From b4ffce88f5434707c113f45f71754b799c67c356 Mon Sep 17 00:00:00 2001
From: Jan Rochel <jan.rochel@cea.fr>
Date: Wed, 5 Apr 2023 11:30:15 +0200
Subject: [PATCH] [alias] emit warning when casting to an incompatible type

---
 src/plugins/alias/options.ml                          |  1 +
 src/plugins/alias/options.mli                         |  1 +
 src/plugins/alias/simplified.ml                       | 11 ++++++++++-
 .../alias/tests/basic/oracle/assignment1.res.oracle   |  4 ++++
 .../alias/tests/basic/oracle/assignment2.res.oracle   |  4 ++++
 .../alias/tests/basic/oracle/assignment3.res.oracle   |  2 ++
 .../alias/tests/basic/oracle/assignment4.res.oracle   |  4 ++++
 .../alias/tests/basic/oracle/assignment5.res.oracle   |  4 ++++
 src/plugins/alias/tests/basic/oracle/cast1.res.oracle |  6 ++++++
 .../alias/tests/basic/oracle/conditional1.res.oracle  |  3 +++
 .../alias/tests/basic/oracle/function1.res.oracle     |  5 +++++
 .../alias/tests/basic/oracle/function2.res.oracle     |  3 +++
 .../alias/tests/basic/oracle/function3.res.oracle     |  5 +++++
 .../alias/tests/basic/oracle/function4.res.oracle     |  2 ++
 .../alias/tests/basic/oracle/function5.res.oracle     |  3 +++
 .../alias/tests/basic/oracle/globctr.res.oracle       |  2 ++
 .../alias/tests/basic/oracle/switch1.res.oracle       |  4 ++++
 .../alias/tests/basic/oracle/switch2.res.oracle       |  4 ++++
 .../alias/tests/basic/oracle/while_for1.res.oracle    |  1 +
 .../alias/tests/basic/oracle/while_for2.res.oracle    |  3 +++
 .../alias/tests/basic/oracle/while_for3.res.oracle    |  3 +++
 .../alias/tests/offsets/oracle/nested1.res.oracle     |  6 ++++++
 .../alias/tests/offsets/oracle/nested2.res.oracle     |  6 ++++++
 .../alias/tests/offsets/oracle/structure1.res.oracle  |  2 ++
 .../alias/tests/offsets/oracle/structure2.res.oracle  |  4 ++++
 .../alias/tests/offsets/oracle/structure3.res.oracle  |  8 ++++++++
 .../alias/tests/offsets/oracle/structure4.res.oracle  |  2 ++
 .../alias/tests/real_world/oracle/example2.res.oracle |  2 ++
 28 files changed, 104 insertions(+), 1 deletion(-)

diff --git a/src/plugins/alias/options.ml b/src/plugins/alias/options.ml
index 145ddcdec77..fcbea32ee65 100644
--- a/src/plugins/alias/options.ml
+++ b/src/plugins/alias/options.ml
@@ -74,6 +74,7 @@ module Warn = struct
   let unsupported_address = register_warn_category "unsupported:addr"
   let unsupported_asm = register_warn_category "unsupported:asm"
   let unsupported_function = register_warn_category "unsupported:fn"
+  let unsafe_cast = register_warn_category "unsafe-cast"
 end
 
 module DebugKeys = struct
diff --git a/src/plugins/alias/options.mli b/src/plugins/alias/options.mli
index c2a3c0b6e36..1a5dd44638c 100644
--- a/src/plugins/alias/options.mli
+++ b/src/plugins/alias/options.mli
@@ -47,6 +47,7 @@ module Warn : sig
   val unsupported_address : warn_category
   val unsupported_asm : warn_category
   val unsupported_function : warn_category
+  val unsafe_cast : warn_category
 end
 
 module DebugKeys : sig
diff --git a/src/plugins/alias/simplified.ml b/src/plugins/alias/simplified.ml
index b1dc0b6a07a..00be54d3098 100644
--- a/src/plugins/alias/simplified.ml
+++ b/src/plugins/alias/simplified.ml
@@ -47,6 +47,13 @@ exception IsExp of exp
 
 exception Explicit_pointer_address of location
 
+let check_cast_compatibility e typ =
+  let type_of_e = Cil.typeOf e in
+  if Cil.need_cast typ type_of_e then
+    Options.warning ~once:true ~source:(fst @@ e.eloc) ~wkey:Options.Warn.unsafe_cast
+      "unsafe cast from %a to %a"
+      Printer.pp_typ type_of_e Printer.pp_typ typ
+
 let rec simplify_lval (h,o) =
   try HL.find cached_lval (h,o) with
     Not_found ->
@@ -87,7 +94,9 @@ and simplify_exp e =
               | AddrOf lv -> Lval lv
               | _ -> raise (Explicit_pointer_address e1.eloc)
             end
-          | CastE(_,e) -> raise (IsExp (simplify_exp e))
+          | CastE (typ, e) ->
+              let () = check_cast_compatibility e typ in
