The C + + static code analysis tool PREfast in VS 2008

Author: Zhu Jinchan
Source: http://blog.csdn.net/clever101/

I learned from the Shing Cloud blog that the team version of Visual Studio 2005/2008 integrates a C + + Static code analysis tool PREfast, specially tested, really good.

The specific usage is illustrated in the following example:

1. Build a console project, typing the following code:

int F (bool b) {int i; if (b) {i = 0;} return i;///when B is false, variable I uninitialized}

2. Open Project Properties--> Configuration Properties--> Code Analysis-->enable Code Analysis 。 Select Yes (/analyze). The following figure:

If you use the CL.exe command-line compiler directly, use the/analyze compilation option. For example: Cl Test.cpp-w4/ehsc/analyze.

3. When compiling the project, the following warning appears:

1>f:/mytest/mytest/src/testsort/testsort.cpp (km): Warning c6001:using uninitialized memory ' I ': lines:29, 31, 39

4. Do not assume that this is a warning provided by the compiler, click on this warning you will find the clue, the original is PREfast prompted you: When B is false, the variable I uninitialized, where the lines:29, 31, 39 is prompted by the code of these lines led to this warning, specifically the following figure:

Reference documents:

1. Safe Coding Practice Three: C/prefast Static code analysis tool, author: Shing Cloud