From raphael at clifford.net Sat Sep 6 08:39:07 2003 From: raphael at clifford.net (Raphael Clifford) Date: Wed Mar 22 17:10:13 2006 Subject: [splint-discuss] complex.h and splint Message-ID: <3F59D56B.3050808@clifford.net> Hi, Am I right in thinking that you can't use splint with the complex number type from complex.h and supported in gcc 3.x? For example... #include int main() { complex x = 1 +1i; x =x*x; } and then .... [clifford@localhost C]$ splint test1.c Splint 3.1.1 --- 03 Sep 2003 /usr/include/bits/cmathcalls.h:54:31: Parse Error: Non-function declaration: _Complex : extern double. (For help on parse errors, see splint -help parseerrors.) *** Cannot continue. Cheers, Raphael From Marco.Giromini at marconiselenia.com Mon Sep 8 04:54:21 2003 From: Marco.Giromini at marconiselenia.com (Marco.Giromini@marconiselenia.com) Date: Wed Mar 22 17:10:14 2006 Subject: [splint-discuss] My favorite "missing" lint feature Message-ID: I think you should look in the UserManual ( 13.1 Unused Declarations) +constuse +fcnuse +paramuse +varuse +typeuse +enummemuse +fielduse Splint detects constants, functions, parameters, variables, types, enumerator members, and structure or union fields that are declared but never used. -unused-special Declaration in a special file (corresponding to .l or .y file) is unused. Best regards Marco Giromini Ing. Marco Giromini OTE S.p.A. - A Finmeccanica Company Galleria Gerace, 7 - 56124 PISA Italy e-mail: Marco.Giromini@marconiselenia.com "Dennis J. Linse" @cs.virginia.edu on 08/25/2003 04:56:13 AM Please respond to splint-discuss@cs.virginia.edu Sent by: splint-discuss-admin@cs.virginia.edu To: splint-discuss@cs.virginia.edu cc: Subject: [splint-discuss] My favorite "missing" lint feature [Briefly: New to this discussion list. Used lclint/splint for 3+ years. Love it.] We've just moved to a Mac OS X platform from an SGI where we used lint and splint both to "diagnose" our code because there was one feature that lint had that splint doesn't: Variable i set but not used. Mac OS X doesn't include lint, and I've not been able to convince gcc to show me this as a warning/error with any argument (as a pseudo-lint). Is the equivalent somewhere in splint that I've missed? It is extremely useful as it is often an indication of incorrect code nearby: the variable was set, but not used in a following equation or function. Thanks for any hints. Dennis Dennis J. Linse, Aerospace Engineer Science Applications International Corporation +1-301-866-6706, +1-301-863-0299 (fax) _______________________________________________ splint-discuss mailing list splint-discuss@cs.virginia.edu http://www.splint.org/mailman/listinfo/splint-discuss From DENNIS.J.LINSE at saic.com Mon Sep 8 13:35:05 2003 From: DENNIS.J.LINSE at saic.com (Dennis J. Linse) Date: Wed Mar 22 17:10:14 2006 Subject: [splint-discuss] My favorite "missing" lint feature In-Reply-To: <20030908160017.21601.81815.Mailman@atlas.cs.Virginia.EDU> Message-ID: <5.2.1.1.2.20030908132151.00abd7b8@pax-atsg-exs02.mail.saic.com> I am familiar with the Unused Declarations features. That's not what I'm missing from lint. I'm missing the "set but not used" feature. Here's an example: int main() { int i; int j; i = 1; return 0; } MACOSX$ splint yy.c >Splint 3.1.1 --- 23 Jun 2003 > >yy.c: (in function main) >yy.c:4:8: Variable j declared but not used > A variable is declared but never used. Use /*@unused@*/ in front of > declaration to suppress message. (Use -varuse to inhibit warning) > >Finished checking --- 1 code warning IRIS$ lint yy.c >variable unused in function > (4) j in main > >set but not used in function > (3) i in main This second warning from lint is extremely helpful as it is often an indication of a subtle bug. Why did I set i to 1, but not use it? Did I mean to do that? There are several reasons that I might set a variable and not use it. Many of them are indications that else something may be wrong: 1) I mistakenly used the wrong variable later in a function call: for example l instead of i. 2) I deleted code that previously used the variable. Did I do it correctly? 3) I'm recording the return/status of a function, but never evaluate the return value. a) always check the return value! b) why store if you aren't going to check? 4) I'm using the assignment for a side effect only. Is this good, secure programming? Notice that this warning is only for local variables, not globals. Thanks for you for your suggestion though. Dennis ================ >Subject: Re: [splint-discuss] My favorite "missing" lint feature >From: Marco.Giromini@marconiselenia.com >Date: Mon, 8 Sep 2003 10:54:21 +0200 > >I think you should look in the UserManual ( 13.1 Unused Declarations) > > +constuse +fcnuse +paramuse +varuse +typeuse +enummemuse +fielduse > Splint detects constants, functions, parameters, variables, types, > enumerator members, and structure or union fields that are declared but > never used. > -unused-special > Declaration in a special file (corresponding to .l or .y file) is > unused. > >"Dennis J. Linse" @cs.virginia.edu on 08/25/2003 >04:56:13 AM >Subject: [splint-discuss] My favorite "missing" lint feature > > >We've just moved to a Mac OS X platform from an SGI where we used lint and >splint both to "diagnose" our code because there was one feature that lint >had that splint doesn't: > > Variable i set but not used. > >Mac OS X doesn't include lint, and I've not been able to convince gcc to >show me this as a warning/error with any argument (as a pseudo-lint). > >Is the equivalent somewhere in splint that I've missed? It is extremely >useful as it is often an indication of incorrect code nearby: the variable >was set, but not used in a following equation or function. Dennis J. Linse, Aerospace Engineer Science Applications International Corporation +1-301-866-6706, +1-301-863-0299 (fax) From Marco.Giromini at marconiselenia.com Tue Sep 9 11:05:07 2003 From: Marco.Giromini at marconiselenia.com (Marco.Giromini@marconiselenia.com) Date: Wed Mar 22 17:10:14 2006 Subject: [splint-discuss] My favorite "missing" lint feature Message-ID: Sorry, I misunderstood. I perfectly agree with you. It is also detailed inside Annex I Common warning in ISO/IEC 9899:1999 ("An object is defined but not used"). Giromini "Dennis J. Linse" @cs.virginia.edu on 09/08/2003 07:35:05 PM Please respond to splint-discuss@cs.virginia.edu Sent by: splint-discuss-admin@cs.virginia.edu To: splint-discuss@cs.virginia.edu cc: Subject: Re: [splint-discuss] My favorite "missing" lint feature I am familiar with the Unused Declarations features. That's