General
38 results found
-
Support caching of analyses (something similar to ccache)
Linting a large amount of files takes some time. This is normally not an issue, when running the analysis on build servers. The speed of PC-lint Plus is generally acceptable.
However, this is still a source of frustration and seemingly wasted time for developers, when linting large project locally. A typical workflow while working on code is that a developer will often run lint locally for small incremental changes. (while changing code or while fixing lint messages) Since PC-lint Plus has to run through all of the source files again to properly check global rules, it is frustrating to have…
6 votes -
generate a lint-config file to suppress warnings
Automatically generate a lint-config file that suppresses any message as locally as possible. This would be very useful for the implementation of PC lint. It would also make it easier to update to a newer version. Many companies have a quality gate that requires that no warnings are included in the code. E.g. after updating to version 1.4.1, more than 800 warnings were generated in our project, with the same configuration. It would be useful to generate a lint configuration file, so that one can temporarily suppress the warnings when changing versions. One can then plan the solution of the…
3 votes -
Fix Note 952 for array[] vs. MISRA C++:2008 Rule 7-1-1
Rule 7–1–1 (Required) states "A variable which is not modified shall be const qualified"
PC-lint Plus issues note 952 (as a violation of rule 7-1-1) for function parameters including array[] or const array[].
However in C++, array[] or const array[], cannot be qualified also as array[const] as in C99.Technically, note 952 should not be issued for array[].
Note, that the obvious workaround of replacing array[] with *const array, is not really a solution
as it triggers note 9016 (performing pointer arithmetic via addition/subtraction) in most cases
for violation of MISRA C++ required Rule 5-0-15 (Array indexing shall be the…3 votes -
Refine note 952 to cope with array[] function parameters for C++
Note 952 is issued for "parameter symbol of function symbol".
C99 supports function parameters of the form param[const], C++ does not.
MISRA C++:2008 Rule 5–0–15 (Required) states "Array indexing shall be the only form of pointer arithmetic". This implies that when a function performs array indexing, the array cannot be passed (syntactically) as a pointer and it has to be passed as array[].
But then PC-lint issues a violation of Rule 7–1–1 (Required) "A variable which is not modifed shall be const qualifed."
and as it seems there is no way around it - either 7-1-1 or 5-0-15 has…
3 votes -
Support ARM compiler v6 for Keil
The PC-Lint Plus Configurator currently supports ARM compiler v5 for Keil. However, ARM v6 has been supported by Keil for some time, and so it would be useful if the Configurator did as well.
Note that ARM v6 is based on Clang, which is already supported by the Configurator for GCC installations. However, this doesn't set up the correct options for use with Keil. The options for Keil + ARM v5 seem to mostly (but not entirely) work with v6, but "official" support would be better.
3 votes -
Enable opt-in assumptions about the initial values of static variables
This condition doesn't seem to be detected by PC-lint Plus:
include <stdint.h>
include <string.h>
typedef struct
{
uint8t one;
uint8t two;
uint8t three[18];
} testt;static testt *mpdef;
static testt *mpabc;void
test (void)
{
// These manipulations should trigger a warning since both pointers are not initialized.
mpdef->one = 1;
mpabc->one = 2;
}1 vote -
[1.3] C99: 9027, 9036 messages are hard to filter out
In the code below, it is very difficult to filter out the messages issued on our boolean type (unsigned8) because the message uses the essential type and we risk filtering out the true unsigned8 variables in this case. We are forced then to dupe PcLint into thinking boolean is actually of type _Bool.
Moreover both messages don't show any symbols for the variables themselves. it would be nice to be able to use esym in such cases for specific enums or booleans, etype would also be great. The more info we have the greater control achieved with egrep too.
Also…
3 votes -
Improve support for AUTOSAR
As of PC-lint Plus 1.3, basic support for the AUTOSAR coding guidelines has been added. However, 107 rules of 301 that are tagged "automated" or "partially automated" by AUTOSAR are marked "not currently supported" in the file au-autosar.lnt. This still makes it difficult to claim adherence to the standard without trying to implement long and error-prone review checklists.
Please improve the number of supported AUTOSAR rules.
22 votes -
Ignore -d command line option if empty (-d"")
We are using CMake build system to generate the command-line options and run PC-Lint. The command line options are generated after the configuration stage of CMake and it can happen that the value of a define is not known yet at that stage:
$<$<BOOL:OFF>:BUILD_TESTS>
If BUILD_TESTS is disabled, the command line option will be empty:
-d"$<$<BOOL:OFF>:BUILD_TESTS>" gets converted to:
-d""When you run pclp64 -d"" the following error appears:
--- Module: /projects/alpha/alpha.c (C)
<command line option> 1 error 5469: macro name must be an identifier#define 1My request is to check if -d argument is empty, and if it's…
1 vote -
allow user-supplied function semantics to override function inputs
For functions which the user has supplied function-wide semantics, I would like to see a flag/mode that allows the provided semantics to essentially "override" the inputs to the function.
