cppcheck: free, easy, and great

Jari Komppa pointed this tool out to me while we were talking about my previous post on gDEBugger being free. The tool: cppcheck (download here). It’s free, it’s very simple to use, and it’s effective. Install, then run it like so:

cppcheck -q theRootDirectoryOfAllCodeYouWantToCheck

It will then plow through all your C++ files in this directory on down and look for memory allocation/deallocation problems, use of unallocated array elements, and other defects. “-q” means “show me just the errors found”. It does the things your compiler should find but probably doesn’t (someone will no doubt correct me about this for gcc or somesuch, but  I use MS Visual Studio and it’s definitely true for that). For our current project it found about 15 problems, one pretty serious. For an investment of just a few minutes, this free tool caught a number of flaws that weren’t getting caught by other means. One particularly nice feature is that it tries all possible “#ifdef” paths, checking to see if any combinations cause code problems like undefined variables or similar.

I particularly love the fact that I didn’t have to do the usual thing of telling it all about the various include file paths and the eighteen other things I usually have to do to get similar programs working. It was so easy to run that I spent a whole two minutes more and tried it on another group’s project for which I had the code. It turned up a bunch of spots where the codebase needs some repair. Nice! About the only drawback is that the error messages are sometimes a bit terse and take some decoding. It’s open source, and they have specifically asked for help with documentation, so I expect this area will improve over time.

Tags: , ,

  1. morgan3d’s avatar

    cppcheck is amazing! I just ran it on G3D (http://g3d.sf.net): 200,000 lines of sophisticated, multiplatform 3D graphics code. It found two resource leaks … and managed to not flag false positives inside tricky code such as a memory manager, dynamically loaded code, template metaprogramming, and sections of inline assembly and per-platform #ifdefs.

  2. r-englund’s avatar

    Nice, i will check it out, have previously used http://wyw.dcweb.cn/leakage.htm to find memory leaks, but it requires implementation in your code which can be negative.

  3. Eric’s avatar

    Well, cppcheck won’t find all memory leaks, not by a long-shot. It’s just a way of checking code for mismatches like “new [] array” vs. “delete array” (brackets missing) and similar problems. It complements other tools, but I don’t think of it as replacing any of them.

Reply