1 /* $NetBSD: tree.c,v 1.715 2026/06/16 05:37:27 rillig Exp $ */ 2 3 /* 4 * Copyright (c) 1994, 1995 Jochen Pohl 5 * All Rights Reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by Jochen Pohl for 18 * The NetBSD Project. 19 * 4. The name of the author may not be used to endorse or promote products 20 * derived from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34 #if HAVE_NBTOOL_CONFIG_H 35 #include "nbtool_config.h" 36 #endif 37 38 #include <sys/cdefs.h> 39 #if defined(__RCSID) 40 __RCSID("$NetBSD: tree.c,v 1.715 2026/06/16 05:37:27 rillig Exp $"); 41 #endif 42 43 #include <float.h> 44 #include <limits.h> 45 #include <math.h> 46 #include <signal.h> 47 #include <stdlib.h> 48 #include <string.h> 49 50 #include "lint1.h" 51 52 53 typedef struct integer_constraints { 54 int64_t smin; /* signed minimum */ 55 int64_t smax; /* signed maximum */ 56 uint64_t umin; /* unsigned minimum */ 57 uint64_t umax; /* unsigned maximum */ 58 uint64_t bclr; /* bits that are definitely clear */ 59 } integer_constraints; 60 61 62 static int64_t 63 s64_min(int64_t a, int64_t b) 64 { 65 return a < b ? a : b; 66 } 67 68 static int64_t 69 s64_max(int64_t a, int64_t b) 70 { 71 return a > b ? a : b; 72 } 73 74 static uint64_t 75 s64_abs(int64_t x) 76 { 77 return x >= 0 ? (uint64_t)x : -(uint64_t)x; 78 } 79 80 static int64_t 81 s64_shr(int64_t x, unsigned amount) 82 { 83 return x >= 0 84 ? (int64_t)((uint64_t)x >> amount) 85 : (int64_t)~(~(uint64_t)x >> amount); 86 } 87 88 static uint64_t 89 u64_min(uint64_t a, uint64_t b) 90 { 91 return a < b ? a : b; 92 } 93 94 static uint64_t 95 u64_max(uint64_t a, uint64_t b) 96 { 97 return a > b ? a : b; 98 } 99 100 static uint64_t 101 u64_fill_right(uint64_t x) 102 { 103 x |= x >> 1; 104 x |= x >> 2; 105 x |= x >> 4; 106 x |= x >> 8; 107 x |= x >> 16; 108 x |= x >> 32; 109 return x; 110 } 111 112 static unsigned 113 u64_width(uint64_t x) 114 { 115 unsigned m = 0; 116 if (x >> 32 != 0) 117 x >>= 32, m += 32; 118 if (x >> 16 != 0) 119 x >>= 16, m += 16; 120 if (x >> 8 != 0) 121 x >>= 8, m += 8; 122 if (x >> 4 != 0) 123 x >>= 4, m += 4; 124 if (x >> 2 != 0) 125 x >>= 2, m += 2; 126 if (x >> 1 != 0) 127 x >>= 1, m++; 128 if (x > 0) 129 m++; 130 return m; 131 } 132 133 static int 134 portable_rank_cmp(tspec_t t1, tspec_t t2) 135 { 136 const ttab_t *p1 = type_properties(t1), *p2 = type_properties(t2); 137 lint_assert(p1->tt_rank_kind == p2->tt_rank_kind); 138 lint_assert(p1->tt_rank_value > 0); 139 lint_assert(p2->tt_rank_value > 0); 140 return (int)p1->tt_rank_value - (int)p2->tt_rank_value; 141 } 142 143 static unsigned 144 width_in_bits(const type_t *tp) 145 { 146 lint_assert(is_integer(tp->t_tspec)); 147 return tp->t_bitfield 148 ? tp->t_bit_field_width 149 : size_in_bits(tp->t_tspec); 150 } 151 152 static uint64_t 153 ui_max_value(const type_t *tp) 154 { 155 return value_bits(width_in_bits(tp)); 156 } 157 158 static int64_t 159 si_max_value(const type_t *tp) 160 { 161 return (int64_t)(ui_max_value(tp) >> 1); 162 } 163 164 static int64_t 165 si_min_value(const type_t *tp) 166 { 167 return -si_max_value(tp) - 1; 168 } 169 170 static int64_t 171 si_mult_sat(const type_t *tp, int64_t l, int64_t r) 172 { 173 uint64_t al = s64_abs(l); 174 uint64_t ar = s64_abs(r); 175 bool neg = (l >= 0) != (r >= 0); 176 int64_t max = si_max_value(tp); 177 uint64_t max_prod = (uint64_t)max + (neg ? 1 : 0); 178 if (al == 0 || ar <= max_prod / al) 179 return l * r; 180 else if (neg) 181 return -1 - max; 182 else 183 return max; 184 } 185 186 static int64_t 187 si_plus_sat(const type_t *tp, int64_t a, int64_t b) 188 { 189 if (b >= 0) { 190 int64_t max = si_max_value(tp); 191 return a <= max - b ? a + b : max; 192 } else { 193 int64_t min = si_min_value(tp); 194 return a >= min - b ? a + b : min; 195 } 196 } 197 198 static int64_t 199 si_minus_sat(const type_t *tp, int64_t a, int64_t b) 200 { 201 if (b >= 0) { 202 int64_t min = si_min_value(tp); 203 return a >= min + b ? a - b : min; 204 } else { 205 int64_t max = si_max_value(tp); 206 return a <= max + b ? a - b : max; 207 } 208 } 209 210 static bool 211 ic_maybe_signed(const type_t *tp, integer_constraints ic) 212 { 213 return !is_uinteger(tp->t_tspec) && ic.bclr >> 63 == 0; 214 } 215 216 static bool 217 ic_maybe_signed_binary(const type_t *tp, 218 integer_constraints a, integer_constraints b) 219 { 220 return !is_uinteger(tp->t_tspec) && (a.bclr & b.bclr) >> 63 == 0; 221 } 222 223 static integer_constraints 224 ic_any(const type_t *tp) 225 { 226 integer_constraints c; 227 228 unsigned width = width_in_bits(tp); 229 uint64_t vbits = value_bits(width); 230 if (is_uinteger(tp->t_tspec)) { 231 c.smin = width < 64 ? 0 : INT64_MIN; 232 c.smax = width < 64 ? (int64_t)vbits : INT64_MAX; 233 c.umin = 0; 234 c.umax = vbits; 235 c.bclr = ~c.umax; 236 } else { 237 c.smin = -1 - (int64_t)(vbits >> 1); 238 c.smax = (int64_t)(vbits >> 1); 239 c.umin = 0; 240 c.umax = UINT64_MAX; 241 c.bclr = 0; 242 } 243 return c; 244 } 245 246 static integer_constraints 247 ic_mult(const type_t *tp, integer_constraints a, integer_constraints b) 248 { 249 integer_constraints c; 250 251 if (ic_maybe_signed_binary(tp, a, b)) { 252 int64_t ll = si_mult_sat(tp, a.smin, b.smin); 253 int64_t lu = si_mult_sat(tp, a.smin, b.smax); 254 int64_t ul = si_mult_sat(tp, a.smax, b.smin); 255 int64_t uu = si_mult_sat(tp, a.smax, b.smax); 256 257 c.smin = s64_min(ll, s64_min(lu, s64_min(ul, uu))); 258 c.smax = s64_max(ll, s64_max(lu, s64_max(ul, uu))); 259 c.umin = c.smin >= 0 ? (uint64_t)c.smin : 0; 260 c.umax = c.smin >= 0 ? (uint64_t)c.smax : UINT64_MAX; 261 c.bclr = ~u64_fill_right(c.umax); 262 return c; 263 } 264 265 if (a.umax > 0 && b.umax > ic_any(tp).umax / a.umax) 266 return ic_any(tp); 267 268 c.smin = INT64_MIN; 269 c.smax = INT64_MAX; 270 c.umin = a.umin * b.umin; 271 c.umax = a.umax * b.umax; 272 c.bclr = ~u64_fill_right(c.umax); 273 return c; 274 } 275 276 static integer_constraints 277 ic_div(const type_t *tp, integer_constraints a, integer_constraints b) 278 { 279 if (ic_maybe_signed_binary(tp, a, b)) { 280 if (b.smin >= 0) 281 return a; 282 return ic_any(tp); 283 } 284 285 integer_constraints c; 286 c.smin = INT64_MIN; 287 c.smax = INT64_MAX; 288 c.umin = a.umin / u64_max(b.umax, 1); 289 c.umax = a.umax / u64_max(b.umin, 1); 290 c.bclr = ~u64_fill_right(c.umax); 291 return c; 292 } 293 294 static integer_constraints 295 ic_mod(const type_t *tp, integer_constraints a, integer_constraints b) 296 { 297 if (ic_maybe_signed_binary(tp, a, b)) { 298 uint64_t max_abs_b = u64_max(s64_abs(b.smin), s64_abs(b.smax)); 299 if (max_abs_b >> 63 != 0 || max_abs_b == 0) 300 return a; 301 302 integer_constraints c; 303 c.smin = s64_max(a.smin, -(int64_t)(max_abs_b - 1)); 304 c.smax = s64_min(a.smax, (int64_t)(max_abs_b - 1)); 305 c.umin = 0; 306 c.umax = UINT64_MAX; 307 c.bclr = 0; 308 return c; 309 } 310 311 integer_constraints c; 312 c.smin = INT64_MIN; 313 c.smax = INT64_MAX; 314 c.umin = 0; 315 c.umax = b.umax - 1; 316 c.bclr = ~u64_fill_right(c.umax); 317 return c; 318 } 319 320 static integer_constraints 321 ic_plus(const type_t *tp, integer_constraints a, integer_constraints b) 322 { 323 if (ic_maybe_signed_binary(tp, a, b)) { 324 integer_constraints c; 325 c.smin = si_plus_sat(tp, a.smin, b.smin); 326 c.smax = si_plus_sat(tp, a.smax, b.smax); 327 c.umin = c.smin >= 0 ? (uint64_t)c.smin : 0; 328 c.umax = c.smin >= 0 ? (uint64_t)c.smax : UINT64_MAX; 329 c.bclr = 0; 330 return c; 331 } 332 333 uint64_t max = ui_max_value(tp); 334 integer_constraints c; 335 c.smin = INT64_MIN; 336 c.smax = INT64_MAX; 337 if (b.umax <= max - a.umax) { 338 c.umin = a.umin + b.umin; 339 c.umax = a.umax + b.umax; 340 } else { 341 c.umin = 0; 342 c.umax = max; 343 } 344 if (c.umax >> 63 == 0) { 345 c.smin = 0; 346 c.smax = (int64_t)c.umax; 347 } 348 c.bclr = ~u64_fill_right(c.umax); 349 return c; 350 } 351 352 static integer_constraints 353 ic_minus(const type_t *tp, integer_constraints a, integer_constraints b) 354 { 355 integer_constraints c; 356 c.smin = si_minus_sat(tp, a.smin, b.smax); 357 c.smax = si_minus_sat(tp, a.smax, b.smin); 358 359 if (ic_maybe_signed_binary(tp, a, b)) { 360 c.umin = c.smin >= 0 ? (uint64_t)c.smin : 0; 361 c.umax = c.smin >= 0 ? (uint64_t)c.smax : UINT64_MAX; 362 } else if (a.umin >= b.umax) { 363 c.umin = a.umin - b.umax; 364 c.umax = a.umax - b.umin; 365 } else { 366 c.umin = 0; 367 c.umax = is_uinteger(tp->t_tspec) ? ui_max_value(tp) 368 : UINT64_MAX; 369 } 370 c.bclr = ~u64_fill_right(c.umax); 371 return c; 372 } 373 374 static integer_constraints 375 ic_shl(const type_t *tp, integer_constraints a, integer_constraints b) 376 { 377 if (ic_maybe_signed(tp, a)) 378 return ic_any(tp); 379 380 unsigned amount; 381 if (b.smin == b.smax && b.smin >= 0 && b.smin < 64) 382 amount = (unsigned)b.smin; 383 else if (b.umin == b.umax && b.umin < 64) 384 amount = (unsigned)b.umin; 385 else 386 return ic_any(tp); 387 388 integer_constraints c; 389 c.umin = a.umin << amount; 390 c.umax = a.umax << amount; 391 if (c.umax >> (width_in_bits(tp) - 1) == 0) { 392 c.smin = (int64_t)c.umin; 393 c.smax = (int64_t)c.umax; 394 } else { 395 c.smin = INT64_MIN; 396 c.smax = INT64_MAX; 397 } 398 c.bclr = a.bclr << amount | (((uint64_t)1 << amount) - 1); 399 return c; 400 } 401 402 static integer_constraints 403 ic_shr(const type_t *tp, integer_constraints a, integer_constraints b) 404 { 405 if (ic_maybe_signed(tp, a)) 406 return ic_any(tp); 407 408 unsigned amount; 409 if (b.smin == b.smax && b.smin >= 0 && b.smin < 64) 410 amount = (unsigned)b.smin; 411 else if (b.umin == b.umax && b.umin < 64) 412 amount = (unsigned)b.umin; 413 else 414 return ic_any(tp); 415 416 integer_constraints c; 417 c.smin = s64_shr(a.smin, amount); 418 c.smax = s64_shr(a.smax, amount); 419 c.umin = a.umin >> amount; 420 c.umax = a.umax >> amount; 421 c.bclr = a.bclr >> amount | ~(~(uint64_t)0 >> amount); 422 return c; 423 } 424 425 static integer_constraints 426 ic_bitand(integer_constraints a, integer_constraints b) 427 { 428 integer_constraints c; 429 c.smin = a.smin & b.smin; 430 c.smax = a.smax & b.smax; 431 c.umin = a.umin & b.umin; 432 c.umax = a.umax & b.umax; 433 c.bclr = a.bclr | b.bclr; 434 return c; 435 } 436 437 static integer_constraints 438 ic_bitxor(const type_t *tp, integer_constraints a, integer_constraints b) 439 { 440 if (ic_maybe_signed_binary(tp, a, b)) 441 return ic_any(tp); 442 443 integer_constraints c; 444 c.smin = a.smin & b.smin; 445 c.smax = a.smax | b.smax; 446 c.umin = a.umin & b.umin; 447 c.umax = a.umax | b.umax; 448 c.bclr = a.bclr & b.bclr; 449 return c; 450 } 451 452 static integer_constraints 453 ic_bitor(integer_constraints a, integer_constraints b) 454 { 455 integer_constraints c; 456 c.smin = a.smin | b.smin; 457 c.smax = a.smax | b.smax; 458 c.umin = a.umin | b.umin; 459 c.umax = a.umax | b.umax; 460 c.bclr = a.bclr & b.bclr; 461 return c; 462 } 463 464 static integer_constraints 465 ic_quest_colon(integer_constraints a, integer_constraints b) 466 { 467 integer_constraints c; 468 c.smin = s64_min(a.smin, b.smin); 469 c.smax = s64_max(a.smax, b.smax); 470 c.umin = u64_min(a.umin, b.umin); 471 c.umax = u64_max(a.umax, b.umax); 472 c.bclr = a.bclr & b.bclr; 473 return c; 474 } 475 476 static integer_constraints 477 ic_con(const type_t *tp, const val_t *v) 478 { 479 lint_assert(is_integer(tp->t_tspec)); 480 int64_t si = v->u.integer; 481 uint64_t ui = (uint64_t)si; 482 483 integer_constraints c; 484 c.smin = si; 485 c.smax = si; 486 c.umin = ui; 487 c.umax = ui; 488 c.bclr = ~ui; 489 return c; 490 } 491 492 static integer_constraints 493 ic_cvt(const type_t *ntp, const type_t *otp, integer_constraints a) 494 { 495 unsigned new_width = width_in_bits(ntp); 496 unsigned old_width = width_in_bits(otp); 497 bool new_unsigned = is_uinteger(ntp->t_tspec); 498 bool old_unsigned = is_uinteger(otp->t_tspec); 499 500 if (new_width >= old_width && new_unsigned == old_unsigned) 501 return a; 502 if (new_width > old_width && old_unsigned) 503 return a; 504 if (new_unsigned && (~value_bits(new_width) & ~a.bclr) == 0) 505 return a; 506 return ic_any(ntp); 507 } 508 509 static integer_constraints 510 ic_unsigned_range(uint64_t minimum, uint64_t maximum) 511 { 512 integer_constraints c; 513 lint_assert(minimum <= maximum); 514 c.smin = maximum <= INT64_MAX ? (int64_t)minimum : INT64_MIN; 515 c.smax = maximum <= INT64_MAX ? (int64_t)maximum : INT64_MAX; 516 c.umin = minimum; 517 c.umax = maximum; 518 c.bclr = ~c.umax; 519 return c; 520 } 521 522 static integer_constraints 523 ic_signed_range(int64_t minimum, int64_t maximum) 524 { 525 integer_constraints c; 526 lint_assert(minimum <= maximum); 527 c.smin = minimum; 528 c.smax = maximum; 529 c.umin = minimum >= 0 ? (uint64_t)minimum : 0; 530 c.umax = minimum >= 0 ? (uint64_t)maximum : UINT64_MAX; 531 c.bclr = ~c.umax; 532 return c; 533 } 534 535 static integer_constraints 536 ic_call(const function_call *call) 537 { 538 if (!(call->func->tn_op == ADDR 539 && call->func->u.ops.left->tn_op == NAME)) 540 goto any; 541 542 const char *name = call->func->u.ops.left->u.sym->s_name; 543 544 if (strcmp(name, "strlen") == 0 545 || strcmp(name, "strcspn") == 0 546 || strcmp(name, "strspn") == 0 547 || strcmp(name, "strlcpy") == 0 548 || strcmp(name, "strlcat") == 0) 549 return ic_unsigned_range(0, INT_MAX - 1); 550 if ((strcmp(name, "read") == 0 || strcmp(name, "write") == 0) 551 && call->args_len == 3 552 && call->args[2]->tn_op == CON 553 && is_uinteger(call->args[2]->tn_type->t_tspec) 554 && call->args[2]->u.value.u.integer >= 0) 555 return ic_signed_range(-1, call->args[2]->u.value.u.integer); 556 557 // https://gcc.gnu.org/onlinedocs/gcc/Bit-Operation-Builtins.html 558 if (strcmp(name, "__builtin_clz") == 0 559 || strcmp(name, "__builtin_ctz") == 0 560 || strcmp(name, "__builtin_clrsb") == 0) 561 return ic_unsigned_range(0, INT_SIZE - 1); 562 if (strcmp(name, "__builtin_ffs") == 0 563 || strcmp(name, "__builtin_popcount") == 0) 564 return ic_unsigned_range(0, INT_SIZE); 565 if (strcmp(name, "__builtin_clzl") == 0 566 || strcmp(name, "__builtin_ctzl") == 0 567 || strcmp(name, "__builtin_clrsbl") == 0) 568 return ic_unsigned_range(0, LONG_SIZE - 1); 569 if (strcmp(name, "__builtin_ffsl") == 0 570 || strcmp(name, "__builtin_popcountl") == 0) 571 return ic_unsigned_range(0, LONG_SIZE); 572 if (strcmp(name, "__builtin_clzll") == 0 573 || strcmp(name, "__builtin_ctzll") == 0 574 || strcmp(name, "__builtin_clrsbll") == 0) 575 return ic_unsigned_range(0, LLONG_SIZE - 1); 576 if (strcmp(name, "__builtin_ffsll") == 0 577 || strcmp(name, "__builtin_popcountll") == 0) 578 return ic_unsigned_range(0, LLONG_SIZE); 579 if ((strcmp(name, "__builtin_clzg") == 0 580 || strcmp(name, "__builtin_ctzg") == 0 581 || strcmp(name, "__builtin_clrsbg") == 0) 582 && call->args_len == 1 583 && is_integer(call->args[0]->tn_type->t_tspec)) 584 return ic_unsigned_range(0, 585 width_in_bits(call->args[0]->tn_type) - 1); 586 if ((strcmp(name, "__builtin_ffsg") == 0 587 || strcmp(name, "__builtin_popcountg") == 0) 588 && call->args_len == 1 589 && is_integer(call->args[0]->tn_type->t_tspec)) 590 return ic_unsigned_range(0, 591 width_in_bits(call->args[0]->tn_type)); 592 if (strcmp(name, "__builtin_parity") == 0 593 || strcmp(name, "__builtin_parityl") == 0 594 || strcmp(name, "__builtin_parityll") == 0 595 || strcmp(name, "__builtin_parityg") == 0) 596 return ic_unsigned_range(0, 1); 597 598 any: 599 return ic_any(call->func->tn_type->t_subt->t_subt); 600 } 601 602 static integer_constraints 603 ic_expr(const tnode_t *tn) 604 { 605 integer_constraints lc, rc; 606 607 lint_assert(is_integer(tn->tn_type->t_tspec)); 608 609 switch (tn->tn_op) { 610 case MULT: 611 lc = ic_expr(tn->u.ops.left); 612 rc = ic_expr(tn->u.ops.right); 613 return ic_mult(tn->tn_type, lc, rc); 614 case DIV: 615 lc = ic_expr(tn->u.ops.left); 616 rc = ic_expr(tn->u.ops.right); 617 return ic_div(tn->tn_type, lc, rc); 618 case MOD: 619 lc = ic_expr(tn->u.ops.left); 620 rc = ic_expr(tn->u.ops.right); 621 return ic_mod(tn->tn_type, lc, rc); 622 case PLUS: 623 lc = ic_expr(tn->u.ops.left); 624 rc = ic_expr(tn->u.ops.right); 625 return ic_plus(tn->tn_type, lc, rc); 626 case MINUS: 627 if (tn->u.ops.left->tn_type->t_tspec == PTR) 628 return ic_any(tn->tn_type); 629 lc = ic_expr(tn->u.ops.left); 630 rc = ic_expr(tn->u.ops.right); 631 return ic_minus(tn->tn_type, lc, rc); 632 case SHL: 633 lc = ic_expr(tn->u.ops.left); 634 rc = ic_expr(tn->u.ops.right); 635 return ic_shl(tn->tn_type, lc, rc); 636 case SHR: 637 lc = ic_expr(tn->u.ops.left); 638 rc = ic_expr(tn->u.ops.right); 639 return ic_shr(tn->tn_type, lc, rc); 640 case BITAND: 641 lc = ic_expr(tn->u.ops.left); 642 rc = ic_expr(tn->u.ops.right); 643 return ic_bitand(lc, rc); 644 case BITXOR: 645 lc = ic_expr(tn->u.ops.left); 646 rc = ic_expr(tn->u.ops.right); 647 return ic_bitxor(tn->tn_type, lc, rc); 648 case BITOR: 649 lc = ic_expr(tn->u.ops.left); 650 rc = ic_expr(tn->u.ops.right); 651 return ic_bitor(lc, rc); 652 case QUEST: 653 lc = ic_expr(tn->u.ops.right->u.ops.left); 654 rc = ic_expr(tn->u.ops.right->u.ops.right); 655 return ic_quest_colon(lc, rc); 656 case CON: 657 return ic_con(tn->tn_type, &tn->u.value); 658 case CVT: 659 if (!is_integer(tn->u.ops.left->tn_type->t_tspec)) 660 return ic_any(tn->tn_type); 661 lc = ic_expr(tn->u.ops.left); 662 return ic_cvt(tn->tn_type, tn->u.ops.left->tn_type, lc); 663 case CALL: 664 return ic_call(tn->u.call); 665 default: 666 return ic_any(tn->tn_type); 667 } 668 } 669 670 uint64_t 671 possible_bits(const tnode_t *tn) 672 { 673 return ~ic_expr(tn).bclr; 674 } 675 676 677 static struct { 678 size_t len; 679 size_t cap; 680 evaluation_mode *items; 681 } evaluation_modes; 682 683 /* Push the minimum of the given mode and the already active mode. */ 684 void 685 push_evaluation_mode(evaluation_mode m) 686 { 687 if (evaluation_modes.len >= evaluation_modes.cap) { 688 evaluation_modes.cap = 2 * evaluation_modes.cap + 16; 689 evaluation_modes.items = xrealloc( 690 evaluation_modes.items, 691 evaluation_modes.cap * sizeof(*evaluation_modes.items)); 692 } 693 694 evaluation_mode top = evaluation_modes.len > 0 695 ? evaluation_modes.items[evaluation_modes.len - 1] 696 : EM_EVAL; 697 evaluation_modes.items[evaluation_modes.len++] = 698 (int)top < (int)m ? top : m; 699 } 700 701 void 702 pop_evaluation_mode(void) 703 { 704 evaluation_modes.len--; 705 } 706 707 bool 708 is_evaluation_mode(evaluation_mode m) 709 { 710 evaluation_mode top = evaluation_modes.len > 0 711 ? evaluation_modes.items[evaluation_modes.len - 1] 712 : EM_EVAL; 713 return (int)top >= (int)m; 714 } 715 716 717 bool 718 attributes_contain(const attribute_list *attrs, const char *str) 719 { 720 for (size_t i = 0, n = attrs->len; i < n; i++) { 721 const attribute *attr = attrs->attrs + i; 722 if (attr->prefix == NULL && strcmp(attr->name, str) == 0) 723 return true; 724 } 725 return false; 726 } 727 728 /* Build 'pointer to tp', 'array of tp' or 'function returning tp'. */ 729 type_t * 730 block_derive_type(type_t *tp, tspec_t t) 731 { 732 733 type_t *tp2 = block_zero_alloc(sizeof(*tp2), "type"); 734 tp2->t_tspec = t; 735 tp2->t_subt = tp; 736 return tp2; 737 } 738 739 /* 740 * Derive 'pointer to tp' or 'function returning tp'. 741 * The memory is freed at the end of the current expression. 