to the base class implementation
  • knownPointerToBool finds pointer to bool conversions that are always true or false
  • Improved checking:
  • truncLongCastAssignment and truncLongCastReturn check additional types, including float/double/long double
  • duplInheritedMember also reports duplicated member functions
  • constParameter*/constVariable* checks find more instances of pointers/references that can be const, e.g. when calling library functions
  • GUI:
  • Show in statistics which checkers have been activated in latest analysis
  • Make it more visible if there has been critical errors that caused checkers to be skipped
  • Changed interface:
  • Write how many checkers was activated after a run
  • Added --checkers-report that can be used to generate a report in a file that shows what checkers was activated and disabled
  • Deprecations:
  • The qmake build system has been deprecated and will be removed in a future version.
  • Command-line option '--template ' is deprecated and will be removed in 2.13 - please use '--template=' instead.
  • Command-line option '--template-location ' is deprecated and will be removed in 2.13 - please use '--template-location=' instead.
  • Other:
  • "USE_QT6=On" will no longer fallback to Qt5 when Qt6 is not found.
  • When the execution of an addon fails with an exitcode it will now result in an 'internalError' instead of being silently ignored.
  • "Win32" configurations have been removed from the bundled Visual Studio solution and projects. You might still be able to build 32-bit binaries using CMake but that is untested and unmaintained.
Kliknij aby rozwinąć...
Zaloguj lub Zarejestruj się aby zobaczyć!
 
C

Camel1965

Bardzo aktywny
Zasłużony
Dołączył
8 Wrzesień 2010
Posty
41331
Reakcje/Polubienia
35159

Cppcheck 2.14​

Apr 21, 2024
  • New checks:
  • eraseIteratorOutOfBounds: warns when erase() is called on an iterator that is out of bounds
  • returnByReference: warns when a large class member is returned by value from a getter function
  • GUI:
  • -Make it possible to suppress warnings in all files in a folder
  • Changed interface:
  • Fixed crash with '--rule-file=' if some data was missing.
  • '--rule-file' will now bail out if a rule could not be added or a file contains unexpected data.
  • Add option '--check-version', you can use it to pin the cppcheck version in a script.
  • Added '--template=simple'. It is expands to '{file}:{line}:{column}: {severity}:{inconclusive:inconclusive:} {message} [{id}]' without any additional location details.
  • Removed deprecated platform type 'Unspecified'. Please use 'unspecified' instead.
  • Add --file-filter=- option that reads file filters from stdin. Added for a plugin.
  • Other:
  • Added CMake option 'EXTERNALS_AS_SYSTEM' to treat external includes as 'SYSTEM' ones.
  • The minimum required compiler versions have been bumped to GCC 5.1 / Clang 3.5 / Visual Studio 2015
  • The minimum required CMake version has been bumped to 3.5
  • Using Visual Studio with CMake now checks if the CMake version is at least 3.13. This was always required but was not checked explicitly.
  • Removed deprecated 'Makefile' option 'SRCDIR'.
  • Added CMake option 'DISALLOW_THREAD_EXECUTOR' to control the inclusion of the executor which performs the analysis within a thread of the main process.
  • Removed CMake option 'USE_THREADS' in favor of 'DISALLOW_THREAD_EXECUTOR'.
  • misra-config will not be treated as a critical error anymore
  • Safety critical:
  • #12440 : Misra violations found but cppcheck exited with 0 even after specifying exit code
Kliknij aby rozwinąć...
Zaloguj lub Zarejestruj się aby zobaczyć!
 
C

Camel1965

Bardzo aktywny
Zasłużony
Dołączył
8 Wrzesień 2010
Posty
41331
Reakcje/Polubienia
35159
Musisz się zalogować lub zarejestrować aby odpowiedzieć
Do góry