Export (0) Print
Expand All

Analyze C++ code quality of Store apps using Visual Studio static code analysis

Applies to Windows and Windows Phone

The code analysis tool in Visual Studio express editions examines your code for a set of common problems and violations of good programming practice. Code analysis warnings differ from compiler errors and warnings because code analysis searches for specific code patterns that are valid but could still create issues for you or other people who use your code. Code analysis can also find defects in your code that are difficult to discover through testing. Running the code analysis tool at regular intervals during your development process can enhance the quality of your completed app.

Note Note

In Visual Studio Ultimate, Visual Studio Premium, and Visual Studio Professional, you can use the full functionality of code analysis tools. See Analyzing Application Quality by Using Code Analysis Tools in the MSDN Library.

To run code analysis on your Visual Studio solution:

  • On the Build menu, choose Run Code Analysis on Solution.

To automatically run code analysis each time you build a project:

  1. Choose the project name in Solution Explorer and then choose Properties.

  2. In the project property page, choose Code Analysis and then choose Enable Code Analysis for C/C++ on Build.

The solution is compiled and code analysis runs. Results appear in the Code Analysis window.

Code Analysis window

To analyze a specific warning, choose the title of the warning in the Code Analysis window. The warning expands to display detailed information about the issue. When possible, code analysis displays the line number and analysis logic that led to the warning.

Expanded code analysis warning

When you expand a warning, the lines of code that caused the warning are highlighted in the Visual Studio code editor.

Highlighted source code

After you understand the problem, you can resolve it in your code. Then rerun code analysis to make sure that the warning no longer appears in the Code Analysis window, and that your fix has not raised new warnings.

Tip Tip

You can rerun code analysis from the Code Analysis window. Choose the Analyze button and then choose the scope of the analysis. You can rerun analysis on the entire solution or on a selected project.

There are times when you might decide not to fix a code analysis warning. You might decide that resolving the warning requires too much recoding in relation to the probability that the issue will arise in any real-world implementation of your code. Or you might believe that the analysis that is used in the warning is inappropriate for the particular context. You can suppress individual warnings so that they no longer appear in the Code Analysis window.

To suppress a warning:

  1. If the detailed information is not displayed, expand the title of the warning.

  2. Choose the Actions link at the bottom of the warning.

  3. Choose to Suppress Message and then choose In Source.

Suppressing a message inserts #pragma(warning:WarningId) that suppresses the warning for the line of code.

You can search long lists of warning messages and you can filter warnings in multi-project solutions.

Search and filter the code analysis window

Code analysis raises the following warnings for C++ code:

Rule

Description

C6001

Using Uninitialized Memory

C6011

Dereferencing Null Pointer

C6029

Use Of Unchecked Value

C6053

Zero Termination From Call

C6059

Bad Concatenation

C6063

Missing String Argument To Format Function

C6064

Missing Integer Argument To Format Function

C6066

Missing Pointer Argument To Format Function

C6067

Missing String Pointer Argument To Format Function

C6101

Returning uninitialized memory

C6200

Index Exceeds Buffer Maximum

C6201

Index Exceeds Stack Buffer Maximum

C6270

Missing Float Argument To Format Function

C6271

Extra Argument To Format Function

C6272

Non-Float Argument To Format Function

C6273

Non-Integer Argumen To Format Function

C6274

Non-Character Argument To Format Function

C6276

Invalid String Cast

C6277

Invalid CreateProcess Call

C6284

Invalid Object Argument To Format Function

C6290

Logical-Not Bitwise-And Precedence

C6291

Logical-Not Bitwise-Or Precedence

C6302

Invalid Character String Argument To Format Function

C6303

Invalid Wide Character String Argument To Format Function

C6305

Mismatched Size And Count Use

C6306

Incorrect Variable Argument Function Call

C6328

Potential Argument Type Mismatch

C6385

Read Overrun

C6386

Write Overrun

C6387

Invalid Parameter Value

C6500

Invalid Attribute Property

C6501

Conflicting Attribute Property Values

C6503

References Cannot Be Null

C6504

Null On Non-Pointer

C6505

MustCheck On Void

C6506

Buffer Size On Non-Pointer Or Array

C6507

Null Mismatch At Dereference Zero

C6508

Write Access On Constant

C6509

Return Used On Precondition

C6510

Null Terminated On Non-Pointer

C6511

MustCheck Must Be Yes Or No

C6513

Element Size Without Buffer Size

C6514

Buffer Size Exceeds Array Size

C6515

Buffer Size On Non-Pointer

C6516

No Properties On Attribute

C6517

Valid Size On Non-Readable Buffer

C6518

Writable Size On Non-Writable Buffer

C6519

Invalid annotation: value of the 'NeedsRelease' property must be Yes or No

C6521

Invalid Size String Dereference

C6522

Invalid Size String Type

C6523

Invalid Size String Parameter

C6525

Invalid Size String Unreachable Location

C6526

Invalid Size String Buffer Type

C6527

Invalid annotation: 'NeedsRelease' property may not be used on values of void type

