Clang includes a promising open source static analyzer to analyze C, C++ and Objective-C source code. Once you compile it from Clang source, it is very easy to use.
- Implemented as a C++ library and can be used by third party programs
- Can run as a standalone program or within Xcode (specific to Mac OS X development).
- Open source
- It is a work-in-progress so expect lack of precision and reduced scope of analysis
- Static analysis does a deeper code analysis and takes longer than normal compilation
- False positives may show up in the results as with any other static analysis too
- There is scope for adding more checks or analysis points
- To use it, you have to get the Git source of LLVM and Clang and compile them first. Follow the instructions here.
- The static analysis tools scan-build and scan-view are not compiled by default. You need to compile them separately using Clang. Follow the instructions here.
Usage is very simple. Once scan-build is compiled, invoke it along with your program’s normal make process:
$ scan-build --use-analyzer=/usr/local/bin/clang++ make
Webpage: Clang Static Analyzer