Code analysis for C/C++ overview
The C/C++ Code Analysis tool provides information about possible defects in your C/C++ source code. Common coding errors reported by the tool include buffer overruns, uninitialized memory, null pointer dereferences, and memory and resource leaks. The tool can also run checks against the C++ Core Guidelines.
IDE (integrated development environment) integration
The code analysis tool is fully integrated within the Visual Studio IDE.
During the build process, any warnings generated for the source code appear in the Error List. You can navigate to source code that caused the warning, and you can view additional information about the cause and possible solutions of the issue.
Command line support
You can also use the analysis tool from the command line, as shown in the following example:
C:\>cl /analyze Sample.cpp
Visual Studio 2017 version 15.7 and later: You can run the tool from the command line with any build system including CMake.
You can use the
#pragma directive to treat warnings as errors; enable or disable warnings, and suppress warnings for individual lines of code. For more information, see Pragma Directives and the __Pragma Keyword.
Annotations improve the accuracy of the code analysis. Annotations provide additional information about pre- and post- conditions on function parameters and return types. For more information, see Using SAL Annotations to Reduce C/C++ Code Defects.
Run analysis tool as part of check-in policy
You might want to require that all source code check-ins satisfy certain policies. In particular, you want to make sure that analysis was run as a step of the most recent local build. For more information about enabling a code analysis check-in policy, see Creating and Using Code Analysis Check-In Policies.
Team Build integration
You can use the integrated features of the build system to run code analysis tool as a step of the Team Foundation Server build process. For more information, see Azure Pipelines.
- Quickstart: Code analysis for C/C++
- Walkthrough: Analyze C/C++ Code for Defects
- Code Analysis for C/C++ Warnings
- Use the C++ Core Guidelines checkers
- C++ Core Guidelines Checker Reference
- Use Rule Sets to Specify the C++ Rules to Run
- Analyze Driver Quality by Using Code Analysis Tools
- Code Analysis for Drivers Warnings