FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Static/dynamic code analysing tools

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

Static/dynamic code analysing tools

Jump to solution
‎08-22-2013 10:27 PM
1,528 Views
VictorLorenzo
Contributor IV

Hi,

 

Is there any free code analysis tool that could be integrated with CodeWarrior 10.4 for MCU? I've seen around several tools of this type, but all are way too expensive.

 

Victor

Labels (1)
Labels
Reply
1 Solution

Jump to solution
‎08-23-2013 06:31 AM
944 Views
BlackNight
NXP Employee
NXP Employee

Yes, this is correct: Linticator is not free and requires PC-lint with is not free neither.

In my view PC-lint is still one of the best-in-class static analysis tools.

How to use it without Linticator: Linting without a plugin | MCU on Eclipse

The Eclipse built-in is very basic (better than nothing). I have seen other (free) tools for gcc/ARM, but honestly I had no time to look into this.

Maybe somebody else can share his experience?

View solution in original post

0 Kudos
Reply
5 Replies

Jump to solution
‎08-23-2013 05:01 AM
944 Views
VictorLorenzo
Contributor IV

Sorry, one more detail, Linticator is not free and, curiously, requires you to previously install PC-Lint, which is not free either. Support for Linticator is only granted for six months after purchase, which is not a so good point.

As another payed alternative QA-C (from Programming Research) seems to be option to take into account as it can also integrate in Eclipse and CodeWarrior.

0 Kudos
Reply

Jump to solution
‎08-23-2013 06:31 AM
945 Views
BlackNight
NXP Employee
NXP Employee

Yes, this is correct: Linticator is not free and requires PC-lint with is not free neither.

In my view PC-lint is still one of the best-in-class static analysis tools.

How to use it without Linticator: Linting without a plugin | MCU on Eclipse

The Eclipse built-in is very basic (better than nothing). I have seen other (free) tools for gcc/ARM, but honestly I had no time to look into this.

Maybe somebody else can share his experience?

0 Kudos
Reply

Jump to solution
‎08-25-2013 10:44 PM
944 Views
VictorLorenzo
Contributor IV

Some times I go and see the PC-Lint on-line interactive demo to check small portions of code. Thanks for the link, I think it's a well presented and easy to follow how-to.

Reply

Jump to solution
‎08-23-2013 04:48 AM
944 Views
VictorLorenzo
Contributor IV

Hi Zhang,

Yes, I was already aware of that analyzer included in the CW IDE, in fact I'm using it sometimes. But in my opinion the results from that tool are not yet reliable. For example, see the picture below, in one hand the tool reports as a bug something that (probably) is not exactly a bug but (perhaps) a bad programming practice. In the other hand, it does not recognize one severe security flaw (buffer overrun) in the function InitMyData().

The function named MyFunction() does have a return statement, but the tool reports the function as not having a return statement. The function InitMyData() is writing to one location out of bounds (2 bytes out).

bug.png

This two isses are correctly detected by some other tools like FlexeLint, which only reports as a bug the out of bounds access in function InitMyData() and reports these two messages:

Warning 416:  Likely creation of out-of-bounds pointer (2 beyond end of data) by operator '['

Warning 415:  Likely access of out-of-bounds pointer (2 beyond end of data) by operator '['

Victor

0 Kudos
Reply