[splint-discuss] Q: Using splint in development of new code.
cbfalconer at yahoo.com
Tue Mar 25 18:05:22 EST 2003
Austin Hastings wrote:
> I'm considering using splint for a large-scale open-source development
> effort that is currently in very early development, although a fair
> chunk of code has been written.
> This means that there's going to be a lot of code coming in, and most
> of it, initially, won't be annotated. (And some more, naturally, won't
> be annotated correctly.)
> Has anyone written an "annotation primer" that is a one or two page
> distillation of the splint manual?
> I'm envisioning something like this:
> When you're doing this: Annotate thus:
> - returning the only copy /*@only@*/
> of a data item
> - temporarily using a data /*@temp@*/
> item but not taking
> responsibility for it
> Maybe with more info, or less.
IMO you are taking the wrong path. The problem is not how to shut
splint (or your compiler) up about unsound constructs, but to
avoid those constructs in the first place.
I keep three aliases for splint around, called splintwk, splintit,
and splint, in increasing order of severity. splintwk is just
splint -weak. splintit is customized to my comfort level. I
don't believe in any annotations, but bear in mind that warnings
are just that, not errors. If you do annotate they should be
accompanied by comments explaining why they are alright, because
they probably won't in another revision.
Chuck F (cbfalconer at yahoo.com) (cbfalconer at worldnet.att.net)
Available for consulting/temporary embedded and systems.
<http://cbfalconer.home.att.net> USE worldnet address!
More information about the splint-discuss