porting tool

My client has 200KLOC of working code on an architecture where char is 8
bits, short is 16 bits, and int and long are 32 bits. They want to port
to an architecture where char, short and int are all 16 bits, and long
is 32 bits. Both architectures are twos complement. The source for the
most part looks reasonably well written C90 code, however I have
discovered code which relies on the current architecture. For example:

unsigned char c;
unsigned short s1, s2;
unsigned long l;

/* Mask to 8 bits */
c = (unsigned char)l;

/* May overflow on new architecture */
l = s1 + s2;

Does anyone know of tools that can draw attention to code that works on
the current architecture, but probably won't on the new one?

To be more specific, I'm looking for a tool that will locate code where:

1. a short, int or long is implicitly or explicitly narrowed to char and

2. a binary operation occurs between any two integer types except long,
and the result is placed in either an int or a long.

Unsigned variants are included any time a type is mentioned in the
preceding text.

(2) isn't going to produce as many positives as you might think. My
definition means int + int = int must be flagged. In fact there aren't
too many operations like this in the code, because the code mostly uses
typedefs such as SINT8, SINT16 and SINT32. On the new architecture, I
will set SINT16 to be short and SINT32 to be long.

I have already tried splint and gcc under cygwin. I don't think they can
be made to do what I want. gcc is not available for the new
architecture. A proprietary compiler will be used. I've searched web
descriptions of static analysers, but so far have not found anything
that helps.
--
comp.lang.c.moderated - moderation address: clcm@plethora.net -- you must
have an appropriate newsgroups line in your header for your mail to be seen,
or the newsgroup name in square brackets in the subject line. Sorry.

On 10/28/11 2:59 AM, Caviare wrote:
> My client has 200KLOC of working code on an architecture where char is 8
> bits, short is 16 bits, and int and long are 32 bits. They want to port
> to an architecture where char, short and int are all 16 bits, and long
> is 32 bits. Both architectures are twos complement. The source for the
> most part looks reasonably well written C90 code, however I have
> discovered code which relies on the current architecture. For example:
>
> unsigned char c;
> unsigned short s1, s2;
> unsigned long l;
>
> /* Mask to 8 bits */
> c = (unsigned char)l;
>
> /* May overflow on new architecture */
> l = s1 + s2;
>
> Does anyone know of tools that can draw attention to code that works on
> the current architecture, but probably won't on the new one?
>
> To be more specific, I'm looking for a tool that will locate code where:
>
> 1. a short, int or long is implicitly or explicitly narrowed to char and
>
> 2. a binary operation occurs between any two integer types except long,
> and the result is placed in either an int or a long.
>
> Unsigned variants are included any time a type is mentioned in the
> preceding text.
>
> (2) isn't going to produce as many positives as you might think. My
> definition means int + int = int must be flagged. In fact there aren't
> too many operations like this in the code, because the code mostly uses
> typedefs such as SINT8, SINT16 and SINT32. On the new architecture, I
> will set SINT16 to be short and SINT32 to be long.
>
> I have already tried splint and gcc under cygwin. I don't think they can
> be made to do what I want. gcc is not available for the new
> architecture. A proprietary compiler will be used. I've searched web
> descriptions of static analysers, but so far have not found anything
> that helps.

My first thought is you want to flag all uses of the type
[signed/unsigned] char, and [unsigned] int. One thought is to place in
each file (after include any system headers) lines like

#define int _error_
#define char _error_

so that you get a syntax error where they are being used. You will
likely want to create a NEW type, for things that should be chars, but
have been inspected to be safe with the wider definition your new
environment has. Maybe adding a typedef char least8_char; (maybe add
signed and unsigened version too) before the above defines. Note that
any code that currently uses SINT8 needs to be checked, as it sounds
like the code assumes it is an "exact width type" (like int8_t in C99)
which you do not have, so needs to be written to work with
int_least8_t).
--
comp.lang.c.moderated - moderation address: clcm@plethora.net -- you must
have an appropriate newsgroups line in your header for your mail to be seen,
or the newsgroup name in square brackets in the subject line. Sorry.

Caviare <bitbucket43@yahoo.com.au> writes:
[...]
> (2) isn't going to produce as many positives as you might think. My
> definition means int + int = int must be flagged. In fact there aren't
> too many operations like this in the code, because the code mostly uses
> typedefs such as SINT8, SINT16 and SINT32. On the new architecture, I
> will set SINT16 to be short and SINT32 to be long.
[...]

Just set SINT16 to be int16_t, and SINT32 to be int32_t (or
int_leastNN_t, or int_fastNN_t, depending on your requirements).
These are defined in <stdint.h>. And consider doing a global
search-and-replace to use the standard typedefs directly.

If you need to support a C implementation that doesn't provide
<stdint.h>, you can define it yourself easily enough; see, for example,
<http://www.lysator.liu.se/c/q8/index.html>.

--
Keith Thompson (The_Other_Keith) kst-u@mib.org <http://www.ghoti.net/~kst>
"We must do something. This is something. Therefore, we must do this."
-- Antony Jay and Jonathan Lynn, "Yes Minister"
--
comp.lang.c.moderated - moderation address: clcm@plethora.net -- you must
have an appropriate newsgroups line in your header for your mail to be seen,
or the newsgroup name in square brackets in the subject line. Sorry.

"Caviare" <bitbucket43@yahoo.com.au> wrote in message
news:clcm-20111028-0003@plethora.net...
> My client [...] They want to port to an architecture where char, short
> and int are all 16 bits, and long is 32 bits.
.....
> /* Mask to 8 bits */
> c = (unsigned char)l;
>
> /* May overflow on new architecture */
> l = s1 + s2;
>
> Does anyone know of tools that can draw attention to code that works on
> the current architecture, but probably won't on the new one?

You need a a tool that
a) can parse C (in fact, your particular dialect)
b) can be configured to look for certain operations (e.g., add) or casts
and provide you with precise information about location.

See our DMS Software Reengineering Toolkit
(http://www.semanticdesigns.com/Produ...MSToolkit.html)
and its C front end
(http://www.semanticdesigns.com/Produ...CFrontEnd.html)
This is configurable program analysis technology that could be
adjusted to accomplish your task.

-- IDB
--
comp.lang.c.moderated - moderation address: clcm@plethora.net -- you must
have an appropriate newsgroups line in your header for your mail to be seen,
or the newsgroup name in square brackets in the subject line. Sorry.

You could try using PC-lint with the types set to be the target sizes that is I what I do for my embedded code - be aware you will get lots of warnings that you will have to sift through manually or create a grep once you see a pattern.
--
comp.lang.c.moderated - moderation address: clcm@plethora.net -- you must
have an appropriate newsgroups line in your header for your mail to be seen,
or the newsgroup name in square brackets in the subject line. Sorry.