Splint - Secure Programming Lint
[email protected]
Download - Documentation - Manual - Links Reporting Bugs - Mailing Lists      Sponsors - Credits

Splint - Frequently Asked Questions

Index

    General Questions About Splint

  1. What is the difference between Splint and LCLint?
  2. What is the Splint logo?
  3. How is Splint pronounced?
  4. Can I include Splint in my software distribution?
  5. Can we use your software in our company? (We are not a GNU organization.)
  6. Which compilers does Splint support?
  7. Does Splint handle C++?
  8. Installation

  9. I downloaded the Splint .tgz file but can't figure out how to extract it. There is no 'z' option on the tar on my system.
  10. I want to use Splint in Windows. How do I do that?
  11. I have installed Splint for Windows 2000. Where should I put the ".splintrc" file?
  12. When I build Splint I get the following errors.... Should I be worried?
  13. I just installed Splint on a new machine. I get a bunch of errors during building when the test suite is run. When I look through the results, it seems like Splint is not reporting any errors in the code it analyzes. What is going on?
  14. Usage

  15. Why am I getting parse errors in system header files?
  16. Is every Splint warning a real error?
  17. How does Splint handle const?
  18. I develop code on an embedded system with a compiler that uses nonstandard key words and data types. I would like to run Splint on my code but these nonstandard keywords cause parse errors. What should I do?
  19. How can I get Splint to recognize directory trees and local source include directories?
  20. I use realloc in my code. How can I get Splint in check this code more effectively?
  21. Warnings and Errors

  22. Why do I get a warning when multiplying different integer types? The C standard says this is ok. Why is this wrong?
  23. Why does splint complain if I ignore the return value of scanf but not printf?
  24. I get parse errors when I try to run Splint on code like #define MACROdebug(...) blahblah . Can I use variadic macros in Splint?
  25. Bugs

  26. I think I've found a bug in Splint. What should I do?
  27. Splint tells me that there is a bug and I should report it. What information should I send?
  28. Additional Information

  29. My question isn't answered here. How can I get more information about Splint?

Questions and Answers

    General Questions About Splint

  1. What is the difference between Splint and LCLint?

    Before 2002, Splint was known as LCLint. LCLint Version 3.0 was renamed Splint Verion 3.0.

    LCLint was originally named for LCL, the Larch C Interface Language and lint, a well-known C program checking tool. Because our tool has diverged from LCL, and our focus now is on secure programming, it was renamed Splint.

  2. What is the Splint logo?

    Thomas Jefferson's Serpentine Walls at the University of Virginia. The walls are one brick thick, but because of their design are both strong and aesthetic. Like a secure program, secure walls depend on sturdy bricks, solid construction, and elegant and principled design.
  3. How is Splint pronounced?

    "Splint" can be pronounced as one word, like the first aid device used to fix broken bones. It is also acceptable (but harder) to pronounce it as "S" "P" "lint".
  4. Can I include Splint in my software distribution?

    Yes. Splint is licensed under the GNU General Public License. You may redistribute it as you wish so long as credits and pointers to www.splint.org are not changed or removed. Splint may be included in commercial distributions, and is included in several Linux and freeware CDs. If you want to redistribute Splint, please let us know by sending a message to [email protected].

  5. Can we use your software in our company? (We are not a GNU organization.)

    Yes, Splint is GPL-licensed. Anyone may use it. If you want to redistribute it, check the license for details or contact us.

  6. Which compilers does Splint support?

    Splint is independent from your compiler. It checks standard C code, according to the ISO C99 specification. Splint supports most, but not all, of the C99 extensions to the ANSI C. Splint supports some of the gcc compiler extensions (if +gnuextensions is used).

  7. Does Splint handle C++?

    No, Splint does not check C++ code. We don't have the resources (or the research justification) to build a C++ front end, but if you are interested in building a C++ front end the source code is available, and I will certainly be willing to help.

  8. Installation

  9. I downloaded the Splint .tgz file but can't figure out how to extract it. There is no 'z' option on the tar on my system.

    Check to see if there is GNU tar on your system, it is usually invoked by the command gtar or gnutar. GNU tar supports the -z option.

    You can also unzip the file then untar it. Do: gunzip filename.tar.gz to unzip then tar -xvf filename.tar.

    A single command to do this is: gzip -d < filename.tar.gz | tar -xvf -. [Contributed by Derric Tubbs]

  10. I want to use Splint in Windows. How do I do that?

    See www.splint.org/win32.html for instructions on obtaining and installing Splint on Windows. We do not actively support Windows or do any Windows development.

  11. I have installed Splint for Windows 2000. Where should I put the .splintrc file?

    For Win32, Splint looks for splint.rc instead of .splintrc due to the DOS filename limitations. It will look first in the current directory, then in your home directory.
  12. When I build Splint I get the following error:

              Checking manual...
              cmx > / Checking tests2.2...
              Checking tests2.4...
              Checking tests2.5...
              Checking db1...
              0a1,2
              < /cmx/tools/make -e clean
              > /cmx/tools/make -e check
              *** FAIL ***
              Checking db2...
              0a1,2
              < /tools/make -e clean
              > /cmx/tools/make -e check
              *** FAIL ***
              Checking db3...
    

