From tether at mitlns.mit.edu Fri Feb 7 14:33:43 2003 From: tether at mitlns.mit.edu (Stephen Tether) Date: Wed Mar 22 17:09:59 2006 Subject: [splint-discuss] Out parameter definition loophole Message-ID: <3E440A17.1070805@mitlns.mit.edu> In the code below why doesn't Splint complain about undefined fields for *ps at the end of init1()? For that matter, why doesn't it complain when it sees the assignment to *ps? If I tried that with an int, for example, I'd get a warning right away. For a structure Splint seems to wait until it's used somewhere else. - Steve Tether ------------------------------------------------------------------------ typedef struct {int a, b;} S; inline static void check(/*@unused@*//*@temp@*/S *const ps) {} static void init1(/*@out@*/S *const ps) { S value; *ps = value; } static void init2(/*@out@*/S *const ps) { S value; *ps = value; check(ps); } static void init3(/*@out@*/S *const ps) { S value = {0, 0}; *ps = value; check(ps); } splint -fcnuse test.c Splint 3.0.1.6 --- 12 Nov 2002 test.c: (in function init2) test.c:19:9: Passed storage *ps contains 2 undefined fields: a, b Storage derivable from a parameter, return value or global is not defined. Use /*@out@*/ to denote passed or returned storage which need not be defined. (Use -compdef to inhibit warning) Finished checking --- 1 code warning From Richard.Meek at indsys.ge.com Thu Feb 13 11:58:18 2003 From: Richard.Meek at indsys.ge.com (Meek, Richard (IndSys, M&ST-GEI)) Date: Wed Mar 22 17:09:59 2006 Subject: [splint-discuss] Splint use on Microcontroller code Message-ID: <4E568160EDD2D511B799006008F6C6910150D4CA@BEGENMX01GEPCGE> Hi All, I see in the archives some discussion about the use of Splint on source for microcontrollers - ways of working round the various extensions that they adopt e.g. for IO functions. I'm trying to use it with the NEC 78K series microcontrollers (cross compiler is from IAR), for which we have written > 10,000 lines of code over the last few years. There are two stumbling blocks, the first of which I think I've overcome: 1. Basic IO mapping is by a special type "sfr" which is broadly the same as "uchar *". The simple approach: #define sfr unsigned char * (in the general header file, preceded by #ifdef S_SPLINT_S ) seems to work well - but mustn't use brackets round the substitution (unsigned char *) as it's interpreted as a type cast! 2. Bitwise IO is handled by a union-style extension viz. P0.1 meaning bit 1 of (Port) P0. I can't see a way to handle this. From Richard.Meek at indsys.ge.com Fri Feb 14 11:56:10 2003 From: Richard.Meek at indsys.ge.com (Meek, Richard (IndSys, M&ST-GEI)) Date: Wed Mar 22 17:10:00 2006 Subject: [splint-discuss] Splint use on Microcontroller code Message-ID: <4E568160EDD2D511B799006008F6C6910150D4CD@BEGENMX01GEPCGE> Hi Richard, I recognised your name from the archive - you've clearly been trying this for a while. As you suggest, using typedef is indeed a better solution, seems to work well. I've also received a few suggestions from your fellow countryman Simon Hosie (thanks Simon!) - principally that of using a separate header file when compiling under Splint - it's a much neater solution than hacking up the NEC / IAR ones with #ifdefs. I am trying a simple redefinition of the bit-wise inputs - changing the source to use P0.Bit1 etc. and #defining Bit1 as 1 for NEC but union'ing them for Splint. However, there are some ports with references both byte-wide and bit-wide, I think I'll just have to clean them up! Now I have it essentially running, but warning incessantly that uchar (typedef unsigned char uchar etc.) is not the same as int. No, that's right - it isn't - it's 8 bits wide and int is 16. However, why does it complain when I increment it or assign a constant to it? Clearly, I don't want to ask Splint to treat char as int / uchar as uint since they're fundamentally different... I much appreciate both of your (very prompt) comments last time and would gratefully receive any further ones. Best Regards -- Richard Meek Design Manager, GE Protimeter plc. mailto:richard.meek@indsys.ge.com http://www.protimeter.com Telephone 01628 472722 (switchboard) - 470528 (direct) - 474312 (fax) Legal Notice: "This e-mail may contain information that is confidential or proprietary to General Electric Company. Any unauthorised disclosure, distribution or other use is prohibited. If you received this e-mail in error, please notify the sender, permanently delete it, and destroy any printout." > -----Original Message----- > From: Richard A. O'Keefe [mailto:ok@cs.otago.ac.nz] > Sent: 14 February 2003 00:32 > To: Meek, Richard (IndSys, M&ST-GEI) > Subject: Re: [splint-discuss] Splint use on Microcontroller code > > > There are two stumbling blocks, the first of which I > think I've overcome: > > 1. Basic IO mapping is by a special type "sfr" > which is broadly the > same as "uchar *". The simple approach: > > #define sfr unsigned char * > > (in the general header file, preceded by #ifdef S_SPLINT_S ) > > seems to work well - but mustn't use brackets round the > substitution > (unsigned char *) as it's interpreted as a type cast! > > Brackets[] would indeed be wrong. > > Is there a reason why you can't use > > typedef unsigned char *sfr; > > That will give you a genuine type name that you can use anywhere a > type is required. > > 2. Bitwise IO is handled by a union-style extension viz. P0.1 > meaning bit 1 of (Port) P0. I can't see a way to handle this. > > Do you have control