[ILUG] Looking for a lint clone

Sat Jul 23 07:02:05 IST 2005

  | Date: Sat, 23 Jul 2005 01:26:07 +0100
  | From: Bryan O'Donoghue <typedef at eircom.net>
  | 
  | What do people out there in ILUG land use, or recommend to use,
  | as a lint type scource code checker ?

 the only one I know of that runs on Linux is splint(1),
 which I do use, but do not find it as helpful as the
 older lint(1) on Unix.  however, old-`lint' would not
 find the serious error in yer example (AFAICR), and
 somewhat to my surprise, `splint' is not either?!

  | [ ... ]  For the case above valgrind emphatically won't catch
  | that error, or if it will, I don't know the correct runtime
  | incantation to make it do so.

 this also surprised me, but you do seem to be right,
 as per my (trivial) test below of yer example (which
 also shows  (i) `splint' is not catching it either;
 and  (ii) hints at how obnoxious `splint' can be).

 what sometimes helps is `gcc -W -Wall', plus maybe
 `-pedantic' and sometimes `-ansi' (or `-std=...');
 but that did not find the serious error either (not
 too surprising, IMHO).

 there are also various coding conventions you can
 use to reduce this sort of error; e.g. (guessing
 what yer example is supposed to do when correct):

    char x[2];
    (void) memset(x, 0, sizeof(x));

 please keep the list updated with what you do find;
 I, at least, am very very interested in this.

cheers!
	-blf-

=====(cut here and below)=====`bad.sh'=====(test script)=====
#!/bin/bash

rm -f foo.c
cat >foo.c <<\EOF
#include <string.h>
#include <stdlib.h>

int
main(void)
{
	char x[2];

	memset(x, 0x0, 20);

	return EXIT_FAILURE;
}
EOF

set -x
gcc -g -W -Wall -ansi -pedantic foo.c
./a.out
valgrind -v ./a.out
splint -strict foo.c
exit
=====(cut here and above)=====`bad.sh'=====(test script)=====
=====(cut here and below)=====(results of running `bad.sh')=====
+ gcc -g -W -Wall -ansi -pedantic foo.c
+ ./a.out
bad.sh: line 21: 18041 Segmentation fault      ./a.out
+ valgrind -v ./a.out
==18042== Memcheck, a.k.a. Valgrind, a memory error detector for x86-linux.
==18042== Copyright (C) 2002-2003, and GNU GPL'd, by Julian Seward.
==18042== Using valgrind-2.0.0, a program supervision framework for x86-linux.
==18042== Copyright (C) 2000-2003, and GNU GPL'd, by Julian Seward.
==18042== Command line:
==18042==    ./a.out
==18042== Startup, with flags:
==18042==    --suppressions=/usr/lib/valgrind/default.supp
==18042==    -v
==18042== Reading syms from /tmp/lints/a.out
==18042== Reading syms from /lib/ld-2.3.3.so
==18042==    object doesn't have any debug info
==18042== Reading syms from /usr/lib/valgrind/vgskin_memcheck.so
==18042==    object doesn't have any debug info
==18042== Reading syms from /usr/lib/valgrind/valgrind.so
==18042==    object doesn't have any debug info
==18042== Reading syms from /lib/libc.so.6
==18042==    object doesn't have any debug info
==18042== Reading suppressions file: /usr/lib/valgrind/default.supp
==18042== Estimated CPU clock rate is 1501 MHz
==18042== 
==18042== Jump to the invalid address stated on the next line
==18042==    at 0x0: ???
==18042==    Address 0x0 is not stack'd, malloc'd or free'd
bad.sh: line 22: 18042 Segmentation fault      valgrind -v ./a.out
+ splint -strict foo.c
Splint 3.1.1 --- 06 Apr 2004

foo.c: (in function main)
foo.c:9:17: Function memset expects arg 3 to be size_t gets int: 20
  To allow arbitrary integral types to match any integral type, use
  +matchanyintegral.

Finished checking --- 1 code warning
+ exit
=====(cut here and above)=====(results of running `bad.sh')=====

-- 
Experienced (20+ yrs) kernel/software Eng: | Brian Foster   Montpellier,
 • Unix, embedded, &tc;  • Linux;  • doc;  | blf at utvinternet.ie   FRANCE
 • IDL, automated testing, process, &tc.   |  Stop E$$o (ExxonMobile)!
Résumé (CV) http://www.blf.utvinternet.ie  |     http://www.stopesso.com