...
- gcc (various)
- Sun cc
- Windows?
- ...other compilers?
Lint variants:
- clint: designed to check C++ for common programmer errors and suggest improvements (http://sourceforge.net/projects/clint/)
- pc-lint/flexelint
- Solaris lint: supposedly significantly enhanced compared to traditional lint
- other flavors of lint?
- splint (already tried on parts of krb5 code, found some bugs, has issues).
- Web site: http://www.splint.org/
- Languages supported: C (C90, most C99 extensions, some GNU C extensions).
- License: GNU GPL
- Platforms: UNIX
- Problems detected include (list is excerpt from manual):
- Dereferencing a possibly null pointer
- Using possibly undefined storage or returning storage that is not properly defined
- Type mismatches, with greater precision and flexibility than provided by C compilers
- Violations of information hiding
- Memory management errors including uses of dangling references and memory leaks
- Dangerous aliasing
- Modifications and global variable uses that are inconsistent with specified interfaces
- Problematic control flow such as likely infinite loops, fall through cases or incomplete switches, and suspicious statements
- Buffer overflow vulnerabilities
- Dangerous macro implementations or invocations
- Violations of customized naming conventions.
- Observations: Splint maintenance seems minimal these days, and development pretty much stopped. The memory management tracking is interesting, based on the idea that one pointer handle "owns" an object at any one time, ownership can be transferred, functions shouldn't remember pointers they don't own, etc. However, it doesn't understand functions with different behavior in success and failure cases - like C's very critical realloc. Inline comments in code can disable warnings, alert splint to memory ownership handling that's different from its default assumptions, etc.
...