NetBSD Problem Report #43234

From dholland@eecs.harvard.edu  Sun May  2 04:11:29 2010
Return-Path: <dholland@eecs.harvard.edu>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
	by www.NetBSD.org (Postfix) with ESMTP id D33C263BA59
	for <gnats-bugs@gnats.NetBSD.org>; Sun,  2 May 2010 04:11:28 +0000 (UTC)
Message-Id: <20100502040756.328CDFF10@tanaqui.eecs.harvard.edu>
Date: Sun,  2 May 2010 00:07:56 -0400 (EDT)
From: dholland@eecs.harvard.edu
Reply-To: dholland@eecs.harvard.edu
To: gnats-bugs@gnats.NetBSD.org
Subject: lint warns about perfectly good casts
X-Send-Pr-Version: 3.95

>Number:         43234
>Category:       toolchain
>Synopsis:       lint warns about perfectly good casts
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    toolchain-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun May 02 04:15:00 +0000 2010
>Last-Modified:  Thu May 06 08:25:01 +0000 2010
>Originator:     David A. Holland
>Release:        NetBSD 5.99.22 (20091208, also 20100307)
>Organization:
>Environment:
System: NetBSD tanaqui 5.99.22 NetBSD 5.99.22 (TANAQUI) #31: Tue Dec 8 22:53:35 EST 2009 dholland@tanaqui:/usr/src/sys/arch/i386/compile/TANAQUI i386
Architecture: i386
Machine: i386
>Description:

Inspecting the representation of an integer value (or, I suspect, any
other value) with a pointer to unsigned char causes lint to warn that
"pointer casts may be troublesome".

>How-To-Repeat:

#include <stdio.h>
#include <stdlib.h>

int main() {
   int *p;
   unsigned char *x;
   size_t i;

   p = malloc(sizeof(*p));
   *p = 0x12345678;

   x = (unsigned char *)p;
   for (i=0; i<sizeof(*p); i++) {
      (void)printf(" %02x\n", x[i]);
   }

   return 0;
}

Use lint -chapbxzFS per sys.mk. It says

foo.c(12): warning: pointer casts may be troublesome [247]

This issue was noticed by agc, but he doesn't think it's important :-)

>Fix:

The problem is in lint1/tree.c at line 1974, which seems to be a
general-purpose test for casting pointers that point to things of
different sizes.

Since inspecting the representation with unsigned char * is the
recommended method of doing various things in standard C the test
there ought to shut up about casts to unsigned (or signed) char.

In the meantime, adding an extra cast through void * makes lint shut
up. (Although I don't immediately see why, which is why I'm not going
to propose a patch for the time being...)

>Audit-Trail:
From: Wolfgang Solfrank <Wolfgang@Solfrank.net>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: toolchain/43234: lint warns about perfectly good casts
Date: Tue, 04 May 2010 16:09:52 +0200

 Hi,

 > Use lint -chapbxzFS per sys.mk. It says
 >
 > foo.c(12): warning: pointer casts may be troublesome [247]

 Well, actually lint is perfectly correct in pointing out possible
 trouble here.

 I once worked on a 16 bit machine, where most addresses are
 16 bit and point to 16 bit values, i.e., the machine has
 65536 16 bit words or 128 kB of memory.  In contrast to that,
 byte pointers are also 16 bits, but address bytes, i.e. the
 machine can only address the low 64 kB using character pointers.

 Casting an int pointer to a character pointer shifts the 16 bits
 one bit to the left, loosing the high bit (which poses trouble
 if the original value was in the upper 64 kB.)  Of course the
 opposite cast shifts to the right, but you can't get the lost
 bit back.

 I've got no idea, why lint doesn't warn if you add the extra
 cast through a void pointer.

 Ciao,
 Wolfgang
 -- 
 Wolfgang@Solfrank.net				Wolfgang Solfrank

From: David Holland <dholland-bugs@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: toolchain/43234: lint warns about perfectly good casts
Date: Thu, 6 May 2010 08:22:38 +0000

 On Tue, May 04, 2010 at 02:10:07PM +0000, Wolfgang Solfrank wrote:
  >  > foo.c(12): warning: pointer casts may be troublesome [247]
  >  
  >  Well, actually lint is perfectly correct in pointing out possible
  >  trouble here.
  >  
  >  I once worked on a 16 bit machine, where most addresses are
  >  16 bit and point to 16 bit values, i.e., the machine has
  >  65536 16 bit words or 128 kB of memory.  In contrast to that,
  >  byte pointers are also 16 bits, but address bytes, i.e. the
  >  machine can only address the low 64 kB using character pointers.
  >  
  >  Casting an int pointer to a character pointer shifts the 16 bits
  >  one bit to the left, loosing the high bit (which poses trouble
  >  if the original value was in the upper 64 kB.)  Of course the
  >  opposite cast shifts to the right, but you can't get the lost
  >  bit back.

 Ouch. That isn't compatible with the C standard though. I don't think
 lint should be worrying about such platforms... or at least not until
 we find one we decide we want to port to, and when/if we do that lint
 needs to be very specific about what it thinks might go wrong.

  >  I've got no idea, why lint doesn't warn if you add the extra
  >  cast through a void pointer.

 Because it does purely local checks, i.e., it's dumb.

 -- 
 David A. Holland
 dholland@netbsd.org

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.