← Back to Topics

Static Analysis Tools

Discussions center on the use, recommendations, limitations, and specific tools for static code analysis, including Clang, Coverity, Klocwork, and why developers underutilize them.

πŸ“‰ Falling 0.5x Programming Languages
3,966
Comments
19
Years Active
5
Top Authors
#530
Topic ID

Activity Over Time

2008
6
2009
17
2010
34
2011
95
2012
125
2013
130
2014
207
2015
293
2016
266
2017
257
2018
196
2019
339
2020
318
2021
340
2022
371
2023
375
2024
246
2025
317
2026
34

Top Contributors

pjmlp (164) nickpsecurity (58) UncleMeat (46) AndreyKarpov (40) ryao (24)

Keywords

e.g PHP EXE SAT cacm.acm ROI UI USENIX UX c.com static analysis static analysis tools code compiler clang languages false compilers

Sample Comments

google234123 β€’ May 7, 2020 β€’ View on HN

Sadly, that's typical with static analyzers todays...

pabs3 β€’ Sep 24, 2021 β€’ View on HN

The static analysis tools being developed to check this:https://news.ycombinator.com/item?id=28638885

throwaway2037 β€’ Jul 5, 2024 β€’ View on HN

Do any static analysis tools (commercial or open source) already do this now?

remexre β€’ Feb 3, 2023 β€’ View on HN

Which static analysis tools do you recommend?

AndreyKarpov β€’ Dec 17, 2012 β€’ View on HN

A good reason to use the right tools of static analysis, rather than look manually. ;)

AndreyKarpov β€’ Jun 26, 2015 β€’ View on HN

Parallel Reddit discussion: https://www.reddit.com/r/programming/comments/3b67pi/why_don...

adrianN β€’ Dec 7, 2017 β€’ View on HN

That's what clang's static analyzer is for. The analysis is pretty difficult and would slow down compilation unnecessarily.

pjmlp β€’ Aug 29, 2022 β€’ View on HN

Use static analysers, just like you have to do on C and C++ to handle many of their flaws.

mikeash β€’ Dec 7, 2017 β€’ View on HN

The static analyzer is extremely useful. Why aren’t people running it?

humaid β€’ Feb 26, 2020 β€’ View on HN

You might want to check this out: https://github.com/mre/awesome-static-analysis