Is there a Findbugs and / or PMD equivalent for C/C++? [closed]

Question

I was recently asked about alternatives to Coverity Prevent for a code base that includes both C/C++ and Java. Obviously, on the Java side, the free tools available include Findbugs (compiled code analysis) and PMD (static code analysis). They are very powerful, especially when you start investigating integration with IDEs (which, again, are free).

However, things are dicey when you start moving into the C/C++ realm with the various compilers, architectures, etc.

I have proposed a variety of tools for the Java side, including both Findbugs and PMD. What I am looking for is the best option for the C/C++ side when considered using the following metrics:

1. Price: free is better but can be beaten by better value. However, pricing models that charge per line of code are horrifying.
2. Feature set: how does this tool make my life better? In what ways does it detect my mistakes before I check them in, before we ship the code, etc.?
3. Usability: can I use the tool at my desk? Can I share the reports and / or findings? Can I integrate the tool with Fogbugz (which we use in my group)? Can I integrate the tool into CruiseControl (or the equivalent)?

The ultimate tool would be something that is as useful and usable as a combination of Findbugs and PMD with identical feature set, all for zero dollars per seat.

Answer 1

The two that come to mind are Splint for C and Cppcheck for C++.

If you want to look for more options, this function of these tools is "static code analysis". That might help you find more tools for C and/or C++. Also, you might be interested in the answer to the question "What open source C++ static analysis tools are available?"