|
|
|
|
|
|
by yaantc
973 days ago
|
|
|
> It's not that Clang is bad, but it has inherent limitations because it only analyzes a single source file and stops analysis when you call a function from another module. Nowadays that's only the default. But you can enable "cross translation units" [1] support to perform analysis across all the files of an application. It's easier to deploy CTU by using CodeChecker [2]. Also for the Clang static analyzer: make sure the build does use Z3. It should be the case now in most distro (it's the case in Debian stable ;). It will improve the results. With both CTU and Z3 I'm very happy with the results. Klocwork mostly only reported false alarms after a clean CodeChecker pass. [1] https://clang.llvm.org/docs/analyzer/user-docs/CrossTranslationUnit.html
[2] https://codechecker.readthedocs.io/en/latest/
|
|
|