6.2 Static analysis
Static analysis is a crucial technique in software development that involves inspecting the code without actually running the program. This method focuses on analyzing either the source code or its compiled version to detect a variety of issues, such as errors, vulnerabilities, and deviations from coding standards. Unlike dynamic analysis, which requires the execution of the program, static analysis allows for examining the code in a non-runtime environment.
More generally, static analysis aims to check a specific property of a computer program based on its meaning; that is, it can be considered a part of semantic analysis (see Figure 2.6, Parser). For instance, if 𝒞 is the set of all C/C++ programs and 𝒫 is a property of such a program, then the goal of static analysis is to check the property for a specific program P ∈𝒞, that is, to answer the question of whether 𝒫(P) is true or false.
Our Clang-Tidy check from the previous...