over the sources? > If you do, why not use > > #ifdef S_SPLINT_S > #define Bit(port, bit) ((port)&(1<<(bit))) > #define SetBit(port, bit, val) \ > ((val) ? (port) |= 1<<(bit) : (port) &=~ (1<<(bit))) > #else > #define Bit(port, bit) ((port).bit) > #define SetBit(port, bit, val) ((port).bit = (val)) > #endif > > and then use SetBit(P1, 2, Bit(P0, 1)) instead of P1.2 = P0.1. > From cbfalconer at yahoo.com Fri Feb 14 13:43:31 2003 From: cbfalconer at yahoo.com (CBFalconer) Date: Wed Mar 22 17:10:00 2006 Subject: [splint-discuss] Splint use on Microcontroller code References: <4E568160EDD2D511B799006008F6C6910150D4CD@BEGENMX01GEPCGE> Message-ID: <3E4D38D3.FAC81CEB@yahoo.com> "Meek, Richard (IndSys, M&ST-GEI)" wrote: > ... snip ... > > Now I have it essentially running, but warning incessantly that > uchar (typedef unsigned char uchar etc.) is not the same as int. > No, that's right - it isn't - it's 8 bits wide and int is 16. > However, why does it complain when I increment it or assign a > constant to it? Clearly, I don't want to ask Splint to treat char > as int / uchar as uint since they're fundamentally different... BTW, please don't toppost. There has been a similar discussion recently in c.l.c, under some confusing subject (compiler warning 4761 question). However the point is that C does all arithmetic etc. as ints. The constant 'a' is not treated as a char, but as an integer constant. The action of incrementing involves 'the usual integer promotions' to create an int, which is incremented, and then stored. Thus actions such as "s1 op s2" (where sn are shorts, op is an arith op) can often succeed without incipient overflow. However the act of storing, in "s3 = s1 op s2" can trigger such an overflow. Similar remarks apply to chars, which are really shorter arithmetic types. The assignment action above is no different, in principle, than that of supplying a parameter, as in "foo(s1 - s2)", where foo takes a single short parameter. Gcc warns in this case, but not in the assignment. This is probably because the assignment is so common, yet the function call may mask a serious loss, and be much less obvious. In either case, if overflow DOES occur, behaviour is undefined according to the ISO standard. Since splint is designed to expose incipient problems that slip by compilers, I consider its actions here fully justified. IMNSHO. The cure, in many cases, is the use of unsigned short, where the 'overflow' action is fully defined. Note that any further conversion to short can again cause overflow and UB. The fact that many embedded systems do not treat arithmetic in this standardized way does not affect the conceptual process. Nor does the fact that many systems simply ignore all overflows and silently truncate results, leaving the possibility of subtle crashes, as in the French Arianne fiasco (which was due to arithmetic overflow, even though not ignored). Unfortunately there is no magic wand. -- Chuck F (cbfalconer@yahoo.com) (cbfalconer@worldnet.att.net) Available for consulting/temporary embedded and systems. USE worldnet address! From Simon.Hosie at connexionz.co.nz Sun Feb 16 15:01:33 2003 From: Simon.Hosie at connexionz.co.nz (Simon Hosie) Date: Wed Mar 22 17:10:00 2006 Subject: [splint-discuss] Splint use on Microcontroller code Message-ID: Meek, Richard: > I've also received a few suggestions from your fellow countryman > Simon Hosie (thanks Simon!) What? Oh! That's where that went. Stupid Outlook. Some other group sets 'reply-to', and I get confused. From cbfalconer at yahoo.com Sun Feb 16 20:30:56 2003 From: cbfalconer at yahoo.com (CBFalconer) Date: Wed Mar 22 17:10:00 2006 Subject: [splint-discuss] Splint use on Microcontroller code References: Message-ID: <3E503B50.658E34C9@yahoo.com> Simon Hosie wrote: > Meek, Richard: > > > I've also received a few suggestions from your fellow countryman > > Simon Hosie (thanks Simon!) > > What? Oh! That's where that went. Stupid Outlook. Some other > group sets 'reply-to', and I get confused. Most other lists do. gpc@gnu.de (gnu pascal list) allows individual subscribers to control it for anything delivered to them. I think the lack is one reason the list is so lightly used. -- Chuck F (cbfalconer@yahoo.com) (cbfalconer@worldnet.att.net) Available for consulting/temporary embedded and systems. USE worldnet address! From santosh.saxena at st.com Fri Feb 21 03:25:59 2003 From: santosh.saxena at st.com (Santosh Saxena) Date: Wed Mar 22 17:10:00 2006 Subject: [splint-discuss] How to make splint recognize functions described in other .c files Message-ID: <003f01c2d982$df01fae0$3f9601ca@noida.dlh.st.com> At path $HOME/abc/ f1.c: int sqr(int a) { return a*a; } At path $HOME abc.c : #include main() { printf("Square of 4 is %d\n",sqr(4)); return 0; } I compile abc.c as follows cc -C /abc/f1.c abc.c To generate a.out Question : How do I make splint consider f1.c also while checking for abc.c ? Right now when I run splint to check abc.c it throws error : Unrecognized identifier sqr Using -I flag does not work. Regards, Santosh From david.chabal at c-s.fr Fri Feb 21 03:44:07 2003 From: david.chabal at c-s.fr (CHABAL David) Date: Wed Mar 22 17:10:00 2006 Subject: [splint-discuss] How to make splint recognize functions described in other .c files References: <003f01c2d982$df01fae0$3f9601ca@noida.dlh.st.com> Message-ID: <3E55E6D7.1F363E3B@c-s.fr> It's normal because you don't include a header file for fl.c in abc.c: fl.h: -------- #ifnded FL_H #define