C6530

Unrecognized Format String Style

C6540

The use of attribute annotations on this function will invalidate all of its existing __declspec annotations

C6551

Invalid size specification: expression not parsable

C6552

Invalid Deref= or Notref=: expression not parsable

C6701

The value is not a valid Yes/No/Maybe value

C6702

The value is not a string value

C6703

The value is not a number

C6704

Unexpected Annotation Expression Error

C6705

Expected number of arguments for annotation does not match actual number of arguments for annotation

C6706

Unexpected Annotation Error for annotation

C28021

The parameter being annotated must be a pointer

C28182

Dereferencing NULL pointer. The pointer contains the same NULL value as another pointer did.

C28202

Illegal reference to non-static member

C28203

Ambiguous reference to class member.

C28205

_Success_ or _On_failure_ used in an illegal context

C28206

Left operand points to a struct, use '->'

C28207

Left operand is a struct, use '.'

C28210

Annotations for the __on_failure context must not be in explicit pre context

C28211

Static context name expected for SAL_context

C28212

Pointer expression expected for annotation

C28213

The _Use_decl_annotations_ annotation must be used to reference, without modification, a prior declaration.

C28214

Attribute parameter names must be p1...p9

C28215

The typefix cannot be applied to a parameter that already has a typefix

C28216

The checkReturn annotation only applies to postconditions for the specific function parameter.

C28217

For function, the number of parameters to annotation does not match that found at file

C28218

For function paramteer, the annotation's parameter does not match that found at file

C28219

Member of enumeration expected for annotation the parameter in the annotation

C28220

Integer expression expected for annotation the parameter in the annotation

C28221

String expression expected for the parameter in the annotation

C28222

__yes, __no, or __maybe expected for annotation

C28223

Did not find expected Token/identifier for annotation, parameter

C28224

Annotation requires parameters

C28225

Did not find the correct number of required parameters in annotation

C28226

Annotation cannot also be a PrimOp (in current declaration)

C28227

Annotation cannot also be a PrimOp (see prior declaration)

C28228

Annotation parameter: cannot use type in annotations

C28229

Annotation does not support parameters

C28230

The type of parameter has no member.

C28231

Annotation is only valid on array

C28232

pre, post, or deref not applied to any annotation

C28233

pre, post, or deref applied to a block

C28234

__at expression does not apply to current function

C28235

The function cannot stand alone as an annotation

C28236

The annotation cannot be used in an expression

C28237

The annotation on parameter is no longer supported

C28238

The annotation on parameter has more than one of value, stringValue, and longValue. Use paramn=xxx

C28239

The annotation on parameter has both value, stringValue, or longValue; and paramn=xxx. Use only paramn=xxx

C28240

The annotation on parameter has param2 but no param1

C28241

The annotation for function on parameter is not recognized

C28243

The annotation for function on parameter requires more dereferences than the actual type annotated allows

C28245

The annotation for function annotates 'this' on a non-member-function

C28246

The parameter annotation for function does not match the type of the parameter

C28250

Inconsistent annotation for function: the prior instance has an error.

C28251

Inconsistent annotation for function: this instance has an error.

C28252

Inconsistent annotation for function: parameter has another annotations on this instance.

C28253

Inconsistent annotation for function: parameter has another annotations on this instance.

C28254

dynamic_cast<>() is not supported in annotations

C28262

A syntax error in the annotation was found in function, for annotation

C28263

A syntax error in a conditional annotation was found for Intrinsic annotation

C28264

Result lists values must be constants.

C28267

A syntax error in the annotations was found annotation in the function.

C28272

The annotation for function, parameter when examining is inconsistent with the function declaration

C28273

For function, the clues are inconsistent with the function declaration

C28275

The parameter to _Macro_value_ is null

C28279

For symbol, a 'begin' was found without a matching 'end'

C28280

For symbol, an 'end' was found without a matching 'begin'

C28282

Format Strings must be in preconditions

C28285

For function, syntax error in parameter

C28286

For function, syntax error near the end

C28287

For function, syntax Error in _At_() annotation (unrecognized parameter name)

C28288

For function, syntax Error in _At_() annotation (invalid parameter name)

C28289

For function: ReadableTo or WritableTo did not have a limit-spec as a parameter

C28290

the annotation for function contains more Externals than the actual number of parameters

C28291

post null/notnull at deref level 0 is meaningless for function.

C28300

Expression operands of incompatible types for operator

C28301

No annotations for first declaration of function.

C28302

An extra _Deref_ operator was found on annotation.

C28303

An ambiguous _Deref_ operator was found on annotation.

C28304

An improperly placed _Notref_ operator was found applied to token.

C28305

An error while parsing a token was discovered.

C28350

The annotation describes a situation that is not conditionally applicable.

C28351

The annotation describes where a dynamic value (a variable) cannot be used in the condition.

Show:
© 2015 Microsoft