Coverity static analysis for C, C++ and Java code
It's a well known principle of software engineering that the earlier bugs can be caught, the lower the overall cost. As such, testing needs to happen at every level. Once your project is at the coding stage, the earliest form of testing is on the code itself, not on the binaries the compiler produces.
We run a variety of tools over critical codebases such as Upstart and Whoopsie regularly to identify issues well before they "escape into the wild". These tools include Coverity Scan (see the list of projects already using it).
If you really care about your code and you are involved with a C, C++ or Java project, I'd strongly encourage you to take a look at this awesome tool. If you aren't directly involved in such projects, try contacting those running them and suggesting they use Coverity.
The Coverity Scan service is entirely free for OSS projects. You will need to register to obtain an account and then download the client analysis tool. Once setup, a particularly attractive feature is the ability to auto-upload the analysis data generated for your project using ESR's coverity-submit tool. This could for example be hooked into your upload or release process to ensure no code quality regressions. After you have uploaded the analysis data, you can browse through the results of the scan using the web interface in a variety of ways, including a view that shows the errors "inline" with markers added around the code Coverity has identified as problematic.
For those who have either never used static analysis tools, or have simply never used Coverity, don't fall into the trap of thinking that gcc -pedantic -Wall or even LLVM's scan-build should be "good enough for anyone" - it simply is not. Consider too Steckel's Rule to Success,
"Good enough is never good enough"
Coverity performs very deep analysis and its results may well surprise you... but rather that than unexpected surprises for your users.
Apologies if this post sounds like a bit of a sales pitch. It really isn't though: the Coverity service is free and what they are offering really is too good to ignore.
Note: I have no affiliation with Coverity - I'm just extremely impressed with their Scan tool! :-)