FL_H extern int sqr(int a); #endif /* FL_H */ -------- abc.c: ------ #include #include "abc/fl.h" ... ------ David Santosh Saxena a ?crit : > > At path $HOME/abc/ > f1.c: > int sqr(int a) > { > return a*a; > } > > At path $HOME > abc.c : > #include > main() > { > printf("Square of 4 is %d\n",sqr(4)); > return 0; > } > > I compile abc.c as follows > cc -C /abc/f1.c abc.c > To generate a.out > > Question : How do I make splint consider f1.c also while checking for > abc.c ? Right now when I run splint to check abc.c it throws error : > Unrecognized identifier sqr > Using -I flag does not work. > > Regards, > Santosh > > _______________________________________________ > splint-discuss mailing list > splint-discuss@cs.virginia.edu > http://www.splint.org/mailman/listinfo/splint-discuss -- ------------------------------------------------------------------ David CHABAL CS SI / STR/LES ZAC de la Grande Plaine rue Brindejonc des Moulinais BP 5872 F-31506 Toulouse Cedex 6 T?l. direct : 05 61 17 65 48 T?l. standard : 05 61 17 66 66 Fax : 05 61 17 65 78 mailto:david.chabal@c-s.fr From santosh.saxena at st.com Fri Feb 21 04:23:22 2003 From: santosh.saxena at st.com (Santosh Saxena) Date: Wed Mar 22 17:10:00 2006 Subject: [splint-discuss] How to make splint recognize functions described in other .c files In-Reply-To: <3E55E6D7.1F363E3B@c-s.fr> Message-ID: <004001c2d98a$e23da440$3f9601ca@noida.dlh.st.com> Thanks David Your solution works for the example that I created. Actually the problem before me is the following In my organization's legacy system, there is a huge setup of pro*c programs and a set up of such function .c files which are handled at the time of build. Is it mandatory for me to include header files (which will mean a lot of work) or there is a workaround way by which I can specify to splint that do look at this path also for c functions that you may encounter. I'm new to Splint. Santosh -----Original Message----- From: splint-discuss-admin@cs.virginia.edu [mailto:splint-discuss-admin@cs.virginia.edu] On Behalf Of david.chabal@c-s.fr Sent: Friday, February 21, 2003 2:14 PM To: splint-discuss@cs.virginia.edu Subject: Re: [splint-discuss] How to make splint recognize functions described in other .c files It's normal because you don't include a header file for fl.c in abc.c: fl.h: -------- #ifnded FL_H #define FL_H extern int sqr(int a); #endif /* FL_H */ -------- abc.c: ------ #include #include "abc/fl.h" ... ------ David Santosh Saxena a ?crit : > > At path $HOME/abc/ > f1.c: > int sqr(int a) > { > return a*a; > } > > At path $HOME > abc.c : > #include > main() > { > printf("Square of 4 is %d\n",sqr(4)); > return 0; > } > > I compile abc.c as follows > cc -C /abc/f1.c abc.c > To generate a.out > > Question : How do I make splint consider f1.c also while checking for > abc.c ? Right now when I run splint to check abc.c it throws error : > Unrecognized identifier sqr Using -I flag does not work. > > Regards, > Santosh > > _______________________________________________ > splint-discuss mailing list > splint-discuss@cs.virginia.edu > http://www.splint.org/mailman/listinfo/splint-discuss -- ------------------------------------------------------------------ David CHABAL CS SI / STR/LES ZAC de la Grande Plaine rue Brindejonc des Moulinais BP 5872 F-31506 Toulouse Cedex 6 T?l. direct : 05 61 17 65 48 T?l. standard : 05 61 17 66 66 Fax : 05 61 17 65 78 mailto:david.chabal@c-s.fr _______________________________________________ splint-discuss mailing list splint-discuss@cs.virginia.edu http://www.splint.org/mailman/listinfo/splint-discuss From liegeois at no-log.org Fri Feb 21 05:02:36 2003 From: liegeois at no-log.org (liegeois@no-log.org) Date: Wed Mar 22 17:10:00 2006 Subject: [splint-discuss] @ignore@/@end@ blocks and +strict mode Message-ID: <61993.80.14.141.225.1045821756.squirrel@mail.no-log.org> I'm trying to write some C code and then cleanse it with the help of splint. When the code seems ok, I launch splint +strict, but obviously I get many errors coming from header flags I didn't write. Splint manual suggests that you should use ignore/end blocks to get rid of those error messages. Here is a (simplified) source code: /* ---- source.c ---- */ /*@ignore@*/ #include /*@end@*/ splint +strict source.c (splint 3.0.1.6) brings 81 errors from usr/include/malloc.h. Is this a misunderstanting of what @ignore@/@end@ blocks are supposed to do ? or is it a feature of splint ? Thanks Liegeois From david.chabal at c-s.fr Fri Feb 21 07:22:31 2003 From: david.chabal at c-s.fr (CHABAL David) Date: Wed Mar 22 17:10:00 2006 Subject: [splint-discuss] How to make splint recognize functions described in other .c files References: <004001c2d98a$e23da440$3f9601ca@noida.dlh.st.com> Message-ID: <3E561A07.7C33B99E@c-s.fr> Try to concatenante all of your C files, it could be work. But I suppose, if you use splint, it's to have a clean source code and the missing headers are not compliant with the C rules. So it should be necessary to include header file in the future... (for code checking, automatic makefile generation, portability...), splint is just here to show which function is undefined. Rgds David Santosh Saxena a ?crit : > > Thanks David > > Your solution works for the example that I created. Actually the problem > before me is the following > > In my organization's legacy system, there is a huge setup of pro*c > programs and a set up of such function .c files which are handled at the > time of build. Is it