For example, if I provide a "np" semantic for a function, I don't want to see a message for possible use of NULL pointer generated within the function; I have already provided a semantic that the parameter is not NULL. Similarly with integral parameters, if I provide a semantic that "1n < 2" and then use that parameter to index into a 2 element array, I don't want to…
4 votes -
generate an Info message for inefficient structure packing
Since PC-Lint already has the size and alignment information, it could determine if structures members are not arranged most efficiently.
For example, in a standard 32-bit system, a structure defined as
struct foo
{
uint32t a;
uint8t b;
uint16_t c;
}is not most efficiently arranged, requiring an additional padding byte between b and c to achieve the necessary alignment for c. A more efficient method would be to define foo as
struct foo
{
uint32t a;
uint16t b;
uint8_t c;
}I think Lint could determine this and generate some Info message for struct name.
6 votes -
Consider adding reporting capabilities to PC-LINT Plus
Most competing tools can generate MISRA compliance reports at the push of a button.
With PC-LINT 9.0L it is a rather tedious procedure, e.g. running with ++efreeze, parsing text output and generating a result.
Not up to date in 2017.19 votes -
Add option to show messages found in header file only once
Consider this: a.h contains 10 problems and is included in 10 modules.
That leaves you with 100 lint messages in the log, when in reality there are only 10 problems to fix.
So, having an option that shows messages in header files only the first time it is included would be really cool (and more honest in terms of MISRA violations).29 votes -
Add an option to identify undefined behavior
The C99 standard (Appendix J) identifies almost 200 forms of undefined behavior (UB). For many, many reasons, UB is basically the most egregious form of coding error. It is totally preventable, and the effects can be most devastating.
Even though not all kinds of UB can be detected by a static analysis tool, many are, and other tools do this pretty well.
Piggy-backing onto this -- would also be nice to identify implementation-defined behaviors (e.g. bit position of bit-fields) and unspecified behaviors.
As these are all part of the standard, it doesn't seem too hard to do intellectually, it's just…
16 votes -
Display all options currently in effect (What Options am I using here)
Although "-vo" and "lint usual arguments ?" are useful, they produce a lot of information, including information that sometimes could be considered 'what was noise' such as temporary error suppressions "-save, -e123, -restore"
It would be great if you could add a feature where I could display all options, suppressions, flags, etc. in effect at a specific point in a source file that have been:
a) changed from the defaults, or
b) changed since the last "-save"
c) changed in this filefor example:
//lint -save
//lint -e123
//lint -esym(456, FooBar)
...
/lint -save -e789 */ MACRO /lint…10 votes -
Bitfield size isn't error checked by Lint
Greetings,
I've been using Lint for the past 5 years and it's been a very useful tool for me. However, today I discovered an error in my C code that wasn't caught by Lint, and it may be useful if it could be flagged. The error is trying to divide a variable in a structure definition into bitfields where the combined size of the bitfields exceeds the size of the underlying variable.For example, my bad code was like this:
typedef struct dummy_struct
{
unisgned char field1: 6,
field2: 6,
field3: 1,
field4: 1;
} DUMMY;So, basically, I was…
4 votes -
Use a fixed release cycle
Customers could plan better, if they knew you have 2 or 4 releases per year.
Right now it´s totally unpredictable.9 votes -
Missing data overrun detection
We had a construction like;
len = strlen(value);
p = malloc(len)
strcpy(p, value)since we allocate 1 byte too little the strcpy will always cause a buffer overrun. But lint 9.00k did not detect it. Since this was only called with data read from files, it was detected when I added a call where value was a string literal
It seems like lint is good in arithmetic and less good in algebra
When it have a string literal of a known length it correct calculates the overrun, but if value is of unknown length it can't deduct that the overrun…10 votes -
C99: bool assignment error
//lint -A(C99)
typedef unsigned char uint8;
typedef _Bool bool;const uint8 a = 100;
const uint8 b = 200;
int main(void)
{
bool test;
test = (a==b);
}
Report error 1564 or 921 (cast from int to bool)Lint should know that the assignment of
test = (a==b) is save on C99.
Additionally, in our case it could not be deactivated by -estring(921,"cast from int to bool")15 votes -
Out Of Bounds Checking at Start Of Array
This is 'out-of-bounds' is detected:
unsigned char buffer[5];
unsigned char* buffer_ptr = &buffer[4];++bufferptr; // ERROR! now points to 1 byte after &buffer[4]
*bufferptr = 0x12; // assign to memory outside of buffer[]This 'out-of-bounds' is NOT detected:
unsigned char buffer[5];
unsigned char* buffer_ptr = &buffer[0];--bufferptr; // ERROR! now points to 1 byte before &buffer[0]
*bufferptr = 0x12; // assign to memory outside of buffer[]As 'buffer_ptr' has been 'bound' to 'buffer' via the assignment I would have expected PC-lint to have detected this.
5 votes
- Don't see your idea?