I have a challenge for you: Can you spot the problem in the following source?
TMOUT1_CounterHandle TMOUT1_GetCounter(TMOUT1_CounterType nofTicks)
{
TMOUT1_CounterHandle handle;
CS1_CriticalVariable();
handle = 0;
if
(nofTicks==0) {
nofTicks = 1;
/* wait at least for one tick, otherwise will timeout immediately */
}
CS1_EnterCritical();
while
(!TMOUT1_FreeCounters[handle] && handle<TMOUT1_NOF_COUNTERS) {
handle++;
}
if
(handle<TMOUT1_NOF_COUNTERS) {
TMOUT1_FreeCounters[handle]=FALSE;
TMOUT1_Counters[handle] = nofTicks;
}
CS1_ExitCritical();
if
(handle==TMOUT1_NOF_COUNTERS) {
return
TMOUT1_OUT_OF_HANDLE;
}
return
handle;
}
No? Well, I have not spotted the problem the first time neither. However, a reader of this blog did: he used a cool tool named ‘cppcheck’: that tool reported the following:
How cool is that? Not so cool is my bad programming style here:-(. At least the fix was easy :-).
Cppcheck can find many coding errors, portability problems and many more. Cppcheck has found this real problem in the Freescale USB Stack for me:
So this is a bad and nasty bug: the function returns the address of a variable on the stack!!! On return from that function, that variable on the stack is gone and might cause the system to crash. Thank you for flagging this, Cppcheck!
Obviously, cppcheck has not been used by that developer writing that code, and I think they really should have. I have started using Cppcheck for my code base, and I’m amazed how many possible issues it is able to find!
So here is how you can install it and use it…
Cppcheck Installation
Cppcheck can be downloaded from http://cppcheck.sourceforge.net/:
The SourceForge site with the download is here: https://sourceforge.net/projects/cppcheck/. Run the setup, and it will install Cppcheck.
Installation of Eclipse Plugins
What makes using Cppcheck really easy is the ‘Cppcheclipse’ plugin in Eclipse.The website for this plugin is here: https://github.com/kwin/cppcheclipse. Follow the instructions on
https://github.com/kwin/cppcheclipse/wiki.
Note: as the Eclipse update server has been shut down, you can find the release as zip file here: https://github.com/kwin/cppcheclipse/releases, then update Eclipse with that plugin zip.
In the Eclipse workspace settings (Window > Preferences), point to the Cppcheck binary:
This panel also has global settings for all projects, or I can set project specific options.
Using Cppcheck with Cppcheclipse
Running Cppcheck on the project is easy: simply use the context menu not the project:
This will check the sources in the project and report issues in the problems view.
Tips
In case a problem with too many configurations comes up:
;;information;toomanyconfigs;Too many #ifdef configurations - cppcheck only checks 12 configurations. Use --force to check all configurations. For more details, use --enable=information.
To avoid that problem, I can restrict the number of configurations, and I have __GNUC__ defined in the project properties:
I recommend to have a read at the cppcheck manual, e.g. found at http://cppcheck.sourceforge.net/manual.html. It has a lot of advanced options, and ways how to suppress warnings/messages directly in the source code, etc.
Summary
It is always amazing what cool gems of open source tools are out there to be explored! Cpptest is a powerful free of charge static analysis tool which can be easily used with Eclipse, including Freescale’s Kinetis Design Studio. It might not catch every programming error, and a developer should have a bunch of tools in its hand. But every bug killed early is one bug less :-). I’m using PC-lint too (see “Eclipse and PC-lint: Linticator“), but having an open source tool in addition to PC-lint, free of charge, is even better.
Happy Checking 🙂
Links:
- Cppcheck web site: http://cppcheck.sourceforge.net/
- Cppcheck on SourceForge: https://sourceforge.net/projects/cppcheck/
- Cppchcklipse Site: https://code.google.com/a/eclipselabs.org/p/cppcheclipse
- Cppcheck user manual (HTML, online): http://cppcheck.sourceforge.net/manual.html
Thanks, got the source and installed on a Linux desktop and added the eclipse plugin. Very nice thing to share. Easy bug hunting now.
LikeLike
Pingback: Open Source Static Code Analysis in Linux >> Karibe
This is how I installed in Linux: 2015/07/open-source-static-code-analysis-in-linux/
LikeLike
Excellent, thanks for documenting it and sharing it!
LikeLiked by 1 person
Pingback: McuOnEclipse Components: 05-July-2015 Release | MCU on Eclipse
CCPCheck is also a PortableApp:
http://portableapps.com/apps/development/cppcheck-portable
LikeLike
Hi Bob,
interesting point. I have not used PortableApp, and would not have considered it for development tools. I have not found Eclipse to be a portable app?
LikeLike
Has anyone found a way to make cppcheck run on a build? Unfortunately, the code I ‘inherited’ uses BAT files to build.
LikeLike
Pingback: Fail of the Week: Marginally Documented Pad Shorts to Maskless PCB | Hackaday
Does anyone has a backup of version 1.0?
The eclipse to the googlecode repo has been down like a couple of weeks now and I can’t find that friggin plugin anywhere else…
LikeLike
Hi Vincent. I only have V1.69 of cppcheck binaries installed.
The cppchecklipse 1.0.0 plugin is available through the Eclipse Marketplace (Help menu).
cppcheclipse.eclipselabs.org.codespot.com/svn/update/
as update site.
LikeLike
ups, it seems that this repository is down too 😦
LikeLike
It all moved to Github:
https://github.com/kwin/cppcheclipse/wiki
Regards
LikeLike
I mean, the Eclipse plugin was moved.
LikeLike
Hi Ludwig,
many thanks, I would not have found it otherwise!
LikeLike
Pingback: Eclipse CODAN (Static Code Analysis) for C/C++ | MCU on Eclipse
hello all,
I am trying CPPCHECK as a plugin in my IDE S32 Design Studio (eclipse based) from NXP. First I installed cppcheck-2.4.1-x64-Setup.msi. After that I tried to install “cppcheclipse 1.1.1” in eclipse in eclipse marketplace. unfortunately the following error message came up ( No repository found at dl.bintray.com/cppcheclipse/p2/updates/.). Has anyone had this problem and could help me please?
I downloaded the contents of the repository “https://github.com/kwin/cppcheclipse” as a zip file and also wanted to install it as a zip file in my IDE. Unfortunately, it still didn’t work.
I would be very happy if someone could help me with this.
Best regards
Michil
LikeLiked by 1 person
Yes, it seems both the manual update site and the Eclipse market place installation is broken 😦
LikeLike
FYI, the files on GitHub are not in a eclipse update repository format: they would need extra information (artifacts.jar, content.jar). There ia already a ticket open about the update site shut down: https://github.com/kwin/cppcheclipse/issues/108
LikeLike
FYI: There is a zip file linked in the issue 108 Erich linked to. You can manually install it. I’m stuck after that though with an error when trying to run the plugin. Unfortunately development of the cppcheclipse plugin seems to not be very active.
LikeLiked by 1 person
Hi Luciano,
yes, I see the same (unfortunately): there is not much activity for the plugin.
LikeLike