mandatory for me to include header files (which > will mean a lot of work) or there is a workaround way by which I can > specify to splint that do look at this path also for c functions that > you may encounter. > > I'm new to Splint. > > Santosh > > -----Original Message----- > From: splint-discuss-admin@cs.virginia.edu > [mailto:splint-discuss-admin@cs.virginia.edu] On Behalf Of > david.chabal@c-s.fr > Sent: Friday, February 21, 2003 2:14 PM > To: splint-discuss@cs.virginia.edu > Subject: Re: [splint-discuss] How to make splint recognize functions > described in other .c files > > It's normal because you don't include a header file for fl.c > in abc.c: > > fl.h: > -------- > #ifnded FL_H > #define FL_H > > extern int sqr(int a); > > #endif /* FL_H */ > -------- > > abc.c: > ------ > #include > #include "abc/fl.h" > ... > ------ > > David > > Santosh Saxena a ?crit : > > > > At path $HOME/abc/ > > f1.c: > > int sqr(int a) > > { > > return a*a; > > } > > > > At path $HOME > > abc.c : > > #include > > main() > > { > > printf("Square of 4 is %d\n",sqr(4)); > > return 0; > > } > > > > I compile abc.c as follows > > cc -C /abc/f1.c abc.c > > To generate a.out > > > > Question : How do I make splint consider f1.c also while checking for > > abc.c ? Right now when I run splint to check abc.c it throws error : > > Unrecognized identifier sqr Using -I flag does not work. > > > > Regards, > > Santosh > > > > _______________________________________________ > > splint-discuss mailing list > > splint-discuss@cs.virginia.edu > > http://www.splint.org/mailman/listinfo/splint-discuss > > -- > ------------------------------------------------------------------ > David CHABAL > CS SI / STR/LES > ZAC de la Grande Plaine > rue Brindejonc des Moulinais > BP 5872 > F-31506 Toulouse Cedex 6 > > T?l. direct : 05 61 17 65 48 > T?l. standard : 05 61 17 66 66 > Fax : 05 61 17 65 78 > mailto:david.chabal@c-s.fr > _______________________________________________ > splint-discuss mailing list > splint-discuss@cs.virginia.edu > http://www.splint.org/mailman/listinfo/splint-discuss > > _______________________________________________ > splint-discuss mailing list > splint-discuss@cs.virginia.edu > http://www.splint.org/mailman/listinfo/splint-discuss -- ------------------------------------------------------------------ David CHABAL CS SI / STR/LES ZAC de la Grande Plaine rue Brindejonc des Moulinais BP 5872 F-31506 Toulouse Cedex 6 T?l. direct : 05 61 17 65 48 T?l. standard : 05 61 17 66 66 Fax : 05 61 17 65 78 mailto:david.chabal@c-s.fr From cbfalconer at yahoo.com Fri Feb 21 07:36:53 2003 From: cbfalconer at yahoo.com (CBFalconer) Date: Wed Mar 22 17:10:00 2006 Subject: [splint-discuss] How to make splint recognize functions described in other .c files References: <004001c2d98a$e23da440$3f9601ca@noida.dlh.st.com> Message-ID: <3E561D65.A0065B3F@yahoo.com> Santosh Saxena wrote: > > Your solution works for the example that I created. Actually the > problem before me is the following > > In my organization's legacy system, there is a huge setup of > pro*c programs and a set up of such function .c files which are > handled at the time of build. Is it mandatory for me to include > header files (which will mean a lot of work) or there is a > workaround way by which I can specify to splint that do look at > this path also for c functions that you may encounter. > > I'm new to Splint. Please don't toppost. Not only is it mandatory for splint, it is mandatory for C. You don't have your compiler warning level turned up high enough, or you would be getting myriad warnings for missing prototypes. Each .c file should have a .h file describing the external access allowed. Functions and global variables in that file should be declared static *unless* they are required for external access. Each .c file should have a #include for its own .h file, and for any external routines/variables accessed. Only variables in the .h file need be labelled extern. Not only does this allow the compiler system to function correctly, it greatly eases your maintenance chores, since you know that everything declared static is invisible outside that particular .c file. As it is, you will never link correctly to any function whose type or parameters are not int. I shudder to think of the bugs in your system. Do the work. A good xref program will ease this. You can find one (for windows/msdos) embedded in hashlib.zip in my download directory, URL in my sig line below. This can also (option) show up use of magic numerical constants. -- Chuck F (cbfalconer@yahoo.com) (cbfalconer@worldnet.att.net) Available for consulting/temporary embedded and systems. USE worldnet address! From Simon.Hosie at connexionz.co.nz Sun Feb 23 16:33:03 2003 From: Simon.Hosie at connexionz.co.nz (Simon Hosie) Date: Wed Mar 22 17:10:00 2006 Subject: [splint-discuss] How to make splint recognize functions described in other .c files Message-ID: Santosh Saxena: > In my organization's legacy system, there is a huge setup of pro*c > programs and a set up of such function .c files which are handled at the > time of build. Is it mandatory for me to include header files (which > will mean a lot of work) or there is a workaround way by which I can > specify to splint that do look at this path also for c functions that > you may encounter. This sounds a lot like you're applying splint to an inappropriate task. If you want to work around having to prototype functions then you pretty much want