On Wed, 06 Jun 2007 20:22:13 +0200, Coos Haak wrote:
Op Wed, 6 Jun 2007 13:11:52 +0000 (UTC) schreef jaime:
>Hi all.
Apologies, since this is more a tool question, than strictly a language
question, but hey, it seemed like an appropriate place to ask...
I'm a c newbie (and have been now for about 6 years!) and I'd like to use
an automatic tool to show me warnings about the following code:
#include <stdio.h>
int main(void){
int i=99999;
short s;
s=i;
printf("s is %d\n", s);
return 0;
}
Running splint against this gives:
another.c: (in function main)
another.c:5:3: Assignment of int to short int: s = i
which is exactly what I'm after. The downside? As soon as I use c99
constructs such as declaring variables after any statement, splint barfs
horribly with a "parse error" (I believe this is simply due to splint not
being updated to understand any c99 stuff yet).
I've already asked about gcc on the gcc-help mailing list, and apparently
the "-Wconversion" flag will soon do the same (although it doesn't at the
moment).
So I was wondering, what static verification tools do experienced C
programmers recommend at the moment? (or does everyone use splint, and
keep their c to c89/c90 rather than c99?)
This has nothing to do with c99 or c90.
What are (in your implememtation) sizeof(int) and sizeof(short)?
If CHAR_BIT is 8 and sizeof(short) is 2, 99999 won't fit in a short.
Sorry - I can see I didn't explain myself very well.
I realize that fitting ints into shorts _isn't_ a c90/c99 issue, but splint
not being able to help me analyse my code _is_ a c90/c99 issue.
I write c, and I'd like to use tools to help me write better c. I'd like
to use splint, as it can show me easy-to-miss errors, like implicit
narrowing (an example of which I've given above), but if I write c99,
splint can't help me (if I write c90, splint _can_ help me).
As a clearer example, what tool can I use to point out the implicit
narrowing in the following piece of code?:
#include <stdio.h>
int main(void){
printf("Just a line to confuse splint");
int i=99999;
short s;
s=i;
printf("s is %d\n", s);
return 0;
}
splint returns:
another.c:4:6: Parse Error.
gcc is perfectly happy with this - no warnings, no (compile-time) errors.
But there's an implicit narrowing in there, that neither gcc nor splint
will tell me about. Do experienced c programmers check these things by
hand, or are there tools that help them?