http://daniel.haxx.se/blog/2012/07/12/three-static-code-analyzers-compared/
Conclusion
From this test of a single source base, I rank them in this order:
-
Coverity – very accurate reports and few false positives
-
clang-analyzer – awesome reports, missed slightly too many issues and reported slightly too many false positives
-
Fortify – the good parts drown in all those hundreds of false positives
-
阅读(1528) | 评论(0) | 转发(0) |