
GCC diagnostics are great, but they are not enough - Tatyanazaxarova
https://medium.com/@emma_programmer/gcc-diagnostics-are-great-but-they-are-not-enough-718cdd1f1bfc
======
Bino
I mostly agree, but keep in mind that there are a differences in their goals;
so a straight up comparison may not be all that fair. I think compilers try to
avoid FP in their reporting, hence a little bit restricted and held back in
the types of warnings they add, while many tools may shot at anything that
looks suspicious. I still use static analyzers, even thou they have "FP rates"
and it has saved me once or twice so it's still worth it.

I think (if you have the time and resources) you should try every tool
available on your code, they really catch different things (and in some cases,
tools which are solely "regex/pattern" based may find things that "we parse
and understand everything"-tools miss.

