帮助
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Static/dynamic code analysing tools

取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
显示  仅  | 搜索替代 
您的意思是: 
已解决
跳至解决方案

Static/dynamic code analysing tools

跳至解决方案
‎08-22-2013 10:27 PM
1,580 次查看
VictorLorenzo
Contributor IV

Hi,

 

Is there any free code analysis tool that could be integrated with CodeWarrior 10.4 for MCU? I've seen around several tools of this type, but all are way too expensive.

 

Victor

标签 (1)
标签
回复
1 解答

跳至解决方案
‎08-23-2013 06:31 AM
996 次查看
BlackNight
NXP Employee
NXP Employee

Yes, this is correct: Linticator is not free and requires PC-lint with is not free neither.

In my view PC-lint is still one of the best-in-class static analysis tools.

How to use it without Linticator: Linting without a plugin | MCU on Eclipse

The Eclipse built-in is very basic (better than nothing). I have seen other (free) tools for gcc/ARM, but honestly I had no time to look into this.

Maybe somebody else can share his experience?

在原帖中查看解决方案

0 项奖励
回复
5 回复数

跳至解决方案
‎08-22-2013 10:35 PM
996 次查看
ZhangJennie
NXP TechSupport
NXP TechSupport

these thread from Erich Styger should help:

http://mcuoneclipse.com/2013/01/06/free-static-code-analysis-with-eclipse/

Eclipse and PC-lint: Linticator | MCU on Eclipse

0 项奖励
回复

跳至解决方案
‎08-23-2013 05:01 AM
996 次查看
VictorLorenzo
Contributor IV

Sorry, one more detail, Linticator is not free and, curiously, requires you to previously install PC-Lint, which is not free either. Support for Linticator is only granted for six months after purchase, which is not a so good point.

As another payed alternative QA-C (from Programming Research) seems to be option to take into account as it can also integrate in Eclipse and CodeWarrior.

0 项奖励
回复

跳至解决方案
‎08-23-2013 06:31 AM
997 次查看
BlackNight
NXP Employee
NXP Employee

Yes, this is correct: Linticator is not free and requires PC-lint with is not free neither.

In my view PC-lint is still one of the best-in-class static analysis tools.

How to use it without Linticator: Linting without a plugin | MCU on Eclipse

The Eclipse built-in is very basic (better than nothing). I have seen other (free) tools for gcc/ARM, but honestly I had no time to look into this.

Maybe somebody else can share his experience?

0 项奖励
回复

跳至解决方案
‎08-25-2013 10:44 PM
996 次查看
VictorLorenzo
Contributor IV

Some times I go and see the PC-Lint on-line interactive demo to check small portions of code. Thanks for the link, I think it's a well presented and easy to follow how-to.

回复

跳至解决方案
‎08-23-2013 04:48 AM
996 次查看
VictorLorenzo
Contributor IV

Hi Zhang,

Yes, I was already aware of that analyzer included in the CW IDE, in fact I'm using it sometimes. But in my opinion the results from that tool are not yet reliable. For example, see the picture below, in one hand the tool reports as a bug something that (probably) is not exactly a bug but (perhaps) a bad programming practice. In the other hand, it does not recognize one severe security flaw (buffer overrun) in the function InitMyData().

The function named MyFunction() does have a return statement, but the tool reports the function as not having a return statement. The function InitMyData() is writing to one location out of bounds (2 bytes out).

bug.png

This two isses are correctly detected by some other tools like FlexeLint, which only reports as a bug the out of bounds access in function InitMyData() and reports these two messages:

Warning 416:  Likely creation of out-of-bounds pointer (2 beyond end of data) by operator '['

Warning 415:  Likely access of out-of-bounds pointer (2 beyond end of data) by operator '['

Victor

0 项奖励
回复