[pjmlp]

CppCon 2015 as Herb Sutter asked the audience how many use regularly any form of static analysis tools, the answer was around 1% of the audience.

The video is easy to find if you want to watch it.

So apparently the tools might be there, but they are ignored by those that should be using them in first place.

[Filligree]

Many of those tools cost money, where we're used to programming tools being gratis.

Probably a lot of it is simply lack of familiarity, though. I've never seen a university course that even touches on this...

[jerf]

Developers, on average, don't even use the free tools.

I mean, speaking as one of the 1% who fully voluntarily uses these sorts of tools (and can generally only get free ones either because the price is prohibitive for the expensive ones, or I'm working in languages that expensive ones don't exist for), I think you're all bloody loonies for not doing it too. Offload to the tools everything you can, to save your precious brain cycles for the stuff that matters. Makes you look like even more of a hero.

(The excuse I see all too often that by doing that you'll atrophy your own judgment is, by the way, itself just proof you've never used these tools, or at least not used them properly. If you use them frequently, i.e., at commit-time, rather than quarterly-release time, they train you by telling you what you did wrong, and you learn how to write better code that meets their criteria fairly quickly. They make you a better programmer. These things should be used early and often; I'm sure a lot of the reasons people tend to not enjoy using them is that they want to write a quarter million lines of code without ever consulting the tool, then run it once at the end. That is a terrible plan. The tool will scream bloody murder and especially in C you are very likely to discover that your entire architecture is fundamentally impossible to fix now, making it very discouraging. Use the tools early and often. Seriously, as soon as you've created the new project and have hello world going, hook up the tools. They both provide more value and are way easier to use that way.)

[pjmlp]

This current FOSS generation is used to tools being gratis, but want to get payed for their work.

I always had to pay for my tools, just like any other professional.

And I still do pay for the tools I think are worthwhile, if not upfront, at least as donation.

[sanxiyn]

Well, Facebook Infer is open source, but many are not running even that!

http://fbinfer.com/

[generic_user]

That's a fair point. And for a large portion of software the benefits of C/C++ do not outweigh the potential costs and code should be written in a more protective language.

But that does not change the fact that C/C++ is preferable and often the best choice in certain domains.

[pjmlp]

I don't put C and C++ on the same bag, even though you can write C like code in C++.

While one might not be able to pay for tools for static analysis, there is no excuse to ignore the type safety improvements C++ has over C.

Anyone that writes C with C++ compiler, should keep using a C compiler if he/she wants to stay in the past.