to work around using splint altogether. Start out by using splint on a new project, and using it to keep code organised as it's being developed. From Simon.Hosie at connexionz.co.nz Sun Feb 23 16:34:22 2003 From: Simon.Hosie at connexionz.co.nz (Simon Hosie) Date: Wed Mar 22 17:10:00 2006 Subject: [splint-discuss] How to make splint recognize functions described in other .c files Message-ID: CBFalconer: > Please don't toppost. Just so I don't do it by accident; what does that mean? From ok at cs.otago.ac.nz Sun Feb 23 18:18:36 2003 From: ok at cs.otago.ac.nz (Richard A. O'Keefe) Date: Wed Mar 22 17:10:00 2006 Subject: [splint-discuss] How to make splint recognize functions described in other .c files Message-ID: <200302232318.h1NNIaw8230388@atlas.otago.ac.nz> "Santosh Saxena" wrote: [that he has a file f1.c defining sqr() and a file abc.c calling it] [he wants splint to know about sqr() when checking abc.c] You tell SPlint about it exactly the same way you should always tell a C compiler about it. You should be aware that many C compilers will complain bitterly about your code, especially if you ask them. You should also be aware that leaving out 'int' in a function definition is no longer allowed in C99. If you have a file f1.c which exports some variables and/or functions, then you should have a file f1.h which declares (but does not define) those variables and/or functions. f1.h should be #included *both* by f1.c (so that the C compiler can check that f1.h and f1.c are consistent) *and* by every .c file which uses any of those variables and/or functions. In this case, you want three files: f1.h extern int sqr(int); /* function prototype for sqr() */ f1.c #include "f1.h" int sqr(int a) { return a*a; } abc.c #include #include "f1.h" int main(void) { (void)printf("The square of 4 is %d\n", sqr(4)); return 0; } cc -I/abc /abc/f1.c abc.c splint -I/abc abc/f1.c abc.c Using -I flag does not work. Regards, Santosh _______________________________________________ splint-discuss mailing list splint-discuss@cs.virginia.edu http://www.splint.org/mailman/listinfo/splint-discuss From splint-discuss-admin@cs.virginia.edu Fri Feb 21 21:30:23 2003 Reply-To: From: "Santosh Saxena" To: Organization: ST Microelectronics MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4024 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Subject: [splint-discuss] How to make splint recognize functions described in other .c files Sender: splint-discuss-admin@cs.virginia.edu Errors-To: splint-discuss-admin@cs.virginia.edu X-BeenThere: splint-discuss@cs.virginia.edu X-Mailman-Version: 2.0.10 Precedence: bulk List-Unsubscribe: , List-Id: Discussions about the Splint annotation-assisted static analysis project List-Post: List-Help: List-Subscribe: , List-Archive: Date: Fri, 21 Feb 2003 13:55:59 +0530 X-scanner: scanned by Inflex 1.0.12.4 - (http://pldaniels.com/inflex/) At path $HOME/abc/ f1.c: int sqr(int a) { return a*a; } At path $HOME abc.c : #include main() { printf("Square of 4 is %d\n",sqr(4)); return 0; } I compile abc.c as follows cc -C /abc/f1.c abc.c To generate a.out "Santosh Saxena" added that Using -I flag does not work. But it DOES. It just doesn't do what you think it does. All the -I flag is supposed to do is tell the preprocessor where to find the headers requested by #include "...". If you don't #include "..." any headers, there is nothing for -I to help with. From cbfalconer at yahoo.com Sun Feb 23 18:21:01 2003 From: cbfalconer at yahoo.com (CBFalconer) Date: Wed Mar 22 17:10:00 2006 Subject: [splint-discuss] How to make splint recognize functions described in other .c files References: Message-ID: <3E59575D.569F79B4@yahoo.com> Simon Hosie wrote: > CBFalconer: > > > Please don't toppost. > > Just so I don't do it by accident; what does that mean? It means posting ahead of the material you are quoting, rather than interspersed or afterwards. -- Chuck F (cbfalconer@yahoo.com) (cbfalconer@worldnet.att.net) Available for consulting/temporary embedded and systems. USE worldnet address! From santosh.saxena at st.com Sun Feb 23 23:27:43 2003 From: santosh.saxena at st.com (Santosh Saxena) Date: Wed Mar 22 17:10:00 2006 Subject: [splint-discuss] How to make splint recognize functions described in other .c files In-Reply-To: <3E561A07.7C33B99E@c-s.fr> Message-ID: <000201c2dbbd$18646610$3f9601ca@noida.dlh.st.com> You are right David... Including header files for such function should be priority. This is also a bug which 'splint' has pointed out at the first instance. Thank you so much. Santosh -----Original Message----- From: david.chabal@c-s.fr [mailto:david.chabal@c-s.fr] Sent: Friday, February 21, 2003 5:53 PM To: santosh.saxena@st.com Cc: splint-discuss@cs.virginia.edu Subject: Re: [splint-discuss] How to make splint recognize functions described in other .c files Try to concatenante all of your C files, it could be work. But I suppose, if you use splint, it's to have a clean source code and the missing headers are not compliant with the C rules. So it should be necessary to include header file in the future... (for code checking, automatic makefile generation, portability...), splint is just here to show which function is undefined. Rgds David Santosh Saxena a ?crit : > > Thanks David > > Your solution works for the example that I created. Actually the > problem before me is the following > > In my organization's legacy system, there is a huge setup of pro*c > programs and a set up of such function .c