742 */ 743 static type_t * 744 expr_derive_ptr_type(type_t *tp) 745 { 746 747 type_t *tp2 = expr_zero_alloc(sizeof(*tp2), "type"); 748 tp2->t_tspec = PTR; 749 tp2->t_subt = tp; 750 return tp2; 751 } 752 753 static const char * 754 function_call_descr(const function_call *call) 755 { 756 if ((call->func->tn_op == ADDR || call->func->tn_op == LOAD) 757 && call->func->u.ops.left->tn_op == NAME) 758 return call->func->u.ops.left->u.sym->s_name; 759 return type_name(call->func->tn_type->t_subt); 760 } 761 762 static size_t 763 str_len(const tnode_t *tn) 764 { 765 const buffer *buf = tn->u.str_literals; 766 if (tn->tn_type->t_subt->t_tspec != CHAR) 767 return buf->len; 768 quoted_iterator it = { .end = 0 }; 769 size_t len = 0; 770 while (quoted_next(buf, &it)) 771 len++; 772 return len; 773 } 774 775 /* Create an expression from a unary or binary operator and its operands. */ 776 static tnode_t * 777 build_op(op_t op, bool sys, type_t *type, tnode_t *ln, tnode_t *rn) 778 { 779 780 tnode_t *ntn = expr_alloc_tnode(); 781 ntn->tn_op = op; 782 ntn->tn_type = type; 783 ntn->tn_sys = sys; 784 ntn->u.ops.left = ln; 785 ntn->u.ops.right = rn; 786 787 if (op == INDIR || op == FSEL) { 788 lint_assert(ln->tn_type->t_tspec == PTR); 789 tspec_t t = ln->tn_type->t_subt->t_tspec; 790 ntn->tn_lvalue = t != FUNC && t != VOID; 791 } 792 793 return ntn; 794 } 795 796 tnode_t * 797 build_constant(type_t *tp, val_t *v) 798 { 799 800 tnode_t *n = expr_alloc_tnode(); 801 n->tn_op = CON; 802 n->tn_type = tp; 803 n->u.value = *v; 804 n->u.value.v_tspec = tp->t_tspec; 805 free(v); 806 return n; 807 } 808 809 static tnode_t * 810 build_integer_constant(tspec_t t, int64_t si) 811 { 812 813 tnode_t *n = expr_alloc_tnode(); 814 n->tn_op = CON; 815 n->tn_type = gettyp(t); 816 n->u.value.v_tspec = t; 817 n->u.value.v_unsigned_since_c90 = false; 818 n->u.value.v_char_constant = false; 819 n->u.value.u.integer = si; 820 return n; 821 } 822 823 static void 824 fallback_symbol(sym_t *sym) 825 { 826 827 if (Tflag && fallback_symbol_strict_bool(sym)) 828 return; 829 830 if (funcsym != NULL && (strcmp(sym->s_name, "__FUNCTION__") == 0 || 831 strcmp(sym->s_name, "__PRETTY_FUNCTION__") == 0)) { 832 /* __FUNCTION__/__PRETTY_FUNCTION__ is a GCC extension */ 833 gnuism(316); 834 goto return_function_name; 835 } 836 837 if (funcsym != NULL && strcmp(sym->s_name, "__func__") == 0) { 838 if (!allow_c99) 839 /* __func__ is a C99 feature */ 840 warning(317); 841 /* C11 6.4.2.2 */ 842 return_function_name: 843 sym->s_type = block_derive_type(gettyp(CHAR), ARRAY); 844 sym->s_type->t_const = true; 845 sym->s_type->u.dimension = (int)strlen(funcsym->s_name) + 1; 846 return; 847 } 848 849 /* '%s' undefined */ 850 error(99, sym->s_name); 851 } 852 853 /* 854 * Functions that are predeclared by GCC or other compilers can be called 855 * with arbitrary arguments. Since lint usually runs after a successful 856 * compilation, it's the compiler's job to catch any errors. 857 */ 858 bool 859 is_compiler_builtin(const char *name) 860 { 861 /* https://gcc.gnu.org/onlinedocs/gcc/C-Extensions.html */ 862 if (allow_gcc) { 863 if (strncmp(name, "__atomic_", 9) == 0 || 864 strncmp(name, "__builtin_", 10) == 0 || 865 strcmp(name, "alloca") == 0 || 866 /* obsolete but still in use, as of 2021 */ 867 strncmp(name, "__sync_", 7) == 0) 868 return true; 869 } 870 871 /* https://software.intel.com/sites/landingpage/IntrinsicsGuide/ */ 872 if (strncmp(name, "_mm_", 4) == 0) 873 return true; 874 875 // https://clang.llvm.org/docs/LanguageExtensions.html#c11-atomic-builtins 876 if (strcmp(name, "__c11_atomic_init") == 0 || 877 strcmp(name, "__c11_atomic_thread_fence") == 0 || 878 strcmp(name, "__c11_atomic_signal_fence") == 0 || 879 strcmp(name, "__c11_atomic_is_lock_free ") == 0 || 880 strcmp(name, "__c11_atomic_store") == 0 || 881 strcmp(name, "__c11_atomic_load") == 0 || 882 strcmp(name, "__c11_atomic_exchange") == 0 || 883 strcmp(name, "__c11_atomic_compare_exchange_strong") == 0 || 884 strcmp(name, "__c11_atomic_compare_exchange_weak") == 0 || 885 strcmp(name, "__c11_atomic_fetch_add") == 0 || 886 strcmp(name, "__c11_atomic_fetch_sub") == 0 || 887 strcmp(name, "__c11_atomic_fetch_and") == 0 || 888 strcmp(name, "__c11_atomic_fetch_or") == 0 || 889 strcmp(name, "__c11_atomic_fetch_xor") == 0 || 890 strcmp(name, "__c11_atomic_fetch_nand ") == 0 || 891 strcmp(name, "__c11_atomic_fetch_max") == 0 || 892 strcmp(name, "__c11_atomic_fetch_min") == 0) 893 return true; 894 895 return false; 896 } 897 898 static bool 899 str_ends_with(const char *haystack, const char *needle) 900 { 901 size_t hlen = strlen(haystack); 902 size_t nlen = strlen(needle); 903 904 return nlen <= hlen && 905 memcmp(haystack + hlen - nlen, needle, nlen) == 0; 906 } 907 908 /* https://gcc.gnu.org/onlinedocs/gcc/Integer-Overflow-Builtins.html */ 909 static bool 910 is_gcc_bool_builtin(const char *name) 911 { 912 return strncmp(name, "__builtin_", 10) == 0 && 913 (str_ends_with(name, "_overflow") || 914 str_ends_with(name, "_overflow_p")); 915 } 916 917 static void 918 build_name_call(sym_t *sym) 919 { 920 921 if (is_compiler_builtin(sym->s_name)) { 922 /* 923 * Do not warn about these, just assume that they are regular 924 * functions compatible with non-prototype calling conventions. 925 */ 926 if (allow_gcc && is_gcc_bool_builtin(sym->s_name)) 927 sym->s_type = gettyp(BOOL); 928 } else if (allow_c99) 929 /* function '%s' implicitly declared to return int */ 930 error(215, sym->s_name); 931 else if (!allow_trad) 932 /* function '%s' implicitly declared to return int */ 933 warning(215, sym->s_name); 934 935 /* XXX if !allow_c90, the symbol should be exported to level 0 */ 936 sym->s_type = block_derive_type(sym->s_type, FUNC); 937 } 938 939 /* Create a node for a name (symbol table entry). */ 940 tnode_t * 941 build_name(sym_t *sym, bool is_funcname) 942 { 943 944 if (sym->s_scl == NO_SCL && !in_gcc_attribute) { 945 sym->s_scl = EXTERN; 946 sym->s_def = DECL; 947 if (is_funcname) 948 build_name_call(sym); 949 else 950 fallback_symbol(sym); 951 } 952 953 lint_assert(sym->s_kind == SK_VCFT || sym->s_kind == SK_MEMBER); 954 955 tnode_t *n = expr_alloc_tnode(); 956 n->tn_type = sym->s_type; 957 if (sym->s_scl == BOOL_CONST) { 958 n->tn_op = CON; 959 n->u.value.v_tspec = BOOL; 960 n->u.value.v_unsigned_since_c90 = false; 961 n->u.value.v_char_constant = false; 962 n->u.value.u.integer = sym->u.s_bool_constant ? 1 : 0; 963 } else if (sym->s_scl == ENUM_CONST) { 964 n->tn_op = CON; 965 n->u.value.v_tspec = INT; /* ENUM is in n->tn_type */ 966 n->u.value.v_unsigned_since_c90 = false; 967 n->u.value.v_char_constant = false; 968 n->u.value.u.integer = sym->u.s_enum_constant; 969 } else { 970 n->tn_op = NAME; 971 n->u.sym = sym; 972 if (sym->s_kind == SK_VCFT && sym->s_type->t_tspec != FUNC) 973 n->tn_lvalue = true; 974 } 975 976 return n; 977 } 978 979 tnode_t * 980 build_string(buffer *lit) 981 { 982 size_t value_len = lit->len; 983 if (lit->data != NULL) { 984 quoted_iterator it = { .end = 0 }; 985 for (value_len = 0; quoted_next(lit, &it); value_len++) 986 continue; 987 } 988 989 type_t *tp = expr_zero_alloc(sizeof(*tp), "type"); 990 tp->t_tspec = ARRAY; 991 tp->t_subt = gettyp(lit->data != NULL ? CHAR : WCHAR_TSPEC); 992 tp->u.dimension = (int)(value_len + 1); 993 994 tnode_t *n = expr_alloc_tnode(); 995 n->tn_op = STRING; 996 n->tn_type = tp; 997 n->tn_lvalue = true; 998 999 n->u.str_literals = expr_zero_alloc(sizeof(*n->u.str_literals), "tnode.string"); 1000 n->u.str_literals->len = lit->len; 1001 1002 if (lit->data != NULL) { 1003 n->u.str_literals->data = expr_zero_alloc(lit->len + 1, 1004 "tnode.string.data"); 1005 (void)memcpy(n->u.str_literals->data, lit->data, lit->len + 1); 1006 free(lit->data); 1007 } 1008 free(lit); 1009 1010 return n; 1011 } 1012 1013 static bool 1014 is_out_of_char_range(const tnode_t *tn) 1015 { 1016 return tn->tn_op == CON && 1017 !tn->u.value.v_char_constant && 1018 !(0 <= tn->u.value.u.integer && 1019 tn->u.value.u.integer < 1 << (CHAR_SIZE - 1)); 1020 } 1021 1022 static bool 1023 check_nonportable_char_comparison(op_t op, 1024 const tnode_t *ln, tspec_t lt, 1025 const tnode_t *rn, tspec_t rt) 1026 { 1027 if (!(hflag || pflag)) 1028 return true; 1029 1030 if (lt == CHAR && is_out_of_char_range(rn)) { 1031 char buf[128]; 1032 (void)snprintf(buf, sizeof(buf), "%s %d", 1033 op_name(op), (int)rn->u.value.u.integer); 1034 /* nonportable character comparison '%s' */ 1035 warning(230, buf); 1036 return false; 1037 } 1038 if (rt == CHAR && is_out_of_char_range(ln)) { 1039 char buf[128]; 1040 (void)snprintf(buf, sizeof(buf), "%d %s ?", 1041 (int)ln->u.value.u.integer, op_name(op)); 1042 /* nonportable character comparison '%s' */ 1043 warning(230, buf); 1044 return false; 1045 } 1046 return true; 1047 } 1048 1049 static void 1050 check_integer_comparison(op_t op, tnode_t *ln, tnode_t *rn) 1051 { 1052 1053 tspec_t lt = ln->tn_type->t_tspec; 1054 tspec_t rt = rn->tn_type->t_tspec; 1055 1056 if (ln->tn_op != CON && rn->tn_op != CON) 1057 return; 1058 1059 if (!is_integer(lt) || !is_integer(rt)) 1060 return; 1061 1062 if (any_query_enabled && !in_system_header) { 1063 if (lt == CHAR && rn->tn_op == CON && 1064 !rn->u.value.v_char_constant) { 1065 /* comparison '%s' of 'char' with plain integer %d */ 1066 query_message(14, 1067 op_name(op), (int)rn->u.value.u.integer); 1068 } 1069 if (rt == CHAR && ln->tn_op == CON && 1070 !ln->u.value.v_char_constant) { 1071 /* comparison '%s' of 'char' with plain integer %d */ 1072 query_message(14, 1073 op_name(op), (int)ln->u.value.u.integer); 1074 } 1075 } 1076 1077 if (!check_nonportable_char_comparison(op, ln, lt, rn, rt)) 1078 return; 1079 1080 if (is_uinteger(lt) && !is_uinteger(rt) && 1081 rn->tn_op == CON && rn->u.value.u.integer <= 