In my last C role static analysis was a big part of improving the quality of our aging codebase. It indescriminately finds bugs that are small oopsies of forgetting to free some memory, to invalid accesses in massively tangled and intertwined layers of network and hardware IO.
Personal projects have always started with the good intention of making sure static analysis is there and maintained throughout, butttt ... intentions -.-
But it's so easy, so we're doing it! The game toolset compiles with clang everywhere, so all we need is prepend our
make to become
scan-build make and look, we've already been making mistakes!
Better yet, add a little flag at the end so we will always have something universal to remember and run.
Now our command is
make scan=true, and whatever extra setup and flags we want to add after looking a little more into it later on.