Login
Login

Cppcheck

{{Short description|Static code analysis tool}}

{{Infobox software

| name = Cppcheck

| logo =

| screenshot =

| caption = Cppcheck caption

| author = Daniel Marjamäki

| developer =

| released = {{start date and age|2007|05|08}}

| latest release version = {{wikidata|property|reference|edit|P348}}

| latest release date = {{Start date and age|{{wikidata|qualifier|P348|P577}}}}

| programming language = C++

| operating_system = Cross-platform

| language = English, Dutch, Finnish, Swedish, German, Russian, Japanese, Serbian, Spanish, French, Italian, Korean, Chinese

| genre = Static code analysis

| license = GNU General Public License

| website = {{URL|cppcheck.sourceforge.io}}

}}

Cppcheck is a static code analysis tool for the C and C++ programming languages. It is a versatile tool that can check non-standard code.{{cite web|title=A Survey of C and C++ Software Tools for Computational Science|url=http://www.softeng.rl.ac.uk/media/uploads/publications/2010/03/c-c_tools_report.pdf|work=Science and Technologies Facility Council|publisher=Chilbolton, Daresbury, and Rutherford Appleton Laboratories|access-date=14 September 2010|page=14|date=December 2009|url-status=dead|archive-url=https://web.archive.org/web/20120312224600/http://www.softeng.rl.ac.uk/media/uploads/publications/2010/03/c-c_tools_report.pdf|archive-date=12 March 2012}} The creator and lead developer is Daniel Marjamäki.

Cppcheck is Open-core software, with its open-source core code under the GNU General Public License.

Features

Cppcheck supports a wide variety of static checks that may not be covered by the compiler itself. These checks are static analysis checks that can be performed at a source code level. The program is directed towards static analysis checks that are rigorous, rather than heuristic in nature.

Some of the checks that are supported include:

  • Automatic variable checking
  • Bounds checking for array overruns
  • Classes checking (e.g. unused functions, variable initialization and memory duplication)
  • Usage of deprecated or superseded functions according to Open Group{{Cite web|title=System Interfaces|url=https://pubs.opengroup.org/onlinepubs/9699919799/xrat/V4_xsh_chap03.html|access-date=2020-09-24|website=pubs.opengroup.org}}
  • Exception safety checking, for example usage of memory allocation and destructor checks
  • Memory leaks, e.g. due to lost scope without deallocation
  • Resource leaks, e.g. due to forgetting to close a file handle
  • Invalid usage of Standard Template Library functions and idioms
  • Dead code elimination using unusedFunction option
  • Miscellaneous stylistic and performance errors

As with many analysis programs, there are many unusual cases of programming idioms that may be acceptable in particular target cases or outside of the programmer's scope for source code correction. A study conducted in March 2009 identified several areas where false positives were found by Cppcheck, but did not specify the program version examined.{{cite web|url=http://publications.lib.chalmers.se/records/fulltext/111920.pdf|title=Static Code Analysis For Embedded Systems}} Cppcheck has been identified for use in systems such as CERNs 4DSOFT meta analysis package,{{cite web|url=http://etics.web.cern.ch/etics/deliverables/ETICS-DNA2%2011-1065007-Dissemination_Use_Knowledge_Plan-v1%201.pdf|title=Dissemination and use of knowledge plan (Final)- EU Deliverable DNA2.11|year=2010|access-date=2010-09-15|archive-date=2013-06-04|archive-url=https://web.archive.org/web/20130604115641/https://etics.web.cern.ch/etics/deliverables/ETICS-DNA2%2011-1065007-Dissemination_Use_Knowledge_Plan-v1%201.pdf|url-status=dead}} for code verification in high energy particle detector readout devices,{{cite web|url=http://www.kip.uni-heidelberg.de/tip/root/img/pool/literature/theses/2009_mueller-klieser_stefan.pdf|title=Entwurf und Implementierung eines adaptiven, strahlentoleranten eingebetteten Systems am Beispiel eines Read-Out-Controllers (En: Development and implementation of an adaptive, radiation tolerant embedded system for operation of a Read-Out controller)|year=2010|url-status=dead|archive-url=https://web.archive.org/web/20120311001129/http://www.kip.uni-heidelberg.de/tip/root/img/pool/literature/theses/2009_mueller-klieser_stefan.pdf|archive-date=2012-03-11}} system monitoring software for radio telescopes{{cite web|url=http://ivscc.gsfc.nasa.gov/publications/gm2010/ettl.pdf|title=The Wettzell System Monitoring Concept and First Realizations|year=2010|page=447|publisher=International VLBI Service for Geodesy & Astrometry}} as well as in error analysis of large projects, such as OpenOffice.org{{cite web|url=http://www.cl.cam.ac.uk/~wmk26/openoffice/openoffice9.pdf|title=Hunting for vulnerabilities in large software : the OpenOffice suite|access-date=2010-09-15|archive-date=2012-09-28|archive-url=https://web.archive.org/web/20120928061319/http://www.cl.cam.ac.uk/~wmk26/openoffice/openoffice9.pdf|url-status=dead}} and the Debian archive.{{cite web|url=https://lwn.net/Articles/420252/|title=Introducing the "Debian's Automated Code Analysis" (DACA) project|publisher=LWN.net}}

