static-analysis

Can it be done before compiling, by comparing code? Is there any tools already doing this? okun You might find this interesting: Static analysis tool to detect ABI breaks in C++ ABI Compliance Checker — a tool for checking backward API/ABI compatibility of a C/C++ library: abi-compliance-checker -lib NAME -old OLD.abidump -new NEW.abidump *.abidump files are ABI dumps of OLD and NEW library versions generated by the ABI Dumper tool. icheck - C interface ABI/API checker: icheck --canonify -o old_version -I/usr/include/foo/ bar.h icheck --compare -o results.txt old_version new_version shlib

Are there any static code analysis tools for stored procedures written particularly in PL/SQL and T-SQL ? For T-SQL, Microsoft has the database edition of VS Team Suite (although, I believe its now in the dev SKU). This link talks about writing your own static code analysis rule for T-SQL: http://blogs.msdn.com/gertd/archive/2009/01/01/creating-t-sql-static-code-analysis-rules.aspx Oracle has some little-known stuff built in. Try this in 10g Release 2 or above: ALTER SESSION PLSQL_WARNINGS = 'ENABLE:ALL'; Then compile your PL/SQL package (not an anonymous block). Toad features the CodeXpert

Are there any open-source tools available which support searching for Java methods by the set of parameter types and return type? As an example, say I'm looking for a method to generate a hash code for an array of ints. I search for a method which takes an int[] parameter and returns an int: int[] -> int yielding java.util.Arrays#hashCode(int[]) ... Or I may want to find a method which takes a String, and character to replace, and the character to replace it with. So I search for a matching method: String, char, char -> String yielding java.lang.String#replace(char, char) ... Ideally I'd like

Our management has recently been talking to some people selling C++ static analysis tools . Of course the sales people say they will find tons of bugs, but I'm skeptical. How do such tools work in the real world? Do they find real bugs? Do they help more junior programmers learn? Are they worth the trouble? Static code analysis is almost always worth it. The issue with an existing code base is that it will probably report far too many errors to make it useful out of the box. I once worked on a project that had 100,000+ warnings from the compiler... no point in running Lint tools on that code

Most of the code I write is in Ruby, and every once in a while, I make some typo which only gets caught after a while. This is irritating when I have my scripts running long tasks, and return to find I had a typo. Is there an actively developed lint tool for Ruby that could help me overcome this? Would it be possible to use it across a system that works with a lot of source files, some of them loaded dynamically? Take this snippet as an example: a = 20 b = 30 puts c To win bounty, show me a tool that will detect the c variable as not created/undefined. You could give Diamondback Ruby a try. It