files which are handled at > the time of build. Is it mandatory for me to include header files > (which will mean a lot of work) or there is a workaround way by which > I can specify to splint that do look at this path also for c functions > that you may encounter. > > I'm new to Splint. > > Santosh > > -----Original Message----- > From: splint-discuss-admin@cs.virginia.edu > [mailto:splint-discuss-admin@cs.virginia.edu] On Behalf Of > david.chabal@c-s.fr > Sent: Friday, February 21, 2003 2:14 PM > To: splint-discuss@cs.virginia.edu > Subject: Re: [splint-discuss] How to make splint recognize functions > described in other .c files > > It's normal because you don't include a header file for fl.c in abc.c: > > fl.h: > -------- > #ifnded FL_H > #define FL_H > > extern int sqr(int a); > > #endif /* FL_H */ > -------- > > abc.c: > ------ > #include > #include "abc/fl.h" > ... > ------ > > David > > Santosh Saxena a ?crit : > > > > At path $HOME/abc/ > > f1.c: > > int sqr(int a) > > { > > return a*a; > > } > > > > At path $HOME > > abc.c : > > #include > > main() > > { > > printf("Square of 4 is %d\n",sqr(4)); > > return 0; > > } > > > > I compile abc.c as follows > > cc -C /abc/f1.c abc.c > > To generate a.out > > > > Question : How do I make splint consider f1.c also while checking > > for abc.c ? Right now when I run splint to check abc.c it throws > > error : Unrecognized identifier sqr Using -I flag does not work. > > > > Regards, > > Santosh > > > > _______________________________________________ > > splint-discuss mailing list > > splint-discuss@cs.virginia.edu > > http://www.splint.org/mailman/listinfo/splint-discuss > > -- > ------------------------------------------------------------------ > David CHABAL > CS SI / STR/LES > ZAC de la Grande Plaine > rue Brindejonc des Moulinais > BP 5872 > F-31506 Toulouse Cedex 6 > > T?l. direct : 05 61 17 65 48 > T?l. standard : 05 61 17 66 66 > Fax : 05 61 17 65 78 > mailto:david.chabal@c-s.fr > _______________________________________________ > splint-discuss mailing list > splint-discuss@cs.virginia.edu > http://www.splint.org/mailman/listinfo/splint-discuss > > _______________________________________________ > splint-discuss mailing list > splint-discuss@cs.virginia.edu > http://www.splint.org/mailman/listinfo/splint-discuss -- ------------------------------------------------------------------ David CHABAL CS SI / STR/LES ZAC de la Grande Plaine rue Brindejonc des Moulinais BP 5872 F-31506 Toulouse Cedex 6 T?l. direct : 05 61 17 65 48 T?l. standard : 05 61 17 66 66 Fax : 05 61 17 65 78 mailto:david.chabal@c-s.fr From santosh.saxena at st.com Sun Feb 23 23:27:43 2003 From: santosh.saxena at st.com (Santosh Saxena) Date: Wed Mar 22 17:10:01 2006 Subject: [splint-discuss] How to make splint recognize functions described in other .c files In-Reply-To: <200302232318.h1NNIaw8230388@atlas.otago.ac.nz> Message-ID: <000401c2dbbd$1bd6a970$3f9601ca@noida.dlh.st.com> Thanks a lot. I got the message. Santosh -----Original Message----- From: splint-discuss-admin@cs.virginia.edu [mailto:splint-discuss-admin@cs.virginia.edu] On Behalf Of ok@cs.otago.ac.nz Sent: Monday, February 24, 2003 4:49 AM To: splint-discuss@cs.virginia.edu Subject: Re: [splint-discuss] How to make splint recognize functions described in other .c files "Santosh Saxena" wrote: [that he has a file f1.c defining sqr() and a file abc.c calling it] [he wants splint to know about sqr() when checking abc.c] You tell SPlint about it exactly the same way you should always tell a C compiler about it. You should be aware that many C compilers will complain bitterly about your code, especially if you ask them. You should also be aware that leaving out 'int' in a function definition is no longer allowed in C99. If you have a file f1.c which exports some variables and/or functions, then you should have a file f1.h which declares (but does not define) those variables and/or functions. f1.h should be #included *both* by f1.c (so that the C compiler can check that f1.h and f1.c are consistent) *and* by every .c file which uses any of those variables and/or functions. In this case, you want three files: f1.h extern int sqr(int); /* function prototype for sqr() */ f1.c #include "f1.h" int sqr(int a) { return a*a; } abc.c #include #include "f1.h" int main(void) { (void)printf("The square of 4 is %d\n", sqr(4)); return 0; } cc -I/abc /abc/f1.c abc.c splint -I/abc abc/f1.c abc.c Using -I flag does not work. Regards, Santosh _______________________________________________ splint-discuss mailing list splint-discuss@cs.virginia.edu http://www.splint.org/mailman/listinfo/splint-discuss From splint-discuss-admin@cs.virginia.edu Fri Feb 21 21:30:23 2003 Reply-To: From: "Santosh Saxena" To: Organization: ST Microelectronics MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4024 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Subject: [splint-discuss] How to make splint recognize functions described in other .c files Sender: splint-discuss-admin@cs.virginia.edu Errors-To: splint-discuss-admin@cs.virginia.edu X-BeenThere: splint-discuss@cs.virginia.edu X-Mailman-Version: 2.0.10 Precedence: bulk List-Unsubscribe: , List-Id: Discussions about the Splint annotation-assisted static analysis project List-Post: List-Help: List-Subscribe: , List-Archive: Date: Fri, 21 Feb 2003 13:55:59 +0530 X-scanner: scanned by Inflex 1.0.12.4 - (http://pldaniels.com/inflex/) At path $HOME/abc/ f1.c: int sqr(int a) { return a*a; } At