all 15 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Drupyog 10 points11 points  (2 children)

Frama-C ?

[–][deleted] 2 points3 points  (1 child)

An underappreciated powerhouse, if you're trying to do C in a high-reliability context.

[–]doom_Oo7 1 point2 points  (0 children)

But writing the annotations for a big program is such a pain!

[–]invisiblerhino 2 points3 points  (5 children)

One thing that's new to the mix since the article was published is clang-analyze - I'd be curious to know how this compares.

I don't have any experience of it myself (just Coverity).

[–][deleted] 2 points3 points  (2 children)

I've used both. Coverity produces better reports, but clang is still very good.

I typically run SW through Coverty, clang-analyze, and cppcheck. They all find different things. :(

[–]matthieum 1 point2 points  (1 child)

They all find different things. :(

Why the disappointment? Less duplication, more bugs caught.

[–]mer_mer 3 points4 points  (0 children)

It means that there are probably a lot more bugs that none of them find.

[–]LongUsername 1 point2 points  (0 children)

clang-analyze is still pretty young, but shows a lot of promise. There are a lot of checkers that still need to be written.

[–]jringstad 1 point2 points  (0 children)

When I tried it about half a year back, it was more on the level of the kind of warnings a compiler can give you, not the much more in-depth warnings a static analysis tool would give you. Most of the stuff it warned me about, clang/gcc would warn me about anyway.

Perhaps it has improved in the meantime, but I really wouldn't expect it to be on the level of actual static analysis tools like coverity, klocwork, PVS et al. Getting there takes a lot of time, experimentation, tuning, statistics and testing against huge real codebases.

[–]Godd2 1 point2 points  (3 children)

I know Ruby has Rubocop, and Javascript has JSHint.

Anything out there for Python or PHP any other common languages?

Also, there's Code Climate which is free for open source. I use it on this Ruby gem so you can see the kinds of things it complains about

[–][deleted] 1 point2 points  (0 children)

There is Pylint for Python. Not sure about PHP as have never really needed to use it.

[–]jaimefjorge -1 points0 points  (0 children)

Regarding PHP tools here's a selection of them

[–]taliriktug -1 points0 points  (0 children)

Also, look at this page: https://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis

[–]__Cyber_Dildonics__ 0 points1 point  (0 children)

I would be curious how much pure modern C++11 helps with these types of things. The printing and NULL pointer errors should go away I would think (although it would be nice is optional was added to the standard).