OMSE 535 Project 1 Presentation Lint By Gimple Software Azam Khan December 3, 2007
Tool Overview • A particular software that mentions questionable and defective programming issues is called Lint. Actually, the name is derived from the fibre and fluff found undesirable in sheep’s wool. • PC-Lint is used to check C/C++ source code syntax and semantics errors including bugs, glitches, inconsistencies, non-portable constructs, redundant code, and more.
Standard Error Checking Features • Possible indexing beyond array bounds • De-referencing of null pointers • Suspicious assignments (such as if (a = b)) • Mismatches in variable types (such as foo declared as a double in one file and used as a long in another) • Potentially dangerous data type combinations • Unused variables • Unreachable code • Header files included multiple times and/or unnecesarily • Non-portable constructs
Lint Features Platforms: • Windows XP / NT / 2000 / 98 / 95 / ME • DOS (built-in DOS extender) • Unix and Unix-like platforms (AIX, HP-UX, Sun OS, Solaris, Linux, Tru64 Unix, MAC, etc.) • VAX VMS • IBM's VM, MVS • OS-9 • Virtually any platform supporting C
Lint Features (continued) Compatibility: • Supports K&R C, ANSI C, ANSI/ISO C++ • Explicit support for Microsoft, GNU and most other major compilers and libraries • Support for most major embedded-system compilers including bit addressing. • Numerous options to support rogue compilers • Scalars sizes can be specified for cross-compiling
Lint Features (continued) Flexibility: • Indirect files (nested to any depth) can contain filenames, options, environment variables • Format of lint error messages can be customized to support integration with a wide variety of editors and IDEs • All options can be embedded in user code
Benefits (Pros) • Saves time • Flexible (IDE, DOS, singe file, multiple files, message suppression) • Allows to dive into more serious functional issues during code reviews instead of syntax and semantics • Very reasonably priced(sometimes the price is as good as free!)
Drawbacks (Cons) • Initial testing may be time consuming • May catch things that are fine (for example, while (1)) • May be too verbose at times
Availability and Cost • Gimple Software PC-lint for C/C++ PC-lint - One Workstation License (non-floating) $239.00 PC-lint - 10 User one-location LAN License $1800.00 PC-lint - Additional Users beyond 10 @ $150 each FlexeLint for C/C++ FlexeLint - One Workstation License (non-floating) 998.00 FlexeLint - 1 User one-location LAN License 1998.00 FlexeLint - 5 User one-location LAN License 3000.00 FlexeLint - 10 User one-location LAN License 6000.00
Summary of Product Evaluation I have used this software in the past and it actually does what it says it does. Most of the bugs caught may seem obvious and unnecessary. However, looking into those or simply finding a few that are serious is worth using this product. It saves time and money and I highly recommend it.
Product Links and References • http://www.gimpel.com/ • http://en.wikipedia.org/wiki/Lint_programming_tool • http://www.netrino.com/Articles/Lint/index.php • http://www.pdc.kth.se/training/Tutor/Basics/lint/index-frame.html • Competitive products: • Splint: an open source evolved version of Lint • Flawfinder: an open source programming tool that examines C or C++ source code looking for security weaknesses. • HP Code Advisor: A static analysis tool for C and C++ programs