Subject: Adding syscall argument checking to lint?
To: Jason Thorpe <>
From: Jonathan Stone <jonathan@DSG.Stanford.EDU>
List: current-users
Date: 10/02/1995 13:06:46
Jason Thorpe (<>) writes:
> David Brownlee <> wrote:

> >      I _think_ this is a MI problem - will not post anything more to
> >      port-sparc, apologies for not doing this sooner...

>It looks like I botched one of the prototyping changes... "oops".  That's 
>why we did it then, so we could catch these little bugs :-)

It may be _why_ it was done; but the fact remains that making those
changes means there is LESS type information available, not MORE;
and that makes bugs like this one more likely, not less.

It may be that my mind has been warped by programming-language
type-theory classes; but I think it's an incontrovertible statement of
fact that there's less type-checking going on now than before.  This
particuarl bug demonstrates that much more elegantly than when I'd
made it in private e-mail.

I don't personally have time; but maybe it'd be a good idea to modify
NetBSD's lint, adding explicit comment-keyword and/or pattern
recognizer for the new NetBSD syscall cliche', and actually _do_
typechecking on the void* argument that's supposed to be immediately
assigned to  a pointer to the syscall's argument structure?

I think that clearly _would_ be a net win over the status quo ante;
thought this _precise_ bug would have been caught by GCC's (or lint's)
used-before-set warning, there are other bugs that wouldn't.

A possible syntax (for this particular bug) would  be

	/* SYSCALL struct svr4_fcntl_args  */
	svr4_fcntl(p, v, retval)
		register struct proc		*p;
		void				*v;
		register_t			*retval;

where the appropriate test for lint to apply is that the second
argument to the function after the SYSCALL comment -- in this case, v
-- is _declared_ as a void* but _used_ as (or assigned to) a pointer
to whatever-type-it-is  that follows the SYSCALL.

Any volunteers??