PC-lint

PC-lint will check your C/C++ source code and find bugs, glitches, inconsistencies, non-portable constructs, redundant code, and much more. It looks across multiple modules, and so, enjoys a perspective your compiler does not have.

Features

Platforms

• Windows 95 / Windows NT
• DOS (built-in DOS extender)
• OS/2 (32 bit)

Compatibility

• Supports K&R C, ANSI C, ANSI/ISO C++
• Explicit support for Borland, Microsoft, GNU and most other major compilers and libraries
• Support for most major embedded-system compilers including bit addressing
• Numerous options to support rogue compilers
• Scalars sizes can be specified for cross-compiling

Message Suppression

• By number
• By number and symbol (including wild cards)
• One-line suppression
• By macro
• For library headers, by number (a header is library depending on how it is included; this can be overridden via user options)
• For specified functions, by number
• For expressions

Flexibility

• Indirect files (nested to any depth) can contain filenames, options, environment variables
• Format of error messages can be customized to support a wide variety of editors/IDE’s
• All options can be embedded in user code

Special Checking Facilities

• Optional strong type checking (typedef-based) with a rich option set to detect nominal type differences -- You can even form a fully checked type hierarchy of scalar types using only typedef
• Checks flow of control for possibly
uninitializedvariables
• Value tracking to detect subtle initialization and value misuse problems
• With value tracking as an enabling technology, we support ‘semantics’ checking for almost 100 library functions, this checking can be extended to user functions
• User-defined semantic checking for function arguments and return values
• Find unused macros, typedef's, classes, members, declarations, etc. across the entire project
• Other special torture tests

Performance

• Fast one-pass operation
• Robust -- tables will expand as needed to handle large applications

PC-lint/FlexeLint will detect -- For C++...

• Order of initialization dependencies
• Class members not initialized by constructor
• Pointer members not deleted by destructors
• Base class destructors that are not virtual
• Names hiding other names
• Improperly formed or missing assignment operators and copy constructors
• Missing destructors from classes using dynamic allocation
• Out-of-order constructor initializers
• Creation of temporaries
• Undefined and unreferenced class members initialization of a non-const reference with a non-lvalue
• Assignment operator not first checking for assignment to this
• Inconsistent use of extern "C"
• Operator delete not checking argument for NULL
• Static variables in in-line functions in headers
• Exposing privileged data
• Failure to copy a base class, or to use the base class copy constructor
• Issuing throw within a destructor
• Assignment of an array to a base class pointer
• Inconsistent or incomplete exception specifications
• Failure to reference a virtual member function
• A virtual function with a default parameter
• Redundant access specifiers
• Binary operators that should be non-member functions or that return references, or that shouldn't be user defined or operators that should be defined
• Function parameters that could be declared const reference
• Ill-defined increment and decrement operators
• Catch parameters that are not references
• An examination is made of all the base class hierarchies in the entire project to determine
non-virtual classes included twice, or virtual classes not included twice in any class hierarchy

From value tracking information PC-lint can detect under many circumstances:

• Use of NULL pointer in unary * or ->
• Creation and access of out-of-bounds pointers
• Subscript out-of-bounds
• Division by zero
• Passing NULL pointers to selected library functions
• Data over-run conditions on selected library functions
• Booleans that always evaluate true or evaluate false
• Inappropriate deallocation
• Memory leaks
• Unusual values passed to functions based on user-defined semantic specifications

From a special macro scan PC-lint can find:

• Passing an expression to an unparenthesized macro parameter
• Passing an expression with side effects to a repeated macro parameter
• Unparenthesized expression-like macros

• Intermodule type inconsistencies
• Uninitialized variables (auto, static and global scalars, arrays and structs)
• Unused variables and functions
• Assigned but not accessed variables (including globals)
• Unreachable code
• Unusual expressions such as: flags & 4 == 0 (precedence error)
• Constant Booleans as in: if( x = 0 ) ...
• Indentation checking
• Suspicious use of semi-colons as in if( a > b ); not followed by else
• Strict and loose enumeration checking
• Printf-scanf format checking
• Order of evaluation errors as in: a[i] = i++;
• Unsigned comparisons with 0
• Wide variety of loss of precision errors such as int to char featuring our exclusive precision tracking
• Excessive shift values
• Loss of sign
• Suspicious cast
• Mixed signed and unsigned quantities
• Comments within comments
• Unused compile time objects, including macros, typedef’s, declarations, class’es, union’s, enum’s
• ANSI quiet changes
• Unused headers
• Returning pointers to auto addresses and assigning auto address to static
• Externals that can be made static and hence hidden
• Declarations that can be offloaded from headers
• Name clashes within the first count characters
• Strong type checking based on typedef types
• Possibly uninitialized variables based on flow of control
• Overflow while processing arithmetic constants (E.g. for 16 bit integers, 200*200 overflows)
• Constant expressions that reduce to zero
• Suspicious truncations
• Suspicious loss of fraction
• Initialization irregularities (too few, too many, incorrect shape, string concatenations in)