path $HOME abc.c : #include main() { printf("Square of 4 is %d\n",sqr(4)); return 0; } I compile abc.c as follows cc -C /abc/f1.c abc.c To generate a.out "Santosh Saxena" added that Using -I flag does not work. But it DOES. It just doesn't do what you think it does. All the -I flag is supposed to do is tell the preprocessor where to find the headers requested by #include "...". If you don't #include "..." any headers, there is nothing for -I to help with. _______________________________________________ splint-discuss mailing list splint-discuss@cs.virginia.edu http://www.splint.org/mailman/listinfo/splint-discuss From santosh.saxena at st.com Sun Feb 23 23:27:43 2003 From: santosh.saxena at st.com (Santosh Saxena) Date: Wed Mar 22 17:10:01 2006 Subject: [splint-discuss] How to make splint recognize functions described in other .c files In-Reply-To: <3E561D65.A0065B3F@yahoo.com> Message-ID: <000001c2dbbd$13cd03a0$3f9601ca@noida.dlh.st.com> Thanks a lot. I'll be working towards including the external functions in header files. Santosh -----Original Message----- From: splint-discuss-admin@cs.virginia.edu [mailto:splint-discuss-admin@cs.virginia.edu] On Behalf Of cbfalconer@yahoo.com Sent: Friday, February 21, 2003 6:07 PM To: splint-discuss@cs.virginia.edu Subject: Re: [splint-discuss] How to make splint recognize functions described in other .c files Santosh Saxena wrote: > > Your solution works for the example that I created. Actually the > problem before me is the following > > In my organization's legacy system, there is a huge setup of pro*c > programs and a set up of such function .c files which are handled at > the time of build. Is it mandatory for me to include header files > (which will mean a lot of work) or there is a workaround way by which > I can specify to splint that do look at this path also for c functions > that you may encounter. > > I'm new to Splint. Please don't toppost. Not only is it mandatory for splint, it is mandatory for C. You don't have your compiler warning level turned up high enough, or you would be getting myriad warnings for missing prototypes. Each .c file should have a .h file describing the external access allowed. Functions and global variables in that file should be declared static *unless* they are required for external access. Each .c file should have a #include for its own .h file, and for any external routines/variables accessed. Only variables in the .h file need be labelled extern. Not only does this allow the compiler system to function correctly, it greatly eases your maintenance chores, since you know that everything declared static is invisible outside that particular .c file. As it is, you will never link correctly to any function whose type or parameters are not int. I shudder to think of the bugs in your system. Do the work. A good xref program will ease this. You can find one (for windows/msdos) embedded in hashlib.zip in my download directory, URL in my sig line below. This can also (option) show up use of magic numerical constants. -- Chuck F (cbfalconer@yahoo.com) (cbfalconer@worldnet.att.net) Available for consulting/temporary embedded and systems. USE worldnet address! _______________________________________________ splint-discuss mailing list splint-discuss@cs.virginia.edu http://www.splint.org/mailman/listinfo/splint-discuss From splint at elektrono.com Mon Feb 24 00:32:00 2003 From: splint at elektrono.com (Devin Bayer) Date: Wed Mar 22 17:10:01 2006 Subject: [splint-discuss] [patch] Adds two more options Message-ID: <3E59AE50.4000404@elektrono.com> Attached to this file is a patch that gives splint two more options: -L This is ignored. It's here so that config programs outputting command line options for gcc can be used unmodified with splint. -isystem This adds a dir like -l and adds the dir to the systemdirs list. It's needed for the same reason as above. The reason I needed these is because I wanted to run splint on a Palm OS program using prc-tools. But the system libraries are in a non-standard location and there are many of them. The tool provided to tell gcc about this directories is sdkfind, and it uses -isystem and -L options. Now that I've got that part working, I'm having to deal with parse errors in the Palm SDK header file. The following two lines (after macro substitution) are existent in ErrorBase.h: typedef long* ErrJumpBuf[12]; int ErrSetJump(ErrJumpBuf buf) __SPIC__("simple", table, vector, 0); The first line produces a warning and the second produces this error: ErrorBase.h:251:43: Parse Error: New function scope inside function. (For help on parse errors, see splint -help parseerrors.) I couldn't find any references to __SPIC__, so I don't know what to do about it. If anyone has some relevant info I'm going to work on this later. Also, when running make I get lots of tests reporting "*** FAIL ***". My intuition tells me this is a bad thing. Should I report those errors to this list? -- Devin Bayer - http://elektrono.com/bio/contact It looked like something resembling white marble, which was probably what it was: something resembling white marble. -- Douglas Adams -------------- next part -------------- Index: Makefile.am =================================================================== RCS file: /cvsroot/lclint/LCLintDev/Makefile.am,v retrieving revision 1.9 diff -u -u -r1.9 Makefile.am --- Makefile.am 5 Sep 2002 16:33:20 -0000 1.9 +++ Makefile.am 24 Feb 2003 02:49:43 -0000 @@ -59,6 +59,7 @@ $(RM) -f $(binaryDir)/splint $(CP) src/splint $(binaryDir)/splint $(MV) install.html installSource.html + $(CP) doc/splint.1 $(MANDIR)/man1/ $(CP) doc/` uname | tr [A-Z] [a-z]`.html install.html $(MAKE) -e dist dh_script=$(binaryfixscript) SUBDIRS="$(binaryDir) lib imports doc" $(MV) $(distdir).tar.gz $(distdir).