General

  1. Allow Lint to see that constructor takes ownership of memory.

    Lint sees that ownership of allocated memory is taken by a constructor if the owning object isn't "new'd". But if the owning object is "new'd", then Lint does not understand this. See the example below, which works in the online demo.

    This was discussed in this thread, as well as several others:
    http://www.gimpel.com/Discussion.cfm?ThreadID=808

    //lint -e438, -e529, -e1502, -e1712, -e1788, -e714

    include <memory>

    struct A { A(char ){}; };
    void g( )
    {
    // This results in a 429 warning.
    char * ptr1 = (char
    ) malloc(10);
    A *a1 = new A(ptr1);

    // This does not result in a 429 warning. …

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Detect -e Options and -save without -restore

    -e Options without surrounding -save/-restore in the same file shall be warned.
    Also a -save without -restore in the same file or same block level shall be warned.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    In PC-lint Plus, suppression options inside a source module do not “leak” to subsequent modules so this is less of an issue for PC-lint Plus than it was for PC-lint but we do plan to add a warning for -save options that do not have corresponding -restore options in a future update to PC-lint Plus.

  3. Missing data overrun detection

    We had a construction like;
    len = strlen(value);
    p = malloc(len)
    strcpy(p, value)

    since we allocate 1 byte too little the strcpy will always cause a buffer overrun. But lint 9.00k did not detect it. Since this was only called with data read from files, it was detected when I added a call where value was a string literal

    It seems like lint is good in arithmetic and less good in algebra
    When it have a string literal of a known length it correct calculates the overrun, but if value is of unknown length it can't deduct that the overrun…

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Resolve the "correlated variables" problem in value tracking

    In some code constructs, value tracking can become confused by mutually-exclusive code paths. This is also known as the "correlated variables" problem, and can cause erroneous Warning 661 (pointer access out of bounds) alerts.

    I'd like to see PC-Lint be given the ability to determine mutually-exclusive code paths and remove these spurious warnings.

    The following code sample demonstrates this:

    include <stdbool.h>

    include <stdint.h>

    include <string.h>

    /lint ++fan ++fas/
    typedef struct {

    uint8_t     One0[2];
    
    uint8_t Two;
    uint8_t One2[2];

    } DATA_TYPE;
    /lint --fas --fan/

    typedef enum { CLASSONE, CLASSTWO } DATA_CLASS;

    bool SetOrClear(DATATYPE *as, const

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Out Of Bounds Checking at Start Of Array

    This is 'out-of-bounds' is detected:

    unsigned char buffer[5];
    unsigned char* buffer_ptr = &buffer[4];

    ++bufferptr; // ERROR! now points to 1 byte after &buffer[4]
    *buffer
    ptr = 0x12; // assign to memory outside of buffer[]

    This 'out-of-bounds' is NOT detected:

    unsigned char buffer[5];
    unsigned char* buffer_ptr = &buffer[0];

    --bufferptr; // ERROR! now points to 1 byte before &buffer[0]
    *buffer
    ptr = 0x12; // assign to memory outside of buffer[]

    As 'buffer_ptr' has been 'bound' to 'buffer' via the assignment I would have expected PC-lint to have detected this.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  6. C99: bool assignment error

    //lint -A(C99)
    typedef unsigned char uint8;
    typedef _Bool bool;

    const uint8 a = 100;
    const uint8 b = 200;
    int main(void)
    {
    bool test;
    test = (a==b);
    }
    Report error 1564 or 921 (cast from int to bool)

    Lint should know that the assignment of
    test = (a==b) is save on C99.
    Additionally, in our case it could not be deactivated by -estring(921,"cast from int to bool")

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  7. to add a new warning to find use of an explicite cast from real to unsigned int.

    Although an explicite cast looks like the programmer knew, the intended behaviour may need two casts.
    I wanted to "infinitely" accumulate possibly small, possibly negative increments (float i) in a modulo counter consisting of an unsigned integer variable (uint32_t n) and a real variable (float f) for the fractional part.

    f += i;
    n += (uint32t)f; // should read n += (uint32t)(int32t)f;
    f -= (int32
    t)f;

    worked with several compilers for PC platforms (gcc, lcc32, VS C++) and with TI''s c6000 compiler for an OMAP L138, but the counter failed to decrease with TI's ARM5.1 compiler for…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add output of the received and expected types for messages that indicate type differences

    With the MISRA 2012 "essential type" implementation, we often see messages that indicated "Expression assigned to a narrower or different essential type" or "Composite expression with smaller essential type than other operand". For these types of messages that indicate a discrepancy of type, it would help in debugging these messages if the types involved could be added into the output.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    started  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Don't lock files during linting (windows, parallel builds)

    Lint open files on windows with file locking. This is the default method on windows. I suppose that lint uses fopen instead of OpenFile.
    This breaks the possibility to use parallel builds for speed up reasons on code that share some code base.
    Suggestion: Use OpenFile with OFSHAREDENYNONE to allow other lint instances and other programms to access that file. If you are worried about file deletion, use at least OFSHAREDENYWRITE.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Variable could be declared as const ref

    Similar to message: 953 - Variable 'Symbol' (Location) could be declared as const

    I would like to see a message for the following situation:

    struct X
    {
    int i;
    };

    struct Y
    {
    const X& f();
    };

    int g( Y y)
    {
    const X x = y.f();
    return x.i + 5;
    }

    In this case variable x could be declared as const ref.
    When the intialization of a const variable is done with an other const variable or a function returning a const reference this message (or maybe two separete messages) could be issued

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Extra initializer/cleanup semantics

    It would be nice to specify which members are deleted or uinitialzed:

    class X
    {
    int i;
    int
    j;
    float* k;
    void cleanInts() { delete i;delete j;}
    ~X(){delete k;cleanInts();}
    };

    in this case -sem(X::cleanInts,cleanup) won't help.
    I propose the following semantics:
    -sem(X::cleanInts,cleanup(X::i,X::j)) where cleanInts should free X::i and X::j

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Be able to suppress for derived classes

    Sometimes it would be nice to suppress a message for all derived classes.

    For example:

    class X
    {
    virtual void f() = 0;
    };

    class Y : public X
    {
    void f() {}
    };

    class Z : public X
    {
    int i;
    void f(){++i;}
    };

    I would like to be able to put the following comment with the declaration of X:
    //lint -esym(1961,[X]::f) //1961 - virtual member function 'Symbol' could be made const

    Where I use [X] as syntax to define X and all classes derived from it.
    So when a sub class dos not use the function f to…

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Find message inhibitions inside files that have no effect

    Sometimes the following happens:
    Code is created with a deliberate violation of a lint message.
    The message in inhibited with a comment in the code.
    However, it often happens comments are not updated with code.
    So the reason for the inhibition may be removed and the inhibition stays.

    It would be nice to find such "broken" inhibitions, (that have no effect on the resulting messages even when all other inhibitions are disabled).
    Maybe this search can be a result of executing pc-lint with a special flag.

    This way the code can be cleaned of old inhibitions.

    49 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Ability to change message categories

    Support an option that allows the user to change the message category of a message from, for example, Warning to Error.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
2 Next →
  • Don't see your idea?

General

Categories

Feedback and Knowledge Base