not what I'm missing from lint. I'm missing the "set but not used" feature. Here's an example: int main() { int i; int j; i = 1; return 0; } MACOSX$ splint yy.c >Splint 3.1.1 --- 23 Jun 2003 > >yy.c: (in function main) >yy.c:4:8: Variable j declared but not used > A variable is declared but never used. Use /*@unused@*/ in front of > declaration to suppress message. (Use -varuse to inhibit warning) > >Finished checking --- 1 code warning IRIS$ lint yy.c >variable unused in function > (4) j in main > >set but not used in function > (3) i in main This second warning from lint is extremely helpful as it is often an indication of a subtle bug. Why did I set i to 1, but not use it? Did I mean to do that? There are several reasons that I might set a variable and not use it. Many of them are indications that else something may be wrong: 1) I mistakenly used the wrong variable later in a function call: for example l instead of i. 2) I deleted code that previously used the variable. Did I do it correctly? 3) I'm recording the return/status of a function, but never evaluate the return value. a) always check the return value! b) why store if you aren't going to check? 4) I'm using the assignment for a side effect only. Is this good, secure programming? Notice that this warning is only for local variables, not globals. Thanks for you for your suggestion though. Dennis ================ >Subject: Re: [splint-discuss] My favorite "missing" lint feature >From: Marco.Giromini@marconiselenia.com >Date: Mon, 8 Sep 2003 10:54:21 +0200 > >I think you should look in the UserManual ( 13.1 Unused Declarations) > > +constuse +fcnuse +paramuse +varuse +typeuse +enummemuse +fielduse > Splint detects constants, functions, parameters, variables, types, > enumerator members, and structure or union fields that are declared but > never used. > -unused-special > Declaration in a special file (corresponding to .l or .y file) is > unused. > >"Dennis J. Linse" @cs.virginia.edu on 08/25/2003 >04:56:13 AM >Subject: [splint-discuss] My favorite "missing" lint feature > > >We've just moved to a Mac OS X platform from an SGI where we used lint and >splint both to "diagnose" our code because there was one feature that lint >had that splint doesn't: > > Variable i set but not used. > >Mac OS X doesn't include lint, and I've not been able to convince gcc to >show me this as a warning/error with any argument (as a pseudo-lint). > >Is the equivalent somewhere in splint that I've missed? It is extremely >useful as it is often an indication of incorrect code nearby: the variable >was set, but not used in a following equation or function. Dennis J. Linse, Aerospace Engineer Science Applications International Corporation +1-301-866-6706, +1-301-863-0299 (fax) _______________________________________________ splint-discuss mailing list splint-discuss@cs.virginia.edu http://www.splint.org/mailman/listinfo/splint-discuss From john.carter at tait.co.nz Wed Sep 10 23:25:57 2003 From: john.carter at tait.co.nz (John Carter) Date: Wed Mar 22 17:10:14 2006 Subject: [splint-discuss] Detecting lossy int conversions. Message-ID: How do you convince splint to detect only lossy implicit int conversions? For example.... int i32 = 70000; short i16 = i32; // Danger! Lossy conversion splint please flag me! int j32 = i16; // Different type, but that's OK. C copes just fine with // the widening conversion. Thanks, John Carter Phone : (64)(3) 358 6639 Tait Electronics Fax : (64)(3) 359 4632 PO Box 1645 Christchurch Email : john.carter@tait.co.nz New Zealand A Million Monkeys can inflict worse things than just Shakespeare on your system. From herbert at the-little-red-haired-girl.org Thu Sep 11 08:53:00 2003 From: herbert at the-little-red-haired-girl.org (Martin Dietze) Date: Wed Mar 22 17:10:14 2006 Subject: [splint-discuss] Splint 3.1.1 for OS/2 available Message-ID: <20030911125300.GA18396@fh-wedel.de> It has taken me a while to find some time to do it, now it's finished. You can download the result at: http://www.fh-wedel.de/pub/fh-wedel/staff/di/splint/00-index.html Cheers, Herbert -- Dipl.Ing. Martin "Herbert" Dietze - / -- di@fh-wedel.de --------------------- ----- Fachhochschule Wedel ------- / -- martin@the-little-red-haired-girl.org ------------- / http://herbert.the-little-red-haired-girl.org / ------------- =+= This parrot is no more. From martin at the-little-red-haired-girl.org Thu Sep 11 08:28:45 2003 From: martin at the-little-red-haired-girl.org (Martin Herbert Dietze) Date: Wed Mar 22 17:10:14 2006 Subject: [splint-discuss] Splint 3.1.1 for OS/2 available Message-ID: <20030911122845.GA16517@fh-wedel.de> It has taken me a while to find some time to do it, now it's finished. You can download the result at: http://www.fh-wedel.de/pub/fh-wedel/staff/di/splint/00-index.html Cheers, Herbert -- Dipl.Ing. Martin "Herbert" Dietze - / -- di@fh-wedel.de --------------------- ----- Fachhochschule Wedel ------- / -- martin@the-little-red-haired-girl.org ------------- / http://herbert.the-little-red-haired-girl.org / ------------- =+= This parrot is no more. From eberger at cygnacom.com Thu Sep 11 11:30:11 2003 From: eberger at cygnacom.com (Elise Berger) Date: Wed Mar 22 17:10:14 2006 Subject: [splint-discuss] formatconst example? Message-ID: <59EA87B07385D611A32D00D0B7695397060F79@scygmxs01.cygnacom.com> I am trying to understand what exactly the formatconst flag does. The splint manual has the following text: A simpler way to detect format vulnerabilities is to warn for any format string that is unknown at compile time. Splint provides this checking, issuing a warning if the +formatconst flag is set and finds any unknown format strings at compile time. This can produce spurious messages, however, because there might be unknown format strings that are not vulnerable to hostile input. What is meant by "a format string unknown at compile time?" Does this refer to a format specifier? Can anyone provide an example? Any information on the above would be much appreciated. thanks. Elise T. Berger Senior Security Engineer CygnaCom Solutions, Inc. an Entrust company Phone: 703-270-3511 Fax: 703-848-0960 http://www.cygnacom.com eberger@cygnacom.