+              raise (IsExp (simplify_exp e))
           | _ -> raise (IsExp nul_exp)
         in
         {e with enode=simplified_enode}
diff --git a/src/plugins/alias/tests/basic/oracle/assignment1.res.oracle b/src/plugins/alias/tests/basic/oracle/assignment1.res.oracle
index 3817063c016..d9c4c504573 100644
--- a/src/plugins/alias/tests/basic/oracle/assignment1.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/assignment1.res.oracle
@@ -1,12 +1,16 @@
 [kernel] Parsing assignment1.c (with preprocessing)
 [alias] analysing function: main
 [alias] analysing instruction: int *a = (int *)0;
+[alias:unsafe-cast] assignment1.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *a = (int *)0;
 [alias] analysing instruction: int *b = (int *)0;
+[alias:unsafe-cast] assignment1.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *b = (int *)0;
 [alias] analysing instruction: int *c = (int *)0;
+[alias:unsafe-cast] assignment1.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *c = (int *)0;
 [alias] analysing instruction: int *d = (int *)0;
+[alias:unsafe-cast] assignment1.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *d = (int *)0;
 [alias] analysing instruction: a = b;
 [alias] May-aliases at the end of instruction: a = b;
diff --git a/src/plugins/alias/tests/basic/oracle/assignment2.res.oracle b/src/plugins/alias/tests/basic/oracle/assignment2.res.oracle
index cf731c11e90..6438b8a5e18 100644
--- a/src/plugins/alias/tests/basic/oracle/assignment2.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/assignment2.res.oracle
@@ -1,12 +1,16 @@
 [kernel] Parsing assignment2.c (with preprocessing)
 [alias] analysing function: main
 [alias] analysing instruction: int **a = (int **)0;
+[alias:unsafe-cast] assignment2.c:8: Warning: unsafe cast from int to int **
 [alias] May-aliases at the end of instruction: int **a = (int **)0;
 [alias] analysing instruction: int *b = (int *)0;
+[alias:unsafe-cast] assignment2.c:8: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *b = (int *)0;
 [alias] analysing instruction: int **c = (int **)0;
+[alias:unsafe-cast] assignment2.c:8: Warning: unsafe cast from int to int **
 [alias] May-aliases at the end of instruction: int **c = (int **)0;
 [alias] analysing instruction: int *d = (int *)0;
+[alias:unsafe-cast] assignment2.c:8: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *d = (int *)0;
 [alias] analysing instruction: *a = b;
 [alias] May-aliases at the end of instruction: *a = b;
diff --git a/src/plugins/alias/tests/basic/oracle/assignment3.res.oracle b/src/plugins/alias/tests/basic/oracle/assignment3.res.oracle
index 1841f4eb4ce..198c7753a2f 100644
--- a/src/plugins/alias/tests/basic/oracle/assignment3.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/assignment3.res.oracle
@@ -1,10 +1,12 @@
 [kernel] Parsing assignment3.c (with preprocessing)
 [alias] analysing function: main
 [alias] analysing instruction: int *a = (int *)0;
+[alias:unsafe-cast] assignment3.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *a = (int *)0;
 [alias] analysing instruction: int b = 0;
 [alias] May-aliases at the end of instruction: int b = 0;
 [alias] analysing instruction: int *c = (int *)0;
+[alias:unsafe-cast] assignment3.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *c = (int *)0;
 [alias] analysing instruction: a = & b;
 [alias] May-aliases at the end of instruction: a = & b;
diff --git a/src/plugins/alias/tests/basic/oracle/assignment4.res.oracle b/src/plugins/alias/tests/basic/oracle/assignment4.res.oracle
index 62755dccb74..7c1c4f02990 100644
--- a/src/plugins/alias/tests/basic/oracle/assignment4.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/assignment4.res.oracle
@@ -1,12 +1,16 @@
 [kernel] Parsing assignment4.c (with preprocessing)
 [alias] analysing function: main
 [alias] analysing instruction: int **a = (int **)0;
+[alias:unsafe-cast] assignment4.c:8: Warning: unsafe cast from int to int **
 [alias] May-aliases at the end of instruction: int **a = (int **)0;