`uname`.tgz Index: src/cgrammar.y =================================================================== RCS file: /cvsroot/lclint/LCLintDev/src/cgrammar.y,v retrieving revision 1.66 diff -u -u -r1.66 cgrammar.y --- src/cgrammar.y 18 Dec 2002 23:54:36 -0000 1.66 +++ src/cgrammar.y 24 Feb 2003 02:49:59 -0000 @@ -218,7 +219,7 @@ %type endIter %type functionClauses functionClausesPlain -%type functionClause functionClause functionClausePlain +%type functionClause functionClausePlain %type globalsClause globalsClausePlain %type modifiesClause modifiesClausePlain nomodsClause Index: src/flags.c =================================================================== RCS file: /cvsroot/lclint/LCLintDev/src/flags.c,v retrieving revision 1.37 diff -u -u -r1.37 flags.c --- src/flags.c 18 Dec 2002 01:06:01 -0000 1.37 +++ src/flags.c 24 Feb 2003 02:50:19 -0000 @@ -1011,6 +1011,11 @@ return FLG_INCLUDEPATH; /* no space required after -I */ } + if (cstring_firstChar (s) == 'L') + { + return FLG_LIBRARYPATH; /* no space required after -L */ + } + if (cstring_firstChar (s) == 'S') { return FLG_SPECPATH; /* no space required after -S */ @@ -1712,7 +1717,7 @@ *passThroughArgs = cstringList_add (*passThroughArgs, cstring_fromCharsNew (thisarg + 1)); } - else if (opt == FLG_INCLUDEPATH || opt == FLG_SPECPATH) + else if (opt == FLG_INCLUDEPATH || opt == FLG_SPECPATH || opt == FLG_LIBRARYPATH) { if (mstring_length (thisarg) < 2) { BADBRANCH; @@ -1754,6 +1759,9 @@ dir)); /*@=mustfree@*/ /*@switchbreak@*/ break; + case FLG_LIBRARYPATH: + // Do nothing because we don't use libraries + /*@switchbreak@*/ break; BADDEFAULT; } } @@ -1845,6 +1853,14 @@ cstring_makeLiteralTemp (LCLINIT_SUFFIX), FALSE)); break; + } + else if (opt == FLG_SYSTEMPATH) + { + cppAddIncludeDir(arg); + cstring tmp = context_getString(opt); + tmp = cstring_appendChar(tmp,PATH_SEPARATOR); + tmp = cstring_concat(tmp,arg); + context_setString(opt,cstring_copy(tmp)); } else { Index: src/flags.def =================================================================== RCS file: /cvsroot/lclint/LCLintDev/src/flags.def,v retrieving revision 1.57 diff -u -u -r1.57 flags.def --- src/flags.def 20 Dec 2002 02:04:16 -0000 1.57 +++ src/flags.def 24 Feb 2003 02:50:20 -0000 @@ -3249,6 +3249,20 @@ NULL, 0, 0 }, { + FK_DIRECT, FK_HEADERS, globalExtraArgFlag, + "L", + FLG_LIBRARYPATH, + "ignore this flag", + NULL, 0, 0 + }, + { + FK_DIRECT, FK_HEADERS, globalStringFlag, ARG_DIRECTORY, + "isys", + FLG_SYSTEMPATH, + "add to C system include path", + NULL, 0, 0 + }, + { FK_DIRECT, FK_SPEC, globalExtraArgFlag, "S", FLG_SPECPATH, Index: src/Headers/flag_codes.h =================================================================== RCS file: /cvsroot/lclint/LCLintDev/src/Headers/flag_codes.h,v retrieving revision 1.7 diff -u -u -r1.7 flag_codes.h --- src/Headers/flag_codes.h 18 Dec 2002 01:06:02 -0000 1.7 +++ src/Headers/flag_codes.h 24 Feb 2003 02:50:47 -0000 @@ -30,7 +30,7 @@ # define NUMVALUEFLAGS 15 /*@constant int NUMSTRINGFLAGS; @*/ -# define NUMSTRINGFLAGS 28 +# define NUMSTRINGFLAGS 29 /*@iter allFlagCodes (yield flagcode f); @*/ # define allFlagCodes(m_code) \ From raeburn at raeburn.org Tue Feb 25 14:51:05 2003 From: raeburn at raeburn.org (Ken Raeburn) Date: Wed Mar 22 17:10:01 2006 Subject: [splint-discuss] /*@out@*/ and failure returns; manual In-Reply-To: (Simon Hosie's message of "Tue, 17 Sep 2002 16:19:16 +1200") Message-ID: This was asked months ago (sent to lclint-interest), and as far as I can see from my email and the list archive, was never answered. I'd like to know too, since I've got quite a few functions of this sort in my project. Simon Hosie writes: > What's the proper way of handling a function that has outs, but may > fail (with an error return code) and not define some or all of > them? There are quite a few cases that I haven't figured out how to handle, and some of them I think Splint probably just doesn't handle, but if that's the case, it would be helpful if the manual would just come out and say so, and maybe suggest workarounds. Anything using realloc is an obvious example of something Splint doesn't handle. A slightly less obvious case is manipulating data using handles of the form struct { void *ptr; size_t length; } and passing around pointers to these handles, sticking them or pointers to arrays of them in data structures, etc, and needing to annotate different occurrences differently. For example: int compress(handle *plaintext, handle *ztext) where plaintext would presumably be 'temp' references (and plaintext->ptr might be anything, defined by the caller), and ztext may point to uninitialized storage that the function fills in after allocating some buffer space, or it may already be filled in by the caller with the info on the buffer to be filled in by the compress function. How, if at all, can I describe either of these cases to Splint? Changing the API to use different types based on memory management details is not an option. Is the master source for the manual in some form that can be edited and patches submitted? I'd be happy to at least write up the realloc case, with a suggested workaround. (Or, I could just send in some text...) Ken