0) { 1082 if (rn->u.value.u.integer < 0) { 1083 /* operator '%s' compares '%s' with '%s' */ 1084 warning(162, op_name(op), 1085 expr_type_name(ln), "negative constant"); 1086 } else if (op == LT || op == GE) 1087 /* operator '%s' compares '%s' with '%s' */ 1088 warning(162, op_name(op), expr_type_name(ln), "0"); 1089 return; 1090 } 1091 if (is_uinteger(rt) && !is_uinteger(lt) && 1092 ln->tn_op == CON && ln->u.value.u.integer <= 0) { 1093 if (ln->u.value.u.integer < 0) { 1094 /* operator '%s' compares '%s' with '%s' */ 1095 warning(162, op_name(op), 1096 "negative constant", expr_type_name(rn)); 1097 } else if (op == GT || op == LE) 1098 /* operator '%s' compares '%s' with '%s' */ 1099 warning(162, op_name(op), "0", expr_type_name(rn)); 1100 return; 1101 } 1102 } 1103 1104 static const tspec_t arith_rank[] = { 1105 LDOUBLE, DOUBLE, FLOAT, 1106 UINT128, INT128, 1107 ULLONG, LLONG, 1108 ULONG, LONG, 1109 UINT, INT, 1110 }; 1111 1112 /* Keep unsigned in traditional C */ 1113 static tspec_t 1114 usual_arithmetic_conversion_trad(tspec_t lt, tspec_t rt) 1115 { 1116 1117 size_t i; 1118 for (i = 0; arith_rank[i] != INT; i++) 1119 if (lt == arith_rank[i] || rt == arith_rank[i]) 1120 break; 1121 1122 tspec_t t = arith_rank[i]; 1123 if (is_uinteger(lt) || is_uinteger(rt)) 1124 if (is_integer(t) && !is_uinteger(t)) 1125 return unsigned_type(t); 1126 return t; 1127 } 1128 1129 static tspec_t 1130 usual_arithmetic_conversion_c90(tspec_t lt, tspec_t rt) 1131 { 1132 1133 if (lt == rt) 1134 return lt; 1135 1136 if (lt == LCOMPLEX || rt == LCOMPLEX) 1137 return LCOMPLEX; 1138 if (lt == DCOMPLEX || rt == DCOMPLEX) 1139 return DCOMPLEX; 1140 if (lt == FCOMPLEX || rt == FCOMPLEX) 1141 return FCOMPLEX; 1142 if (lt == LDOUBLE || rt == LDOUBLE) 1143 return LDOUBLE; 1144 if (lt == DOUBLE || rt == DOUBLE) 1145 return DOUBLE; 1146 if (lt == FLOAT || rt == FLOAT) 1147 return FLOAT; 1148 1149 if (size_in_bits(lt) > size_in_bits(rt)) 1150 return lt; 1151 if (size_in_bits(lt) < size_in_bits(rt)) 1152 return rt; 1153 1154 size_t i; 1155 for (i = 3; arith_rank[i] != INT; i++) 1156 if (arith_rank[i] == lt || arith_rank[i] == rt) 1157 break; 1158 if ((is_uinteger(lt) || is_uinteger(rt)) && 1159 !is_uinteger(arith_rank[i])) 1160 i--; 1161 return arith_rank[i]; 1162 } 1163 1164 static tnode_t * 1165 apply_usual_arithmetic_conversions(op_t op, tnode_t *tn, tspec_t t) 1166 { 1167 type_t *ntp = expr_dup_type(tn->tn_type); 1168 ntp->t_tspec = t; 1169 if (tn->tn_op != CON) { 1170 /* usual arithmetic conversion for '%s' from '%s' to '%s' */ 1171 query_message(4, op_name(op), 1172 expr_type_name(tn), type_name(ntp)); 1173 } 1174 return convert(op, 0, ntp, tn); 1175 } 1176 1177 /* 1178 * Apply the "usual arithmetic conversions" (C99 6.3.1.8), which gives both 1179 * operands the same type. 1180 */ 1181 static void 1182 balance(op_t op, tnode_t **lnp, tnode_t **rnp) 1183 { 1184 1185 tspec_t lt = (*lnp)->tn_type->t_tspec; 1186 tspec_t rt = (*rnp)->tn_type->t_tspec; 1187 if (!is_arithmetic(lt) || !is_arithmetic(rt)) 1188 return; 1189 1190 tspec_t t = allow_c90 1191 ? usual_arithmetic_conversion_c90(lt, rt) 1192 : usual_arithmetic_conversion_trad(lt, rt); 1193 1194 if (modtab[op].m_comparison 1195 && is_integer(lt) && (*lnp)->tn_op != CON 1196 && is_floating(t) && (*rnp)->tn_op == CON) 1197 /* comparing integer '%s' to floating point constant %Lg */ 1198 warning(379, expr_type_name(*lnp), 1199 (*rnp)->u.value.u.floating); 1200 1201 if (t != lt) 1202 *lnp = apply_usual_arithmetic_conversions(op, *lnp, t); 1203 if (t != rt) 1204 *rnp = apply_usual_arithmetic_conversions(op, *rnp, t); 1205 1206 if (is_integer(t)) { 1207 unsigned lw = width_in_bits((*lnp)->tn_type); 1208 unsigned rw = width_in_bits((*rnp)->tn_type); 1209 if (lw < rw) 1210 *lnp = convert(NOOP, 0, (*rnp)->tn_type, *lnp); 1211 if (rw < lw) 1212 *rnp = convert(NOOP, 0, (*lnp)->tn_type, *rnp); 1213 } 1214 } 1215 1216 static tnode_t * 1217 build_address(bool sys, tnode_t *tn) 1218 { 1219 /* eliminate '&*' */ 1220 if (tn->tn_op == INDIR && 1221 tn->u.ops.left->tn_type->t_tspec == PTR && 1222 tn->u.ops.left->tn_type->t_subt == tn->tn_type) { 1223 return tn->u.ops.left; 1224 } 1225 1226 return build_op(ADDR, sys, expr_derive_ptr_type(tn->tn_type), 1227 tn, NULL); 1228 } 1229 1230 static uint64_t 1231 fold_unsigned_integer(op_t op, uint64_t l, uint64_t r, 1232 uint64_t max_value, bool *overflow) 1233 { 1234 switch (op) { 1235 case COMPL: 1236 return ~l & max_value; 1237 case UPLUS: 1238 return +l; 1239 case UMINUS: 1240 return -l & max_value; 1241 case MULT: 1242 *overflow = r > 0 && l > max_value / r; 1243 return l * r; 1244 case DIV: 1245 if (r == 0) { 1246 if (is_evaluation_mode(EM_EVAL)) 1247 /* division by 0 */ 1248 error(139); 1249 return max_value; 1250 } 1251 return l / r; 1252 case MOD: 1253 if (r == 0) { 1254 if (is_evaluation_mode(EM_EVAL)) 1255 /* modulus by 0 */ 1256 error(140); 1257 return 0; 1258 } 1259 return l % r; 1260 case PLUS: 1261 *overflow = l > max_value - r; 1262 return l + r; 1263 case MINUS: 1264 *overflow = l < r; 1265 return l - r; 1266 case SHL: 1267 /* TODO: warn about out-of-bounds 'r'. */ 1268 /* TODO: warn about overflow. */ 1269 return l << (r & 63); 1270 case SHR: 1271 /* TODO: warn about out-of-bounds 'r'. */ 1272 return l >> (r & 63); 1273 case LT: 1274 return l < r ? 1 : 0; 1275 case LE: 1276 return l <= r ? 1 : 0; 1277 case GT: 1278 return l > r ? 1 : 0; 1279 case GE: 1280 return l >= r ? 1 : 0; 1281 case EQ: 1282 return l == r ? 1 : 0; 1283 case NE: 1284 return l != r ? 1 : 0; 1285 case BITAND: 1286 return l & r; 1287 case BITXOR: 1288 return l ^ r; 1289 case BITOR: 1290 return l | r; 1291 default: 1292 lint_assert(false); 1293 /* NOTREACHED */ 1294 } 1295 } 1296 1297 static int64_t 1298 fold_signed_integer(op_t op, int64_t l, int64_t r, 1299 int64_t min_value, int64_t max_value, bool *overflow) 1300 { 1301 switch (op) { 1302 case COMPL: 1303 return ~l; 1304 case UPLUS: 1305 return +l; 1306 case UMINUS: 1307 *overflow = l == min_value; 1308 return *overflow ? l : -l; 1309 case MULT:; 1310 uint64_t al = s64_abs(l); 1311 uint64_t ar = s64_abs(r); 1312 bool neg = (l >= 0) != (r >= 0); 1313 uint64_t max_prod = (uint64_t)max_value + (neg ? 1 : 0); 1314 if (al > 0 && ar > max_prod / al) { 1315 *overflow = true; 1316 return neg ? min_value : max_value; 1317 } 1318 return l * r; 1319 case DIV: 1320 if (r == 0) { 1321 if (is_evaluation_mode(EM_EVAL)) 1322 /* division by 0 */ 1323 error(139); 1324 return max_value; 1325 } 1326 if (l == min_value && r == -1) { 1327 *overflow = true; 1328 return l; 1329 } 1330 return l / r; 1331 case MOD: 1332 if (r == 0) { 1333 if (is_evaluation_mode(EM_EVAL)) 1334 /* modulus by 0 */ 1335 error(140); 1336 return 0; 1337 } 1338 if (l == min_value && r == -1) { 1339 *overflow = true; 1340 return 0; 1341 } 1342 return l % r; 1343 case PLUS: 1344 if (r > 0 && l > max_value - r) { 1345 *overflow = true; 1346 return max_value; 1347 } 1348 if (r < 0 && l < min_value - r) { 1349 *overflow = true; 1350 return min_value; 1351 } 1352 return l + r; 1353 case MINUS: 1354 if (r > 0 && l < min_value + r) { 1355 *overflow = true; 1356 return min_value; 1357 } 1358 if (r < 0 && l > max_value + r) { 1359 *overflow = true; 1360 return max_value; 1361 } 1362 return l - r; 1363 case SHL: 1364 /* TODO: warn about out-of-bounds 'r'. */ 1365 /* TODO: warn about overflow. */ 1366 return (int64_t)((uint64_t)l << (r & 63)); 1367 case SHR: 1368 /* TODO: warn about out-of-bounds 'r'. */ 1369 return s64_shr(l, r & 63); 1370 case LT: 1371 return l < r ? 1 : 0; 1372 case LE: 1373 return l <= r ? 1 : 0; 1374 case GT: 1375 return l > r ? 1 : 0; 1376 case GE: 1377 return l >= r ? 1 : 0; 1378 case EQ: 1379 return l == r ? 1 : 0; 1380 case NE: 1381 return l != r ? 1 : 0; 1382 case BITAND: 1383 return l & r; 1384 case BITXOR: 1385 return l ^ r; 1386 case BITOR: 1387 return l | r; 1388 default: 1389 lint_assert(false); 1390 /* NOTREACHED */ 1391 } 1392 } 1393 1394 static tnode_t * 1395 fold_constant_integer(tnode_t *tn) 1396 { 1397 1398 lint_assert(has_operands(tn)); 1399 tspec_t t = tn->u.ops.left->tn_type->t_tspec; 1400 int64_t l = tn->u.ops.left->u.value.u.integer; 1401 int64_t r = is_binary(tn) ? tn->u.ops.right->u.value.u.integer : 0; 1402 uint64_t mask = value_bits(size_in_bits(t)); 1403 1404 int64_t res; 1405 bool overflow = false; 1406 if (!is_integer(t) || is_uinteger(t)) { 1407 uint64_t u_res = fold_unsigned_integer(tn->tn_op, 1408 (uint64_t)l, (uint64_t)r, mask, &overflow); 1409 if (u_res > mask) 1410 overflow = true; 1411 res = (int64_t)u_res; 1412 if (overflow && hflag) { 1413 char buf[128]; 1414 if (is_binary(tn)) { 1415 snprintf(buf, sizeof(buf), "%ju %s %ju", 1416 (uintmax_t)l, op_name(tn->tn_op), 1417 (uintmax_t)r); 1418 } else { 1419 snprintf(buf, sizeof(buf), "%s%ju", 1420 op_name(tn->tn_op), (uintmax_t)l); 1421 } 1422 /* '%s' overflows '%s' */ 1423 warning(141, buf, expr_type_name(tn)); 1424 } 1425 } else { 1426 int64_t max_value = (int64_t)(mask >> 1); 1427 int64_t min_value = -max_value - 1; 1428 res = fold_signed_integer(tn->tn_op, 1429 l, r, min_value, max_value, &overflow); 1430 if (res < min_value || res > max_value) 1431 overflow = true; 1432 if (overflow && hflag) { 1433 char buf[128]; 1434 if (is_binary(tn)) { 1435 snprintf(buf, sizeof(buf), "%jd %s %jd", 1436 (intmax_t)l, op_name(tn->tn_op), 1437 (intmax_t)r); 1438 } else if (tn->tn_op == UMINUS && l < 0) { 1439 snprintf(buf, sizeof(buf), "-(%jd)", 1440 (intmax_t)l); 1441 } else { 1442 snprintf(buf, sizeof(buf), "%s%jd", 1443 op_name(tn->tn_op), (intmax_t)l); 1444 } 1445 /* '%s' overflows '%s' */ 1446 warning(141, buf, expr_type_name(tn)); 1447 } 1448 } 1449 1450 val_t *v = xcalloc(1, sizeof(*v)); 1451 v->v_tspec = tn->tn_type->t_tspec; 1452 v->u.integer = convert_integer(res, t, size_in_bits(t)); 1453 1454 tnode_t *cn = build_constant(tn->tn_type, v); 1455 if (tn->u.ops.left->tn_system_dependent) 1456 cn->tn_system_dependent = true; 1457 if (is_binary(tn) && tn->u.ops.right->tn_system_dependent) 1458 cn->tn_system_dependent = true; 1459 1460 return cn; 1461 } 1462 1463 static tnode_t * 1464 build_struct_access(op_t op, bool sys, tnode_t *ln, tnode_t *rn) 1465 { 1466 1467 lint_assert(rn->tn_op == NAME); 1468 lint_assert(is_member(rn->u.sym)); 1469 1470 bool lvalue = op == ARROW || ln->tn_lvalue; 1471 1472 if (op == POINT) 1473 ln = build_address(sys, ln); 1474 else if (ln->tn_type->t_tspec != PTR) { 1475 lint_assert(!allow_c90); 1476 lint_assert(is_integer(ln->tn_type->t_tspec)); 1477 ln = convert(NOOP, 0, expr_derive_ptr_type(gettyp(VOID)), ln); 1478 } 1479 1480 tnode_t *ctn = build_integer_constant(PTRDIFF_TSPEC, 1481 rn->u.sym->u.s_member.sm_offset_in_bits / CHAR_SIZE); 1482 1483 type_t *ptr_tp = expr_derive_ptr_type(rn->tn_type); 1484 tnode_t *ntn = build_op(PLUS, sys, ptr_tp, ln, ctn); 1485 if (ln->tn_op == CON) 1486 ntn = fold_constant_integer(ntn); 1487 1488 op_t nop = rn->tn_type->t_bitfield ? FSEL : INDIR; 1489 ntn = build_op(nop, sys, ntn->tn_type->t_subt, ntn, NULL); 1490 if (!lvalue) 1491 ntn->tn_lvalue = false; 1492 1493 return ntn; 1494 } 1495 1496 static bool 1497 may_be_signed_min(const tnode_t *tn) 1498 { 1499 if (!is_integer(tn->tn_type->t_tspec)) 1500 return false; 1501 if (is_uinteger(tn->tn_type->t_tspec)) 1502 return false; 1503 integer_constraints c = ic_expr(tn); 1504 return c.smin == si_min_value(tn->tn_type); 1505 } 1506 1507 /* 1508 * Get the size in bytes of type tp->t_subt, as a constant expression of type 1509 * ptrdiff_t as seen from the target platform. 1510 */ 1511 static tnode_t * 1512 subt_size_in_bytes(type_t *tp) 1513 { 1514 1515 lint_assert(tp->t_tspec == PTR); 1516 tp = tp->t_subt; 1517 1518 int elem = 1; 1519 while (tp->t_tspec == ARRAY) { 1520 elem *= tp->u.dimension; 1521 tp = tp->t_subt; 1522 } 1523 1524 int elsz_in_bits = 0; 1525 switch (tp->t_tspec) { 1526 case FUNC: 1527 /* pointer to function is not allowed here */ 1528 error(110); 1529 break; 1530 case VOID: 1531 /* cannot do pointer arithmetic on operand of unknown size */ 1532 gnuism(136); 1533 break; 1534 case STRUCT: 1535 case UNION: 1536 if ((elsz_in_bits = (int)tp->u.sou->sou_size_in_bits) == 0) 1537 /* cannot do pointer arithmetic on operand of ... */ 1538 error(136); 1539 break; 1540 case ENUM: 1541 if (is_incomplete(tp)) 1542 /* cannot do pointer arithmetic on operand of ... */ 1543 warning(136); 1544 /* FALLTHROUGH */ 1545 default: 1546 if ((elsz_in_bits = size_in_bits(tp->t_tspec)) == 0) 1547 /* cannot do pointer arithmetic on operand of ... */ 1548 error(136); 1549 else 1550 lint_assert(elsz_in_bits != -1); 1551 break; 1552 } 1553 1554 if (elem == 0 && elsz_in_bits != 0) 1555 /* cannot do pointer arithmetic on operand of unknown size */ 1556 error(136); 1557 1558 if (elsz_in_bits == 0) 1559 elsz_in_bits = CHAR_SIZE; 1560 1561 return build_integer_constant(PTRDIFF_TSPEC, 1562 (int64_t)(elem * elsz_in_bits / CHAR_SIZE)); 1563 } 1564 1565 static tnode_t * 1566 build_prepost_incdec(op_t op, bool sys, tnode_t *ln) 1567 { 1568 1569 lint_assert(ln != NULL); 1570 tnode_t *cn = ln->tn_type->t_tspec == PTR 1571 ? subt_size_in_bytes(ln->tn_type) 1572 : build_integer_constant(INT, 1); 1573 return build_op(op, sys, ln->tn_type, ln, cn); 1574 } 1575 1576 static void 1577 check_enum_array_index(const tnode_t *ln, const tnode_t *rn) 1578 { 1579 1580 if (ln->tn_op != ADDR) 1581 return; 1582 ln = ln->u.ops.left; 1583 if (ln->tn_op != NAME && ln->tn_op != STRING) 1584 return; 1585 1586 const type_t *ltp = ln->tn_type; 1587 if (ltp->t_tspec != ARRAY || ltp->t_incomplete_array) 1588 return; 1589 1590 if (rn->tn_op != CVT || !rn->tn_type->t_is_enum) 1591 return; 1592 if (rn->u.ops.left->tn_op != LOAD) 1593 return; 1594 1595 const type_t *rtp = rn->u.ops.left->tn_type; 1596 const sym_t *ec = rtp->u.enumer->en_first_enumerator; 1597 const sym_t *max_ec = ec; 1598 lint_assert(ec != NULL); 1599 for (ec = ec->s_next; ec != NULL; ec = ec->s_next) 1600 if (ec->u.s_enum_constant > max_ec->u.s_enum_constant) 1601 max_ec = ec; 1602 1603 int64_t max_enum_value = max_ec->u.s_enum_constant; 1604 lint_assert(INT_MIN <= max_enum_value && max_enum_value <= INT_MAX); 1605 1606 int max_array_index = ltp->u.dimension - 1; 1607 size_t nonnull_dimension = ln->tn_op == STRING 1608 ? str_len(ln) 1609 : ln->u.sym->u.s_array_nonnull_dimension; 1610 if (nonnull_dimension > 0) 1611 max_array_index = (int)nonnull_dimension - 1; 1612 if (max_enum_value == max_array_index) 1613 return; 1614 1615 if (max_enum_value == max_array_index + 1 && 1616 (strstr(max_ec->s_name, "MAX") != NULL || 1617 strstr(max_ec->s_name, "max") != NULL || 1618 strstr(max_ec->s_name, "NUM") != NULL || 1619 strstr(max_ec->s_name, "num") != NULL || 1620 strncmp(max_ec->s_name, "COUNT_", 6) == 0 || 1621 str_ends_with(max_ec->s_name, "_COUNT") || 1622 strncmp(max_ec->s_name, "LAST_", 5) == 0 || 1623 str_ends_with(max_ec->s_name, "_end") || 1624 strncmp(max_ec->s_name, "N_", 2) == 0)) 1625 return; 1626 1627 /* maximum value %d for '%s' of type '%s' does not match maximum array index %d */ 1628 warning(348, (int)max_enum_value, max_ec->s_name, type_name(rtp), 1629 max_array_index); 1630 print_previous_declaration(max_ec); 1631 } 1632 1633 static tnode_t * 1634 build_plus_minus(op_t op, bool sys, tnode_t *ln, tnode_t *rn) 1635 { 1636 1637 if (rn->tn_type->t_tspec == PTR && is_integer(ln->tn_type->t_tspec)) { 1638 tnode_t *tmp = ln; 1639 ln = rn; 1640 rn = tmp; 1641 /* pointer addition has integer on the left-hand side */ 1642 query_message(5); 1643 } 1644 1645 /* pointer +- integer */ 1646 tspec_t lt = ln->tn_type->t_tspec; 1647 tspec_t rt = rn->tn_type->t_tspec; 1648 if (lt == PTR && rt != PTR) { 1649 lint_assert(is_integer(rt)); 1650 1651 check_ctype_macro_invocation(ln, rn); 1652 check_enum_array_index(ln, rn); 1653 1654 tnode_t *elsz = subt_size_in_bytes(ln->tn_type); 1655 tspec_t szt = elsz->tn_type->t_tspec; 1656 if (rt != szt && rt != unsigned_type(szt)) 1657 rn = convert(NOOP, 0, elsz->tn_type, rn); 1658 1659 tnode_t *prod = build_op(MULT, sys, rn->tn_type, rn, elsz); 1660 if (rn->tn_op == CON) 1661 prod = fold_constant_integer(prod); 1662 1663 return build_op(op, sys, ln->tn_type, ln, prod); 1664 } 1665 1666 /* pointer - pointer */ 1667 if (rt == PTR) { 1668 lint_assert(lt == PTR); 1669 lint_assert(op == MINUS); 1670 1671 type_t *ptrdiff = gettyp(PTRDIFF_TSPEC); 1672 tnode_t *raw_diff = build_op(op, sys, ptrdiff, ln, rn); 1673 if (ln->tn_op == CON && rn->tn_op == CON) 1674 raw_diff = fold_constant_integer(raw_diff); 1675 1676 tnode_t *elsz = subt_size_in_bytes(ln->tn_type); 1677 balance(NOOP, &raw_diff, &elsz); 1678 1679 return build_op(DIV, sys, ptrdiff, raw_diff, elsz); 1680 } 1681 1682 return build_op(op, sys, ln->tn_type, ln, rn); 1683 } 1684 1685 static tnode_t * 1686 build_bit_shift(op_t op, bool sys, tnode_t *ln, tnode_t *rn) 1687 { 1688 1689 if (!allow_c90 && rn->tn_type->t_tspec != INT) 1690 // XXX: C1978 7.5 says: "Both [operators] perform the usual 1691 // arithmetic conversions on their operands." 1692 // TODO: Add a test to exercise this part of the code. 1693 rn = convert(NOOP, 0, gettyp(INT), rn); 1694 return build_op(op, sys, ln->tn_type, ln, rn); 1695 } 1696 1697 static bool 1698 is_null_pointer(const tnode_t *tn) 1699 { 1700 tspec_t t = tn->tn_type->t_tspec; 1701 1702 // TODO: Investigate how other pointers are stored, in particular, 1703 // whether a pointer constant can have a non-zero value. 1704 // If not, simplify the code below. 1705 return ((t == PTR && tn->tn_type->t_subt->t_tspec == VOID) 1706 || is_integer(t)) 1707 && (tn->tn_op == CON && tn->u.value.u.integer == 0); 1708 } 1709 1710 /* Return a type based on tp1, with added qualifiers from tp2. */ 1711 static type_t * 1712 merge_qualifiers(type_t *tp1, const type_t *tp2) 1713 { 1714 1715 lint_assert(tp1->t_tspec == PTR); 1716 lint_assert(tp2->t_tspec == PTR); 1717 1718 bool c1 = tp1->t_subt->t_const; 1719 bool c2 = tp2->t_subt->t_const; 1720 bool v1 = tp1->t_subt->t_volatile; 1721 bool v2 = tp2->t_subt->t_volatile; 1722 1723 if (c1 == (c1 | c2) && v1 == (v1 | v2)) 1724 return tp1; 1725 1726 type_t *nstp = expr_dup_type(tp1->t_subt); 1727 nstp->t_const |= c2; 1728 nstp->t_volatile |= v2; 1729 1730 type_t *ntp = expr_dup_type(tp1); 1731 ntp->t_subt = nstp; 1732 return ntp; 1733 } 1734 1735 /* See C99 6.5.15 "Conditional operator". */ 1736 static tnode_t * 1737 build_colon(bool sys, tnode_t *ln, tnode_t *rn) 1738 { 1739 tspec_t lt = ln->tn_type->t_tspec; 1740 tspec_t rt = rn->tn_type->t_tspec; 1741 1742 type_t *tp; 1743 if (is_arithmetic(lt) && is_arithmetic(rt)) 1744 /* The operands were already balanced in build_binary. */ 1745 tp = ln->tn_type; 1746 else if (lt == BOOL && rt == BOOL) 1747 tp = ln->tn_type; 1748 else if (lt == VOID || rt == VOID) 1749 tp = gettyp(VOID); 1750 else if (is_struct_or_union(lt)) { 1751 lint_assert(is_struct_or_union(rt)); 1752 lint_assert(ln->tn_type->u.sou == rn->tn_type->u.sou); 1753 if (is_incomplete(ln->tn_type)) { 1754 /* unknown operand size, op '%s' */ 1755 error(138, op_name(COLON)); 1756 return NULL; 1757 } 1758 tp = ln->tn_type; 1759 } else if (lt == PTR && is_integer(rt)) { 1760 if (rt != PTRDIFF_TSPEC) 1761 rn = convert(NOOP, 0, gettyp(PTRDIFF_TSPEC), rn); 1762 tp = ln->tn_type; 1763 } else if (rt == PTR && is_integer(lt)) { 1764 if (lt != PTRDIFF_TSPEC) 1765 ln = convert(NOOP, 0, gettyp(PTRDIFF_TSPEC), ln); 1766 tp = rn->tn_type; 1767 } else if (lt == PTR && is_null_pointer(rn)) 1768 tp = merge_qualifiers(ln->tn_type, rn->tn_type); 1769 else if (rt == PTR && is_null_pointer(ln)) 1770 tp = merge_qualifiers(rn->tn_type, ln->tn_type); 1771 else if (lt == PTR && ln->tn_type->t_subt->t_tspec == VOID) 1772 tp = merge_qualifiers(ln->tn_type, rn->tn_type); 1773 else if (rt == PTR && rn->tn_type->t_subt->t_tspec == VOID) 1774 tp = merge_qualifiers(rn->tn_type, ln->tn_type); 1775 else { 1776 /* 1777 * XXX For now we simply take the left type. This is probably 1778 * wrong, if one type contains a function prototype and the 1779 * other one, at the same place, only an old-style declaration. 