I’ve written a half-dozen posts on /analyze, but since it is only available in the super-ultimate-team-extreme-ultimate edition of Visual Studio this information is of purely theoretical value for many people. It turns out, however, that there are two three ways to get the /analyze capable compiler for free.
/analyze in VS 2012
Starting with VS 2012 Microsoft decided to make /analyze available in the professional SKU, instead of hiding it in the superman version. And they added 64-bit /analyze support. And the VS 2012 version of /analyze is better. That should simplify your decision about whether to use /analyze.
/analyze in the Windows SDK
The Windows SDK is a grab bag of tools, libraries, and header files that every serious developer should have installed. It includes Debugging Tools for Windows, Application Verifier, Windows Performance Toolkit, and much more. And, it includes compilers. Tasty compilers, that support /analyze.
The first thing to be aware of is that a web search for the Windows SDK may point you at an obsolete version. Make sure that you are installing “Microsoft Windows SDK for Windows 7 and .NET Framework 4”. If it says Framework 3.5 then it’s the previous version, and you don’t want that.
The second thing to be aware of is a glitch with the compiler portion of the install. The Windows SDK compilers are actually incompatible with SP1 of Visual Studio 2010 (which everybody should have installed). Microsoft recognizes this and has issued a patch, but this means that a two-step dance is required:
Step 1: Install the Windows SDK but make sure that the “Visual C++ Compilers” option is not checked. If it is checked then the Windows SDK will fail to install. You have to have something checked, and I’d recommend at least the Windows Performance Toolkit (xperf), but the ideal choice would be “everything but the compilers”:
Step 2: Now that you have installed part of the Windows SDK you can install the updated compilers, officially known as the Microsoft Visual C++ 2010 Service Pack 1 Compiler Update for the Windows SDK 7.1. Ah, Microsoft product naming at its finest.
That’s it. You’re set. You should now be able to add /analyze to your C++ command line and start exploring all the goodness and weirdness which is /analyze.
/analyze in Visual Studio 11 (VS 2012)
Visual Studio 11 Developer Preview is out and available for download from here. Visual Studio 11 can load VS 2010 projects without modification, so experimenting with it is easy. In fact, Visual Studio 11 is so compatible that you may at first not notice any differences. The icons are the same and if you load a VS 2010 project then, by default, it will compile it with the VS 2010 compiler. However you can open up the project properties, go to General, Platform Toolset, and change it from v100 to v110. Voila!
You can also use the Upgrade option in the menu, which is a more convenient way of changing the platform toolset. It warns that the process is irreversible, but for native code projects this doesn’t seem to be the case.
Because the VS 11 Developer Preview is a full install of the Ultimate SKU it has the Code Analysis section in the project properties. I’ve grown used to adding /analyze commands to the C++ command line, but either method works.
Building with the VS 11 compiler is a great option because the /analyze support in VS 11 is significantly improved. It finds new types of bugs (use-after-free!) and it fixes some of the false positives that I have complained about previously. It doesn’t fix all of the reported bugs, and there seem to be some new bugs and header-file issues, but it’s still valuable for at least some scenarios. And, if you use VS 11 now and report bugs then you can help make sure that the final version of VS 11 is as high quality as possible.
Summary
Whichever option you choose you now have a compiler that can find tons of bugs in your code. In one large project I used /analyze on I found over 200 printf/varargs bugs, and a large number of miscellaneous other serious bugs as well. Recommended.
Random ASCII - tech blog of Bruce Dawson 
Pingback: Increased Reliability Through More Crashes | Random ASCII
Analyze works best with .
The analysis done by VC’s /analyze switch is function-scoped (aka local analysis). It won’t automatically catch errors that span multiple functions. To make up for this, it supports “SAL” annotations on function parameters and return values. If the functions in your header files are fully annotated with _In_, _In_bytecount(len), etc., /analyze analysis becomes much more useful. It will validate that your function calls meet the called function’s stated preconditions and that your function uses the called function’s results according to the called function’s postconditions.
Absolutely right Doug. Most Microsoft functions are annotated already, but annotating your own function prototypes helps greatly. When I annotated all of our printf style functions I found over 200 print/varargs errors and dozens of potential buffer overruns. The great things about those warnings is that they are 100% accurate because the annotations tell /analyze exactly what the pre-conditions are.
Hi Bruce — you’ve definitely sold me on /analyze, but the first thing I encountered after following your installation instructions for MSVC10 was a warning (D9040) that /analyze does only works for x86 projects. Is there an extra step involved to get x64 support, or is this a legitimate limitation in the current implementation? If the latter, that seems like a serious shortcoming in an increasingly 64-bit world; either way it’s probably worth mentioning.
[Apologies if this is a duplicate comment. I thought I posted something similar a few days ago, but it never showed up, and I fear my browser may have eaten it.]
Yeah, I should probably have mentioned in a post the rather annoying limitation that /analyze only works for 32-bit. Lame, I know. For most of my projects it’s not too bad since we have a 32-bit version anyway, but for 64-bit only projects it would be particularly annoying. And, of course, any 64-bit only bugs won’t be found.
Thanks for the excellent explanation! Just want to point out a small thing that compiler options are case-sensitive so you should write /analyze, not /Analyze. took me a little while to realize this. 🙂
Hah! That’s hilarious. I’ve corrected the title to avoid future confusion. Thanks for commenting.
A further tip if you have to stick with VS2010 and already have 2010 SP1
http://ctrlf5.net/?p=184 Andreas in comments proposes the fix that worked for me…
SDK tries to install an older version but the VCRedist_xxx.exe installer fails because a newer version is already installed (typically some 10.0.4xxxx version).
BTW Great website content – learned a lot
The instructions say that when you install the SDK you should make sure that the Visual C++ Compilers check box is not checked, thus preventing the problem you describe where the SDK tries to install an older version. Then you should run the “Microsoft Visual C++ 2010 Service Pack 1 Compiler Update for the Windows SDK 7.1.”
I’ve found that following those steps works completely reliably on VS 2010 SP1.
Pingback: VC++ /analyze Bug Finder Bug Fixed | Random ASCII