Home
sourceinsight-scan - A source insight plugin for static C/C++ code analysis
Overview
sourceinsight-scan is a Source Insight plugin for static analysis of C/C++ code. It not only covers the features provided by other analysis tools such as cppcheck, coverity,pclint, findbugs and PMD, but also provides many benefits that others are not offering. It debugs the types of bugs that are hardly detected by the compilers and also highly reduces fixing costs. Not depending on compilers enables it to find potential quality issues efficiently (100,000 line per minute). It can find critical issues such as null pointer dereference, memory leaks, buffer overrun, and logic errors. Besides, it supports some customized needs including rule configuration, false positive labeling, path filtering and custom macros configuration.
sourceinsight-scan是一款集成在SourceInsight中的c/c++代码静态分析插件,集成了cppcheck,coverity,pclint等业界优秀的静态分析工具的优点。旨在帮助开发人员,在IDE中快速发现编译器无法发现的非语法错误,降低修复成本。
无需编译,平均扫描速度高达10W行/分钟,快速帮您发现潜在的质量风险,包括空指针,越界,内存泄漏及潜在的逻辑错误,平均准确率高达80%。
支持个性化定制需求,包括规则配置,误报屏蔽,路径屏蔽,配置自定义判空宏等。
Accuracy
sourceinsight-scan is far from finished, it is continuously improved to make it more accurate.
sourceinsight-scan is rarely wrong about reported errors. But there are many bugs that it doesn't detect.
You will find more bugs in your software by testing your software carefully, than by using sourceinsight-scan.
You will find more bugs in your software by instrumenting your software (with for example http://valgrind.org/), than by using sourceinsight-scan.
It is unlikely that you will find all the bugs in your software through testing and instrumenting. sourceinsight-scan can detect some of the bugs that you have missed.
Documents and articles
Manual
Project Members:
