Larry's Notebook

Splint Newsletter Article

Originally published at as Exptools TOOL OF THE MONTH.

This month’s article is written by Larry Yang, the Exptools provider of splint.

What is Splint?

Splint is a software tool for statically checking C programs for potential problems, catching problems that most compilers, even when set to the highest warning level, will not catch. Splint is the successor to LCLint, focusing on security vulnerabilities and coding mistakes. ith minimal effort, Splint can be used as a better lint. If additional effort is invested adding annotations to programs, Splint can perform stronger checking than can be done by any standard lint.

How do I use it?

Before running splint, set the shell environment variable LARCH_PATH to /opt/exp/lib/splint/lib. In many shells, that would be `export LARCH_PATH=/opt/exp/lib/splint/lib`. Splint uses the variable to locate the files it needs.

Typically, the tool is run at the command line or in shell script file. The command line arguements usually include a list of source files or a wildcard argument, locations of header files to be included, and preprocessor defines. The paths to the header files and preprocessor defines are passed in a manner similar to most compilers, via command line with “-I” and “-D”, respectively.

Example command:

splint *.c -I. -I../include -I/other/include -DDEBUG -DFOO=BAR`

Once splint can be run successfully on the code, the developer usually examines the warnings and may elect either fix the source code, or change the flags so that splint doesn’t not check for that problem. The warnings splint generates may have suggestions on how to fix the problem.

Example warning:

Type Bool is probably meant as a boolean type, but the boolean
type name is not set. Use -booltype boolean to set it. Use the
-booltype, -boolfalse and -booltrue flags to change the name of
the default boolean type. (Use -likelybool to inhibit warning)

So after a few iterations, the command may evolve to:

splint *.c -I. -I../include -I/other/include -DDEBUG \
-DFOO=BAR -booltype Bool +matchanyintegral -sys-unrecog’

The flags, respectively, define Bool as a boolean type, allow any integral type to match an arbitrary, and disable reporting of unrecognized identifiers that start with the system prefix (two underscores).

For more information on flags, ‘splint –help flags’ or see the manual Appendix B at

What are Annotations?

Splints also provides support for source code annotations. Typically, annotations can be used to suppress warnings, especially if suppressing the code check globally is not an ideal solution.

For example, all source code between /*@ignore@*/ /*@end@*/ will be not be checked, and “/*@unused@*/ volatile int dummy_var=1;” suppresses the warning that the variable is unused.

How can I get more information?

Command line:

`splint –help`
`toolman splint`

Web Resources: lists white papers. is the manual.

Blog at

%d bloggers like this: