testcase generate with csmith --float undefined-behavior: incompatible pointer types passing 'float *' to parameter of type 'char *'

[yansendao]

test command:

csmith --float -o test.c -s 1619013031212168
gcc -Wall -I ~/software/csmith/include test.c 2>&1 | grep "incompatible pointer"
clang -Wall -I ~/software/csmith/include test.c 2>&1 | grep "incompatible pointer" 
ccomp -interp -quiet -fall test-creduce.c

gcc and clang warning:

$ clang -Wall -I ~/software/csmith/include test.c 2>&1 | grep "incompatible pointer" 
test.c:560:28: warning: incompatible pointer types passing 'float *' to parameter of type 'char *' [-Wincompatible-pointer-types]
test.c:586:31: warning: incompatible pointer types passing 'float *' to parameter of type 'char *' [-Wincompatible-pointer-types]
test.c:609:28: warning: incompatible pointer types passing 'float *' to parameter of type 'char *' [-Wincompatible-pointer-types]
test.c:610:28: warning: incompatible pointer types passing 'float *' to parameter of type 'char *' [-Wincompatible-pointer-types]

test.c:560:28: warning: passing argument 1 of ‘transparent_crc_bytes’ from incompatible pointer type [-Wincompatible-pointer-types]
test.c:586:31: warning: passing argument 1 of ‘transparent_crc_bytes’ from incompatible pointer type [-Wincompatible-pointer-types]
test.c:609:28: warning: passing argument 1 of ‘transparent_crc_bytes’ from incompatible pointer type [-Wincompatible-pointer-types]
test.c:610:28: warning: passing argument 1 of ‘transparent_crc_bytes’ from incompatible pointer type [-Wincompatible-pointer-types]

creduce gcc warning :

$ gcc -Wall test-creduce.c
test-creduce.c: In function ‘main’:
test-creduce.c:18:5: warning: passing argument 1 of ‘h’ from incompatible pointer type [-Wincompatible-pointer-types]
   18 |   h(&e, sizeof(e));
      |     ^~
      |     |
      |     float *
test-creduce.c:6:14: note: expected ‘char *’ but argument is of type ‘float *’
    6 | void h(char *i, int j) {
      |        ~~~~~~^

int printf(const char *, ...);
int a, d;
char b;
float e, f;
float *g = &e;
void h(char *i, int j) {
  for (; d < j; d++)
    a = i[d];
  printf("%lX\n", a ^ 5UL);
}
void k(short i) {
  float c = i;
  f = 0 - c;
  *g = f;
}
int main() {
  k(0);
  h(&e, sizeof(e));
}

The CompCert C verified compiler warning:

test-creduce.zip

test.zip

[jxyang]

Similar to 132, Csmith is by design liberal when converting between pointer types. You have to demonstrate that the conversions are interpreted differently by different compilers (or compiler flags) for us to consider this a valid bug.

[yansendao]

/*
 * This is a RANDOMLY GENERATED PROGRAM.
 *
 * Generator: csmith 2.4.0
 * Git version: deddca6
 * Options:   --float -o test.c
 * Seed:      1619916445114238
 */

yansendao@CloudCompiler-145:dir-259$ cat /etc/os-release                 
NAME="Ubuntu"
VERSION="20.04 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal
yansendao@CloudCompiler-145:dir-259$ uname -a
Linux CloudCompiler-145 5.4.0-65-generic #73-Ubuntu SMP Mon Jan 18 17:25:17 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
yansendao@CloudCompiler-145:dir-259$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/9/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none:hsa
OFFLOAD_TARGET_DEFAULT=1
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu 9.3.0-17ubuntu1~20.04' --with-bugurl=file:///usr/share/doc/gcc-9/README.Bugs --enable-languages=c,ada,c++,go,brig,d,fortran,objc,obj-c++,gm2 --prefix=/usr --with-gcc-major-version-only --program-suffix=-9 --program-prefix=x86_64-linux-gnu- --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-verify --enable-plugin --enable-default-pie --with-system-zlib --with-target-system-zlib=auto --enable-objc-gc=auto --enable-multiarch --disable-werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-offload-targets=nvptx-none=/build/gcc-9-HskZEa/gcc-9-9.3.0/debian/tmp-nvptx/usr,hsa --without-cuda-driver --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 9.3.0 (Ubuntu 9.3.0-17ubuntu1~20.04) 

@jxyang

test.zip

creduce result：

int printf(const char *, ...);
int a, c, f, g;
char b;
int d[1];
float e;
char *h = d;
int main() {
  e = -4294967289;
  f = -e;
  *d = f;
  for (; g < 10; g++) {
    printf("%lX\n", a ^ 5UL);
    a = h[c];
  }
}