1780 */ 1781 tp = merge_qualifiers(ln->tn_type, rn->tn_type); 1782 } 1783 1784 return build_op(COLON, sys, tp, ln, rn); 1785 } 1786 1787 /* TODO: check for varargs */ 1788 static bool 1789 is_cast_redundant(const tnode_t *tn) 1790 { 1791 const type_t *ntp = tn->tn_type, *otp = tn->u.ops.left->tn_type; 1792 tspec_t nt = ntp->t_tspec, ot = otp->t_tspec; 1793 1794 if (nt == BOOL || ot == BOOL) 1795 return nt == BOOL && ot == BOOL; 1796 1797 if (is_integer(nt) && is_integer(ot)) { 1798 unsigned int nw = width_in_bits(ntp), ow = width_in_bits(otp); 1799 if (is_uinteger(nt) == is_uinteger(ot)) 1800 return nw >= ow; 1801 return is_uinteger(ot) && nw > ow; 1802 } 1803 1804 if (is_complex(nt) || is_complex(ot)) 1805 return is_complex(nt) && is_complex(ot) && 1806 size_in_bits(nt) >= size_in_bits(ot); 1807 1808 if (is_floating(nt) && is_floating(ot)) 1809 return size_in_bits(nt) >= size_in_bits(ot); 1810 1811 if (nt == PTR && ot == PTR) { 1812 if (!ntp->t_subt->t_const && otp->t_subt->t_const) 1813 return false; 1814 if (!ntp->t_subt->t_volatile && otp->t_subt->t_volatile) 1815 return false; 1816 1817 if (ntp->t_subt->t_tspec == VOID || 1818 otp->t_subt->t_tspec == VOID || 1819 types_compatible(ntp->t_subt, otp->t_subt, 1820 false, false, NULL)) 1821 return true; 1822 } 1823 1824 return false; 1825 } 1826 1827 static bool 1828 is_assignment(op_t op) 1829 { 1830 1831 return op == ASSIGN || 1832 op == MULASS || 1833 op == DIVASS || 1834 op == MODASS || 1835 op == ADDASS || 1836 op == SUBASS || 1837 op == SHLASS || 1838 op == SHRASS || 1839 op == ANDASS || 1840 op == XORASS || 1841 op == ORASS || 1842 op == RETURN || 1843 op == INIT; 1844 } 1845 1846 static tnode_t * 1847 build_assignment(op_t op, bool sys, tnode_t *ln, tnode_t *rn) 1848 { 1849 1850 tspec_t lt = ln->tn_type->t_tspec; 1851 tspec_t rt = rn->tn_type->t_tspec; 1852 1853 if (is_assignment(rn->tn_op)) 1854 /* chained assignment with '%s' and '%s' */ 1855 query_message(10, op_name(op), op_name(rn->tn_op)); 1856 1857 if ((op == ADDASS || op == SUBASS) && lt == PTR) { 1858 lint_assert(is_integer(rt)); 1859 tnode_t *ctn = subt_size_in_bytes(ln->tn_type); 1860 if (rn->tn_type->t_tspec != ctn->tn_type->t_tspec) 1861 rn = convert(NOOP, 0, ctn->tn_type, rn); 1862 rn = build_op(MULT, sys, rn->tn_type, rn, ctn); 1863 if (rn->u.ops.left->tn_op == CON) 1864 rn = fold_constant_integer(rn); 1865 } 1866 1867 if ((op == ASSIGN || op == RETURN || op == INIT) && 1868 (lt == STRUCT || rt == STRUCT)) { 1869 lint_assert(lt == rt); 1870 lint_assert(ln->tn_type->u.sou == rn->tn_type->u.sou); 1871 if (is_incomplete(ln->tn_type)) { 1872 if (op == RETURN) 1873 /* cannot return incomplete type */ 1874 error(212); 1875 else 1876 /* unknown operand size, op '%s' */ 1877 error(138, op_name(op)); 1878 return NULL; 1879 } 1880 } 1881 1882 if (op == SHLASS && hflag && allow_trad && allow_c90 1883 && portable_rank_cmp(lt, rt) < 0) 1884 /* '%s' %s '%s' differs between traditional C and C90 */ 1885 warning(118, tspec_name(lt), "<<=", tspec_name(rt)); 1886 1887 if (op != SHLASS && op != SHRASS 1888 && (op == ASSIGN || lt != PTR) 1889 && (lt != rt || (ln->tn_type->t_bitfield && rn->tn_op == CON))) { 1890 rn = convert(op, 0, ln->tn_type, rn); 1891 rt = lt; 1892 } 1893 1894 if (lt == PTR && ln->tn_type->t_subt->t_tspec != VOID 1895 && rt == PTR && rn->tn_type->t_subt->t_tspec == VOID 1896 && !is_null_pointer(rn)) 1897 /* implicit narrowing conversion from void ... */ 1898 query_message(20, type_name(ln->tn_type)); 1899 1900 if (any_query_enabled && rn->tn_op == CVT && rn->tn_cast && 1901 types_compatible(ln->tn_type, rn->tn_type, false, false, NULL) && 1902 is_cast_redundant(rn)) { 1903 /* redundant cast from '%s' to '%s' before assignment */ 1904 query_message(7, expr_type_name(rn->u.ops.left), 1905 type_name(rn->tn_type)); 1906 } 1907 1908 return build_op(op, sys, ln->tn_type, ln, rn); 1909 } 1910 1911 static tnode_t * 1912 build_real_imag(op_t op, bool sys, tnode_t *ln) 1913 { 1914 1915 lint_assert(ln != NULL); 1916 if (ln->tn_op == NAME) { 1917 /* 1918 * This may be too much, but it avoids wrong warnings. See 1919 * d_c99_complex_split.c. 1920 */ 1921 mark_as_used(ln->u.sym, false, false); 1922 mark_as_set(ln->u.sym); 1923 } 1924 1925 tspec_t t; 1926 switch (ln->tn_type->t_tspec) { 1927 case LCOMPLEX: 1928 t = LDOUBLE; 1929 break; 1930 case DCOMPLEX: 1931 t = DOUBLE; 1932 break; 1933 case FCOMPLEX: 1934 t = FLOAT; 1935 break; 1936 default: 1937 /* '__%s__' is invalid for type '%s' */ 1938 error(276, op == REAL ? "real" : "imag", 1939 type_name(ln->tn_type)); 1940 return NULL; 1941 } 1942 1943 tnode_t *ntn = build_op(op, sys, gettyp(t), ln, NULL); 1944 ntn->tn_lvalue = true; 1945 return ntn; 1946 } 1947 1948 static bool 1949 is_confusing_precedence(op_t op, const tnode_t *operand, op_t *cop) 1950 { 1951 if (operand->tn_parenthesized) 1952 return false; 1953 op_t oop = operand->tn_op; 1954 1955 if (op == SHL || op == SHR) { 1956 if (oop == PLUS || oop == MINUS) 1957 return *cop = oop, true; 1958 return false; 1959 } 1960 1961 if (op == LOGOR) { 1962 if (oop == LOGAND) 1963 return *cop = oop, true; 1964 return false; 1965 } 1966 1967 lint_assert(op == BITAND || op == BITXOR || op == BITOR); 1968 if (oop != op 1969 && (oop == PLUS || oop == MINUS || oop == BITAND || oop == BITXOR)) 1970 return *cop = oop, true; 1971 return false; 1972 } 1973 1974 /* 1975 * Print a warning if the given node has operands which should be 1976 * parenthesized. 1977 * 1978 * XXX Does not work if an operand is a constant expression. Constant 1979 * expressions are already folded. 1980 */ 1981 static void 1982 check_precedence_confusion(tnode_t *tn) 1983 { 1984 tnode_t *ln, *rn; 1985 1986 if (!hflag) 1987 return; 1988 1989 debug_node(tn); 1990 1991 lint_assert(is_binary(tn)); 1992 for (ln = tn->u.ops.left; ln->tn_op == CVT; ln = ln->u.ops.left) 1993 continue; 1994 for (rn = tn->u.ops.right; rn->tn_op == CVT; rn = rn->u.ops.left) 1995 continue; 1996 1997 op_t cop; 1998 if (is_confusing_precedence(tn->tn_op, ln, &cop) || 1999 is_confusing_precedence(tn->tn_op, rn, &cop)) { 2000 /* possible precedence confusion between '%s' and '%s' */ 2001 warning(169, op_name(tn->tn_op), op_name(cop)); 2002 } 2003 } 2004 2005 static tnode_t * 2006 fold_constant_compare_zero(tnode_t *tn) 2007 { 2008 2009 val_t *v = xcalloc(1, sizeof(*v)); 2010 v->v_tspec = tn->tn_type->t_tspec; 2011 lint_assert(v->v_tspec == INT || (Tflag && v->v_tspec == BOOL)); 2012 2013 lint_assert(has_operands(tn)); 2014 bool l = constant_is_nonzero(tn->u.ops.left); 2015 bool r = is_binary(tn) && constant_is_nonzero(tn->u.ops.right); 2016 2017 switch (tn->tn_op) { 2018 case NOT: 2019 v->u.integer = !l ? 1 : 0; 2020 break; 2021 case LOGAND: 2022 v->u.integer = l && r ? 1 : 0; 2023 break; 2024 case LOGOR: 2025 v->u.integer = l || r ? 1 : 0; 2026 break; 2027 default: 2028 lint_assert(false); 2029 } 2030 2031 return build_constant(tn->tn_type, v); 2032 } 2033 2034 static long double 2035 floating_error_value(tspec_t t, long double lv) 2036 { 2037 if (t == FLOAT) 2038 return lv < 0 ? -FLT_MAX : FLT_MAX; 2039 if (t == DOUBLE) 2040 return lv < 0 ? -DBL_MAX : DBL_MAX; 2041 /* 2042 * When NetBSD is cross-built in MKLINT=yes mode on x86_64 for sparc64, 2043 * tools/lint checks this code while building usr.bin/xlint. In that 2044 * situation, lint uses the preprocessor for sparc64, in which the type 2045 * 'long double' is IEEE-754-binary128, affecting the macro LDBL_MAX 2046 * below. The type 'long double', as well as the strtold 2047 * implementation, comes from the host platform x86_64 though, where 2048 * 'long double' consumes 128 bits as well but only uses 80 of them. 2049 * The exponent range of the two 'long double' types is the same, but 2050 * the maximum finite value differs due to the extended precision on 2051 * sparc64. 2052 * 2053 * To properly handle the data types of the target platform, lint would 2054 * have to implement the floating-point types in a platform-independent 2055 * way, which is not worth the effort, given how few programs 2056 * practically use 'long double'. 2057 */ 2058 /* LINTED 248: floating-point constant out of range */ 2059 long double max = LDBL_MAX; 2060 return lv < 0 ? -max : max; 2061 } 2062 2063 static bool 2064 is_floating_overflow(tspec_t t, long double val) 2065 { 2066 if (fpe != 0 || isfinite(val) == 0) 2067 return true; 2068 if (t == FLOAT && (val > FLT_MAX || val < -FLT_MAX)) 2069 return true; 2070 if (t == DOUBLE && (val > DBL_MAX || val < -DBL_MAX)) 2071 return true; 2072 return false; 2073 } 2074 2075 static tnode_t * 2076 fold_constant_floating(tnode_t *tn) 2077 { 2078 2079 fpe = 0; 2080 2081 tspec_t t = tn->tn_type->t_tspec; 2082 2083 val_t *v = xcalloc(1, sizeof(*v)); 2084 v->v_tspec = t; 2085 2086 lint_assert(is_floating(t)); 2087 lint_assert(has_operands(tn)); 2088 lint_assert(t == tn->u.ops.left->tn_type->t_tspec); 2089 lint_assert(!is_binary(tn) || t == tn->u.ops.right->tn_type->t_tspec); 2090 2091 long double lv = tn->u.ops.left->u.value.u.floating; 2092 long double rv = is_binary(tn) ? tn->u.ops.right->u.value.u.floating 2093 : 0.0; 2094 2095 switch (tn->tn_op) { 2096 case UPLUS: 2097 v->u.floating = lv; 2098 break; 2099 case UMINUS: 2100 v->u.floating = -lv; 2101 break; 2102 case MULT: 2103 v->u.floating = lv * rv; 2104 break; 2105 case DIV: 2106 if (rv == 0.0) { 2107 if (is_evaluation_mode(EM_EVAL)) 2108 /* division by 0 */ 2109 error(139); 2110 v->u.floating = floating_error_value(t, lv); 2111 } else { 2112 v->u.floating = lv / rv; 2113 } 2114 break; 2115 case PLUS: 2116 v->u.floating = lv + rv; 2117 break; 2118 case MINUS: 2119 v->u.floating = lv - rv; 2120 break; 2121 case LT: 2122 v->u.integer = lv < rv ? 