 [alias] analysing instruction: int *b = (int *)0;
+[alias:unsafe-cast] assignment4.c:8: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *b = (int *)0;
 [alias] analysing instruction: int **c = (int **)0;
+[alias:unsafe-cast] assignment4.c:8: Warning: unsafe cast from int to int **
 [alias] May-aliases at the end of instruction: int **c = (int **)0;
 [alias] analysing instruction: int *d = (int *)0;
+[alias:unsafe-cast] assignment4.c:8: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *d = (int *)0;
 [alias] analysing instruction: *a = b;
 [alias] May-aliases at the end of instruction: *a = b;
diff --git a/src/plugins/alias/tests/basic/oracle/assignment5.res.oracle b/src/plugins/alias/tests/basic/oracle/assignment5.res.oracle
index 701c948fbd3..f54e8937508 100644
--- a/src/plugins/alias/tests/basic/oracle/assignment5.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/assignment5.res.oracle
@@ -1,12 +1,16 @@
 [kernel] Parsing assignment5.c (with preprocessing)
 [alias] analysing function: main
 [alias] analysing instruction: int ***a = (int ***)0;
+[alias:unsafe-cast] assignment5.c:7: Warning: unsafe cast from int to int ***
 [alias] May-aliases at the end of instruction: int ***a = (int ***)0;
 [alias] analysing instruction: int **b = (int **)0;
+[alias:unsafe-cast] assignment5.c:7: Warning: unsafe cast from int to int **
 [alias] May-aliases at the end of instruction: int **b = (int **)0;
 [alias] analysing instruction: int *c = (int *)0;
+[alias:unsafe-cast] assignment5.c:7: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *c = (int *)0;
 [alias] analysing instruction: int *d = (int *)0;
+[alias:unsafe-cast] assignment5.c:7: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *d = (int *)0;
 [alias] analysing instruction: *a = b;
 [alias] May-aliases at the end of instruction: *a = b;
diff --git a/src/plugins/alias/tests/basic/oracle/cast1.res.oracle b/src/plugins/alias/tests/basic/oracle/cast1.res.oracle
index fda4dcf8b1d..c568a7791dc 100644
--- a/src/plugins/alias/tests/basic/oracle/cast1.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/cast1.res.oracle
@@ -1,17 +1,23 @@
 [kernel] Parsing cast1.c (with preprocessing)
 [alias] analysing function: main
 [alias] analysing instruction: int *a = (int *)0;
+[alias:unsafe-cast] cast1.c:8: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *a = (int *)0;
 [alias] analysing instruction: int *b = (int *)0;
+[alias:unsafe-cast] cast1.c:8: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *b = (int *)0;
 [alias] analysing instruction: float *c = (float *)0;
+[alias:unsafe-cast] cast1.c:9: Warning: unsafe cast from int to float *
 [alias] May-aliases at the end of instruction: float *c = (float *)0;
 [alias] analysing instruction: float *d = (float *)0;
+[alias:unsafe-cast] cast1.c:9: Warning: unsafe cast from int to float *
 [alias] May-aliases at the end of instruction: float *d = (float *)0;
 [alias] analysing instruction: a = (int *)c;
+[alias:unsafe-cast] cast1.c:10: Warning: unsafe cast from float * to int *
 [alias] May-aliases at the end of instruction: a = (int *)c;
   {a, c} are aliased
 [alias] analysing instruction: d = (float *)b;
+[alias:unsafe-cast] cast1.c:11: Warning: unsafe cast from int * to float *
 [alias] May-aliases at the end of instruction: d = (float *)b;
   {a, c} are aliased
   {b, d} are aliased
diff --git a/src/plugins/alias/tests/basic/oracle/conditional1.res.oracle b/src/plugins/alias/tests/basic/oracle/conditional1.res.oracle
index ae6d793681e..a2bcc51e7ec 100644
--- a/src/plugins/alias/tests/basic/oracle/conditional1.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/conditional1.res.oracle
@@ -1,10 +1,13 @@
 [kernel] Parsing conditional1.c (with preprocessing)
 [alias] analysing function: main
 [alias] analysing instruction: int *a = (int *)0;
+[alias:unsafe-cast] conditional1.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *a = (int *)0;
 [alias] analysing instruction: int *b = (int *)0;
+[alias:unsafe-cast] conditional1.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *b = (int *)0;
