Logiciels Enfouis/Test & Outils logiciel/Analyse de Code

Analyse de Code Source

Analyse de code source PC-Lint

PC-lint est un outil d'analyse statique puissant qui vérifie votre code source C/C ++ et trouve des bogues, des glitch, des incohérences, des constructions non-portables, du code superflu et beaucoup d'autres anomalies. Il scrute des modules multiples et offre ainsi une perspective que votre compilateur ne possède pas.

PC-lint fonctionne sous Windows et complete parfaitement les environnements de développement comme µVision de Keil.

Ce que PC-lint détecte (non exhaustif )

Dans de nombreuses circonstances le suivi des valeurs permet de détecter  les erreurs:

-use of NULL pointer in unary * or ->
-creation and access of out-of-bounds pointers
-subscript out-of-bounds
-division by zero
-passing NULL pointers to selected library functions
-data over-run conditions on selected library functions
-booleans that always evaluate true or evaluate false
-inappropriate deallocation
-memory leaks
-unusual values passed to functions based on user-defined semantic specifications

A partir du scan d'une macro spéciale:
- passing an expression to an unparenthesized macro parameter
-passing an expression with side effects to a repeated macro parameter
- unparenthesized expression-like macros

- intermodule type inconsistencies
-uninitialized variables (auto, static and global scalars, arrays and structs)
-unused variables and functions assigned but not accessed variables (including globals)
-unreachable code
-unusual expressions such as: flags & 4 == 0 (precedence error)
-constant Booleans as in: if( x =0 ) ...
-indentation checking
-suspicious use of semi-colons as in if( a > b ); not followed by else
- strict and loose enumeration checking
-printf - scanf format checking
-order of evaluation errors as in: a[i] = i++;
-unsigned comparisons with 0
-wide variety of loss of precision errors such as int to char featuring our exclusive precision tracking
-excessive shift values
-loss of sign
-suspicious cast
-mixed signed and unsigned quantities
-comments within comments
-unused compile time objects, including macros, typedefs, declarations, classes, unions, enums

-ANSI quiet changes
-unused headers
-returning pointers to auto addresses and assigning auto address to static
-externals that can be made static and hence hidden
-declarations that can be offloaded from headers
-name clashes within the first count characters
-strong type checking based on typedef types.
-possibly uninitialized variables based on flow of control.
-overflow while processing arithmetic constants (E.g. for 16 bit integers, 200*200 overflows)
-constant expressions that reduce to zero
-suspicious truncations
-suspicious loss of fraction
-initialization irregularities (too few, too many, incorrect shape, string concatenations in)
-unused assigned values
- FOR clause irregularities
-extraneous white space in filenames
-accessing past the nul character
-absence of standard include guards
-unsynchronized mutex locking and unlocking
-multiple thread access to unprotected variables
-thread unsafe functions
-buffers copied onto themselves
-loss of information using getc
-user-deprecated symbols
-predeterminable Boolean expressions
-order of evaluation dependencies in expressions involving a static variable and a function call
-unsafe practices involving printf and non-constant formats
-statically detectable memory leaks -commas masquerading as semi-colons
-suspicious uses of back slash in macros
-suspicious looking octal or hexadecimal escape sequences
-dialect dependent integer constants
-out of range comparisons
-arguments inconsistent with a printf or scanf format
-mixing narrow and wide string literals
-variables (including global variables) that could be declared const or as pointing to const
-implementation defined bit fields
-unusual expressions using sizeof