Tools for analyzing C++ codebase [closed]

Question

Which tools would be most useful for analyzing a C++ codebase? What do they cost?
Can we manage with free and trial software, or are there commercial software that is good and that we really should to pay for?

The main object would be to get an understanding of quality - memory issues etc, also to understand the code (For spotting architectural problems for example), perhaps coding standards.

Primarily statical analysis, but we are hoping to be able to run the code. Think it needs to be "robust in the sense that it should work with code for arcane compilers.

Answer 1

The best free tool is your compiler's warning errors, I always use them at maximum level. The first goal should be a clean build without any cheating (eg. disabling or casting away not-understood warnings).

Visual C++ has built in Code Analysis which is good for catching some bugs and Win32 API misuse, but it's not included in the free version and is (obviously) Windows-specific. This used to be an internal Microsoft tool called Prefast - analogous to FxCop in .Net.

PC-Lint is good, but verbose and not free. If you can get a config file to trap 'useful things' and ignore the noise, that would be a big plus. Again this is for Windows, but I know there are versions for other platforms.

Answer 2

Take a look at:

http://www.cppdepend.com/

and a good many others:

http://www.chris-lott.org/resources/cmetrics/

http://www.locmetrics.com/alternatives.html

Answer 3

I've heard very good things about Valgrind. "automatically detect many memory management and threading bugs, and profile your programs in detail"