 [alias] analysing instruction: int *c = (int *)0;
+[alias:unsafe-cast] conditional1.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *c = (int *)0;
 [alias] analysing instruction: a = b;
 [alias] May-aliases at the end of instruction: a = b;
diff --git a/src/plugins/alias/tests/basic/oracle/function1.res.oracle b/src/plugins/alias/tests/basic/oracle/function1.res.oracle
index 786d8a11dec..5856da9a875 100644
--- a/src/plugins/alias/tests/basic/oracle/function1.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/function1.res.oracle
@@ -1,16 +1,21 @@
 [kernel] Parsing function1.c (with preprocessing)
 [alias] analysing function: main
 [alias] analysing instruction: int *a = (int *)0;
+[alias:unsafe-cast] function1.c:16: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *a = (int *)0;
 [alias] analysing instruction: int *b = (int *)0;
+[alias:unsafe-cast] function1.c:16: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *b = (int *)0;
 [alias] analysing instruction: int *c = (int *)0;
+[alias:unsafe-cast] function1.c:16: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *c = (int *)0;
 [alias] analysing instruction: int *d = (int *)0;
+[alias:unsafe-cast] function1.c:16: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *d = (int *)0;
 [alias] analysing instruction: swap(a,b);
 [alias] analysing function: swap
 [alias] analysing instruction: int *z = (int *)0;
+[alias:unsafe-cast] function1.c:7: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *z = (int *)0;
 [alias] analysing instruction: z = x;
 [alias] May-aliases at the end of instruction: z = x;
diff --git a/src/plugins/alias/tests/basic/oracle/function2.res.oracle b/src/plugins/alias/tests/basic/oracle/function2.res.oracle
index 6469ba8a9b6..75083b17a42 100644
--- a/src/plugins/alias/tests/basic/oracle/function2.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/function2.res.oracle
@@ -49,12 +49,15 @@
 [alias] May-aliases at the end of function lrand48:
 [alias] analysing function: main
 [alias] analysing instruction: int *a = (int *)0;
+[alias:unsafe-cast] function2.c:14: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *a = (int *)0;
 [alias] analysing instruction: int *b = (int *)0;
+[alias:unsafe-cast] function2.c:14: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *b = (int *)0;
 [alias] analysing instruction: a = my_malloc(2);
 [alias] analysing function: my_malloc
 [alias] analysing instruction: int *res = (int *)0;
+[alias:unsafe-cast] function2.c:7: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *res = (int *)0;
 [alias] analysing instruction: res = (int *)malloc((size_t)size);
 [alias] May-aliases at the end of instruction: res = (int *)malloc((size_t)size);
diff --git a/src/plugins/alias/tests/basic/oracle/function3.res.oracle b/src/plugins/alias/tests/basic/oracle/function3.res.oracle
index 299f1560a54..1ca2d7367e8 100644
--- a/src/plugins/alias/tests/basic/oracle/function3.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/function3.res.oracle
@@ -10,18 +10,23 @@
 [alias] May-aliases at the end of instruction: y = tmp;
   {x, y, tmp} are aliased
 [alias] analysing instruction: __retres = (void *)0;
+[alias:unsafe-cast] function3.c:14: Warning: unsafe cast from int to void *
 [alias] May-aliases at the end of instruction: __retres = (void *)0;
   {x, y, tmp} are aliased
 [alias] May-aliases at the end of function f1:
   {x, y, tmp} are aliased
 [alias] analysing function: main
 [alias] analysing instruction: int *a = (int *)0;
+[alias:unsafe-cast] function3.c:19: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *a = (int *)0;
 [alias] analysing instruction: int *b = (int *)0;
+[alias:unsafe-cast] function3.c:19: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *b = (int *)0;
 [alias] analysing instruction: int *c = (int *)0;
+[alias:unsafe-cast] function3.c:19: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *c = (int *)0;
 [alias] analysing instruction: int *d = (int *)0;
