C ++静态代码分析工具值得吗? [英] Are C++ static code analyis tools worth it?
问题描述
我们的管理层最近一直在与一些销售C ++的人谈论静态分析工具。当然,销售人员说他们会发现大量的错误,但我怀疑。
Our management has recently been talking to some people selling C++ static analysis tools. Of course the sales people say they will find tons of bugs, but I'm skeptical.
这些工具如何在现实世界中工作?他们发现真正的bug吗?他们是否帮助更多的初级程序员学习?
How do such tools work in the real world? Do they find real bugs? Do they help more junior programmers learn?
它们是否值得麻烦?
推荐答案
静态代码分析几乎总是值得的。现有代码库的问题是,它可能会报告太多的错误,使其有用的开箱即用。
Static code analysis is almost always worth it. The issue with an existing code base is that it will probably report far too many errors to make it useful out of the box.
我曾经从编译器处理了超过100,000条警告的项目。在该代码库上运行Lint工具没有意义。
I once worked on a project that had 100,000+ warnings from the compiler... no point in running Lint tools on that code base.
使用Lint工具正确意味着购买一个更好的过程(这是一件好事)。我最好的工作之一是在研究实验室工作,我们不允许检查代码中的警告。
Using Lint tools "right" means buying into a better process (which is a good thing). One of the best jobs I had was working at a research lab where we were not allowed to check in code with warnings.
所以,是的工具是值得的。 。 在长期。在短期内,你的编译器警告达到最大值,看看它的报告。如果代码是干净的,那么现在看看lint工具的时间。如果代码有很多警告...优先和修复它们。一旦代码没有(或至少很少)警告,然后看看Lint工具。
So, yes the tools are worth it... in the long term. In the short term turn your compiler warnings up to the max and see what it reports. If the code is "clean" then the time to look at lint tools is now. If the code has many warnings... prioritize and fix them. Once the code has none (or at least very few) warnings then look at Lint tools.
所以,Lint工具不会帮助一个糟糕的代码库,但一旦
So, Lint tools are not going to help a poor code base, but once you have a good codebase it can help you keep it good.
编辑:
在这种情况下, 100,000+警告产品,它被分解为大约60个Visual Studio项目。因为每个项目都删除了所有警告,所以警告是错误的,以防止新的警告被添加到已经清理的项目(或者让我的同事正确地喊任何开发人员签入代码,而不首先编译它:-)
In the case of the 100,000+ warning product, it was broken down into about 60 Visual Studio projects. As each project had all of the warnings removed it was changed so that the warnings were errors, that prevented new warnings from being added to projects that had been cleaned up (or rather it let my co-worker righteously yell at any developer that checked in code without compiling it first :-)
这篇关于C ++静态代码分析工具值得吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