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.cs.Virginia.EDU/pipermail/splint-discuss/attachments/20030911/afd3d8cc/attachment.htm From eberger at cygnacom.com Thu Sep 11 11:36:49 2003 From: eberger at cygnacom.com (Elise Berger) Date: Wed Mar 22 17:10:14 2006 Subject: [splint-discuss] checkglobalias flag question Message-ID: <59EA87B07385D611A32D00D0B7695397060F7A@scygmxs01.cygnacom.com> I am trying to understand what the following group of flags do. I have checked the manual & online help which gives the info below. However, can anyone provide any more explanation as to what these flags do & perhaps examples? checkedglobalias - A global variable aliases externally-visible state when the function returns. checkmodglobalias- A global variable aliases externally-visible state when the function returns. [ Function returns with a checkmod global aliasing external state. ] checkstrictglobalias- Function returns with a checkstrict global aliasing external state. A global variable aliases externally-visible state when the function returns. checkstrictglobs -Report use and modification errors for checkedstrict globals. Any additional info would be helpful. thanks. Elise T. Berger Senior Security Engineer CygnaCom Solutions, Inc. an Entrust company Phone: 703-270-3511 Fax: 703-848-0960 http://www.cygnacom.com eberger@cygnacom.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.cs.Virginia.EDU/pipermail/splint-discuss/attachments/20030911/e4679985/attachment.htm From evans at cs.virginia.edu Thu Sep 11 12:23:16 2003 From: evans at cs.virginia.edu (David Evans) Date: Wed Mar 22 17:10:14 2006 Subject: [splint-discuss] formatconst example? In-Reply-To: <59EA87B07385D611A32D00D0B7695397060F79@scygmxs01.cygnacom.com> References: <59EA87B07385D611A32D00D0B7695397060F79@scygmxs01.cygnacom.com> Message-ID: Hi Elise, It means that splint cannot determine what the format string is, so it cannot check the parameters. Here's an example: void formatString (char *s) { printf (s, 3); } Splint reports, format.c: (in function formatString) format.c:2:3: Format string parameter to printf is not a compile-time constant: s Format parameter is not known at compile-time. This can lead to security vulnerabilities because the arguments cannot be type checked. (Use -formatconst to inhibit warning) See our IEEE Software paper for more on this: http://www.cs.virginia.edu/~evans/pubs/ieeesoftware-abstract.html --- Dave On Thu, 11 Sep 2003, Elise Berger wrote: > I am trying to understand what exactly the formatconst flag does. The splint > manual has the following text: > > A simpler way to detect format vulnerabilities is to warn for any format > string that > is unknown at compile time. Splint provides this checking, issuing a warning > if the +formatconst > flag is set and finds any unknown format strings at compile time. This can > produce spurious > messages, however, because there might be unknown format strings that are > not vulnerable to > hostile input. > > What is meant by "a format string unknown at compile time?" Does this refer > to a format specifier? Can anyone provide an example? > Any information on the above would be much appreciated. > thanks. > > > Elise T. Berger > Senior Security Engineer > CygnaCom Solutions, Inc. > an Entrust company > Phone: 703-270-3511 Fax: 703-848-0960 > http://www.cygnacom.com > eberger@cygnacom.com > > > > From austin_hastings at yahoo.com Thu Sep 11 15:14:08 2003 From: austin_hastings at yahoo.com (Austin Hastings) Date: Wed Mar 22 17:10:14 2006 Subject: [splint-discuss] formatconst example? In-Reply-To: <59EA87B07385D611A32D00D0B7695397060F79@scygmxs01.cygnacom.com> Message-ID: <20030911191408.22227.qmail@web12303.mail.yahoo.com> Elise, void foo(const char * format, int value) { /* Format string not known at compile time. */ printf(format, value); } =Austin --- Elise Berger wrote: > I am trying to understand what exactly the formatconst flag does. The > splint > manual has the following text: > > A simpler way to detect format vulnerabilities is to warn for any > format > string that > is unknown at compile time. Splint provides this checking, issuing a > warning > if the +formatconst > flag is set and finds any unknown format strings at compile time. > This can > produce spurious > messages, however, because there might be unknown format strings that > are > not vulnerable to > hostile input. > > What is meant by "a format string unknown at compile time?" Does this > refer > to a format specifier? Can anyone provide an example? > Any information on the above would be much appreciated. > thanks. > > > Elise T. Berger > Senior Security Engineer > CygnaCom Solutions, Inc. > an Entrust company > Phone: 703-270-3511 Fax: 703-848-0960 > http://www.cygnacom.com > eberger@cygnacom.com > > > > From austin_hastings at yahoo.com Thu Sep 11 15:15:44 2003 From: austin_hastings at yahoo.com (Austin Hastings) Date: Wed Mar 22 17:10:14 2006 Subject: [splint-discuss] checkglobalias flag question In-Reply-To: <59EA87B07385D611A32D00D0B7695397060F7A@scygmxs01.cygnacom.com> Message-ID: <20030911191544.46714.qmail@web12308.mail.yahoo.com> "Aliasing" refers to providing an alternative route to the same data. extern int foo = 0; extern int * pfoo = &foo; In this context, pfoo provides an alias for foo. =Austin --- Elise Berger wrote: > I am trying to understand what the following group of flags do. I > have > checked the manual & online help which gives the info below. However, > can > anyone provide any more explanation as to what these flags do & > perhaps > examples? > > checkedglobalias - A global variable aliases externally-visible > state when > the function returns. > checkmodglobalias- A global variable aliases externally-visible > state when > the function returns. [ Function returns > with a checkmod global aliasing > external > state. ] > checkstrictglobalias- Function returns with a checkstrict global > aliasing > external state. A global variable aliases > externally-visible state when the > function > returns. > checkstrictglobs -Report use and modification errors for > checkedstrict > globals. > > Any additional info would be helpful. > thanks. > > > Elise T. Berger > Senior Security Engineer > CygnaCom Solutions, Inc. > an Entrust company > Phone: 703-270-3511 Fax: 703-848-0960 > http://www.cygnacom.com > eberger@cygnacom.com > > > > From khindenburg at cherrynebula.net Sat Sep 13 23:55:31 2003 From: khindenburg at cherrynebula.net (Kurt V. Hindenburg) Date: Wed Mar 22 17:10:14 2006 Subject: [splint-discuss] glib parse errors Message-ID: <200309132255.37120.khindenburg@cherrynebula.net> I'm not really sure this is a splint problem, but I notice splint can't parse some glib2.0 headers. It is irrating to have to comment these lines out just to use splint. Here's the lines splint can't parse in /usr/include/glib-2.0/glib/gmessages.h : #ifdef G_HAVE_ISO_VARARGS #define g_error(...) g_log (G_LOG_DOMAIN, \ G_LOG_LEVEL_ERROR, \ __VA_ARGS__) #define g_message(...) g_log (G_LOG_DOMAIN, \ G_LOG_LEVEL_MESSAGE, \ __VA_ARGS__) /* line 116 */ #define g_critical(...) g_log (G_LOG_DOMAIN, \ G_LOG_LEVEL_CRITICAL, \ __VA_ARGS__) #define g_warning(...) g_log (G_LOG_DOMAIN, \ G_LOG_LEVEL_WARNING, \ __VA_ARGS__) In file included from usr/include/glib-2.0/glib.h:50, from usr/include/gtk-2.0/gdk/gdktypes.h:32, from usr/include/gtk-2.0/gdk/gdkcolor.h:4, from usr/include/gtk-2.0/gdk/gdk.h:30, from usr/include/gtk-2.0/gtk/gtk.h:31, from usr/include/gkrellm2/gkrellm.h:30, from gkrellsun.c:10 usr/include/glib-2.0/glib/gmessages.h:116:44: invalid character in macro parameter name usr/include/glib-2.0/glib/gmessages.h:116:44: Parameter list for #define is not parseable usr/include/glib-2.0/glib/gmessages.h:119:44: invalid character in macro parameter name usr/include/glib-2.0/glib/gmessages.h:119:44: Parameter list for #define is not parseable usr/include/glib-2.0/glib/gmessages.h:122:44: invalid character in macro parameter name usr/include/glib-2.0/glib/gmessages.h:122:44: Parameter list for #define is not parseable usr/include/glib-2.0/glib/gmessages.h:125:44: invalid character in macro parameter name usr/include/glib-2.0/glib/gmessages.h:125:44: Parameter list for #define is not parseable -- ^^^ Kurt There is no good nor evil, just power. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: signature Url : http://www.cs.Virginia.EDU/pipermail/splint-discuss/attachments/20030913/d6fa2c76/attachment.bin From evans at cs.virginia.edu Sun Sep 14 20:04:45 2003 From: evans at cs.virginia.edu (David Evans) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] glib parse errors In-Reply-To: <200309132255.37120.khindenburg@cherrynebula.net> References: <200309132255.37120.khindenburg@cherrynebula.net> Message-ID: Splint isn't able to parse macros with (...) parameters. G_HAVE_ISO_VARARGS should not be defined so these macros are not processed. Running splint on a file that just contains #include works okay for me. Perhaps one of the other include files is defining G_HAVE_ISO_VARARGS? --- Dave On Sat, 13 Sep 2003, Kurt V. Hindenburg wrote: > I'm not really sure this is a splint problem, but I notice splint > can't parse some glib2.0 headers. It is irrating to have to comment > these lines out just to use splint. > > Here's the lines splint can't parse in > /usr/include/glib-2.0/glib/gmessages.h : > > #ifdef G_HAVE_ISO_VARARGS > #define g_error(...) g_log (G_LOG_DOMAIN, \ > G_LOG_LEVEL_ERROR, \ > __VA_ARGS__) > #define g_message(...) g_log (G_LOG_DOMAIN, \ > G_LOG_LEVEL_MESSAGE, \ > __VA_ARGS__) /* line 116 */ > #define g_critical(...) g_log (G_LOG_DOMAIN, \ > G_LOG_LEVEL_CRITICAL, \ > __VA_ARGS__) > #define g_warning(...) g_log (G_LOG_DOMAIN, \ > G_LOG_LEVEL_WARNING, \ > __VA_ARGS__) > > In file included from usr/include/glib-2.0/glib.h:50, > from usr/include/gtk-2.0/gdk/gdktypes.h:32, > from usr/include/gtk-2.0/gdk/gdkcolor.h:4, > from usr/include/gtk-2.0/gdk/gdk.h:30, > from usr/include/gtk-2.0/gtk/gtk.h:31, > from usr/include/gkrellm2/gkrellm.h:30, > from gkrellsun.c:10 > usr/include/glib-2.0/glib/gmessages.h:116:44: invalid character in > macro parameter name > usr/include/glib-2.0/glib/gmessages.h:116:44: Parameter list for > #define is not parseable > usr/include/glib-2.0/glib/gmessages.h:119:44: invalid character in > macro parameter name > usr/include/glib-2.0/glib/gmessages.h:119:44: Parameter list for > #define is not parseable > usr/include/glib-2.0/glib/gmessages.h:122:44: invalid character in > macro parameter name > usr/include/glib-2.0/glib/gmessages.h:122:44: Parameter list for > #define is not parseable > usr/include/glib-2.0/glib/gmessages.h:125:44: invalid character in > macro parameter name > usr/include/glib-2.0/glib/gmessages.h:125:44: Parameter list for > #define is not parseable > > -- > ^^^ Kurt > > There is no good nor evil, just power. > From Marco.Giromini at marconiselenia.com Mon Sep 15 05:31:10 2003 From: Marco.Giromini at marconiselenia.com (Marco.Giromini@marconiselenia.com) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] Detecting lossy int conversions. Message-ID: I try to give you an answer: You may use +relax-quals to filter conversions from a smaller type to a larger one "Report qualifier mismatches only if dangerous (information may be lost since a larger type is assigned to (or passed as) a smaller one or a comparison uses signed and unsigned values.)" You may also use +ignore-signs if you need to filter conversions between unsigned and signed "Ignore signs in type comparisons (unsigned matches signed)." I also add a question: I'd like to filter conversions from a number to a variable, still detecting conversions from a variable to a variable. Anyway, I was not able to do it. Could you help me ? For example: unsigned char f = 0x01; // Spling gives me: Variable f initialized to type int, expects unsigned char: 0x01 I know it is not correct (it lacks an explicit cast), anyway for legacy code it is less serious than: int j32 = i16; Thanks Marco Giromini OTE S.p.A. - A Finmeccanica Company voice: +39-050-3132.473 e-mail: Marco.Giromini@marconiselenia.com John Carter @cs.virginia.edu on 09/11/2003 05:25:57 AM Please respond to splint-discuss@cs.virginia.edu Sent by: splint-discuss-admin@cs.virginia.edu To: splint-discuss@cs.virginia.edu cc: Subject: [splint-discuss] Detecting lossy int conversions. How do you convince splint to detect only lossy implicit int conversions? For example.... int i32 = 70000; short i16 = i32; // Danger! Lossy conversion splint please flag me! int j32 = i16; // Different type, but that's OK. C copes just fine with // the widening conversion. Thanks, John Carter Phone : (64)(3) 358 6639 Tait Electronics Fax : (64)(3) 359 4632 PO Box 1645 Christchurch Email : john.carter@tait.co.nz New Zealand A Million Monkeys can inflict worse things than just Shakespeare on your system. _______________________________________________ splint-discuss mailing list splint-discuss@cs.virginia.edu http://www.splint.org/mailman/listinfo/splint-discuss From eberger at cygnacom.com Mon Sep 15 15:05:26 2003 From: eberger at cygnacom.com (Elise Berger) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] newreftrans flag Message-ID: <59EA87B07385D611A32D00D0B7695397060F81@scygmxs01.cygnacom.com> I am trying to understand what the "newreftrans" flag does. The manual & online help have the following cryptic information: A new reference transferred to a reference counted reference (reference count is not set correctly). Can anyone provide an explanation of the above and/or an example? Any information on the above would be much appreciated. thanks in advance. Elise T. Berger Senior Security Engineer CygnaCom Solutions, Inc. an Entrust company Phone: 703-270-3511 Fax: 703-848-0960 http://www.cygnacom.com eberger@cygnacom.