General
39 results found
-
Option for output in "Serif" format
A couple of customers have asked for results in the "serif" format as specified at https://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.pdf. Right now we are planning to try to do as much as we can in a post-processing step, but it would be incredibly convenient if we could just get that information out of the box.
7 votes -
Add Cognitive Complexity as metric
Sonar released in 2017 a new way to calculate the complexity of code. This way of measuring complexity is more practical than cyclomatic complexity, and helps to improve the understandability and readability of code.
3 votes -
Reinstate detection of unused headers
Messages 766, 964 and 966, for reporting where headers have been included in a module but not apparently used, have all been removed since PC-lint 9 and I can find no indication why on this site, nor in the PC-lint plus manual. This was a very useful feature. Can it be reinstated?
5 votes -
3 votes
-
Value tracking simultaneously assumes enums both can and cannot take any value
In the following snippet I've defined a basic assertion macro and an enum, with an external function that returns a value typed by that enum. I wish to verify that the returned value is a valid enumerated value.
Firstly, if we remove both assertions below then there are no warnings generated, despite the fact that an out of bounds access on the
printfis possible.If you add both assertions then the warning described inline occur: a warning on the first assertion claims that the result can be predetermined. If we assume that enums can only take their enumerated values…
1 vote -
Value tracking arrives at incorrect conclusion when incrementing variables in loop conditions
Consider the following program:
#include <stdlib.h> #include <stdint.h> #define MAX_VAL (6) int main() { uint32_t val = 0; do { } while(++val != MAX_VAL); if(MAX_VAL == val) { exit(0); } return 0; }This program is guaranteed to exit before reaching the
return, however lint claims it is guaranteed to never execute the body of the theifstatement:
…info 774: boolean condition for 'if' always evaluates to 'false' (involving variable 'val') supplemental 831: binary operator yields 0 (line 15) supplemental 831: increment yields 1 (line 13) supplemental 831: initialization yields 0 (line 8) supplemental 831: integral conversion yields1 vote -
Relaxed parsing of *-e* inhibitions for multiple messages
Compare the parser requirement for separating commas [#...
-ecall(# [# ...], Function [,Function ...])
-emacro(# [# ...], Symbol [,Symbol ...])
-estring(# [# ...], String [,String ...])
-esym(# [# ...], Symbol [,Symbol ...])
-etype(# [# ...], Type [,Type ...])...vs. [,#...
-e(# [,# ...])
--e(# [,# ...])
-e{# [,# ...]}
--e{# [,# ...]}...which in my opinion makes usage a bit more difficult than necessary, as the two groups of inhibitions have slightly different requirements.
While there probably are good reasons for not requiring a separating comma for the first group of inhibitions, the second group could easily get relaxed parsing…
1 vote -
Default the pure ANSI/ISO C standard functions to -sem(..., pure)
Several messages (e.g. 523 and 9007) deal with potential side-effects. This is great, but the implementation has room for improvement:
if ((s != NULL) && ((strlen(s) > 0U)))
I think it is safe to say that strlen() never has side-effects. But PC-lint Plus doesn't think so and issues message 9007 for the above piece of code.
This issue applies to any function of the standard library. In most cases, e.g. strlen() or isnan() it should be clear whether or not the function has side-effects, most of these functions are implemented re-entrant. Unfortunately, as far I know, the C standard is…
1 vote -
Make the program skip missing files in multi-file config
Make the program skip missing files in multi-file config. Currently it stops on a missing file. This is for generated file that don't exist in the linting build.
3 votes -
Support caching of analyses (something similar to ccache)
Linting a large amount of files takes some time. This is normally not an issue, when running the analysis on build servers. The speed of PC-lint Plus is generally acceptable.
However, this is still a source of frustration and seemingly wasted time for developers, when linting large project locally. A typical workflow while working on code is that a developer will often run lint locally for small incremental changes. (while changing code or while fixing lint messages) Since PC-lint Plus has to run through all of the source files again to properly check global rules, it is frustrating to have…
6 votes -
generate a lint-config file to suppress warnings
Automatically generate a lint-config file that suppresses any message as locally as possible. This would be very useful for the implementation of PC lint. It would also make it easier to update to a newer version. Many companies have a quality gate that requires that no warnings are included in the code. E.g. after updating to version 1.4.1, more than 800 warnings were generated in our project, with the same configuration. It would be useful to generate a lint configuration file, so that one can temporarily suppress the warnings when changing versions. One can then plan the solution of the…
3 votes -
Support ARM compiler v6 for Keil
The PC-Lint Plus Configurator currently supports ARM compiler v5 for Keil. However, ARM v6 has been supported by Keil for some time, and so it would be useful if the Configurator did as well.
