Static code analysis

Hi folks,

In the software development process, the static code analysis is an important step and I am personally convinced by its utility (although knowing it is a difficult science) even when I contribute to open source projects. Usually I use either the popular clang scan-build command line tool and/or the excellent online solution Scan Coverity. Sometimes cppcheck as well.

But today, I m going to present another set of tools, PVS-Studio from viva64.com which has originally a Windows version with an integration with Visual Studio but appears to have been working on a Linux version as well which I will be focusing with. It works with my main languages C / C++ and in addition with .NET/C#

With the Linux version 6.09.18904, we have the choice between a simple tgz archive, a RedHat family rpm and a Debian family package. I did all my tests under Linux Mint 18 and the GCC suite.

1/ Choice of a project

Let's try with one well known open source project, the PHP programming language, which is basically uses the not less famous trio configure/make/make install ... Thus after setting our preferences via the configure script, we can now use pvs-studio on top of the make build system.

pvs-studio-analyser trace -- make

pvs-studio-analyser analyse -o php.plog -l <path to licence file> -j<number of parallel jobs>

Which produces an output file in the PLOG format which can be converted to xml, task files with the provided plog-converter command line. Fortunately as the process can take a certain time, it is possible to parallelize via the j flag.

2/ Outcomes

The output gotten, here in XML, contains well known useful good practices like about realloc http://www.viva64.com/en/w/V701/

or the return check for strcmp http://www.viva64.com/en/w/V526/

 some rules specific to C++ obviously like implementing the copy constructor but not the assignment operator http://www.viva64.com/en/w/V690/
 or the uselessness of checking null from a raw pointer after a new operator use
http://www.viva64.com/en/w/V668/
 ... and many more, there is a list available here.

PVS-studio was successfully exploited by another user in another open source project I pushed a pull request to recently, Unvanquished

3/ Conclusion

One of the few criticisms I may have is it seems not able to catch resource / memory leaks even very simple cases, whether it is C or C++.  Another proof that using more than one analyser is mandatory.

Maybe a Mac OS version with an integration with Xcode would be a plus in the future, although I perfectly understand the cost of development but ... might be worthy.