https://www.checkmarx.com/2014/11/13/the-ultimate-list-of-open-source-static-code-analysis-security-tools/ Doing security the right way demands an army – of developers, security teams, and the tools that each uses to help create and maintain secure c…

https://www.softwaretestinghelp.com/tools/top-40-static-code-analysis-tools/ In this article, I have summarised some of the top static code analysis tools. Can we ever imagine sitting back and manually reading each line of codes to find flaws? To eas…

http://www.sw-engineering-candies.com/blog-1/comparison-of-findbugs-pmd-and-checkstyle https://stackoverflow.com/questions/4297014/what-are-the-differences-between-pmd-and-findbugs findbugs实践: https://www.ibm.com/developerworks/library/j-findbug1/ind…

Using Open Source Static Libraries in Xcode 4 Xcode 4.0.1 allows us to more easily create and use third party libraries in iOS projects. I think the process is still more complicated than it needs to be. Xcode's documentation suggests that it should…

PMD An extensible cross-language static code analyzer. https://github.com/pmd/pmd 跨语言静态代码分析工具.可以查找通用的编码错误,例如 未使用的变量.空catch块.非必须的对象创建.等等. 另外,它也包括CPD工具, 复制-黏贴-检查工具.可以检查出代码中的重复部分. PMD is a source code analyzer. It finds common programming flaws like unu…

cppcheck是一个个检测源码的工具,对编译工具的一个补充,mark Cppcheck - A tool for static C/C++ code analysis Syntax: cppcheck [OPTIONS] [files or paths] If a directory is given instead of a filename, *.cpp, *.cxx, *.cc, *.c++, *.c, *.tpp, and *.txx files are checked recursi…

Cppcheck - A tool for static C/C++ code analysiscppcheck.sourceforge.netCppcheck is a static analysis tool for C/C++ code. It provides unique code analysis to detect bugs and focuses on detecting undefined behaviour and dangerous coding constructs. T…

静态时序分析(static timing analysis,STA)会检测所有可能的路径来查找设计中是否存在时序违规(timing violation).但STA只会去分析合适的时序,而不去管逻辑操作的正确性. 其实每一个设计的目的都相同,使用Design Compiler和IC Compile来得到最快的速度,最小的面积和最少的耗能.根据设计者提供的约束,这些工具会在面积,速度和耗能上做出权衡. 更深层的来看,STA一直都寻找一个问题的答案 : 在所有条件下,当时钟沿到达时,数据会正确地在每个…

此博文依据 特权同学在电子发烧友上的讲座PPT进行整理而成. static timing analysis   静态时序分析基础 过约束:有不必要的约束,或者是约束不能再某一情况下满足.——约束过头了 欠约束:有些必要的约束条件没有附加到约束中. 时钟周期  Tclk 占空比  = Thigh/Tclk 建立时间 Tsu  与保持时间Th.数据必须在 Tsu + Th时间内稳定 寄存器到寄存器(reg  to  reg )路径 pin  to reg reg  to  pin reg  to r…

在我们用 IntelliJ IDEA 向 SVN 或者 Git 提交代码的时候,IntelliJ IDEA 提供了一个自动分析代码的功能,即Perform code analysis: 如上图所示,当我们勾选Perform code analysis之后,点击commit,IntelliJ IDEA 就会在提交代码之前对项目的代码进行分析检查,并将检查结果以错误和警告的形式展示出来: 如上图所示,这是Code Analysis的结果示例,为No errors and 6 warnings. 如果…