Any tire experts out there? I am trying to use splint to statically analyze a large project that I have. I see an excessive amount of border validation errors that do not explicitly limit errors. I wrote a small test program to try to isolate the problem, and noticed some really strange warnings when I ran the code bus. I have 3 different examples. Here is the first one:
int arr[3]; int main(void) { int i; int var; arr[3] = 0;
The assignment arr[3] generates a warning when using +bounds , as expected, but does nothing when I use +likely-bounds . What does +likely-bounds even do? This does not seem to work. Second example:
int arr[3]; int main(void) { int i; int var; for (i = 0; i < 3; i++) var = arr[i];
In this example, splint complains about what I read outside the array ("Memory memory reads memory outside of the allocated storage.") For var = arr[i] , although I obviously do not. This should be a warning, as the values ββin the array are not initialized, but this is not the warning I get. Initializing the last value in the array will clear the error (but initializing the first or second will not). Am I doing something wrong? In the third example:
int arr[3]; int main(void) { int i; int var; arr[3] = 0;
A warning is generated for arr[3] = 0 , but not var = arr[i] , although it is obvious that the loop goes beyond the array. It seems that writing to the end of the array extends how the big bus thinks the array is. How is this possible?
In short, my questions are:
- What does a probability flag do?
- Is there any way that I can make splint give me legitimate errors related to going beyond?
- Is there a way to make the bus not increase the size of the arrays that are accessed outside of them? Currently, the bus reports more than 750 warnings, and I do not have time to check each warning in turn.
source share