Static code analysis in Embedded Studio

From SEGGER Wiki
Revision as of 15:40, 29 September 2020 by Nino (talk | contribs) (Created page with "Embedded Studio offers static code analysis support based on the [https://clang-analyzer.llvm.org/ clang static code analyzer]. ==What is static code analysis== A static code...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Embedded Studio offers static code analysis support based on the clang static code analyzer.

What is static code analysis

A static code analyzer is an analysis tool that can help with finding bugs in code without needing to launch the debugger. It uses a a collection of algorithms and source analysis tools to find bugs automatically.

How to use

To use the clang static code analyzer in Embedded Studio simply right click the source file you want to analyze and select "Run Static Code Analyzer". Now you will get a list of results in the Output window. If everything was fine it will show as completed without errors or warnings. The clang static analyzer will be called with the following command line parameters:

--analyze -x c -fno-caret-diagnostics -fno-diagnostics-fixit-info <remaining project specific settings and files>

This parameters can not be altered.

Example

Lets take the following code for example:

int main(void) {
  int a;
  int b;
  int r;

  a = 0;
  b = 5;

  r = b / a;

  return r;
}

If you compile this code with clang you will receive no compiler warnings and you will be able to download the application into your target. But as you can clearly see an illegal operation will occur as a division by 0 will happen if the program is executed which can lead to catastrophic failure.

Now lets see what the static code analyzer will say:

.../main.c:62:9: warning: Division by zero

So as you can see the static code analyzer would have caught this potential issue in a warning notifying the developer that with the give source file a division by zero error is likely.

Documentation

As the clang static analyzer is part of the clang project you can find its documentation here: https://clang.llvm.org/

How to use external static code analyzer

Embedded Studio can be expanded with third party tools using the external tools interface. You can open the file for editing via File->Open Studio Folder...->External Tools Configuration There you will find an example implementation for a Lint tool. Documentation about the file format can be found here: http://studio.segger.com/ide_external_tools_file_format.htm