Page MenuHomeFreeBSD
Differential D53946

libcasper: fix warnings when _ALIGN preserves types
ClosedPublic
Actions

Authored by brooks on Thu, Nov 27, 3:34 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Dec 17, 7:31 PM
Unknown Object (File)
Mon, Dec 15, 11:11 PM
Unknown Object (File)
Mon, Dec 15, 6:05 PM
Unknown Object (File)
Mon, Dec 15, 3:53 PM
Unknown Object (File)
Mon, Dec 15, 9:20 AM
Unknown Object (File)
Mon, Dec 15, 6:36 AM
Unknown Object (File)
Sat, Dec 13, 8:47 PM
Unknown Object (File)
Thu, Dec 4, 7:46 AM
View All 12 Files
Subscribers
imp

Details

Reviewers
kib
markj
Group Reviewers
cheri
Commits
rGcfae62eac076: libcasper: fix warnings when _ALIGN preserves types
Summary

Without the void * casts, the compiler complains about an allignment
requirement increase.

Obtained from: CheriBSD
Effort: CHERI upstreaming
Sponsored by: DARPA, AFRL

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

brooks created this revision.Thu, Nov 27, 3:34 PM
Herald added a subscriber: imp. · View Herald TranscriptThu, Nov 27, 3:34 PM
brooks requested review of this revision.Thu, Nov 27, 3:34 PM
Harbormaster completed remote builds in B68887: Diff 167185.Thu, Nov 27, 3:34 PM
brooks added a parent revision: D53945: get*ent: be consistant about _ALIGN(p) - p.Thu, Nov 27, 3:34 PM
brooks added a child revision: D53947: Add sys/_align.h replacing machine/_align.h.
brooks removed a parent revision: D53945: get*ent: be consistant about _ALIGN(p) - p.Thu, Nov 27, 3:34 PM
kib added inline comments.Fri, Nov 28, 12:57 AM
lib/libcasper/services/cap_grp/cap_grp.c
105

I do not understand neither the old code, nor the new one.
After *bufferp is evaluated, we get the char * value, which is then aligned. Why is it cast to char ** at all?

brooks added inline comments.Fri, Nov 28, 10:10 AM
lib/libcasper/services/cap_grp/cap_grp.c
105

Without the change we get:

/home/bed22/cheri/ca-cheri/lib/libcasper/services/cap_grp/cap_grp.c -o cap_grp.pico
/home/bed22/cheri/ca-cheri/lib/libcasper/services/cap_grp/cap_grp.c:105:13: error: cast from 'char *' to 'char **' increases required alignment from 1 to 8 [-Werror,-Wcast-align]
  105 |                 outstrs = (char **)_ALIGN(*bufferp);
      |                           ^~~~~~~~~~~~~~~~~~~~~~~~~
/home/bed22/cheri/ca-cheri/lib/libcasper/services/cap_grp/cap_grp.c:127:12: error: cast from 'char *' to 'char **' increases required alignment from 1 to 8 [-Werror,-Wcast-align]
  127 |         outstrs = (char **)_ALIGN(*bufferp);
      |                   ^~~~~~~~~~~~~~~~~~~~~~~~~
2 errors generated.

The problem is that *bufferp is of type char * which points to data of an alignment of 1. The void * cast suppresses that diagnostic.

markj accepted this revision as: markj.Fri, Nov 28, 1:47 PM
This revision is now accepted and ready to land.Fri, Nov 28, 1:47 PM
kib added inline comments.Fri, Nov 28, 2:11 PM
lib/libcasper/services/cap_grp/cap_grp.c
105

This is not what I am asking about.
I do not understand the code with or without the warning fixed: outstrs should have the char * type, not char **.

brooks added inline comments.Mon, Dec 1, 9:53 AM
lib/libcasper/services/cap_grp/cap_grp.c
105

outstrs is definitely an array of pointers to strings (with the strings tacked on the end) and thus I think is correctly char **. It's more obvious in the loop below.

This code is a mess and needs to be replaced with something that doesn't send pointers over IPC.

kib added inline comments.Mon, Dec 1, 8:09 PM
lib/libcasper/services/cap_grp/cap_grp.c
105

Yes, outstrs is char **, but the value that is aligned is only char *. So the compiler warning is correct.

I suspect that the deref of bufferp in the expression is erronous.

brooks added inline comments.Wed, Dec 3, 3:25 PM
lib/libcasper/services/cap_grp/cap_grp.c
105

I've spent some time looking over the whole code. I believe it's correct that it's dereferencing bufferp. bufferp holds a pointer to a pointer to the next byte in a buffer used to store values in a struct grp. This allow buffer in the caller to be updated at the end of group_unpack_members.[0] It's dereferenced before passing to _ALIGN because *bufferp is the buffer point. I think the warning is actually wrong because the compiler should be able to observe that the pointer is now properly aligned as a result of the align_up, but it's diagnosed so we need the cast.

[0] This update is ultimately pointless as there are no further consumers of buffer, but it matches group_unpack_string.

kib accepted this revision.Thu, Dec 4, 3:39 AM
Closed by commit rGcfae62eac076: libcasper: fix warnings when _ALIGN preserves types (authored by brooks). · Explain WhyWed, Dec 10, 10:58 AM
This revision was automatically updated to reflect the committed changes.
brooks added a commit: rGcfae62eac076: libcasper: fix warnings when _ALIGN preserves types.

Revision Contents
Changeset List

PathSize
lib/
libcasper/
services/
cap_grp/
4 lines

Diff 167811

View Options

lib/libcasper/services/cap_grp/cap_grp.c

Loading...