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.cs.Virginia.EDU/pipermail/splint-discuss/attachments/20030915/851acd72/attachment.htm From kost at imn.htwk-leipzig.de Tue Sep 16 10:28:24 2003 From: kost at imn.htwk-leipzig.de (Stefan Kost) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] parser error Message-ID: <3F671E08.6000207@imn.htwk-leipzig.de> hi hi, I am just doing my first steps with split and I am getting parser errors, e.g. for expressions as such : snprintf(plugin_name,FILENAME_MAX,LIBDIR""G_DIR_SEPARATOR_S"libgitk-renderer-%s.so",gitk_renderer_name); I invoke splint with -DLIBDIR="lib" and so on and it seems to me that splint parser not concatenates string constants. Any ideas? I am using Splint 3.1.1 --- 16 Sep 2003 Stefan -- \|/ Stefan Kost <@ @> private business +-oOO-(_)-OOo------------------------------------------------------ - - - - - | __ Address Simildenstr. 5 HTWK Leipzig, Fb IMN, Postfach 301166 | /// 04277 Leipzig 04277 Leipzig | __ /// Germany Germany | \\\/// Phone +49341 2253538 +49341 30766101 | \__/ EMail st_kost_at_gmx.net kost_at_imn.htwk-leipzig.de | WWW www.sonicpulse.de www.imn.htwk-leipzig.de/~kost/about.html ===-=-=--=---=---------------------------------- - - - - - From kost at imn.htwk-leipzig.de Wed Sep 17 08:52:40 2003 From: kost at imn.htwk-leipzig.de (Stefan Kost) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] is splint aware of typedefs? Message-ID: <3F685918.2050500@imn.htwk-leipzig.de> a quickie - when I use e.g. typedef unsigned char u_char; is splint aware of that. I've read about fixing things like this with supplying -Du_char=unsigned\ char but that wont work for e.g. char * And if splint is aware of typedef in this meaning, please add a comment about it to the manual in chapter "4 Types" (page 19). Many thanks, Stefan -- \|/ Stefan Kost <@ @> private business +-oOO-(_)-OOo------------------------------------------------------ - - - - - | __ Address Simildenstr. 5 HTWK Leipzig, Fb IMN, Postfach 301166 | /// 04277 Leipzig 04277 Leipzig | __ /// Germany Germany | \\\/// Phone +49341 2253538 +49341 30766101 | \__/ EMail st_kost_at_gmx.net kost_at_imn.htwk-leipzig.de | WWW www.sonicpulse.de www.imn.htwk-leipzig.de/~kost/about.html ===-=-=--=---=---------------------------------- - - - - - From roland at roland-illig.de Fri Sep 19 05:32:09 2003 From: roland at roland-illig.de (Roland Illig) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] parser errors Message-ID: <20030919093208.GA1742@informatik.uni-hamburg.de> Hi, sometimes splint gives me the impression it is not written with a nice user interface in mind. The situation is whenever a `parse error' is detected. There is just the message `parse error', nothing else. I would like splint to output the current line of the error, and the token at which the parse error occured. That could help in identifying it more quickly. Another hint would be what kind of tokens splint expected in this situation. (That would be great.) Roland From modjaji at cogeco.ca Fri Sep 19 22:43:11 2003 From: modjaji at cogeco.ca (Modjaji) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] Parse Errors from a file in system directory Message-ID: Hi, I have set a system directory with -sysdirs, but I am still getting a parse error from a file in that directory. I have tried -sysdirerrors but SPLINT reports that is redundant. Can anyone suggest what is wrong here? Thanks Dominique From roland at roland-illig.de Fri Sep 19 05:17:28 2003 From: roland at roland-illig.de (Roland Illig) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] parser error In-Reply-To: <3F671E08.6000207@imn.htwk-leipzig.de> References: <3F671E08.6000207@imn.htwk-leipzig.de> Message-ID: <20030919091728.GB1432@informatik.uni-hamburg.de> On Tue, Sep 16, 2003 at 04:28:24PM +0200, Stefan Kost wrote: > I invoke splint with -DLIBDIR="lib" and so on and it seems to me that splint > parser not concatenates string constants. Well, if you type -DLIBDIR="lib" in a shell, the quotes will be removed. You should write splint -DLIBDIR=\"lib\" and it will probably work. Roland From matthias.hawran at trialog.com Wed Sep 24 11:24:17 2003 From: matthias.hawran at trialog.com (Matthias Hawran) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] Tolerance for compiler extensions In-Reply-To: <3E1D5958.31823.A46211@localhost> References: <3E1D5958.31823.A46211@localhost> Message-ID: <3F71B721.7050300@trialog.com> Hi everybody, I'm new to this list... I'm digging this old thread, but... Oliver Betz wrote: >[...] > >and assembler blocks (#pragma asm/endasm) which are really bad for >the parser. > >I know how to hide these constucts from Splint but I would really >dislike it (see below). > I read the whole thread, but i didn't find / undestand what is your construct to hide (#pragma asm/endasm) from splint. As i'm developping with embedded software compilers, it's hard to avoid this construct. [...] thanks in advance Matthias From list_ob at gmx.net Wed Sep 24 12:20:04 2003 From: list_ob at gmx.net (Oliver Betz) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] Tolerance for compiler extensions In-Reply-To: <3F71B721.7050300@trialog.com> References: <3E1D5958.31823.A46211@localhost> Message-ID: <3F71E054.19230.249E53D@localhost> Matthias Hawran wrote: [I wrote some time ago] > >and assembler blocks (#pragma asm/endasm) which are really bad for > >the parser. > > > >I know how to hide these constucts from Splint but I would really > >dislike it (see below). > > > > I read the whole thread, but i didn't find / undestand what is your > construct to hide (#pragma asm/endasm) from splint. As i'm developping > with embedded software compilers, it's hard to avoid this construct. You have to put it in separate files and #include it :-( since the Splint parser doesn't survive the asm code. To avoid trouble with nonstandard "embedded constructs", I strongly suggest to consider buying PC-Lint from Gimpel. It's not free (210EUR at www.kessler.de) but saves _much_ more time than it costs (if your work time counts)! You might search also for other messages about PC- Lint in this mailing list. Read the PC-Lint manual and you will find that Gimpel also doesn't love the embedded extensions ("Compiler writers have shown no dearth of creativity in their invention of new syntax" - ROFL), but is