Development

The project is actively under development[https://github.com/danmar/cppcheck/ Cppcheck on Github] and is actively maintained in different distributions.[http://packages.qa.debian.org/c/cppcheck.html Cppcheck on Debian's Package Tracking System][http://svnweb.freebsd.org/ports/head/devel/cppcheck/distinfo FreeBSD port] It has found valid bugs in a number of popular projects{{cite web|url=http://sourceforge.net/p/cppcheck/wiki/Found_bugs/?f=4&t=27|title=List of user reported bugs found by cppcheck}} such as the Linux kernel and MPlayer.{{cite web|url=http://sourceforge.net/apps/mediawiki/cppcheck/index.php?title=Found_bugs|archive-url=https://web.archive.org/web/20131014013121/http://sourceforge.net/apps/mediawiki/cppcheck/index.php?title=Found_bugs|archive-date=2013-10-14|title=Found Bugs list|work=SourceForge}}

Plugins

Plugins for the following IDEs or text editors exist{{cite web |url=http://sourceforge.net/apps/mediawiki/cppcheck |archive-url=https://archive.today/20120718020019/http://sourceforge.net/apps/mediawiki/cppcheck |url-status=dead |archive-date=2012-07-18 |title=SourceForge.net: cppcheck |work=sourceforge.net }}

  • CLion{{cite web |url=https://plugins.jetbrains.com/plugin/8143 |title=cppcheck plugin for CLion |work=plugins.jetbrains.com}}
  • Code::Blocks - integrated.
  • CodeLite - integrated.
  • Eclipse{{cite web |url=https://github.com/kwin/cppcheclipse/ |title=Cppcheclipse |work=github.com}}
  • Emacs{{cite web |url=https://flycheck.readthedocs.org/ |title=Flycheck |work=github.com}}
  • gedit{{cite web |url=https://github.com/odamite/gedit-cppcheck |archive-url=https://archive.today/20121217133145/https://github.com/odamite/gedit-cppcheck |url-status=dead |archive-date=2012-12-17 |title=gedit Cppcheck plugin |work=github.com }}
  • Hudson{{cite web |url=http://wiki.hudson-ci.org/display/HUDSON/Cppcheck+Plugin |title=Cppcheck Plugin |work=hudson-ci.org |access-date=2010-09-15 |archive-url=https://web.archive.org/web/20171026175153/http://wiki.hudson-ci.org/display/HUDSON/Cppcheck+Plugin |archive-date=2017-10-26 |url-status=dead }}
  • Jenkins{{cite web |url=http://wiki.jenkins-ci.org/display/JENKINS/Cppcheck+Plugin |title=Cppcheck Plugin |work=jenkins-ci.org|date=20 May 2022 }}
  • Kate{{Cite web|url=https://kate-editor.org/2013/02/02/kate-project-plugin-news-code-analysis/|title=Kate Project Plugin News – Code Analysis|last=Cullmann|first=Christoph|date=2013-02-02|website=Kate {{!}} Get an Edge in Editing|access-date=2016-12-14}}
  • KDevelop{{Cite web|url=https://mail.kde.org/pipermail/kdevelop-devel/2016-December/055905.html|title=KDevelop's Cppcheck plugin merged into kdevelop.git, will be released with 5.1|last=Funk|first=Kevin|date=2016-12-06|access-date=2016-12-14}}
  • Qt Creator{{cite web |url=https://wiki.qt.io/Qt_Creator_Plug-in_Gallery#CppCheck |title=Qt Creator Plug-in Gallery |work=Qt Wiki}}
  • Sublime Text{{cite web |url=https://github.com/SublimeLinter/SublimeLinter |title=Sublimelinter plugin |work=github.com}}
  • Visual Studio{{cite web |url=https://marketplace.visualstudio.com/items?itemName=Alexium.Cppcheckadd-in |title=Cppcheck add-in |work=Visual Studio Marketplace}}{{cite web|last=VioletGiraffe|title=Homepage cppcheck-vs-addin|website=GitHub |url=https://github.com/VioletGiraffe/cppcheck-vs-addin|access-date=3 March 2014}}{{cite web|last=Srix|title=Simple open source static analysis tool for Visual Studio|url=http://www.technosrix.com/2008/10/simple-open-source-static-analysis-tool.html|access-date=27 August 2012|archive-url=https://web.archive.org/web/20150210000727/http://www.technosrix.com/simple-open-source-static-analysis-tool-for-visual-studio/|archive-date=2015-02-10}}
  • Yasca{{cite web |url=https://scovetta.github.io/yasca/ |title=Yasca |last=Scovetta |first=Michael }}

See also

{{Portal|Free and open-source software}}

References

{{reflist|30em}}

External links

  • {{sourceforge|cppcheck}}

Category:Cross-platform free software

Category:Free software programmed in C++

Category:Free software testing tools

Category:Software using the GNU General Public License

Category:Static program analysis tools