From owner-freebsd-bugs@FreeBSD.ORG Tue Jul 29 04:48:46 2008 Return-Path: Delivered-To: freebsd-bugs@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1EF0E106566C; Tue, 29 Jul 2008 04:48:46 +0000 (UTC) (envelope-from brde@optusnet.com.au) Received: from mail03.syd.optusnet.com.au (mail03.syd.optusnet.com.au [211.29.132.184]) by mx1.freebsd.org (Postfix) with ESMTP id BF55D8FC12; Tue, 29 Jul 2008 04:48:45 +0000 (UTC) (envelope-from brde@optusnet.com.au) Received: from c220-239-252-11.carlnfd3.nsw.optusnet.com.au (c220-239-252-11.carlnfd3.nsw.optusnet.com.au [220.239.252.11]) by mail03.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id m6T4mfTC016598 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 29 Jul 2008 14:48:43 +1000 Date: Tue, 29 Jul 2008 14:48:41 +1000 (EST) From: Bruce Evans X-X-Sender: bde@delplex.bde.org To: John Baldwin In-Reply-To: <200807282150.m6SLoApK041731@freefall.freebsd.org> Message-ID: <20080729135047.S39612@delplex.bde.org> References: <200807282150.m6SLoApK041731@freefall.freebsd.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-bugs@FreeBSD.org Subject: Re: kern/68081: [headers] [patch] sys/time.h (lint fix) X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Jul 2008 04:48:46 -0000 On Mon, 28 Jul 2008, John Baldwin wrote: > The following reply was made to PR kern/68081; it has been noted by GNATS. > > From: John Baldwin > To: bug-followup@FreeBSD.org, cyrille.lefevre@laposte.net > Cc: > Subject: Re: kern/68081: [headers] [patch] sys/time.h (lint fix) > Date: Mon, 28 Jul 2008 17:27:38 -0400 > > You have to use 'lint -a' in which case you get 2 of the warnings: > > > lint -a stupid.c > stupid.c: > time.h(112): warning: conversion from 'unsigned long long' may lose accuracy > [132] > time.h(129): warning: conversion from 'unsigned long long' may lose accuracy > [132] > _types.h(60): warning: struct __timer never defined [233] > _types.h(61): warning: struct __mq never defined [233] > ... > > However, I'm not sure it is worth adding casts to appease optional behavior of > lint when there is no actual bug. But there is an actual bug. It is that lint is stupid. It would be of negative worth to add casts to appease this bug. > (The number of micro-seconds in a partial > second is always going to fit into a 32-bit value.) Not just that. Lint cannot tell that the values are within bounds for a microsecond or a nansecond. However, the values are of the form ((uint64_t)N * v) >> 32 where v is a 32-bit value and N is not too large (slightly less than 1/4 of UINT32_MAX in the worst case). Thus the final value is slightly less than 1/4 of UINT32_MAX in the worst case so it fits in an an int32_t, and on the target machine the target type happens to be int == int32_t. Lint is also too stupid to issue this warning in some cases where conversion loses accuracy. It fails to warn for conversion from long to int when run on i386. There is no problem on i386, but there is on machines where long is actually long (so that it is longer than int). It fails to warn for conversion from u_int to int (this may lose the sign bit, and the loss is unrecoverable on exotic machines). I think gcc now does enough static analysis to give useful warnings here (i.e., none in time.h, but one for the above expression without the right-shift by 32). Bruce