Code analysis for C/C++ is integrated into the command-line compiler (cl.exe) that ships with Team System. Please note that code analysis is not available in the compiler included in other products (including the .NET Framework redistributable).
To compile an application using command-line code analysis, simply launch the Visual Studio Command Prompt (Start All Programs Visual Studio 2005 Visual Studio Tools Visual Studio Command Prompt). Once the prompt appears, type the following (replacing bug.cpp with the file of your choice and inserting the correct path information):
> cl bug.cpp /analyze
The /analyze option enables code analysis. If an error or warning is found, the compiler will generate an analysis report that looks something like the following:
Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 14.00.50603 for 80x86 Copyright (C) Microsoft Corporation. All rights reserved. bug.cpp C:\bug.cpp(14) : warning C6230: implicit cast between semantically different integer types: using HRESULT in a Boolean context C:\bug.cpp(28) : warning C6282: Incorrect operator: assignment of constant in Boolean context. Consider using '==' instead C:\bug.cpp(11) : warning C6014: leaking memory 'domain': Lines: 11, 14, 44 C:\bug.cpp(55) : warning C6001: using uninitialized memory 'i': Lines: 49, 50, 51, 54, 55 C:\bug.cpp(55) : warning C6001: using uninitialized memory 'j': Lines: 49, 50, 51, 52, 55
As you can see, Code Analysis for C/C++ will provide you with line numbers and the warning codes. The command-line version of Code Analysis for C/C++ enables you to customize the warning levels. This, in turn, gives you the ability to filter the results, both by escalating serious problems and minimizing inconsequential warnings. The warning-level options are set by adding the appropriate option in the command line. In the following example, all of the C/C++ code analysis warnings generated from testcode.cpp will be replaced by equivalent compiler errors:
> cl "C:\testcode.cpp" /analyze /WX-
Table 9-1 contains a list of warning-level options available via the command line.
Warning Level Options | Description |
---|---|
/w | Disable all warnings |
/wd<n> | Disable a specific warning, indicated by n |
/we<n> | Convert a specific warning to an error, for warning n |
/wo<n> | Display a warning n one time |
/w<l><n> | Set a warning level between 1 to 4, for warning n |
/W<n> | Set the warning level, for warning n |
/Wall | Enable all warnings |
/WL | Diagnose errors one line at a time |
/WX | Convert all warnings to errors |
As you have learned, you can set different warning levels within the compiler. Later in the chapter, you'll learn how to set these using #pragma directives. Warning levels can help you set the "sensitivity" of the compiler to errors and warnings. Here is a listing of the different warning levels:
Level 1: This is the default level. Level 1 will reveal all critical warnings in your code and will "hide" less severe warnings.
Level 2: This will display severe and moderate warnings in your code. This is the default level for the command-line tool.
Level 3: This is the level that is recommended for testing code that will end up in production.
Level 4: This will display all warnings, even inconsequential ones (very minor warnings are sometimes called lint-level warnings). This warning level should rarely be used because of the level of "noise" it generates.