cppcheck

cppcheck [options] path...

cppcheck performs static analysis on C/C++ source code to detect bugs, undefined behavior, and dangerous coding patterns without executing the program. It focuses on maintaining a low false positive rate, making warnings actionable and trustworthy.The tool analyzes code for memory leaks, null pointer dereferences, buffer overflows, uninitialized variables, and many other issues. It supports C++11 through C++20 standards and can check both individual files and entire project directories.Unlike compiler warnings, cppcheck performs deeper analysis including flow-sensitive checks and interprocedural analysis. It can detect issues that compilers typically miss while being faster and simpler to configure than comprehensive tools like Clang Static Analyzer.

--enable=checks

Enable checks: all, warning, style, performance, portability, information, unusedFunction

C/C++ standard: c89, c99, c11, c++03, c++11, c++14, c++17, c++20

Use n threads

Output as XML

Suppress warning type

Suppress from file

Include directory

Define preprocessor symbol

Check all configurations

Report uncertain results

Use compile database (compile_commands.json) or Visual Studio project file

Check level: normal (default), exhaustive (deeper analysis), reduced (faster)

Build directory for faster rechecking and whole-program analysis

Target platform: unix32, unix64, win32A, win32W, win64, native

Custom error message format (e.g., gcc, vs, {file}:{line}: {message})

Maximum configurations to check per file (default: 12)

Suppress progress output

error: Bugs and undefined behaviorwarning: Defensive coding issuesstyle: Code style issuesperformance: Optimization suggestionsportability: Cross-platform issues

Cannot analyze included headers without proper include paths. Use with clang-tidy for comprehensive analysis.

clang-tidy(1), cpplint(1), gcc(1)