1 : 0; 2123 break; 2124 case LE: 2125 v->u.integer = lv <= rv ? 1 : 0; 2126 break; 2127 case GE: 2128 v->u.integer = lv >= rv ? 1 : 0; 2129 break; 2130 case GT: 2131 v->u.integer = lv > rv ? 1 : 0; 2132 break; 2133 case EQ: 2134 v->u.integer = lv == rv ? 1 : 0; 2135 break; 2136 case NE: 2137 v->u.integer = lv != rv ? 1 : 0; 2138 break; 2139 default: 2140 lint_assert(false); 2141 } 2142 2143 // XXX: Must not access u.floating after setting u.integer. 2144 lint_assert(fpe != 0 || isnan(v->u.floating) == 0); 2145 if (is_complex(v->v_tspec)) { 2146 /* 2147 * Don't warn, as lint doesn't model the imaginary part of 2148 * complex numbers. 2149 */ 2150 fpe = 0; 2151 } else if (is_floating_overflow(t, v->u.floating)) { 2152 /* operator '%s' produces floating point overflow */ 2153 warning(142, op_name(tn->tn_op)); 2154 v->u.floating = floating_error_value(t, v->u.floating); 2155 fpe = 0; 2156 } 2157 2158 return build_constant(tn->tn_type, v); 2159 } 2160 2161 static void 2162 use(const tnode_t *tn) 2163 { 2164 if (tn == NULL) 2165 return; 2166 switch (tn->tn_op) { 2167 case NAME: 2168 mark_as_used(tn->u.sym, false /* XXX */, false /* XXX */); 2169 break; 2170 case CON: 2171 case STRING: 2172 break; 2173 case CALL:; 2174 const function_call *call = tn->u.call; 2175 for (size_t i = 0, n = call->args_len; i < n; i++) 2176 use(call->args[i]); 2177 break; 2178 default: 2179 lint_assert(has_operands(tn)); 2180 use(tn->u.ops.left); 2181 if (is_binary(tn)) 2182 use(tn->u.ops.right); 2183 } 2184 } 2185 2186 /* 2187 * Create a tree node for a binary operator and its two operands. Also called 2188 * for unary operators; in that case rn is NULL. 2189 * 2190 * Function calls, sizeof and casts are handled elsewhere. 2191 */ 2192 tnode_t * 2193 build_binary(tnode_t *ln, op_t op, bool sys, tnode_t *rn) 2194 { 2195 const mod_t *mp = &modtab[op]; 2196 2197 /* If there was an error in one of the operands, return. */ 2198 if (ln == NULL || (mp->m_binary && rn == NULL)) 2199 return NULL; 2200 2201 if (mp->m_value_context || mp->m_compares_with_zero) 2202 ln = cconv(ln); 2203 if (mp->m_binary && op != ARROW && op != POINT) 2204 rn = cconv(rn); 2205 2206 if (mp->m_comparison) 2207 check_integer_comparison(op, ln, rn); 2208 2209 if (mp->m_value_context || mp->m_compares_with_zero) 2210 ln = promote(op, false, ln); 2211 if (mp->m_binary && op != ARROW && op != POINT && 2212 op != ASSIGN && op != RETURN && op != INIT) 2213 rn = promote(op, false, rn); 2214 2215 if (mp->m_warn_if_left_unsigned_in_c90 && 2216 ln->tn_op == CON && ln->u.value.v_unsigned_since_c90) { 2217 /* C90 treats constant as unsigned, op '%s' */ 2218 warning(218, op_name(op)); 2219 ln->u.value.v_unsigned_since_c90 = false; 2220 } 2221 if (mp->m_warn_if_right_unsigned_in_c90 && 2222 rn->tn_op == CON && rn->u.value.v_unsigned_since_c90) { 2223 /* C90 treats constant as unsigned, op '%s' */ 2224 warning(218, op_name(op)); 2225 rn->u.value.v_unsigned_since_c90 = false; 2226 } 2227 2228 if (mp->m_balance_operands || (!allow_c90 && (op == SHL || op == SHR))) 2229 balance(op, &ln, &rn); 2230 2231 if (!typeok(op, NULL, 0, ln, rn)) 2232 return NULL; 2233 2234 tnode_t *ntn; 2235 switch (op) { 2236 case POINT: 2237 case ARROW: 2238 ntn = build_struct_access(op, sys, ln, rn); 2239 break; 2240 case UMINUS: 2241 if (any_query_enabled && may_be_signed_min(ln)) 2242 /* negation of signed '%s' */ 2243 query_message(25, expr_type_name(ln)); 2244 ntn = build_op(op, sys, ln->tn_type, ln, rn); 2245 break; 2246 case INCAFT: 2247 case DECAFT: 2248 case INCBEF: 2249 case DECBEF: 2250 ntn = build_prepost_incdec(op, sys, ln); 2251 break; 2252 case ADDR: 2253 ntn = build_address(sys, ln); 2254 break; 2255 case INDIR: 2256 ntn = build_op(INDIR, sys, ln->tn_type->t_subt, ln, NULL); 2257 break; 2258 case PLUS: 2259 case MINUS: 2260 ntn = build_plus_minus(op, sys, ln, rn); 2261 break; 2262 case SHL: 2263 case SHR: 2264 ntn = build_bit_shift(op, sys, ln, rn); 2265 break; 2266 case COLON: 2267 ntn = build_colon(sys, ln, rn); 2268 break; 2269 case ASSIGN: 2270 case MULASS: 2271 case DIVASS: 2272 case MODASS: 2273 case ADDASS: 2274 case SUBASS: 2275 case SHLASS: 2276 case SHRASS: 2277 case ANDASS: 2278 case XORASS: 2279 case ORASS: 2280 case RETURN: 2281 case INIT: 2282 ntn = build_assignment(op, sys, ln, rn); 2283 break; 2284 case COMMA: 2285 /* comma operator with types '%s' and '%s' */ 2286 query_message(12, 2287 expr_type_name(ln), expr_type_name(rn)); 2288 /* FALLTHROUGH */ 2289 case QUEST: 2290 ntn = build_op(op, sys, rn->tn_type, ln, rn); 2291 break; 2292 case REAL: 2293 case IMAG: 2294 ntn = build_real_imag(op, sys, ln); 2295 break; 2296 default: 2297 lint_assert(mp->m_binary == (rn != NULL)); 2298 if ((op == NOT || op == LOGAND || op == LOGOR) 2299 && ln->tn_op == ASSIGN && ln->u.ops.right->tn_op == CON) { 2300 /* constant assignment of type '%s' in operand ... */ 2301 warning(382, expr_type_name(ln), op_name(op), 2302 is_nonzero_val(&ln->u.ops.right->u.value) 2303 ? "true" : "false"); 2304 } 2305 if ((op == LOGAND || op == LOGOR) 2306 && rn->tn_op == ASSIGN && rn->u.ops.right->tn_op == CON) { 2307 /* constant assignment of type '%s' in operand ... */ 2308 warning(382, expr_type_name(rn), op_name(op), 2309 is_nonzero_val(&rn->u.ops.right->u.value) 2310 ? "true" : "false"); 2311 } 2312 type_t *rettp = mp->m_returns_bool 2313 ? gettyp(Tflag ? BOOL : INT) : ln->tn_type; 2314 ntn = build_op(op, sys, rettp, ln, rn); 2315 break; 2316 } 2317 2318 if (ntn == NULL) 2319 return NULL; 2320 2321 if (mp->m_possible_precedence_confusion) 2322 check_precedence_confusion(ntn); 2323 2324 if (mp->m_fold_constant_operands && ln->tn_op == CON) { 2325 if (!mp->m_binary || rn->tn_op == CON) { 2326 if (mp->m_compares_with_zero) 2327 ntn = fold_constant_compare_zero(ntn); 2328 else if (is_floating(ntn->tn_type->t_tspec)) 2329 ntn = fold_constant_floating(ntn); 2330 else 2331 ntn = fold_constant_integer(ntn); 2332 } else if (op == QUEST) { 2333 lint_assert(has_operands(rn)); 2334 use(ln->u.value.u.integer != 0 2335 ? rn->u.ops.right : rn->u.ops.left); 2336 ntn = ln->u.value.u.integer != 0 2337 ? rn->u.ops.left : rn->u.ops.right; 2338 } 2339 } 2340 2341 return ntn; 2342 } 2343 2344 tnode_t * 2345 build_unary(op_t op, bool sys, tnode_t *tn) 2346 { 2347 return build_binary(tn, op, sys, NULL); 2348 } 2349 2350 static bool 2351 are_members_compatible(const sym_t *a, const sym_t *b) 2352 { 2353 if (a->u.s_member.sm_offset_in_bits != b->u.s_member.sm_offset_in_bits) 2354 return false; 2355 2356 const type_t *atp = a->s_type; 2357 const type_t *btp = b->s_type; 2358 bool w = false; 2359 if (!types_compatible(atp, btp, false, false, &w) && !w) 2360 return false; 2361 if (a->s_bitfield != b->s_bitfield) 2362 return false; 2363 if (a->s_bitfield) { 2364 if (atp->t_bit_field_width != btp->t_bit_field_width) 2365 return false; 2366 if (atp->t_bit_field_offset != btp->t_bit_field_offset) 2367 return false; 2368 } 2369 return true; 2370 } 2371 2372 /* 2373 * Return whether all struct/union members with the same name have the same 2374 * type and offset. 2375 */ 2376 static bool 2377 all_members_compatible(const sym_t *msym) 2378 { 2379 for (const sym_t *csym = msym; 2380 csym != NULL; csym = csym->s_symtab_next) { 2381 if (!is_member(csym)) 2382 continue; 2383 if (strcmp(msym->s_name, csym->s_name) != 0) 2384 continue; 2385 2386 for (const sym_t *sym = csym->s_symtab_next; 2387 sym != NULL; sym = sym->s_symtab_next) { 2388 if (is_member(sym) 2389 && strcmp(csym->s_name, sym->s_name) == 0 2390 && !are_members_compatible(csym, sym)) 2391 return false; 2392 } 2393 } 2394 return true; 2395 } 2396 2397 sym_t * 2398 find_member(const struct_or_union *sou, const char *name) 2399 { 2400 for (sym_t *mem = sou->sou_first_member; 2401 mem != NULL; mem = mem->s_next) { 2402 lint_assert(is_member(mem)); 2403 lint_assert(mem->u.s_member.sm_containing_type == sou); 2404 if (strcmp(mem->s_name, name) == 0) 2405 return mem; 2406 } 2407 2408 for (sym_t *mem = sou->sou_first_member; 2409 mem != NULL; mem = mem->s_next) { 2410 if (is_struct_or_union(mem->s_type->t_tspec) 2411 && mem->s_name == unnamed) { 2412 sym_t *nested_mem = 2413 find_member(mem->s_type->u.sou, name); 2414 if (nested_mem != NULL) 2415 return nested_mem; 2416 } 2417 } 2418 return NULL; 2419 } 2420 2421 /* 2422 * Remove the member if it was unknown until now, which means 2423 * that no defined struct or union has a member with the same name. 2424 */ 2425 static void 2426 remove_unknown_member(tnode_t *tn, sym_t *msym) 2427 { 2428 /* type '%s' does not have member '%s' */ 2429 error(101, type_name(tn->tn_type), msym->s_name); 2430 symtab_remove_forever(msym); 2431 msym->s_kind = SK_MEMBER; 2432 msym->s_scl = STRUCT_MEMBER; 2433 2434 struct_or_union *sou = expr_zero_alloc(sizeof(*sou), 2435 "struct_or_union"); 2436 sou->sou_tag = expr_zero_alloc(sizeof(*sou->sou_tag), "sym"); 2437 sou->sou_tag->s_name = unnamed; 2438 2439 msym->u.s_member.sm_containing_type = sou; 2440 /* 2441 * The member sm_offset_in_bits is not needed here since this symbol 2442 * can only be used for error reporting. 