I'm Michael Suodenjoki - a software engineer living in Kgs. Lyngby, north of Copenhagen, Denmark. This is my personal site containing my blog, photos, articles and main interests.
I'm Michael Suodenjoki - a software engineer living in Kgs. Lyngby, north of Copenhagen, Denmark. This is my personal site containing my blog, photos, articles and main interests.
Updated 2011.01.23 15:37 +0100 |
Static Code Analysis in C++
Microsoft has released a new version 6.1 of the Windows SDK (formerly known as the Platform SDK) covering support for developing software to Windows Vista Service Pack 1 and Windows Server 2008 - the newest operating systems from their hands.
One of the exciting things about this release is that it contains a feature for the Visual C++ compiler which previously only were available for enterprise editions of Visual Studio - as far as I know this is the Visual Studio Team System versions of Visual Studio.
It's the static code analysis feature (previously known as PREfast from Microsoft Research) in Visual C++, i.e. the /analyze command option to the C++ compiler (cl.exe).
Static code analysis is your new best friend alongside your compiler warning level and code reviews to catch and find errors in your code before the customer does (or more correct suffer the side effect of the error).
So what does it do? When you compile with the /analyze option the compiler will analyze the code and spit out additional warnings that most likely are problems or unintended behavior in your program code. Try using it and you will see that indeed most of the warnings are quite relevant. It does take longer time to compiler, obviously, because the static analysis will take some additional time to run. But it is worth it. Especially this is something that you should enable on your nightly builds.
Furthermore you can now also use source code annotations to provide help to the code analysis (and fellow developers). I do not want to go into the details about this, since I have not yet tried or investigated this in detail, but I've provided links below to more information.
The move from Microsoft to include the static analysis feature is surely a very good move, because it actually help developers to build more stable software (e.g. drivers) for the operating system. And I believe that we all benefit from that.
Links: