msg_247.c revision 1.26
1 1.26 rillig /* $NetBSD: msg_247.c,v 1.26 2022/06/24 21:22:11 rillig Exp $ */ 2 1.1 rillig # 3 "msg_247.c" 3 1.1 rillig 4 1.3 rillig // Test for message: pointer cast from '%s' to '%s' may be troublesome [247] 5 1.1 rillig 6 1.4 rillig /* lint1-extra-flags: -c */ 7 1.4 rillig 8 1.4 rillig /* example taken from Xlib.h */ 9 1.4 rillig typedef struct { 10 1.4 rillig int id; 11 1.4 rillig } *PDisplay; 12 1.4 rillig 13 1.4 rillig struct Other { 14 1.4 rillig int id; 15 1.4 rillig }; 16 1.4 rillig 17 1.22 rillig PDisplay 18 1.4 rillig example(struct Other *arg) 19 1.4 rillig { 20 1.5 rillig /* 21 1.22 rillig * Before tree.c 1.461 from 2022-06-24, lint warned about the cast 22 1.22 rillig * between the structs. 23 1.22 rillig * 24 1.22 rillig * XXX: The target type was reported as 'struct <unnamed>'. In cases 25 1.5 rillig * like these, it would be helpful to print at least the type name 26 1.5 rillig * of the pointer. This type name though is discarded immediately 27 1.14 rillig * in the grammar rule 'typespec: T_TYPENAME'. 28 1.5 rillig * After that, the target type of the cast is just an unnamed struct, 29 1.5 rillig * with no hint at all that there is a typedef for a pointer to the 30 1.5 rillig * struct. 31 1.5 rillig */ 32 1.22 rillig return (PDisplay)arg; 33 1.4 rillig } 34 1.6 rillig 35 1.6 rillig /* 36 1.6 rillig * C code with a long history that has existed in pre-C90 times already often 37 1.6 rillig * uses 'pointer to char' where modern code would use 'pointer to void'. 38 1.6 rillig * Since 'char' is the most general underlying type, there is nothing wrong 39 1.6 rillig * with casting to it. An example for this type of code is X11. 40 1.6 rillig * 41 1.6 rillig * Casting to 'pointer to char' may also be used by programmers who don't know 42 1.6 rillig * about endianness, but that's not something lint can do anything about. The 43 1.6 rillig * code for these two use cases looks exactly the same, so lint errs on the 44 1.8 rillig * side of fewer false positive warnings here. 45 1.6 rillig */ 46 1.6 rillig char * 47 1.6 rillig cast_to_char_pointer(struct Other *arg) 48 1.6 rillig { 49 1.7 rillig return (char *)arg; 50 1.6 rillig } 51 1.6 rillig 52 1.6 rillig /* 53 1.6 rillig * In traditional C there was 'unsigned char' as well, so the same reasoning 54 1.6 rillig * as for plain 'char' applies here. 55 1.6 rillig */ 56 1.6 rillig unsigned char * 57 1.6 rillig cast_to_unsigned_char_pointer(struct Other *arg) 58 1.6 rillig { 59 1.7 rillig return (unsigned char *)arg; 60 1.6 rillig } 61 1.6 rillig 62 1.6 rillig /* 63 1.6 rillig * Traditional C does not have the type specifier 'signed', which means that 64 1.6 rillig * this type cannot be used by old code. Therefore warn about this. All code 65 1.6 rillig * that triggers this warning should do the intermediate cast via 'void 66 1.6 rillig * pointer'. 67 1.6 rillig */ 68 1.6 rillig signed char * 69 1.6 rillig cast_to_signed_char_pointer(struct Other *arg) 70 1.6 rillig { 71 1.18 rillig /* expect+1: warning: pointer cast from 'pointer to struct Other' to 'pointer to signed char' may be troublesome [247] */ 72 1.18 rillig return (signed char *)arg; 73 1.6 rillig } 74 1.6 rillig 75 1.6 rillig char * 76 1.6 rillig cast_to_void_pointer_then_to_char_pointer(struct Other *arg) 77 1.6 rillig { 78 1.6 rillig return (char *)(void *)arg; 79 1.6 rillig } 80 1.9 rillig 81 1.9 rillig 82 1.9 rillig /* 83 1.9 rillig * When implementing types that have a public part that is exposed to the user 84 1.9 rillig * (in this case 'struct counter') and a private part that is only visible to 85 1.9 rillig * the implementation (in this case 'struct counter_impl'), a common 86 1.9 rillig * implementation technique is to use a struct in which the public part is the 87 1.9 rillig * first member. C guarantees that the pointer to the first member is at the 88 1.9 rillig * same address as the pointer to the whole struct. 89 1.9 rillig * 90 1.11 rillig * Seen in external/mpl/bind/dist/lib/isc/mem.c for 'struct isc_mem' and 91 1.11 rillig * 'struct isc__mem'. 92 1.9 rillig */ 93 1.9 rillig 94 1.9 rillig struct counter { 95 1.9 rillig int count; 96 1.9 rillig }; 97 1.9 rillig 98 1.9 rillig struct counter_impl { 99 1.9 rillig struct counter public_part; 100 1.9 rillig int saved_count; 101 1.9 rillig }; 102 1.9 rillig 103 1.9 rillig void *allocate(void); 104 1.9 rillig 105 1.9 rillig struct counter * 106 1.23 rillig counter_new_typesafe(void) 107 1.9 rillig { 108 1.9 rillig struct counter_impl *impl = allocate(); 109 1.9 rillig impl->public_part.count = 12345; 110 1.9 rillig impl->saved_count = 12346; 111 1.9 rillig return &impl->public_part; 112 1.9 rillig } 113 1.9 rillig 114 1.23 rillig struct counter * 115 1.23 rillig counter_new_cast(void) 116 1.23 rillig { 117 1.23 rillig struct counter_impl *impl = allocate(); 118 1.23 rillig impl->public_part.count = 12345; 119 1.23 rillig impl->saved_count = 12346; 120 1.24 rillig /* Before tree.c 1.462 from 2022-06-24, lint warned about this cast. */ 121 1.23 rillig return (struct counter *)impl; 122 1.23 rillig } 123 1.23 rillig 124 1.9 rillig void 125 1.9 rillig counter_increment(struct counter *counter) 126 1.9 rillig { 127 1.10 rillig /* 128 1.10 rillig * Before tree.c 1.272 from 2021-04-08, lint warned about the cast 129 1.10 rillig * from 'struct counter' to 'struct counter_impl'. 130 1.10 rillig */ 131 1.9 rillig struct counter_impl *impl = (struct counter_impl *)counter; 132 1.9 rillig impl->saved_count = impl->public_part.count; 133 1.9 rillig impl->public_part.count++; 134 1.9 rillig } 135 1.12 rillig 136 1.12 rillig 137 1.12 rillig /* 138 1.12 rillig * In OpenSSL, the hashing API uses the incomplete 'struct lhash_st' for their 139 1.12 rillig * type-generic hashing API while defining a separate struct for each type to 140 1.12 rillig * be hashed. 141 1.12 rillig * 142 1.13 rillig * Before 2021-04-09, in a typical NetBSD build this led to about 38,000 lint 143 1.12 rillig * warnings about possibly troublesome pointer casts. 144 1.12 rillig */ 145 1.12 rillig 146 1.17 rillig /* expect+1: warning: struct 'lhash_st' never defined [233] */ 147 1.17 rillig struct lhash_st; 148 1.12 rillig 149 1.12 rillig struct lhash_st *OPENSSL_LH_new(void); 150 1.12 rillig 151 1.12 rillig struct lhash_st_OPENSSL_STRING { 152 1.12 rillig union lh_OPENSSL_STRING_dummy { 153 1.12 rillig void *d1; 154 1.12 rillig unsigned long d2; 155 1.12 rillig int d3; 156 1.12 rillig } dummy; 157 1.12 rillig }; 158 1.12 rillig 159 1.12 rillig # 196 "lhash.h" 1 3 4 160 1.12 rillig struct lhash_st_OPENSSL_STRING * 161 1.12 rillig lh_OPENSSL_STRING_new(void) 162 1.12 rillig { 163 1.13 rillig /* 164 1.13 rillig * Since tree.c 1.274 from 2021-04-09, lint does not warn about casts 165 1.13 rillig * to or from incomplete structs anymore. 166 1.13 rillig */ 167 1.12 rillig return (struct lhash_st_OPENSSL_STRING *)OPENSSL_LH_new(); 168 1.12 rillig } 169 1.23 rillig # 170 "msg_247.c" 2 170 1.15 rillig 171 1.15 rillig void sink(const void *); 172 1.15 rillig 173 1.16 rillig /* 174 1.16 rillig * Before tree.c 1.316 from 2021-07-15, lint warned about pointer casts from 175 1.16 rillig * unsigned char or plain char to another type. These casts often occur in 176 1.16 rillig * traditional code that does not use void pointers, even 30 years after C90 177 1.16 rillig * introduced 'void'. 178 1.16 rillig */ 179 1.15 rillig void 180 1.15 rillig unsigned_char_to_unsigned_type(unsigned char *ucp) 181 1.15 rillig { 182 1.15 rillig unsigned short *usp; 183 1.15 rillig 184 1.15 rillig usp = (unsigned short *)ucp; 185 1.15 rillig sink(usp); 186 1.15 rillig } 187 1.15 rillig 188 1.16 rillig /* 189 1.16 rillig * Before tree.c 1.316 from 2021-07-15, lint warned about pointer casts from 190 1.16 rillig * unsigned char or plain char to another type. These casts often occur in 191 1.16 rillig * traditional code that does not use void pointers, even 30 years after C90 192 1.16 rillig * introduced 'void'. 193 1.16 rillig */ 194 1.15 rillig void 195 1.15 rillig plain_char_to_unsigned_type(char *cp) 196 1.15 rillig { 197 1.15 rillig unsigned short *usp; 198 1.15 rillig 199 1.15 rillig usp = (unsigned short *)cp; 200 1.15 rillig sink(usp); 201 1.15 rillig } 202 1.19 rillig 203 1.20 rillig /* 204 1.20 rillig * Before tree.c 1.460 from 2022-06-24, lint warned about pointer casts from 205 1.20 rillig * unsigned char or plain char to a struct or union type. These casts often 206 1.20 rillig * occur in traditional code that does not use void pointers, even 30 years 207 1.20 rillig * after C90 introduced 'void'. 208 1.20 rillig */ 209 1.19 rillig void 210 1.19 rillig char_to_struct(void *ptr) 211 1.19 rillig { 212 1.19 rillig 213 1.19 rillig sink((struct counter *)(char *)ptr); 214 1.19 rillig 215 1.19 rillig sink((struct counter *)(unsigned char *)ptr); 216 1.19 rillig 217 1.19 rillig /* expect+1: warning: pointer cast from 'pointer to signed char' to 'pointer to struct counter' may be troublesome [247] */ 218 1.19 rillig sink((struct counter *)(signed char *)ptr); 219 1.19 rillig } 220 1.21 rillig 221 1.21 rillig 222 1.21 rillig // The following data types are simplified from various system headers. 223 1.21 rillig 224 1.21 rillig typedef unsigned char uint8_t; 225 1.21 rillig typedef unsigned short uint16_t; 226 1.21 rillig typedef unsigned int uint32_t; 227 1.21 rillig 228 1.21 rillig typedef uint16_t in_port_t; 229 1.21 rillig typedef uint8_t sa_family_t; 230 1.21 rillig 231 1.21 rillig struct sockaddr { 232 1.21 rillig uint8_t sa_len; 233 1.21 rillig sa_family_t sa_family; 234 1.21 rillig char sa_data[14]; 235 1.21 rillig }; 236 1.21 rillig 237 1.21 rillig struct in_addr { 238 1.21 rillig uint32_t s_addr; 239 1.21 rillig }; 240 1.21 rillig 241 1.21 rillig struct sockaddr_in { 242 1.21 rillig uint8_t sin_len; 243 1.21 rillig sa_family_t sin_family; 244 1.21 rillig in_port_t sin_port; 245 1.21 rillig struct in_addr sin_addr; 246 1.21 rillig uint8_t sin_zero[8]; 247 1.21 rillig }; 248 1.21 rillig 249 1.21 rillig struct sockaddr_in6 { 250 1.21 rillig uint8_t sin6_len; 251 1.21 rillig sa_family_t sin6_family; 252 1.21 rillig in_port_t sin6_port; 253 1.21 rillig uint32_t sin6_flowinfo; 254 1.21 rillig union { 255 1.21 rillig uint8_t u6_addr8[16]; 256 1.21 rillig uint16_t u6_addr16[8]; 257 1.21 rillig uint32_t u6_addr32[4]; 258 1.21 rillig } sin6_addr; 259 1.21 rillig uint32_t sin6_scope_id; 260 1.21 rillig }; 261 1.21 rillig 262 1.22 rillig /* 263 1.22 rillig * Before tree.c 1.461 from 2022-06-24, lint warned about the cast between the 264 1.22 rillig * sockaddr variants. Since then, lint allows casts between pointers to 265 1.22 rillig * structs if the initial members have compatible types and either of the 266 1.22 rillig * struct types continues with a byte array. 267 1.22 rillig */ 268 1.21 rillig void * 269 1.21 rillig cast_between_sockaddr_variants(void *ptr) 270 1.21 rillig { 271 1.21 rillig 272 1.21 rillig void *t1 = (struct sockaddr_in *)(struct sockaddr *)ptr; 273 1.21 rillig void *t2 = (struct sockaddr *)(struct sockaddr_in *)t1; 274 1.22 rillig void *t3 = (struct sockaddr_in6 *)(struct sockaddr *)t2; 275 1.22 rillig void *t4 = (struct sockaddr *)(struct sockaddr_in6 *)t3; 276 1.21 rillig 277 1.22 rillig /* expect+1: warning: pointer cast from 'pointer to struct sockaddr_in6' to 'pointer to struct sockaddr_in' may be troublesome [247] */ 278 1.22 rillig void *t5 = (struct sockaddr_in *)(struct sockaddr_in6 *)t4; 279 1.21 rillig 280 1.22 rillig /* expect+1: warning: pointer cast from 'pointer to struct sockaddr_in' to 'pointer to struct sockaddr_in6' may be troublesome [247] */ 281 1.22 rillig void *t6 = (struct sockaddr_in6 *)(struct sockaddr_in *)t5; 282 1.21 rillig 283 1.22 rillig return t6; 284 1.21 rillig } 285 1.23 rillig 286 1.23 rillig 287 1.23 rillig // From jemalloc. 288 1.23 rillig 289 1.23 rillig typedef struct ctl_node_s { 290 1.23 rillig _Bool named; 291 1.23 rillig } ctl_node_t; 292 1.23 rillig 293 1.23 rillig typedef struct ctl_named_node_s { 294 1.23 rillig ctl_node_t node; 295 1.23 rillig const char *name; 296 1.23 rillig } ctl_named_node_t; 297 1.23 rillig 298 1.23 rillig void * 299 1.24 rillig cast_between_first_member_struct(void *ptr) 300 1.23 rillig { 301 1.24 rillig /* Before tree.c 1.462 from 2022-06-24, lint warned about this cast. */ 302 1.23 rillig void *t1 = (ctl_node_t *)(ctl_named_node_t *)ptr; 303 1.23 rillig 304 1.23 rillig void *t2 = (ctl_named_node_t *)(ctl_node_t *)ptr; 305 1.23 rillig 306 1.23 rillig return t2; 307 1.23 rillig } 308 1.25 rillig 309 1.25 rillig double * 310 1.25 rillig unnecessary_cast_from_array_to_pointer(int dim) 311 1.25 rillig { 312 1.25 rillig static double storage_1d[10]; 313 1.25 rillig static double storage_2d[10][5]; 314 1.25 rillig 315 1.25 rillig if (dim == 1) 316 1.25 rillig return (double *)storage_1d; 317 1.25 rillig 318 1.25 rillig if (dim == -1) 319 1.25 rillig return storage_1d; 320 1.25 rillig 321 1.25 rillig if (dim == 2) 322 1.25 rillig /* expect+1: warning: illegal combination of 'pointer to double' and 'pointer to array[5] of double' [184] */ 323 1.25 rillig return storage_2d; 324 1.25 rillig 325 1.26 rillig /* 326 1.26 rillig * C11 6.3.2.1p3 says that an array is converted to a pointer to its 327 1.26 rillig * first element. That paragraph doesn't say 'recursively', that 328 1.26 rillig * word is only used two paragraphs above, in 6.3.2.1p1. 329 1.26 rillig */ 330 1.26 rillig if (dim == -2) 331 1.26 rillig return storage_2d[0]; 332 1.26 rillig 333 1.25 rillig return (double *)storage_2d; 334 1.25 rillig } 335
Indexes created Sat Oct 25 16:10:12 GMT 2025