General
39 results found
-
Find message inhibitions inside files that have no effect
Sometimes the following happens:
Code is created with a deliberate violation of a lint message.
The message in inhibited with a comment in the code.
However, it often happens comments are not updated with code.
So the reason for the inhibition may be removed and the inhibition stays.It would be nice to find such "broken" inhibitions, (that have no effect on the resulting messages even when all other inhibitions are disabled).
Maybe this search can be a result of executing pc-lint with a special flag.This way the code can be cleaned of old inhibitions.
48 votes -
Add option to show messages found in header file only once
Consider this: a.h contains 10 problems and is included in 10 modules.
That leaves you with 100 lint messages in the log, when in reality there are only 10 problems to fix.
So, having an option that shows messages in header files only the first time it is included would be really cool (and more honest in terms of MISRA violations).29 votes -
Improve support for AUTOSAR
As of PC-lint Plus 1.3, basic support for the AUTOSAR coding guidelines has been added. However, 107 rules of 301 that are tagged "automated" or "partially automated" by AUTOSAR are marked "not currently supported" in the file au-autosar.lnt. This still makes it difficult to claim adherence to the standard without trying to implement long and error-prone review checklists.
Please improve the number of supported AUTOSAR rules.
22 votes -
Add an option to identify undefined behavior
The C99 standard (Appendix J) identifies almost 200 forms of undefined behavior (UB). For many, many reasons, UB is basically the most egregious form of coding error. It is totally preventable, and the effects can be most devastating.
Even though not all kinds of UB can be detected by a static analysis tool, many are, and other tools do this pretty well.
Piggy-backing onto this -- would also be nice to identify implementation-defined behaviors (e.g. bit position of bit-fields) and unspecified behaviors.
As these are all part of the standard, it doesn't seem too hard to do intellectually, it's just…
19 votes -
Consider adding reporting capabilities to PC-LINT Plus
Most competing tools can generate MISRA compliance reports at the push of a button.
With PC-LINT 9.0L it is a rather tedious procedure, e.g. running with ++efreeze, parsing text output and generating a result.
Not up to date in 2017.19 votes -
Add support for pthread_mutex_trylock() semantics
As described in http://www.gimpel.com/Discussion.cfm?ThreadID=3793 this functionality is needed.
For example, this function results in lint warning 455 (A thread mutex that had not been locked is being unlocked):
bool IsLocked() { int retStat = pthread_mutex_trylock(&m_pthreadMutex); if (retStat == 0) { // Mutex was not locked, but is now. pthread_mutex_unlock(&m_pthreadMutex); return (false); } else if (retStat == EBUSY) { // Mutex is already locked. return (true); } return (false); }17 votes -
Detect -e Options and -save without -restore
-e Options without surrounding -save/-restore in the same file shall be warned.
Also a -save without -restore in the same file or same block level shall be warned.16 votesIn PC-lint Plus, suppression options inside a source module do not “leak” to subsequent modules so this is less of an issue for PC-lint Plus than it was for PC-lint but we do plan to add a warning for -save options that do not have corresponding -restore options in a future update to PC-lint Plus.
-
Allow Lint to see that constructor takes ownership of memory.
Lint sees that ownership of allocated memory is taken by a constructor if the owning object isn't "new'd". But if the owning object is "new'd", then Lint does not understand this. See the example below, which works in the online demo.
This was discussed in this thread, as well as several others:
http://www.gimpel.com/Discussion.cfm?ThreadID=808//lint -e438, -e529, -e1502, -e1712, -e1788, -e714
include <memory>
struct A { A(char *){}; };
void g( )
{
// This results in a 429 warning.
char * ptr1 = (char *) malloc(10);
A *a1 = new A(ptr1);// This does not result in a 429 warning.…
16 votes -
Display all options currently in effect (What Options am I using here)
Although "-vo" and "lint usual arguments ?" are useful, they produce a lot of information, including information that sometimes could be considered 'what was noise' such as temporary error suppressions "-save, -e123, -restore"
It would be great if you could add a feature where I could display all options, suppressions, flags, etc. in effect at a specific point in a source file that have been:
a) changed from the defaults, or
b) changed since the last "-save"
c) changed in this filefor example:
//lint -save
//lint -e123
//lint -esym(456, FooBar)
...
/lint -save -e789 */ MACRO /lint…10 votes -
Missing data overrun detection
We had a construction like;
len = strlen(value);
p = malloc(len)
strcpy(p, value)since we allocate 1 byte too little the strcpy will always cause a buffer overrun. But lint 9.00k did not detect it. Since this was only called with data read from files, it was detected when I added a call where value was a string literal
It seems like lint is good in arithmetic and less good in algebra
When it have a string literal of a known length it correct calculates the overrun, but if value is of unknown length it can't deduct that the overrun…10 votes -
Resolve the "correlated variables" problem in value tracking
In some code constructs, value tracking can become confused by mutually-exclusive code paths. This is also known as the "correlated variables" problem, and can cause erroneous Warning 661 (pointer access out of bounds) alerts.
