The NPATH metric computes the number of possible execution paths through a function(method). It takes into account the nesting of conditional statements and multi-part boolean expressions (A && B, C || D, E ? F :G and their combinations).
The NPATH metric was designed base on Cyclomatic complexity to avoid problem of Cyclomatic complexity metric like nesting level within a function(method).
Metric was described at "NPATH: a measure of execution pathcomplexity and its applications". If you need detailed description of algorithm, please read that article, it is well written and have number of examples and details.
Here is some quotes:
An NPATH threshold value of 200 has been established for a function. The value 200 is based on studies done at AT&T Bell Laboratories [1988 year].
Some of the most effective methods of reducing the NPATH value include
- distributing functionality,
- implementing multiple if statements as a switch statement
- creating a separate function for logical expressions with a high count of and (&&) and or (||) operators.
Although strategies to reduce the NPATH complexity of functions are important, care must be taken not to distort the logical clarity of the software by applying a strategy to reduce the complexity of functions. That is, there is a point of diminishing return beyond which a further attempt at reduction of complexity distorts the logical clarity of the system structure.
Summing Up the Results
Of course, there are other analyzers, apart from the reviewed ones. There are both paid (Coverity, Klockwork, JArchitect, etc.) and free (Error Prone, Infer, Checkstyle, and so on). All of them are focused on one thing: to prevent flawed or potentially erroneous code from getting into production. I have no right to judge which of the analyzers is better for this task. But the analyzers developing data flow analysis and symbolic execution are more likely to find a real code bug.
If you're choosing a static analyzer, pay attention to:
The combination of all pros and cons will lead you to the number of static analyzers that you will consider the best.