C++ analysis engine helps you to follow C++ Core Guidelines

Hello C++ developers,

We’re proud to announce that our coverage of C++ Core Guidelines and MISRA C++ 2008 is even broader now.

C++ Core Guideline

We’ve made an in depth study of the C++ Core Guidelines established by famous and respected C++ experts (among them Bjarne Stroustrup, the creator of the language and the convener of the C++ ISO standardization committee).

From this study, we managed to extract rules that can be executed automatically in your IDE through SonarLint or your build pipeline (thanks to SonarQube or SonarCloud).

A first batch of 20 rules has been implemented and just released as part of the new version of our C++ analysis engine:

Bug Detection

S5417: “std::move” and “std::forward” should not be confused (Bug)
S5486: Non recursive mutexes should not be consecutively locked or unlocked twice (Bug)
S5487: Mutexes should be properly initialized and destroyed (Bug)
S5489: Mutexes should be unlocked in the reverse order they were locked (Bug)
S2107: Member variables should be initialized (Bug)

Example of an issue raised by S5417: “std::move” and “std::forward” should not be confused:

Code Smell Detection

S5409: Hash functions should not throw (Code Smell)
S5419: The order for arguments of the same type in a function call should be obvious (Code Smell)
S5422: Functions should not have more than one argument of type “bool” (Code Smell)
S3230: Member data should be initialized in-class or in a constructor initialization list (Code Smell)
S5414: Classes should not contain both public and private data members (Code Smell)
S3490: Special member function should not be defined unless a non standard behavior is required (Code Smell)
S5485: Appropriate arguments should be passed to stream functions (Code Smell)
S5488: Appropriate arguments should be passed to UNIX/POSIX functions (Code Smell)
S5495: Capture by reference in lambdas used locally (Code Smell)
S5502: A single expression statement should not have more than one resource allocation (Code Smell)
S1236: Assignment operators should return non-“const” references (Code Smell)
S5506: “try_lock”, “lock” and “unlock” should not be directly used for mutexes (Code Smell)
S5523: Local variables should be initialized immediately (Code Smell)
S5524: Multiple mutexes should not be acquired with individual locks (Code Smell)
S945: Array type function arguments should not decay to pointers (Code Smell)

Example of an issue raised by S5502: A single expression statement should not have more than one resource allocation:

Example of an issue raised by S5524: Multiple mutexes should not be acquired with individual locks:

MISRA C++ 2008

Relying on MISRA C++ 2008 standard? We haven’t forgotten you; we added 6 rules dedicated to the standard:

S5312: If loop-counter is not modified by – or ++, then, within condition, the loop-counter shall only be used as an operand to <=, <, > or >= (Code Smell)
S5311: A for loop shall contain a single loop-counter which shall not have floating type (Code Smell)
S5313: The loop-counter shall not be modified within condition or statement (Code Smell)
S890: The loop-counter should be modified by one of: --, ++, -=n, or +=n; where n remains constant for the duration of the loop (Code Smell)
S5316: A loop-control-variable other than the loop-counter shall not be modified within condition or expression (Code Smell)
S892: A loop-control-variable other than the loop-counter which is modified in statement shall have type bool (Code Smell)

Example of an issue raised by S5313: The loop-counter shall not be modified within condition or statement:

Project Level Rule

The C++ analysis engine can now raise issues on the entire context of the project not just what can happen inside a single file. It opens the door to more clever rules such as the one we implemented to detect whether a given function is used or not across the entire code base of your project.

S5536: Functions that are not used in a project should be removed (Code Smell)

For more information, see the changelog.

You can already enjoy these new features on SonarCloud. For SonarQube users, these new features will be built in to the next version (8.1). In the meantime, you can get them by upgrading to v6.5 of the C/C++/Objective-C analysis engine.

Cheers,
Alex

7 Likes