+[alias:unsafe-cast] function3.c:19: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *d = (int *)0;
 [alias] analysing instruction: f1(a,b);
 [alias] May-aliases at the end of instruction: f1(a,b);
diff --git a/src/plugins/alias/tests/basic/oracle/function4.res.oracle b/src/plugins/alias/tests/basic/oracle/function4.res.oracle
index 1cffe3ea3ce..ace7aee0182 100644
--- a/src/plugins/alias/tests/basic/oracle/function4.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/function4.res.oracle
@@ -3,8 +3,10 @@
 [alias] May-aliases at the end of function addr:
 [alias] analysing function: main
 [alias] analysing instruction: int *a = (int *)0;
+[alias:unsafe-cast] function4.c:11: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *a = (int *)0;
 [alias] analysing instruction: int *b = (int *)0;
+[alias:unsafe-cast] function4.c:11: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *b = (int *)0;
 [alias] analysing instruction: int c = 0;
 [alias] May-aliases at the end of instruction: int c = 0;
diff --git a/src/plugins/alias/tests/basic/oracle/function5.res.oracle b/src/plugins/alias/tests/basic/oracle/function5.res.oracle
index c088cf63102..8510888b059 100644
--- a/src/plugins/alias/tests/basic/oracle/function5.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/function5.res.oracle
@@ -12,10 +12,13 @@
   {x, y, __retres} are aliased
 [alias] analysing function: main
 [alias] analysing instruction: int *a = (int *)0;
+[alias:unsafe-cast] function5.c:16: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *a = (int *)0;
 [alias] analysing instruction: int *b = (int *)0;
+[alias:unsafe-cast] function5.c:16: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *b = (int *)0;
 [alias] analysing instruction: int *c = (int *)0;
+[alias:unsafe-cast] function5.c:16: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *c = (int *)0;
 [alias] analysing instruction: c = choice(a,b);
 [alias] May-aliases at the end of instruction: c = choice(a,b);
diff --git a/src/plugins/alias/tests/basic/oracle/globctr.res.oracle b/src/plugins/alias/tests/basic/oracle/globctr.res.oracle
index 2cb87b870ac..93f034013d8 100644
--- a/src/plugins/alias/tests/basic/oracle/globctr.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/globctr.res.oracle
@@ -7,8 +7,10 @@
 [alias] May-aliases at the end of function f:
 [alias] analysing function: main
 [alias] analysing instruction: int *a = (int *)0;
+[alias:unsafe-cast] globctr.c:8: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *a = (int *)0;
 [alias] analysing instruction: int *b = (int *)0;
+[alias:unsafe-cast] globctr.c:8: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *b = (int *)0;
 [alias] analysing instruction: f(a);
 [alias] May-aliases at the end of instruction: f(a);
diff --git a/src/plugins/alias/tests/basic/oracle/switch1.res.oracle b/src/plugins/alias/tests/basic/oracle/switch1.res.oracle
index 089a3d72e25..b6e49fd381f 100644
--- a/src/plugins/alias/tests/basic/oracle/switch1.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/switch1.res.oracle
@@ -1,12 +1,16 @@
 [kernel] Parsing switch1.c (with preprocessing)
 [alias] analysing function: main
 [alias] analysing instruction: int *a = (int *)0;
+[alias:unsafe-cast] switch1.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *a = (int *)0;
 [alias] analysing instruction: int *b = (int *)0;
+[alias:unsafe-cast] switch1.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *b = (int *)0;
 [alias] analysing instruction: int *c = (int *)0;
+[alias:unsafe-cast] switch1.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *c = (int *)0;
 [alias] analysing instruction: int *d = (int *)0;
+[alias:unsafe-cast] switch1.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *d = (int *)0;
 [alias] analysing instruction: int e = 0;
 [alias] May-aliases at the end of instruction: int e = 0;
diff --git a/src/plugins/alias/tests/basic/oracle/switch2.res.oracle b/src/plugins/alias/tests/basic/oracle/switch2.res.oracle
index 6cccc5def21..d9a802df5fd 100644
