On 10/28/11 2:59 AM, Caviare wrote:
> My client has 200KLOC of working code on an architecture where char is 8
> bits, short is 16 bits, and int and long are 32 bits. They want to port
> to an architecture where char, short and int are all 16 bits, and long
> is 32 bits. Both architectures are twos complement. The source for the
> most part looks reasonably well written C90 code, however I have
> discovered code which relies on the current architecture. For example:
> unsigned char c;
> unsigned short s1, s2;
> unsigned long l;
> /* Mask to 8 bits */
> c = (unsigned char)l;
> /* May overflow on new architecture */
> l = s1 + s2;
> Does anyone know of tools that can draw attention to code that works on
> the current architecture, but probably won't on the new one?
> To be more specific, I'm looking for a tool that will locate code where:
> 1. a short, int or long is implicitly or explicitly narrowed to char and
> 2. a binary operation occurs between any two integer types except long,
> and the result is placed in either an int or a long.
> Unsigned variants are included any time a type is mentioned in the
> preceding text.
> (2) isn't going to produce as many positives as you might think. My
> definition means int + int = int must be flagged. In fact there aren't
> too many operations like this in the code, because the code mostly uses
> typedefs such as SINT8, SINT16 and SINT32. On the new architecture, I
> will set SINT16 to be short and SINT32 to be long.
> I have already tried splint and gcc under cygwin. I don't think they can
> be made to do what I want. gcc is not available for the new
> architecture. A proprietary compiler will be used. I've searched web
> descriptions of static analysers, but so far have not found anything
> that helps.
My first thought is you want to flag all uses of the type
[signed/unsigned] char, and [unsigned] int. One thought is to place in
each file (after include any system headers) lines like
#define int _error_
#define char _error_
so that you get a syntax error where they are being used. You will
likely want to create a NEW type, for things that should be chars, but
have been inspected to be safe with the wider definition your new
environment has. Maybe adding a typedef char least8_char; (maybe add
signed and unsigened version too) before the above defines. Note that
any code that currently uses SINT8 needs to be checked, as it sounds
like the code assumes it is an "exact width type" (like int8_t in C99)
which you do not have, so needs to be written to work with
comp.lang.c.moderated - moderation address: email@example.com
-- you must
have an appropriate newsgroups line in your header for your mail to be seen,
or the newsgroup name in square brackets in the subject line. Sorry.