Re: Is splint the best for static code checking? I mean free.

On Mar 19, 3:19 pm, Måns Rullgård <m...@xxxxxxxxx> wrote:
Emmanuel Fleury <emmanuel.fle...@xxxxxxxx> writes:
But, in any case, don't rely too much on splint (and on any static
analysis tools). They only cover _partially_ the bugs that you might put
into your code and might raise false positives. They are quite useful to
automate and systematize the search of stupid and common bugs but of no
use for some more advanced ones.

In my experience, lint tools will only find bugs that can be easily
avoided with a half-decent design and a little discipline while
coding.

What is half-decent design?
Your conclusion is based on the fact you are mostly doing personal
development?
In my company, the employee buys commercial tools for static
analyzing. This can find a lot of potential bugs, really, and can save
our many time versus spending time to debug the bugs.
As a *team*, once you think you are a so skilled programmer, but you
can't ensure your partner are skillful as you. To ensure the quality,
you have two choice:
1) Check every line of other's code to find the bugs.
2) Using tools to do this for you.

Of course, you can't suppose the tools to find all the bugs for you,
it just can help you a little more, and more consistent than you.

No one can produce code with bug-free. What we can do is going to
minimize it.


.