C(C++, C#) Source Code Static Analysis Tool validation items are borrowed from our seniors.
I think static analysis has two perspectives:
Please let me know if you have any reference books for specific validation of these Syntax Analysis items.
c
As already mentioned in the comment, static analysis is not about parsing, so I'm not sure what you want to ask.
Syntax analysis is done every time you compile.
What I think is static analysis, for example,
if(x=0) is probably a typo)"Detect before executing buggy code" such as
In , one example of this static analysis is MISRA http://ja.wikipedia.org/wiki/MISRA-C and so on.
(Personally, I don't feel like using MISRA-C.)
There are other things like lint http://ja.wikipedia.org/wiki/Lint.
There are a lot of items that are sold as products (I don't know if I can post a name or link, so I'll put it on hold)
Is there an analysis tool for C#?
The language specification/compiler/IDE is smart enough, so I almost don't need it.
Note: I tried searching.There seems to be a lot.I don't know if I can give you a name or a link, so don't give it to me.
# I think tags [algorithms] are inappropriate for this purpose
# I don't think it's an answer.
Different languages have different compiler structures, so it's impossible to get answers as a general rule.
For example, in the case of a C# language, it is compiled into a CIL; common intermediate intermediate language.Metadata and debug information (such as the corresponding source code line) are retained at this time, allowing static analysis of the CIL rather than the source code and pointing out the corresponding source code line from the analysis results.This feature is already available and is Code analysis for managed code.This is itself provided as a framework, so you can add your own analysis.
These refer only to the compilation results, so the coding format for the second half of the question is not very relevant.However, the next version introduces .NET Compiler Platform("Roslyn") and provides a framework for analyzing source code as well.
Unlike the C# language, the C++ language assumes macro, template, inline deployment, and so on, making it very difficult to analyze from the compilation results.Microsoft has a unique feature called SAL Annotations.This is a mechanism that checks consistency with the caller by annotating the function's behavior in the function declaration.In addition, the header file provided by Microsoft contains this comment.These are used to perform static code analysis at compile time.
You may not be able to deal with coding formats.
I think coding formatting should be done with some kind of tool rather than static analysis.
I'm not an experienced person, but I'm sorry.
Static analysis is available in many programming languages, so
I think the best way is to participate in the HP of the tool.
But generally, if you want to know this
Book is recommended (in English...)
1. Syntax parsing as execution statement is a normal static analysis.
2. Syntax analysis as coding format (including comments, indentation, etc.) is to verify compliance with coding rules.You may want to search by "lint".
I think it's better to ask questions individually.
© 2024 OneMinuteCode. All rights reserved.