--- a/src/plugins/alias/tests/basic/oracle/switch2.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/switch2.res.oracle
@@ -1,12 +1,16 @@
 [kernel] Parsing switch2.c (with preprocessing)
 [alias] analysing function: main
 [alias] analysing instruction: int *a = (int *)0;
+[alias:unsafe-cast] switch2.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *a = (int *)0;
 [alias] analysing instruction: int *b = (int *)0;
+[alias:unsafe-cast] switch2.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *b = (int *)0;
 [alias] analysing instruction: int *c = (int *)0;
+[alias:unsafe-cast] switch2.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *c = (int *)0;
 [alias] analysing instruction: int *d = (int *)0;
+[alias:unsafe-cast] switch2.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *d = (int *)0;
 [alias] analysing instruction: int e = 0;
 [alias] May-aliases at the end of instruction: int e = 0;
diff --git a/src/plugins/alias/tests/basic/oracle/while_for1.res.oracle b/src/plugins/alias/tests/basic/oracle/while_for1.res.oracle
index 048047cf91e..85194a6e1e6 100644
--- a/src/plugins/alias/tests/basic/oracle/while_for1.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/while_for1.res.oracle
@@ -49,6 +49,7 @@
 [alias] May-aliases at the end of function lrand48:
 [alias] analysing function: main
 [alias] analysing instruction: int *s = (int *)0;
+[alias:unsafe-cast] while_for1.c:8: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *s = (int *)0;
 [alias] analysing instruction: int idx = 0;
 [alias] May-aliases at the end of instruction: int idx = 0;
diff --git a/src/plugins/alias/tests/basic/oracle/while_for2.res.oracle b/src/plugins/alias/tests/basic/oracle/while_for2.res.oracle
index b3288fba99c..0f4e8cd0888 100644
--- a/src/plugins/alias/tests/basic/oracle/while_for2.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/while_for2.res.oracle
@@ -1,10 +1,13 @@
 [kernel] Parsing while_for2.c (with preprocessing)
 [alias] analysing function: main
 [alias] analysing instruction: int *a = (int *)0;
+[alias:unsafe-cast] while_for2.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *a = (int *)0;
 [alias] analysing instruction: int *b = (int *)0;
+[alias:unsafe-cast] while_for2.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *b = (int *)0;
 [alias] analysing instruction: int *c = (int *)0;
+[alias:unsafe-cast] while_for2.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *c = (int *)0;
 [alias] analysing instruction: a = b;
 [alias] May-aliases at the end of instruction: a = b;
diff --git a/src/plugins/alias/tests/basic/oracle/while_for3.res.oracle b/src/plugins/alias/tests/basic/oracle/while_for3.res.oracle
index 6c823b7481d..f7d9211bc9c 100644
--- a/src/plugins/alias/tests/basic/oracle/while_for3.res.oracle
+++ b/src/plugins/alias/tests/basic/oracle/while_for3.res.oracle
@@ -1,10 +1,13 @@
 [kernel] Parsing while_for3.c (with preprocessing)
 [alias] analysing function: main
 [alias] analysing instruction: int *a = (int *)0;
+[alias:unsafe-cast] while_for3.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *a = (int *)0;
 [alias] analysing instruction: int *b = (int *)0;
+[alias:unsafe-cast] while_for3.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *b = (int *)0;
 [alias] analysing instruction: int *c = (int *)0;
+[alias:unsafe-cast] while_for3.c:6: Warning: unsafe cast from int to int *
 [alias] May-aliases at the end of instruction: int *c = (int *)0;
 [alias] analysing instruction: int i = 0;
 [alias] May-aliases at the end of instruction: int i = 0;
diff --git a/src/plugins/alias/tests/offsets/oracle/nested1.res.oracle b/src/plugins/alias/tests/offsets/oracle/nested1.res.oracle
index 5a6da88a9f3..db08ac0dd30 100644
--- a/src/plugins/alias/tests/offsets/oracle/nested1.res.oracle
+++ b/src/plugins/alias/tests/offsets/oracle/nested1.res.oracle
@@ -71,9 +71,13 @@
 [alias] analysing instruction: *b = 5;
 [alias] May-aliases at the end of instruction: *b = 5;
 [alias] analysing instruction: z1->s = (struct struct_1_t *)tab_y[0];
