static-analysis

Can Resharper be set to warn if IDisposable not handled correctly?

半世苍凉 提交于 2019-11-26 14:26:21
问题 Is there a setting in Resharper 4 (or even Visual Studio itself...) that forces a warning if I forget to wrap code in a using block, or ommit the proper Dispose call in a finally block? 回答1: Correct automatic Dispose analysis requires DFA (Data Flow Analysis) in a global way. It is unlikely that you create an IDisposable object and doesn't call any method on it and do not pass it around as an argument. If disposable object is passed to other methods (including calling its members, when "this"

Static Analysis tool recommendation for Java? [closed]

北城余情 提交于 2019-11-26 11:56:11
问题 Being vaguely familiar with the Java world I was googling for a static analysis tool that would also was intelligent enough to fix the issues it finds. I ran at CodePro tool but, again, I\'m new to the Java community and don\'t know the vendors. What tool can you recommend based on the criteria above? 回答1: FindBugs, PMD and Checkstyle are all excellent choices especially if you integrate them into your build process. At my last company we also used Fortify to check for potential security

C#/.NET analysis tool to find race conditions/deadlocks

怎甘沉沦 提交于 2019-11-26 10:56:23
问题 Is there a tool that analyses .NET code and finds race conditions? I have a bit of code that has a public static property that gets or creates a private static field. It also has a public static method that sets this field to null (...yes, I know!..) As there are no locks around either of these methods, it\'s a safe bet that things\'ll go horribly wrong in the future. I need a tool that\'ll recursively go through things that call either of these methods and see if anything was spawned on

Why are explicit lifetimes needed in Rust?

谁说我不能喝 提交于 2019-11-26 10:15:11
I was reading the lifetimes chapter of the Rust book, and I came across this example for a named/explicit lifetime: struct Foo<'a> { x: &'a i32, } fn main() { let x; // -+ x goes into scope // | { // | let y = &5; // ---+ y goes into scope let f = Foo { x: y }; // ---+ f goes into scope x = &f.x; // | | error here } // ---+ f and y go out of scope // | println!("{}", x); // | } // -+ x goes out of scope It's quite clear to me that the error being prevented by the compiler is the use-after-free of the reference assigned to x : after the inner scope is done, f and therefore &f.x become invalid,

Dead code detection in legacy C/C++ project [closed]

匆匆过客 提交于 2019-11-26 07:07:21
问题 Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 3 years ago . How would you go about dead code detection in C/C++ code? I have a pretty large code base to work with and at least 10-15% is dead code. Is there any Unix based tool to identify this areas? Some pieces of code still use a lot of preprocessor, can automated process handle that? 回答1: You could use a code coverage

How to Generate a calling graph for C++ code

和自甴很熟 提交于 2019-11-26 06:10:34
问题 I\'m trying to generate calling graph with which to find out all the possible execution paths that are hitting a particular function (so that I don\'t have to figure out all the paths manually, as there are many paths that lead to this function). For instance: path 1: A -> B -> C -> D path 2: A -> B -> X -> Y -> D path 3: A -> G -> M -> N -> O -> P -> S -> D ... path n: ... I have tried Codeviz and Doxygen, somehow both results show nothing but callees of target function, D. In my case, D is

Why are explicit lifetimes needed in Rust?

瘦欲@ 提交于 2019-11-26 03:26:07
问题 I was reading the lifetimes chapter of the Rust book, and I came across this example for a named/explicit lifetime: struct Foo<\'a> { x: &\'a i32, } fn main() { let x; // -+ x goes into scope // | { // | let y = &5; // ---+ y goes into scope let f = Foo { x: y }; // ---+ f goes into scope x = &f.x; // | | error here } // ---+ f and y go out of scope // | println!(\"{}\", x); // | } // -+ x goes out of scope It\'s quite clear to me that the error being prevented by the compiler is the use

What static analysis tools are available for C#? [closed]

白昼怎懂夜的黑 提交于 2019-11-26 01:55:04
问题 What tools are there available for static analysis against C# code? I know about FxCop and StyleCop. Are there others? I\'ve run across NStatic before but it\'s been in development for what seems like forever - it\'s looking pretty slick from what little I\'ve seen of it, so it would be nice if it would ever see the light of day. Along these same lines (this is primarily my interest for static analysis), tools for testing code for multithreading issues (deadlocks, race conditions, etc.) also

Tentative definitions in C and linking

亡梦爱人 提交于 2019-11-26 01:39:40
问题 Consider the C program composed of two files, f1.c: int x; f2.c: int x=2; My reading of paragraph 6.9.2 of the C99 standard is that this program should be rejected. In my interpretation of 6.9.2, variable x is tentatively defined in f1.c , but this tentative definition becomes an actual definition at the end of the translation unit, and (in my opinion), should therefore behave as if f1.c contained the definition int x=0; . With all compilers (and, importantly, linkers) I was able to try, this

What open source C++ static analysis tools are available? [closed]

喜夏-厌秋 提交于 2019-11-26 00:38:51
问题 As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance. Closed 7 years ago . Java has some very good open source static analysis tools such as FindBugs, Checkstyle and PMD. Those tools are easy to use, very
订阅 static-analysis