    Should I be worried?

    Those differences look harmless. It is likely that your make is set up slightly differently than ours.
  13. I just installed Splint on a new machine. I get a bunch of errors during building when the test suite is run. When I look through the results, it seems like Splint is not reporting any errors in the code it analyzes. What is going on?

    One possibility is that the installation directory where the test suite is running is on the system path (hence, splint won't report errors if -sysdirerrors is set, as it is by default). Try adding +sysdirerrors to the command line for the test suite to see if that is the problem, or installing Splint in a different directory not in the system path.



  14. Usage

  15. Why am I getting parse errors in system header files?

    Parse errors usually occur in code written for compilers that use nonstandard keywords or type names. (See the question on providing definitions of these names.)

    If you're getting parse errors make sure that the required libraries are included by using the +posixlib or +unixlib flags. If you're using nonstandard gnu extensions the +gnuextensions flag make be helpful.

    However, Splint doesn't yet support all C99 extensions so there are some legitimate C programs that will need to be modified.



  16. Is every Splint warning a real error?

    No. Many of the program properties that Splint checks are undecidable. This means that any static analysis tool that can be run on real programs will either produce false positives or false negatives. Because of this and to improve efficiency, Splint makes some simplifying assumptions. This means that Splint will occasionally produce spurious warnings or miss real errors.

    However, often spurious errors can be fixed by adding additional annotations.

  17. How does Splint handle const?

    Splint doesn't interpret const (at all). See the manual section on modifies checking (www.splint.org/manual/html/sec7.html).



  18. I develop code on an embedded system with a compiler that uses nonstandard key words and data types. I would like to run Splint on my code but these nonstandard keywords cause parse errors. What should I do?

    You can often use -D to solve this problem.

    If you just want to ignore a keyword, you can add -Dnonstandardkeyword= to make the preprocessor eliminate the keyword, where nonstandardkeyword is the name of the keyword. Similarly, you can use -Dspecialtype=int to make a custom type parse as an int.

  19. How can I get Splint to recognize directory trees and local source include directories? I've tried putting them in my path but it doesn't seem to look beyond the current directory.

    You can use -I to set the include path like you would with a compiler.



  20. I use realloc in my code. How can I get Splint in check this code more effectively?

    The semantics of realloc cannot be describe precisely with Splint's annotations since its memory behavior is different depending on its return value. When realloc succeeds, the pointer passed to it is no longer valid.  The returned pointer points to available storage with the specified size, and the values are copied from the leading portion of the original storage indicated by the pointer passed to the function.  When realloc returns a NULL pointer, and more than zero bytes were supposed to be allocated, no new storage has been allocated.  The original pointer passed in is not deallocated and its contents are still accessible.  (Under ANSI C '89 and later, malloc and realloc may return NULL if asked for zero bytes.  In this case, realloc would release the old storage.)

    If you do use realloc, we recommend that you use a wrapper around it.

  21. Warnings and Errors

  22. Why do I get a warning when multiplying different integer types? The C standard says this is ok. Why is this wrong?

    There are lots of things that the C spec allows and defines clearly, that Splint will provide warnings for. It's not a question of it being "wrong", it's a matter of it being likely to reveal a programming mistake.
  23. Why does splint complain if I ignore the return value of scanf but not printf?

    This is just a strategic decision --- we view ignoring the result of a scanf to be more likely to reveal a problem with the code than ignoring the result of a printf, even though strict programmers will want to check the result of printf also.

    If you want stricter checking, use the flags +ansistrictlib, +posixstrictlib, +unixstrictlib to select the strict versions of these libraries.

  24. I get parse errors when I try to run Splint on code like #define MACROdebug(...) blahblah . Can I use variadic macros in Splint?

    Sorry, Splint does not yet support variadic macros. We hope to fix this in a future release.



  25. Bugs

  26. I think I've found a bug in Splint. What should I do?

    See www.splint.org/bugs.html for a list of known bugs and instructions on reporting bugs.



  27. Splint tells me that there is a bug and I should report it. What information should I send?

    Ideally we would like enough code to reproduce the problem. Small snippets of code which trigger the bug are the best but more code is also acceptable.

    If we're not able to reproduce the problem, then we are unlikely to be able to patch Splint. However, we would still appreciate hearing about the bug and may be able to at least to offer you advice on working around the problem.

  28. Additional Information

  29. My question isn't answered here. How can I get more information about Splint?

    The Splint manual is available at: www.splint.org/manual/

    The mailing list archives are at:

    www.splint.org/lists.html/

    If you're still unable to find the information to answer your question, you can try posting the question to the splint-discuss mailing list (see www.splint.org/lists.html)

    You can also email us at [email protected].

Splint - Secure Programming Lint [email protected]
Download - Documentation - Manual - Links
Source - Linux - Publications - Talks
Reporting Bugs    Sponsors - Credits