What does Coverity/clang static analysis actually do?

David Gileadi foo at bar.com
Thu Oct 1 14:12:54 PDT 2009 

Walter Bright wrote:
> There's a lot of hoopla about these static checkers, but I'm not 
> impressed by them based on what I can find out about them. What do you 
> know about what these checkers do that is not on this list? Any other 
> kinds of checking that would be great to implement?

I'm not familiar with C/C++ static checkers.

Eclipse's Java compiler has decent support for code checks.  I'm copying 
the list of items it can check here (except for those that seem 
Java-specific), in case it's of interest.  For each of the below, you 
can choose whether it's an error, a warning, or ignored.  I've included 
their defaults.

Code Style:

Non-static access to static member: Warning
Indirect access to static member: Ignored
Unqualified access to instance field: Ignored
Undocumented empty block: Ignored
Method with a constructor name: Warning
Parameter assignment: Ignored

Potential programming problems:

Assignment has no effect (e.g. 'x = x'): Warning
Possible accidental boolean assignment (e.g. 'if (a = b)'): Ignored
'finally' does not complete normally: Warning
Empty statement: Ignored
Hidden catch block: Warning
Inexact type match for vararg argments: Warning
Enum type constant not covered on 'switch': Ignored
'switch' case fall-through: Ignored
Null pointer access: Warning
Potential null pointer access: Ignored
Comparing identical values ('x == x'): Warning
Missing synchronized modifier on inherited method: Ignored
Class overrides 'equals()' but not 'hashCode()': Ignored
Dead code (e.g. 'if (false)'): Warning

Name shadowing and conflicts:

Field declaration hides another field or variable: Ignored
Local variable declaration hides another field or variable: Ignored
	(If not ignored) Include constructor or setter method parameters
Type parameter hides another type: Warning
Method does not override package visible method: Warning
Interface method conflicts with protected 'Object' method: Warning

Unnecessary code:

Local variable is never read: Warning
Parameter is never read: Ignored
	(If not ignored) Ignore in overriding and implementing methods
Unused import: Warning
Unused local or private member: Warning
Redundant null check: Ignored
Unnecessary 'else' statement: Ignored
Unnecessary cast or 'instanceof' operation: Ignored
Unused 'break' or 'continue' label: Warning
Redundant super interface: Ignored

I understand DMD's policy on warnings, but some of the above checks are 
reasons why I've grown to like some warnings.  Of course it helps that 
Eclipse's compiler is most often used with its IDE.

-Dave

More information about the Digitalmars-d mailing list