It would be good to hear other HN:ers experience with various static analysis tools for C.
I have had good experiences with Flexelint (PC-Lint). It does not attempt to deeply analyze control flow, more like compiler additional warnings. It flags a lot of common mistakes and can basically turn C into a more strictly typed language. I feel a lot more confident in C code if I know that it passes lint, since it warns if you try to mix unsigned and signed ints, cast away const, call functions with wrong types etc.
Like many static analyzers it takes some work to set it up, and tune which warnings you actually car about. It is definitely business-priced and feel a bit old (although command line tools age well.
The is a clear lack of good open source tools. I tried all i could find, but Splint was the only one that would flag switch-cases without break. It was last updated in 2010.
I have had good experiences with Flexelint (PC-Lint). It does not attempt to deeply analyze control flow, more like compiler additional warnings. It flags a lot of common mistakes and can basically turn C into a more strictly typed language. I feel a lot more confident in C code if I know that it passes lint, since it warns if you try to mix unsigned and signed ints, cast away const, call functions with wrong types etc.
Like many static analyzers it takes some work to set it up, and tune which warnings you actually car about. It is definitely business-priced and feel a bit old (although command line tools age well.
The is a clear lack of good open source tools. I tried all i could find, but Splint was the only one that would flag switch-cases without break. It was last updated in 2010.