I'd like to see PC-Lint be given the ability to determine mutually-exclusive code paths and remove these spurious warnings.
The following code sample demonstrates this:
include <stdbool.h>
include <stdint.h>
include <string.h>
/lint ++fan ++fas/
typedef struct {
uint8t One0[2];
uint8t Two;
uint8t One2[2];
} DATATYPE;
/lint --fas --fan/typedef enum { CLASSONE, CLASSTWO } DATA_CLASS;
bool…
9 votes -
Use a fixed release cycle
Customers could plan better, if they knew you have 2 or 4 releases per year.
Right now it´s totally unpredictable.9 votes -
Support ARM compiler v6 for Keil
The PC-Lint Plus Configurator currently supports ARM compiler v5 for Keil. However, ARM v6 has been supported by Keil for some time, and so it would be useful if the Configurator did as well.
Note that ARM v6 is based on Clang, which is already supported by the Configurator for GCC installations. However, this doesn't set up the correct options for use with Keil. The options for Keil + ARM v5 seem to mostly (but not entirely) work with v6, but "official" support would be better.
6 votes -
Support caching of analyses (something similar to ccache)
Linting a large amount of files takes some time. This is normally not an issue, when running the analysis on build servers. The speed of PC-lint Plus is generally acceptable.
However, this is still a source of frustration and seemingly wasted time for developers, when linting large project locally. A typical workflow while working on code is that a developer will often run lint locally for small incremental changes. (while changing code or while fixing lint messages) Since PC-lint Plus has to run through all of the source files again to properly check global rules, it is frustrating to have…
6 votes -
Reinstate detection of unused headers
Messages 766, 964 and 966, for reporting where headers have been included in a module but not apparently used, have all been removed since PC-lint 9 and I can find no indication why on this site, nor in the PC-lint plus manual. This was a very useful feature. Can it be reinstated?
5 votes -
Out Of Bounds Checking at Start Of Array
This is 'out-of-bounds' is detected:
unsigned char buffer[5];
unsigned char* buffer_ptr = &buffer[4];++bufferptr; // ERROR! now points to 1 byte after &buffer[4]
*bufferptr = 0x12; // assign to memory outside of buffer[]This 'out-of-bounds' is NOT detected:
unsigned char buffer[5];
unsigned char* buffer_ptr = &buffer[0];--bufferptr; // ERROR! now points to 1 byte before &buffer[0]
*bufferptr = 0x12; // assign to memory outside of buffer[]As 'buffer_ptr' has been 'bound' to 'buffer' via the assignment I would have expected PC-lint to have detected this.
5 votes -
Option for output in "Serif" format
A couple of customers have asked for results in the "serif" format as specified at https://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.pdf. Right now we are planning to try to do as much as we can in a post-processing step, but it would be incredibly convenient if we could just get that information out of the box.
5 votes -
Correct a possible oversight in the Warning 529 and/or 438 behavior
If a character array is set to a value (using a function), which is never subsequently used or returned the WARNING 529 or WARNING 438 should be generated.
Given the following file, main.c
1 #include <string.h>
2
3 int main ( void )
4 {
5 int un1 = 0;
6 char un2[10] = {0};
7 char un3[10] = {0};
8
9
10 strcpy(un2,"Hello");
11
12 return 0;
13 }flexelint does not see the variable as unused below. Notice that Line 5 and Line 7 generate the 529, but line 6 is ignored. A 438 might work as well.
…
5 votes -
Be able to suppress for derived classes
Sometimes it would be nice to suppress a message for all derived classes.
For example:
class X
{
virtual void f() = 0;
};class Y : public X
{
void f() {}
};class Z : public X
{
int i;
void f(){++i;}
};I would like to be able to put the following comment with the declaration of X:
//lint -esym(1961,[X]::f) //1961 - virtual member function 'Symbol' could be made constWhere I use [X] as syntax to define X and all classes derived from it.
So when a sub class dos not use the function f to…5 votes -
Bitfield size isn't error checked by Lint
Greetings,
I've been using Lint for the past 5 years and it's been a very useful tool for me. However, today I discovered an error in my C code that wasn't caught by Lint, and it may be useful if it could be flagged. The error is trying to divide a variable in a structure definition into bitfields where the combined size of the bitfields exceeds the size of the underlying variable.For example, my bad code was like this:
typedef struct dummy_struct
{
unisgned char field1: 6,
field2: 6,
field3: 1,
field4: 1;
} DUMMY;So, basically, I was…
4 votes
- Don't see your idea?