realistic enough to accept them instead of fighting against them. You also might be confronted with the MISRA rules - PC-Lints checks most of them (as long as static code check is able to test the rule). Some of them are reasonable even if you are not forced to apply them. Oliver -- Oliver Betz, Muenchen From matthias.hawran at trialog.com Thu Sep 25 05:39:12 2003 From: matthias.hawran at trialog.com (Matthias Hawran) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] Tolerance for compiler extensions In-Reply-To: <3F71E054.19230.249E53D@localhost> References: <3E1D5958.31823.A46211@localhost> <3F71E054.19230.249E53D@localhost> Message-ID: <3F72B7C0.6060803@trialog.com> Hi Oliver Thanks for your quick answer... Well the embedded code is in existing code I don't "really" want to modify. Anyway, yes I was also looking into pc-lint (as suggested by other people). Thanks Matthias Oliver Betz wrote: >Matthias Hawran wrote: > >[I wrote some time ago] > > > >>>and assembler blocks (#pragma asm/endasm) which are really bad for >>>the parser. >>> >>>I know how to hide these constucts from Splint but I would really >>>dislike it (see below). >>> >>> >>> >>I read the whole thread, but i didn't find / undestand what is your >>construct to hide (#pragma asm/endasm) from splint. As i'm developping >>with embedded software compilers, it's hard to avoid this construct. >> >> > >You have to put it in separate files and #include it :-( since the >Splint parser doesn't survive the asm code. > >To avoid trouble with nonstandard "embedded constructs", I strongly >suggest to consider buying PC-Lint from Gimpel. It's not free (210EUR >at www.kessler.de) but saves _much_ more time than it costs (if your >work time counts)! You might search also for other messages about PC- >Lint in this mailing list. > >Read the PC-Lint manual and you will find that Gimpel also doesn't >love the embedded extensions ("Compiler writers have shown no dearth >of creativity in their invention of new syntax" - ROFL), but is >realistic enough to accept them instead of fighting against them. > >You also might be confronted with the MISRA rules - PC-Lints checks >most of them (as long as static code check is able to test the rule). >Some of them are reasonable even if you are not forced to apply them. > >Oliver > > From Simon.Hosie at connexionz.co.nz Thu Sep 25 23:26:18 2003 From: Simon.Hosie at connexionz.co.nz (Simon Hosie) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] Tolerance for compiler extensions Message-ID: Matthias Hawran: > [...] > I read the whole thread, but i didn't find / undestand what is your > construct to hide (#pragma asm/endasm) from splint. As i'm developping > with embedded software compilers, it's hard to avoid this construct. I think the first thing you should do is try to get the compiler fixed. Pragma attempts to make compiler extensions portable, but switching between languages using it won't make sense to other compilers so it's no use, _and_ it breaks any chance (pre-C99) you have of preprocessing the offending code away. You may as well have something that will give a nice clean syntax error without any pretense. There are ways of implementing inline assembly that make it much easier to port the code. Of the implementations I've seen, I like Watcom the most. You could use a pragma to define a macro-like block of assembly that would be put inline where the name of the function was used. gcc's system works, too. _______________________________________ Connexionz Ltd Simon Hosie Simon.Hosie@connexionz.co.nz __________________________________________________ New Zealand Office Building 2,Level 1,1 Show Place Christchurch Office: +64 33394536 Fax: +64 33394537 http://www.connexionz.co.nz United Kingdom Office Regus House, Fairbourne Drive, Atterbury -Milton Keyes MK10 9RG Phone : 02890 577 774 The information in this email (including attachments) is confidential and may be legally privileged. If an addressing or transmission error has misdirected this email, please notify the author by replying to this email and destroy the message. If you are not the intended recipient, any use, disclosure, copying or distribution is prohibited and may be unlawful From Marco.Giromini at marconiselenia.com Fri Sep 26 06:39:51 2003 From: Marco.Giromini at marconiselenia.com (Marco.Giromini@marconiselenia.com) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] Very strict cast checking Message-ID: Some sort of compatibility rules should be useful for integer constants v.s. other predefined types. This is particularly true for the "char" predefined type. For other types the following suffix could be used (but not for legacy code): unsigned-suffix: one of u U long-suffix: one of l L long-long-suffix: one of ll LL For instance, in: int x; char y; y=x; /* flag this */ x=1; /* don't flag this */ y=2; /* don't flag this */ Anyway I get: Assignment of int to char: y=2 To make char and int types equivalent, use +charint But I don't want to use +charint, otherwise I would loose the warning for y=x; Could anyone help me please ? Marco Giromini ---------------------- Forwarded by Marco Giromini/MAIN/MC1 on 09/26/2003 12:04 PM --------------------------- Derek M Jones @cs.virginia.edu on 08/21/2003 08:50:42 PM Please respond to splint-discuss@cs.virginia.edu Sent by: splint-discuss-admin@cs.virginia.edu To: splint-discuss@cs.virginia.edu cc: Subject: Re: [splint-discuss] Very strict cast checking ... However, simply treating typedef names as distinct types is too simplistic. Some sort of compatibility rules have to be worked out for integer constants. For instance, in: typedef int MY_INT; int x; MY_INT y; x+y; /* flag this */ x+1; /* don't flag this */ y+1; /* don't flag this */ From kost at imn.htwk-leipzig.de Fri Sep 26 08:28:01 2003 From: kost at imn.htwk-leipzig.de (Stefan Kost) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] Very strict cast checking In-Reply-To: References: Message-ID: <3F7430D1.1020908@imn.htwk-leipzig.de> hi, all I can think of is to do y='\002'; ... its really a pitty that there is no such thing as 'tiny int'. Stefan Marco.Giromini@marconiselenia.com wrote: > Some sort of compatibility rules should be useful for integer constants > v.s. other predefined types. > This is particularly true for the "char" predefined type. > For other types the following suffix could be used (but not for legacy > code): > unsigned-suffix: one of u U > long-suffix: one of l L > long-long-suffix: one of ll LL > > For instance, in: > int x; > char y; > y=x; /* flag this */ > x=1; /* don't flag this */ > y=2; /* don't flag this */ > > Anyway I get: > Assignment of int to char: y=2 > To make char and int types equivalent, use +charint > > But I don't want to use +charint, otherwise I would loose the warning for y=x; > > Could anyone help me please ? > Marco Giromini > > ---------------------- Forwarded by Marco Giromini/MAIN/MC1 on 09/26/2003 > 12:04 PM --------------------------- > > Derek M Jones @cs.virginia.edu on 08/21/2003 08:50:42 > PM > > Please respond to splint-discuss@cs.virginia.edu > > Sent by: splint-discuss-admin@cs.virginia.edu > > > To: splint-discuss@cs.virginia.edu > cc: > > Subject: Re: [splint-discuss] Very strict cast checking > > ... > > However, simply treating typedef names as distinct types is too > simplistic. Some sort of compatibility rules have to be worked out for > integer constants. For instance, in: > > typedef int MY_INT; > int x; > MY_INT y; > > x+y; /* flag this */ > x+1; /* don't flag this */ > y+1; /* don't flag this */ > > > > _______________________________________________ > splint-discuss mailing list > splint-discuss@cs.virginia.edu > http://www.splint.org/mailman/listinfo/splint-discuss > -- \|/ Stefan Kost <@ @> private business +-oOO-(_)-OOo------------------------------------------------------ - - - - - | __ Address Simildenstr. 5 HTWK Leipzig, Fb IMN, Postfach 301166 | /// 04277 Leipzig 04277 Leipzig | __ /// Germany Germany | \\\/// Phone +49341 2253538 +49341 30766101 | \__/ EMail st_kost_at_gmx.net kost_at_imn.htwk-leipzig.de | WWW www.sonicpulse.de www.imn.htwk-leipzig.de/~kost/about.html ===-=-=--=---=---------------------------------- - - - - - From austin_hastings at yahoo.com Fri Sep 26 11:57:11 2003 From: austin_hastings at yahoo.com (Austin Hastings) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] Very strict cast checking In-Reply-To: Message-ID: <20030926155711.17908.qmail@web12304.mail.yahoo.com> Can't you just say y = (char)2; And be done? =Austin --- Marco.Giromini@marconiselenia.com wrote: > Some sort of compatibility rules should be useful for integer > constants > v.s. other predefined types. > This is particularly true for the "char" predefined type. > For other types the following suffix could be used (but not for > legacy > code): > unsigned-suffix: one of u U > long-suffix: one of l L > long-long-suffix: one of ll LL > > For instance, in: > int x; > char y; > y=x; /* flag this */ > x=1; /* don't flag this */ > y=2; /* don't flag this */ > > Anyway I get: > Assignment of int to char: y=2 > To make char and int types equivalent, use +charint > > But I don't want to use +charint, otherwise I would loose the warning > for y=x; > > Could anyone help me please ? > Marco Giromini > > ---------------------- Forwarded by Marco Giromini/MAIN/MC1 on > 09/26/2003 > 12:04 PM --------------------------- > > Derek M Jones @cs.virginia.edu on 08/21/2003 > 08:50:42 > PM > > Please respond to splint-discuss@cs.virginia.edu > > Sent by: splint-discuss-admin@cs.virginia.edu > > > To: splint-discuss@cs.virginia.edu > cc: > > Subject: Re: [splint-discuss] Very strict cast checking > > ... > > However, simply treating typedef names as distinct types is too > simplistic. Some sort of compatibility rules have to be worked out > for > integer constants. For instance, in: > > typedef int MY_INT; > int x; > MY_INT y; > > x+y; /* flag this */ > x+1; /* don't flag this */ > y+1; /* don't flag this */ > > > > _______________________________________________ > splint-discuss mailing list > splint-discuss@cs.virginia.edu > http://www.splint.org/mailman/listinfo/splint-discuss From Marco.Giromini at marconiselenia.com Fri Sep 26 13:13:50 2003 From: Marco.Giromini at marconiselenia.com (Marco.Giromini@marconiselenia.com) Date: Wed Mar 22 17:10:15 2006 Subject: [splint-discuss] Very strict cast checking Message-ID: I obviously can. Anyway I don't like to receive such warning for legacy code, while I still want a warning for y=x; Regards Marco Giromini Can't you just say y = (char)2; And be done? =Austin --- Marco.Giromini@marconiselenia.com wrote: > Some sort of compatibility rules should be useful for integer > constants > v.s. other predefined types. > This is particularly true for the "char" predefined type. > For other types the following suffix could be used (but not for > legacy > code): > unsigned-suffix: one of u U > long-suffix: one of l L > long-long-suffix: one of ll LL > > For instance, in: > int x; > char y; > y=x; /* flag this */ > x=1; /* don't flag this */ > y=2; /* don't flag this */ > > Anyway I get: > Assignment of int to char: y=2 > To make char and int types equivalent, use +charint > > But I don't want to use +charint, otherwise I would loose the warning > for y=x; > > Could anyone help me please ? > Marco Giromini > > ---------------------- Forwarded by Marco Giromini/MAIN/MC1 on > 09/26/2003 > 12:04 PM --------------------------- > > Derek M Jones @cs.virginia.edu on 08/21/2003 > 08:50:42 > PM > > Please respond to splint-discuss@cs.virginia.edu > > Sent by: splint-discuss-admin@cs.virginia.edu > > > To: splint-discuss@cs.virginia.edu > cc: > > Subject: Re: [splint-discuss] Very strict cast checking > > ... > > However, simply treating typedef names as distinct types is too > simplistic. Some sort of compatibility rules have to be worked out > for > integer constants. For instance, in: > > typedef int MY_INT; > int x; > MY_INT y; > > x+y; /* flag this */ > x+1; /* don't flag this */ > y+1; /* don't flag this */ > > > > _______________________________________________ > splint-discuss mailing list > splint-discuss@cs.virginia.edu > http://www.splint.org/mailman/listinfo/splint-discuss _______________________________________________ splint-discuss mailing list splint-discuss@cs.virginia.edu http://www.splint.org/mailman/listinfo/splint-discuss From nayan22 at bolt.com Fri Sep 26 15:57:41 2003 From: nayan22 at bolt.com (Nayan ) Date: Wed Mar 22 17:10:16 2006 Subject: [splint-discuss] newbie question: parse error Message-ID: <20030926195741.28162.qmail@bolt.com> Hi, I am trying to run splint on GAIM code on Redhat 8 machine. I get parse error as shown below. inet.h is included from file internal.h. I have tried options given in help but they do not solve the probblem. Please help!! $ ../../../bin/splint +posixlib -posix-lib -I/usr/include/glib-2.0 -I/usr/include/gtk-2.0 -I../plugins/ -I/usr/include/pango-1.0/ -I/usr/include/wine/wine *.c Splint 3.1.1 --- 26 Sep 2003 /usr/include/arpa/inet.h:35:27: Parse Error. (For help on parse errors, see splint -help parseerrors.) *** Cannot continue. Thanks in