how to deal with a static analyzer output
Posted
by Jim
on Stack Overflow
See other posts from Stack Overflow
or by Jim
Published on 2010-01-15T08:56:11Z
Indexed on
2010/05/27
17:11 UTC
Read the original article
Hit count: 259
c++
|static-analysis
We have started using a static analyzer (Coverity) on our code base. We were promptly stupefied by the sheer amount of warnings we received (its in the hundreds of thousands) , it will take the entire team a few mounts to clear them all (obliviously impossible).
the options we discussed so far are
1) hire a contractor to sort out the warning and fix them - he drawback: we will probably need very experiences people to do all these modifications, and no contractor will have required understanding of the code.
2) filter out the warning and deal only with the dangerous ones - the problem here is that our static analysis output will always be cluttered by warning making it difficult for us to isolate problems. also the filtering of the warning is also a major effort.
either way, bringing our code to a state when the static analyzer can be a useful tool for us seems a monumental task.
so how is it possible to work with the static analyzer without braining current development efforts into a complete stand still?
© Stack Overflow or respective owner