Note that ARM v6 is based on Clang, which is already supported by the Configurator for GCC installations. However, this doesn't set up the correct options for use with Keil. The options for Keil + ARM v5 seem to mostly (but not entirely) work with v6, but "official" support would be better.
6 votes -
Enable opt-in assumptions about the initial values of static variables
This condition doesn't seem to be detected by PC-lint Plus:
include <stdint.h>
include <string.h>
typedef struct
{
uint8t one;
uint8t two;
uint8t three[18];
} testt;static testt *mpdef;
static testt *mpabc;void
test (void)
{
// These manipulations should trigger a warning since both pointers are not initialized.
mpdef->one = 1;
mpabc->one = 2;
}1 vote -
[1.3] C99: 9027, 9036 messages are hard to filter out
In the code below, it is very difficult to filter out the messages issued on our boolean type (unsigned8) because the message uses the essential type and we risk filtering out the true unsigned8 variables in this case. We are forced then to dupe PcLint into thinking boolean is actually of type _Bool.
Moreover both messages don't show any symbols for the variables themselves. it would be nice to be able to use esym in such cases for specific enums or booleans, etype would also be great. The more info we have the greater control achieved with egrep too.
Also…
3 votes -
Improve support for AUTOSAR
As of PC-lint Plus 1.3, basic support for the AUTOSAR coding guidelines has been added. However, 107 rules of 301 that are tagged "automated" or "partially automated" by AUTOSAR are marked "not currently supported" in the file au-autosar.lnt. This still makes it difficult to claim adherence to the standard without trying to implement long and error-prone review checklists.
Please improve the number of supported AUTOSAR rules.
22 votes -
Ignore -d command line option if empty (-d"")
We are using CMake build system to generate the command-line options and run PC-Lint. The command line options are generated after the configuration stage of CMake and it can happen that the value of a define is not known yet at that stage:
$<$<BOOL:OFF>:BUILD_TESTS>
If BUILD_TESTS is disabled, the command line option will be empty:
-d"$<$<BOOL:OFF>:BUILD_TESTS>" gets converted to:
-d""When you run pclp64 -d"" the following error appears:
--- Module: /projects/alpha/alpha.c (C)
<command line option> 1 error 5469: macro name must be an identifier#define 1My request is to check if -d argument is empty, and if it's…
1 vote -
allow user-supplied function semantics to override function inputs
For functions which the user has supplied function-wide semantics, I would like to see a flag/mode that allows the provided semantics to essentially "override" the inputs to the function.
For example, if I provide a "np" semantic for a function, I don't want to see a message for possible use of NULL pointer generated within the function; I have already provided a semantic that the parameter is not NULL. Similarly with integral parameters, if I provide a semantic that "1n < 2" and then use that parameter to index into a 2 element array, I don't want to…
4 votes -
Consider adding reporting capabilities to PC-LINT Plus
Most competing tools can generate MISRA compliance reports at the push of a button.
With PC-LINT 9.0L it is a rather tedious procedure, e.g. running with ++efreeze, parsing text output and generating a result.
Not up to date in 2017.19 votes -
Add option to show messages found in header file only once
Consider this: a.h contains 10 problems and is included in 10 modules.
That leaves you with 100 lint messages in the log, when in reality there are only 10 problems to fix.
So, having an option that shows messages in header files only the first time it is included would be really cool (and more honest in terms of MISRA violations).30 votes -
Add an option to identify undefined behavior
The C99 standard (Appendix J) identifies almost 200 forms of undefined behavior (UB). For many, many reasons, UB is basically the most egregious form of coding error. It is totally preventable, and the effects can be most devastating.
Even though not all kinds of UB can be detected by a static analysis tool, many are, and other tools do this pretty well.
Piggy-backing onto this -- would also be nice to identify implementation-defined behaviors (e.g. bit position of bit-fields) and unspecified behaviors.
As these are all part of the standard, it doesn't seem too hard to do intellectually, it's just…
19 votes
- Don't see your idea?