advance. v# -- ______________________________________ Get your free email from www.bolt.com! Powered by Outblaze From roland.illig at gmx.de Fri Sep 26 21:27:31 2003 From: roland.illig at gmx.de (Roland Illig) Date: Wed Mar 22 17:10:16 2006 Subject: [splint-discuss] newbie question: parse error In-Reply-To: <20030926195741.28162.qmail@bolt.com> References: <20030926195741.28162.qmail@bolt.com> Message-ID: <20030927012730.GA3041@informatik.uni-hamburg.de> On Sat, Sep 27, 2003 at 03:57:41AM +0800, Nayan wrote: > Hi, > > I am trying to run splint on GAIM code on Redhat 8 machine. I get parse error as shown below. > inet.h is included from file internal.h. I have tried options given in help but they do not solve the probblem. > Please help!! > > $ ../../../bin/splint +posixlib -posix-lib -I/usr/include/glib-2.0 -I/usr/include/gtk-2.0 -I../plugins/ -I/usr/include/pango-1.0/ -I/usr/include/wine/wine *.c > Splint 3.1.1 --- 26 Sep 2003 > > /usr/include/arpa/inet.h:35:27: Parse Error. (For help on parse errors, see > splint -help parseerrors.) > *** Cannot continue. I know that error. The offending line (Linux 2.4.21, Debian) is: typedef __socklen_t socklen_t; Splint does not recognize as a system header, but knows . The type __socklen_t is defined in . Splint does not parse this header and uses its own definitions instead. Therefore the identifier __socklen_t is not known to splint. Solution 1: Splint should have an additional library (like posixlib) that knows the Single Unix Specification (susv3). Solution 2: Write your own splint-specific header . #ifdef S_SPLINT_S # include "splint-include/arpa/inet.h" #else # include #endif ==== splint-include/arpa/inet.h ==== typedef /*@unsignedintegraltype@*/ socklen_t; /* ... other definitions ... */ ==== EOF ==== Roland From nayan22 at bolt.com Sun Sep 28 20:44:53 2003 From: nayan22 at bolt.com (Nayan ) Date: Wed Mar 22 17:10:16 2006 Subject: [splint-discuss] newbie question: parse error Message-ID: <20030929004455.32222.qmail@bolt.com> Hi Roland, I have 2 questions. > > > > $ ../../../bin/splint +posixlib -posix-lib -I/usr/include/glib-2.0 -I/usr/include/gtk-2.0 -I../plugins/ -I/usr/include/pango-1.0/ -I/usr/include/wine/wine *.c > > Splint 3.1.1 --- 26 Sep 2003 > > > > /usr/include/arpa/inet.h:35:27: Parse Error. (For help on parse errors, see > > splint -help parseerrors.) > > *** Cannot continue. > > I know that error. > > The offending line (Linux 2.4.21, Debian) is: > typedef __socklen_t socklen_t; > > Splint does not recognize as a system header, but knows > . > > The type __socklen_t is defined in . Splint does not parse > this header and uses its own definitions instead. Therefore the > identifier __socklen_t is not known to splint. > > Solution 1: Splint should have an additional library (like posixlib) > that knows the Single Unix Specification (susv3). How do I include posixlib with Splint ? At present I am using two command line options: 1) +posixlib (as told in http://splint.org/manual/manual.html ) 2) -posix-lib ( given in man page for splint) I do not understand difference between the two options :( > > Solution 2: Write your own splint-specific header . > > #ifdef S_SPLINT_S > # include "splint-include/arpa/inet.h" > #else > # include > #endif > > ==== splint-include/arpa/inet.h ==== > typedef /*@unsignedintegraltype@*/ socklen_t; > > /* ... other definitions ... */ > ==== EOF ==== > This seemed to work but I just want to make sure I am doing it the right way. I have put #ifdef .. #endif statements in test code that uses inet.h and created a replica of inet.h in splint-include folder and added the line typedef /*@unsignedintegraltype@*/ socklen_t; Thanks, nayan -- ______________________________________ Get your free email from www.bolt.com! Powered by Outblaze From roland.illig at gmx.de Mon Sep 29 08:32:23 2003 From: roland.illig at gmx.de (Roland Illig) Date: Wed Mar 22 17:10:16 2006 Subject: [splint-discuss] newbie question: parse error In-Reply-To: <20030929004455.32222.qmail@bolt.com> References: <20030929004455.32222.qmail@bolt.com> Message-ID: <20030929123223.GA2055@informatik.uni-hamburg.de> On Mon, Sep 29, 2003 at 08:44:53AM +0800, Nayan wrote: > How do I include posixlib with Splint ? At present I am using two > command line options: > 1) +posixlib (as told in http://splint.org/manual/manual.html ) > 2) -posix-lib ( given in man page for splint) > I do not understand difference between the two options :( I don't know them either, but I prefer the first one, because many other splint options use them. I think it was a misconcept to make "-" the standard option prefix some ages ago. A "+" prefix might have been better. For splint I always suggest the "+" option because of the ambiguity of "-": Does it mean "use this option" or "disable this option"? > This seemed to work but I just want to make sure I am doing it the right way. > I have put #ifdef .. #endif statements in test code that uses inet.h > and created a replica of inet.h in splint-include folder and added the line > typedef /*@unsignedintegraltype@*/ socklen_t; That's perfectly right. There are some other definitions in the file that you should add. See http://www.opengroup.org/onlinepubs/007904975/basedefs/arpa/inet.h.html Roland From evans at cs.virginia.edu Mon Sep 29 09:12:16 2003 From: evans at cs.virginia.edu (David Evans) Date: Wed Mar 22 17:10:16 2006 Subject: [splint-discuss] newbie question: parse error In-Reply-To: <20030929123223.GA2055@informatik.uni-hamburg.de> References: <20030929004455.32222.qmail@bolt.com> <20030929123223.GA2055@informatik.uni-hamburg.de> Message-ID: On Mon, 29 Sep 2003, Roland Illig wrote: > On Mon, Sep 29, 2003 at 08:44:53AM +0800, Nayan wrote: > > How do I include posixlib with Splint ? At present I am using two > > command line options: > > 1) +posixlib (as told in http://splint.org/manual/manual.html ) > > 2) -posix-lib ( given in man page for splint) > > I do not understand difference between the two options :( > > I don't know them either, but I prefer the first one, because many other > splint options use them. I think it was a misconcept to make "-" the > standard option prefix some ages ago. A "+" prefix might have been > better. For splint I always suggest the "+" option because of the > ambiguity of "-": Does it mean "use this option" or "disable this > option"? > -posixlib and +posixlib mean the exact same thing. For flags that don't have an on/off setting, either + or - may be used with the same meaning. Flags may be hyphenated for readability (posix-lib means the same thing as posixlib). --- Dave