+[alias:unsafe-cast] nested1.c:47: Warning: 
+  unsafe cast from st_1_t * to struct struct_1_t *
 [alias] May-aliases at the end of instruction: z1->s = (struct struct_1_t *)tab_y[0];
   {z1->s, tab_y[0]} are aliased
 [alias] analysing instruction: z2->s = (struct struct_1_t *)tab_y[1];
+[alias:unsafe-cast] nested1.c:48: Warning: 
+  unsafe cast from st_1_t * to struct struct_1_t *
 [alias] May-aliases at the end of instruction: z2->s = (struct struct_1_t *)tab_y[1];
   {z1->s, z2->s, tab_y[0]} are aliased
 [alias] analysing instruction: z1->c = a;
@@ -86,6 +90,8 @@
   {z1->c, a} are aliased
   {z2->c, b} are aliased
 [alias] analysing instruction: t->t = (struct struct_2_t *)z1;
+[alias:unsafe-cast] nested1.c:51: Warning: 
+  unsafe cast from st_2_t * to struct struct_2_t *
 [alias] May-aliases at the end of instruction: t->t = (struct struct_2_t *)z1;
   {z1->s, z2->s, tab_y[0]} are aliased
   {t->t, z1} are aliased
diff --git a/src/plugins/alias/tests/offsets/oracle/nested2.res.oracle b/src/plugins/alias/tests/offsets/oracle/nested2.res.oracle
index bb6dee4cbbf..1f66aaa6284 100644
--- a/src/plugins/alias/tests/offsets/oracle/nested2.res.oracle
+++ b/src/plugins/alias/tests/offsets/oracle/nested2.res.oracle
@@ -61,13 +61,19 @@
 [alias] analysing instruction: *a = 0;
 [alias] May-aliases at the end of instruction: *a = 0;
 [alias] analysing instruction: z1->s[0] = (struct struct_1_t *)(& x1);
+[alias:unsafe-cast] nested2.c:42: Warning: 
+  unsafe cast from st_1_t * to struct struct_1_t *
 [alias] May-aliases at the end of instruction: z1->s[0] = (struct struct_1_t *)(& x1);
 [alias] analysing instruction: z1->s[1] = (struct struct_1_t *)(& x2);
+[alias:unsafe-cast] nested2.c:43: Warning: 
+  unsafe cast from st_1_t * to struct struct_1_t *
 [alias] May-aliases at the end of instruction: z1->s[1] = (struct struct_1_t *)(& x2);
 [alias] analysing instruction: z1->c = a;
 [alias] May-aliases at the end of instruction: z1->c = a;
   {z1->c, a} are aliased
 [alias] analysing instruction: t->t = (struct struct_2_t *)z1;
+[alias:unsafe-cast] nested2.c:45: Warning: 
+  unsafe cast from st_2_t * to struct struct_2_t *
 [alias] May-aliases at the end of instruction: t->t = (struct struct_2_t *)z1;
   {t->t, z1} are aliased
   {z1->c, a} are aliased
diff --git a/src/plugins/alias/tests/offsets/oracle/structure1.res.oracle b/src/plugins/alias/tests/offsets/oracle/structure1.res.oracle
index 1273bdf92b2..bd470dc2d74 100644
--- a/src/plugins/alias/tests/offsets/oracle/structure1.res.oracle
+++ b/src/plugins/alias/tests/offsets/oracle/structure1.res.oracle
@@ -11,6 +11,8 @@
 [alias] analysing instruction: p_x->a = 3;
 [alias] May-aliases at the end of instruction: p_x->a = 3;
 [alias] analysing instruction: p_x = (st_1_t *)p_y;
+[alias:unsafe-cast] structure1.c:28: Warning: 
+  unsafe cast from st_2_t * to st_1_t *
 [alias] May-aliases at the end of instruction: p_x = (st_1_t *)p_y;
   {p_x, p_y} are aliased
 [alias] analysing instruction: __retres = 0;
diff --git a/src/plugins/alias/tests/offsets/oracle/structure2.res.oracle b/src/plugins/alias/tests/offsets/oracle/structure2.res.oracle
index fe54acf9e39..fcf43a555f0 100644
--- a/src/plugins/alias/tests/offsets/oracle/structure2.res.oracle
+++ b/src/plugins/alias/tests/offsets/oracle/structure2.res.oracle
@@ -5,10 +5,14 @@
 [alias] analysing instruction: st_1_t x2 = {.a = 1, .b = 2};
 [alias] May-aliases at the end of instruction: st_1_t x2 = {.a = 1, .b = 2};
 [alias] analysing instruction: st_2_t y = {.s = (struct struct_1_t *)(& x1), .c = 4};
+[alias:unsafe-cast] structure2.c:21: Warning: 
+  unsafe cast from st_1_t * to struct struct_1_t *
 [alias] May-aliases at the end of instruction: st_2_t y =
                                            {.s = (struct struct_1_t *)(& x1),
                                             .c = 4};
 [alias] analysing instruction: y.s = (struct struct_1_t *)(& x2);
+[alias:unsafe-cast] structure2.c:23: Warning: 
