Hello, thanks for looking, I tried to create an annotated project, that should actually create a warning when analyzed. However I received a compiler error and on MSDN it says the analyzer is not available for x64 Versions of Visual Studio. Since I do use the x64 version and also build my Software for x64 (it is just for myself and my portfolio) it is useless for me. The annotations are actually directly done in source code (see example below), but I wasn't able to test if it works when put into some macro. One thing is for sure, the source code gets longer. And Microsoft seems to be unsure how to do the actual annotation, there seem to be 4 different ways/versions of doing it in Visual C++. class Test { public: [returnvalue:Post(Tainted=Yes)] static int returnsTainted() { return 0; } static int requiresUntainted([Pre(Tainted=No)] int p) { return p; } static void testAnalyzer() { int x = requiresUntainted(returnsTainted()); } }; Can anybody recommend another (free) static analyzer? Do you use them in your projects or do you rely on the compiler warnings (and you own programming skill)? I would like to try if it really helps me catching some bugs that are usually just not detected. Microsoft seems to catch quite a few bugs, but my projects aren't as complex as theirs. The clang project seems to provide a static analyzer, but it seems non-trivial to use it on anything but OS X. And there is Cppcheck, maybe I will try it when I have the time. Thanks for your help. -Christoph Harder On 23.10.2011 17:04, Kevin Jenkins wrote:
Can't find an answer in Google for that. But I would try creating a file, writing an annotation, then saving it. Then open the file in a text editor and make sure it's regular C++. If the annotations are saved in a separate file then you'd have to check that in along with the C++ file, which I can see being a nuisance with source control where people forget to check it in.
--------------------- To unsubscribe go to http://gameprogrammer.com/mailinglist.html