Cppcheck

Version

2.14.99

Overview

Cppcheck is a simple tool for static analysis of C/C++ code.

When you write a checker you have access to:

• Token list - the tokenized code
• Syntax tree - Syntax tree of each expression
• SymbolDatabase - Information about all types/variables/functions/etc in the current translation unit
• Library - Configuration of functions/types
• Value flow analysis - Data flow analysis that determine possible values for each token

Use –debug-normal on the command line to see debug output for the token list and the syntax tree. If both –debug-normal and –verbose is used, the symbol database is also written.

The checks are written in C++.

Detailed overview

This happens when you execute cppcheck from the command line:

1. CppCheckExecutor::check this function executes the Cppcheck
2. CmdLineParser::parseFromArgs parse command line arguments
   • The Settings class is used to maintain settings
   • Use FileLister and command line arguments to get files to check
3. ThreadExecutor create more instances of CppCheck if needed
4. CppCheck::check is called for each file. It checks a single file
5. Preprocess the file (through Preprocessor)
   • Comments are removed
   • Macros are expanded
6. Tokenize the file (see Tokenizer)
7. Run the runChecks of all check classes.

When errors are found, they are reported back to the CppCheckExecutor through the ErrorLogger interface.