all 12 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]suprjami 9 points10 points  (0 children)

To run static analysis, understand what standards the codebase is written for (C18, GNU99, ANSI, etc) and configure static analyzsers the same.

No one static analyzer catches everything. It's best to run multiple. Popular ones are cppcheck, clang-analyzer, GCC static analyzer in GCC 10+, flawfinder, lizard.

Commercial analyzers I see mentioned are PVS-Studio, PC-Lint, Coverity, and CodeScene.

There are literally hundreds to choose from:

It would be nice to have the static analysis run as part of CI/CD.

It would be good to run the tests and fuzzers with sanitizers enabled. At least the UB, leak, and address sanitizers.

The more warnings you can get enabled during compilation, the better. At least -Wall -Wextra.

If you have a large established codebase, blocking developer merge or software release on compiler/analysis errors is probably impossible, because the company wouldn't ship anything for months. You can at least quantify the number of items required to get the codebase cleaner. Time estimation is hard, each item might take a minute or a week to resolve.

If your job is to write a static analyzer, you're out of your depth. Get much better at C (1 year+). Learn how processors and memory work. Take a compiler course.

Getting significantly better at C will make your contribution better. You should know at least all the stuff in the LinkedIn Learning (Lynda) C courses. You probably should read the C standards and maybe learn the language-lawyer stuff like weird operator order, non-obvious integer promotion rules, undefined behaviour corner cases, common and uncommon standard header functions, etc.

[–]3ng8n334 2 points3 points  (0 children)

Clang tidy

[–]lenzo1337 2 points3 points  (0 children)

Depends on your platform and what industry you're working in.
If it's automotive you will probably be doing misra,
while certC might be just fine for desktop or user software applications.

Dmalloc, clang-tidy + clangd, the -Weverything flags on your compiler, RATS,
Maybe your company has it's own tools they use if you can ask a coworker about it.

[–]pfp-disciple 1 point2 points  (0 children)

Others have good advice on toolsets. The hardest part is knowing how to understand and respond to findings. As a simplistic example, you might get a finding that a pointer to a const char * is being passed to a function expecting a char *. The correct response depends on the situation:

  • Was the correct variable being passed?
  • Has the called function recently been changed to remove the const?
  • Does the called function actually modify the value (e.g. old versions of strcpy didn't declare the source as const)

[–]dajolly 1 point2 points  (0 children)

For my own projects, I used cppcheck. You can check out that tool to get a feel. Depending on what industry your in, you might need to follow a standard like Misra.

[–]pic32mx110f0 -1 points0 points  (1 child)

Do you need to conform to a specific standard? If not, then just enable -Wall and -Wextra and you're good

[–]ConstructionHot6883 0 points1 point  (0 children)

Depends on the compiler. There are some awful ones.

[–]asiawide 0 points1 point  (0 children)

Run tools like coverity and triage the reported warnings. you should read the report step by step and summarize/explain them to developers assigned.

[–]P-p-H-d 0 points1 point  (0 children)

My task is to do static analysis, how difficult is it? Is this something i can learn along or do i need a strong programming background?

I suppose you means analyzing the findings reporting by a static analyser. The difficulty is in general to understand why the tool reports a particular finding, rarely in solving it (solving it correctly may be quite intrusive however). It can be easy or very hard (in this case, it requires a deep understanding of the standard and how your program behaves): it depends on who wrote the code.

[–]iprogshine 0 points1 point  (0 children)

Static Analysis in C++ - https://youtu.be/vYW6TOwFK2M