Code smell can be also considered as a bug-prone situation, here’s it’s definition from wikipedia:<\/p>\n
In\u00a0computer programming,\u00a0code smell<\/b>, (or\u00a0bad smell<\/b>) is any\u00a0symptom\u00a0in the\u00a0source code\u00a0of a\u00a0program\u00a0that possibly indicates a deeper problem.\u00a0According to\u00a0Martin Fowler, \"a code smell is a surface indication that usually corresponds to a deeper problem in the system\".\u00a0Another way to look at smells is with respect to principles and quality:\u00a0\"smells are certain structures in the code that indicate violation of fundamental design principles and negatively impact design quality\". Code smells are usually not\u00a0bugs\u2014they are not technically incorrect and do not currently prevent the program from functioning. Instead, they indicate weaknesses in design that may be slowing down development or increasing the risk of bugs or failures in the future. Bad code smells can be an indicator of factors that contribute to\u00a0technical debt. Robert C. Martin\u00a0calls a list of code smells a \"value system\" for software craftsmanship.<\/pre>\nMany interesting tools exist to detect bugs in your C++ code base \u00a0like cppcheck, clang-tidy and visual studio analyzer. But what about the detection of the bug-prone situations?<\/p>\n
If the static analysis tools creators could decide which situations are considered as bugs, it\u2019s not the case of the\u00a0code smells\u00a0cases which depends on the development team choices. For example a team could consider that a method with more than \u00a020 lines is complex, another team could define the max to 30. If a tool provides the detection of the code smells ,\u00a0it\u00a0must provides also the possibility to customize it.<\/p>\n
Code as Data is the better way to detect the code smells<\/strong><\/p>\n
Static analysis is the idea of analyzing source code \u00a0for various properties and reporting on those properties, but it\u2019s also, philosophically, the idea of treating code as data.\u00a0 This is deeply weird to us as application developers, since we\u2019re very much used to thinking of source code as instructions, procedures, and algorithms.\u00a0 But it\u2019s also deeply powerful.<\/p>\n
After the source code analysis of a source file, we can extract its AST and generate a model\u00a0containing\u00a0 many interesting\u00a0data\u00a0 about the code. This way we can query it using a code query language similar to SQL.<\/p>\n
CppDepend\u00a0<\/a>provides a code query language named CQLinq<\/a> to query the code base like a database. Developers, designers and architects could define their custom queries to find easily the bug-prone situations.<\/p>\n
With CQlinq we can \u00a0combine the data from\u00a0the code metrics, dependencies,\u00a0API usage and other model\u00a0data to\u00a0\u00a0define very advanced queries that match some bug-prone situations.<\/p>\n
Here\u2019s an example \u00a0of a CQLinq query that matches the most complex methods:<\/p>\n
![\"bugs\"](\"http:\/\/www.javadepend.com\/Blog\/wp-content\/uploads\/bugs.png\")
<\/a><\/p>\n