Help: static code anaylis
Thu May 14 08:36:59 GMT 2020
what exactly you mean by below lines
should pick more based on the code in question - read through the list
in the gcc manual), make sure you enable optimisation of at least -O1,
preferably -O2. The compiler will then do more analysis, and can give
more useful warnings. "
On Thu, May 14, 2020 at 2:37 AM David Brown <firstname.lastname@example.org>
> On 13/05/2020 19:51, Kunal Chauhan via Gcc-help wrote:
> > I have am not able to compile my binary,
> > Will still can i do some static ayalysis ?
> You can certainly get /some/ useful results even without generating a
> finished binary. You need to be able to compile the files you want to
> check, however.
> As well as using warnings (-Wall -Wextra is a reasonable start, but you
> should pick more based on the code in question - read through the list
> in the gcc manual), make sure you enable optimisation of at least -O1,
> preferably -O2. The compiler will then do more analysis, and can give
> more useful warnings.
> If you can't get enough from gcc, you can also try clang's tools - they
> can be better in some ways. (I hope that is not considered blasphemy on
> this list!) Beyond that, there are a variety of tools available - but
> they are mostly very niche, very expensive, or very outdated.
> > On 13 May 2020 11:18 p.m., "Jonathan Wakely" <email@example.com>
> > On Wed, 13 May 2020 at 17:57, Kunal Chauhan via Gcc-help
> > <firstname.lastname@example.org> wrote:
> >> Hi team
> >> I want my source file of c to be checked for code violations and null
> > check
> >> etc.
> > Make sure you're compiling with warnings turned on.
> >> As from logs crash is coming.
> > As Dan K. said, you'll probably get more reliable results from dynamic
> > instrumentation. Try using -fsanitize=undefined and/or
> > -fsanitize=address. Try using valgrind (not at the same time as
> > -fsantiize=address).
*Thanks with Regards!*
More information about the Gcc-help