+  unsafe cast from st_1_t * to struct struct_1_t *
 [alias] May-aliases at the end of instruction: y.s = (struct struct_1_t *)(& x2);
 [alias] analysing instruction: __retres = 0;
 [alias] May-aliases at the end of instruction: __retres = 0;
diff --git a/src/plugins/alias/tests/offsets/oracle/structure3.res.oracle b/src/plugins/alias/tests/offsets/oracle/structure3.res.oracle
index fd94eb21c53..fb4e83b000e 100644
--- a/src/plugins/alias/tests/offsets/oracle/structure3.res.oracle
+++ b/src/plugins/alias/tests/offsets/oracle/structure3.res.oracle
@@ -6,19 +6,27 @@
 [alias] May-aliases at the end of instruction: st_1_t x2 = {.a = 1, .b = 2};
 [alias] analysing instruction: st_2_t y1 =
                            {.s = (struct struct_1_t *)(& x1), .c = 3};
+[alias:unsafe-cast] structure3.c:31: Warning: 
+  unsafe cast from st_1_t * to struct struct_1_t *
 [alias] May-aliases at the end of instruction: st_2_t y1 =
                                            {.s = (struct struct_1_t *)(& x1),
                                             .c = 3};
 [alias] analysing instruction: st_2_t y2 =
                            {.s = (struct struct_1_t *)(& x2), .c = 4};
+[alias:unsafe-cast] structure3.c:32: Warning: 
+  unsafe cast from st_1_t * to struct struct_1_t *
 [alias] May-aliases at the end of instruction: st_2_t y2 =
                                            {.s = (struct struct_1_t *)(& x2),
                                             .c = 4};
 [alias] analysing instruction: st_3_t z = {.t = (struct struct_2_t *)(& y1), .d = 5};
+[alias:unsafe-cast] structure3.c:33: Warning: 
+  unsafe cast from st_2_t * to struct struct_2_t *
 [alias] May-aliases at the end of instruction: st_3_t z =
                                            {.t = (struct struct_2_t *)(& y1),
                                             .d = 5};
 [alias] analysing instruction: z.t = (struct struct_2_t *)(& y2);
+[alias:unsafe-cast] structure3.c:35: Warning: 
+  unsafe cast from st_2_t * to struct struct_2_t *
 [alias] May-aliases at the end of instruction: z.t = (struct struct_2_t *)(& y2);
 [alias] analysing instruction: y1.c = z.d;
 [alias] May-aliases at the end of instruction: y1.c = z.d;
diff --git a/src/plugins/alias/tests/offsets/oracle/structure4.res.oracle b/src/plugins/alias/tests/offsets/oracle/structure4.res.oracle
index 7ba93a3a399..988f3aef97f 100644
--- a/src/plugins/alias/tests/offsets/oracle/structure4.res.oracle
+++ b/src/plugins/alias/tests/offsets/oracle/structure4.res.oracle
@@ -59,6 +59,8 @@
 [alias] analysing instruction: y1 = & x1;
 [alias] May-aliases at the end of instruction: y1 = & x1;
 [alias] analysing instruction: z->s = (struct struct_1_t *)y1;
+[alias:unsafe-cast] structure4.c:37: Warning: 
+  unsafe cast from st_1_t * to struct struct_1_t *
 [alias] May-aliases at the end of instruction: z->s = (struct struct_1_t *)y1;
   {z->s, y1} are aliased
 [alias] analysing instruction: z->c = 6;
diff --git a/src/plugins/alias/tests/real_world/oracle/example2.res.oracle b/src/plugins/alias/tests/real_world/oracle/example2.res.oracle
index c811043e42c..fbd81b3ae21 100644
--- a/src/plugins/alias/tests/real_world/oracle/example2.res.oracle
+++ b/src/plugins/alias/tests/real_world/oracle/example2.res.oracle
@@ -152,6 +152,7 @@
 [alias] May-aliases at the end of instruction: swap(tmp->n1);
   {x, tmp} are aliased
 [alias] analysing instruction: __retres = (void *)0;
+[alias:unsafe-cast] example2.c:49: Warning: unsafe cast from int to void *
 [alias] May-aliases at the end of instruction: __retres = (void *)0;
   {x, tmp} are aliased
 [alias] May-aliases at the end of function f1:
@@ -208,6 +209,7 @@
 [alias] May-aliases at the end of instruction: swap(tmp->n2);
   {x, tmp} are aliased
 [alias] analysing instruction: __retres = (void *)0;
+[alias:unsafe-cast] example2.c:74: Warning: unsafe cast from int to void *
 [alias] May-aliases at the end of instruction: __retres = (void *)0;
   {x, tmp} are aliased
 [alias] May-aliases at the end of function f2:
-- 
GitLab