2443 */ 2444 } 2445 2446 /* 2447 * Returns a symbol which has the same name as 'msym' and is a member of the 2448 * struct or union specified by 'tn'. 2449 */ 2450 static sym_t * 2451 struct_or_union_member(tnode_t *tn, op_t op, sym_t *msym) 2452 { 2453 2454 /* Determine the tag type of which msym is expected to be a member. */ 2455 const type_t *tp = NULL; 2456 if (op == POINT && is_struct_or_union(tn->tn_type->t_tspec)) 2457 tp = tn->tn_type; 2458 if (op == ARROW && tn->tn_type->t_tspec == PTR 2459 && is_struct_or_union(tn->tn_type->t_subt->t_tspec)) 2460 tp = tn->tn_type->t_subt; 2461 struct_or_union *sou = tp != NULL ? tp->u.sou : NULL; 2462 2463 if (sou != NULL) { 2464 sym_t *nested_mem = find_member(sou, msym->s_name); 2465 if (nested_mem != NULL) 2466 return nested_mem; 2467 } 2468 2469 if (msym->s_scl == NO_SCL) { 2470 remove_unknown_member(tn, msym); 2471 return msym; 2472 } 2473 2474 bool eq = all_members_compatible(msym); 2475 2476 /* 2477 * Now handle the case in which the left operand refers really to a 2478 * struct/union, but the right operand is not member of it. 2479 */ 2480 if (sou != NULL) { 2481 if (eq && !allow_c90) 2482 /* invalid use of member '%s' */ 2483 warning(102, msym->s_name); 2484 else 2485 /* invalid use of member '%s' */ 2486 error(102, msym->s_name); 2487 return msym; 2488 } 2489 2490 if (eq) { 2491 if (op == POINT) { 2492 if (!allow_c90) 2493 /* left operand of '.' must be struct ... */ 2494 warning(103, expr_type_name(tn)); 2495 else 2496 /* left operand of '.' must be struct ... */ 2497 error(103, expr_type_name(tn)); 2498 } else { 2499 if (!allow_c90 && tn->tn_type->t_tspec == PTR) 2500 /* left operand of '->' must be pointer ... */ 2501 warning(104, expr_type_name(tn)); 2502 else 2503 /* left operand of '->' must be pointer ... */ 2504 error(104, expr_type_name(tn)); 2505 } 2506 } else { 2507 if (!allow_c90) 2508 /* non-unique member requires struct/union %s */ 2509 error(105, op == POINT ? "object" : "pointer"); 2510 else 2511 /* unacceptable operand of '%s' */ 2512 error(111, op_name(op)); 2513 } 2514 2515 return msym; 2516 } 2517 2518 tnode_t * 2519 build_member_access(tnode_t *ln, op_t op, bool sys, sbuf_t *member) 2520 { 2521 sym_t *msym; 2522 2523 if (ln == NULL) 2524 return NULL; 2525 2526 if (op == ARROW) 2527 /* must do this before struct_or_union_member is called */ 2528 ln = cconv(ln); 2529 msym = struct_or_union_member(ln, op, getsym(member)); 2530 return build_binary(ln, op, sys, build_name(msym, false)); 2531 } 2532 2533 /* 2534 * Perform class conversions. 2535 * 2536 * Arrays of type T are converted into pointers to type T. 2537 * Functions are converted to pointers to functions. 2538 * Lvalues are converted to rvalues. 2539 * 2540 * C99 6.3 "Conversions" 2541 * C99 6.3.2 "Other operands" 2542 * C99 6.3.2.1 "Lvalues, arrays, and function designators" 2543 */ 2544 tnode_t * 2545 cconv(tnode_t *tn) 2546 { 2547 if (tn->tn_type->t_tspec == ARRAY) { 2548 if (!tn->tn_lvalue) { 2549 /* XXX print correct operator */ 2550 /* %soperand of '%s' must be lvalue */ 2551 gnuism(114, "", op_name(ADDR)); 2552 } 2553 tn = build_op(ADDR, tn->tn_sys, 2554 expr_derive_ptr_type(tn->tn_type->t_subt), tn, NULL); 2555 } 2556 2557 if (tn->tn_type->t_tspec == FUNC) 2558 tn = build_address(tn->tn_sys, tn); 2559 2560 if (tn->tn_lvalue) { 2561 type_t *tp = expr_dup_type(tn->tn_type); 2562 /* C99 6.3.2.1p2 sentence 2 says to remove the qualifiers. */ 2563 tp->t_const = tp->t_volatile = false; 2564 tn = build_op(LOAD, tn->tn_sys, tp, tn, NULL); 2565 } 2566 2567 return tn; 2568 } 2569 2570 const tnode_t * 2571 before_conversion(const tnode_t *tn) 2572 { 2573 while (tn->tn_op == CVT && !tn->tn_cast) 2574 tn = tn->u.ops.left; 2575 return tn; 2576 } 2577 2578 /* 2579 * Most errors required by C90 are reported in struct_or_union_member(). 2580 * Here we only check for totally wrong things. 2581 */ 2582 static bool 2583 typeok_point(const tnode_t *ln, const type_t *ltp, tspec_t lt) 2584 { 2585 if (is_struct_or_union(lt)) 2586 return true; 2587 2588 if (lt == FUNC || lt == VOID || ltp->t_bitfield) 2589 goto wrong; 2590 2591 /* 2592 * Some C dialects from before C90 tolerated any lvalue on the 2593 * left-hand side of the '.' operator, allowing things like 'char 2594 * st[100]; st.st_mtime', assuming that the member 'st_mtime' only 2595 * occurred in a single struct; see typeok_arrow. 2596 */ 2597 if (ln->tn_lvalue) 2598 return true; 2599 2600 wrong: 2601 /* With allow_c90 we already got an error */ 2602 if (!allow_c90) 2603 /* unacceptable operand of '%s' */ 2604 error(111, op_name(POINT)); 2605 2606 return false; 2607 } 2608 2609 static bool 2610 typeok_arrow(tspec_t lt) 2611 { 2612 /* 2613 * C1978 Appendix A 14.1 says: <quote>In fact, any lvalue is allowed 2614 * before '.', and that lvalue is then assumed to have the form of the 2615 * structure of which the name of the right is a member. [...] Such 2616 * constructions are non-portable.</quote> 2617 */ 2618 if (lt == PTR || (!allow_c90 && is_integer(lt))) 2619 return true; 2620 2621 /* With allow_c90 we already got an error */ 2622 if (!allow_c90) 2623 /* unacceptable operand of '%s' */ 2624 error(111, op_name(ARROW)); 2625 return false; 2626 } 2627 2628 static bool 2629 typeok_incdec(op_t op, const tnode_t *tn, const type_t *tp) 2630 { 2631 /* operand has scalar type (checked in typeok) */ 2632 if (!tn->tn_lvalue) { 2633 if (tn->tn_op == CVT && tn->tn_cast && 2634 tn->u.ops.left->tn_op == LOAD) 2635 /* a cast does not yield an lvalue */ 2636 error(163); 2637 /* %soperand of '%s' must be lvalue */ 2638 error(114, "", op_name(op)); 2639 return false; 2640 } 2641 if (tp->t_const && allow_c90) 2642 /* %soperand of '%s' must be modifiable lvalue */ 2643 warning(115, "", op_name(op)); 2644 return true; 2645 } 2646 2647 static bool 2648 typeok_address(op_t op, const tnode_t *tn, const type_t *tp, tspec_t t) 2649 { 2650 if (t == ARRAY || t == FUNC) { 2651 /* ok, a warning comes later (in build_address()) */ 2652 } else if (!tn->tn_lvalue) { 2653 if (tn->tn_op == CVT && tn->tn_cast && 2654 tn->u.ops.left->tn_op == LOAD) 2655 /* a cast does not yield an lvalue */ 2656 error(163); 2657 /* %soperand of '%s' must be lvalue */ 2658 error(114, "", op_name(op)); 2659 return false; 2660 } else if (is_scalar(t)) { 2661 if (tp->t_bitfield) { 2662 /* cannot take address of bit-field */ 2663 error(112); 2664 return false; 2665 } 2666 } else if (t != STRUCT && t != UNION) { 2667 /* unacceptable operand of '%s' */ 2668 error(111, op_name(op)); 2669 return false; 2670 } 2671 if (tn->tn_op == NAME && tn->u.sym->s_register) { 2672 /* cannot take address of register '%s' */ 2673 error(113, tn->u.sym->s_name); 2674 return false; 2675 } 2676 return true; 2677 } 2678 2679 static bool 2680 typeok_indir(const type_t *tp, tspec_t t) 2681 { 2682 2683 if (t != PTR) { 2684 /* cannot dereference non-pointer type '%s' */ 2685 error(96, type_name(tp)); 2686 return false; 2687 } 2688 return true; 2689 } 2690 2691 static void 2692 warn_incompatible_types(op_t op, 2693 const type_t *ltp, tspec_t lt, 2694 const type_t *rtp, tspec_t rt) 2695 { 2696 bool binary = modtab[op].m_binary; 2697 2698 if (lt == VOID || (binary && rt == VOID)) { 2699 /* void type invalid in expression */ 2700 error(109); 2701 } else if (op == ASSIGN) 2702 /* cannot assign to '%s' from '%s' */ 2703 error(171, type_name(ltp), type_name(rtp)); 2704 else if (binary) 2705 /* operands of '%s' have incompatible types '%s' and '%s' */ 2706 error(107, op_name(op), type_name(ltp), type_name(rtp)); 2707 else { 2708 lint_assert(rt == NO_TSPEC); 2709 /* operand of '%s' has invalid type '%s' */ 2710 error(108, op_name(op), type_name(ltp)); 2711 } 2712 } 2713 2714 static bool 2715 typeok_plus(op_t op, 2716 const type_t *ltp, tspec_t lt, 2717 const type_t *rtp, tspec_t rt) 2718 { 2719 /* operands have scalar types (checked in typeok) */ 2720 if ((lt == PTR && !is_integer(rt)) || (rt == PTR && !is_integer(lt))) { 2721 warn_incompatible_types(op, ltp, lt, rtp, rt); 2722 return false; 2723 } 2724 return true; 2725 } 2726 2727 static bool 2728 typeok_minus(op_t op, 2729 const type_t *ltp, tspec_t lt, 2730 const type_t *rtp, tspec_t rt) 2731 { 2732 /* operands have scalar types (checked in typeok) */ 2733 if ((lt == PTR && rt != PTR && !is_integer(rt)) || 2734 (lt != PTR && rt == PTR)) { 2735 warn_incompatible_types(op, ltp, lt, rtp, rt); 2736 return false; 2737 } 2738 if (lt == PTR && rt == PTR && 2739 !types_compatible(ltp->t_subt, rtp->t_subt, true, false, NULL)) { 2740 /* invalid pointer subtraction */ 2741 error(116); 2742 } 2743 return true; 2744 } 2745 2746 static void 2747 typeok_shr(const tnode_t *ln, tspec_t lt, 2748 const tnode_t *rn, tspec_t rt) 2749 { 2750 tspec_t olt = before_conversion(ln)->tn_type->t_tspec; 2751 tspec_t ort = before_conversion(rn)->tn_type->t_tspec; 2752 2753 if (is_uinteger(olt)) 2754 return; 2755 2756 if (pflag) { 2757 integer_constraints lc = ic_expr(ln); 2758 if (lc.bclr >> 63 != 0) 2759 return; 2760 2761 if (ln->tn_op != CON) 2762 /* bitwise '%s' on signed '%s' possibly nonportable */ 2763 warning(117, ">>", expr_type_name(ln)); 2764 else if (ln->u.value.u.integer < 0) 2765 /* bitwise '%s' on signed '%s' nonportable */ 2766 warning(120, ">>", expr_type_name(ln)); 2767 return; 2768 } 2769 2770 /* The left operand would become unsigned in traditional C. */ 2771 if (allow_trad && allow_c90 && hflag && is_uinteger(ort) 2772 && !(ln->tn_op == CON && ln->u.value.u.integer >= 0)) 2773 /* '%s' %s '%s' differs between traditional C and C90 */ 2774 warning(118, tspec_name(lt), ">>", tspec_name(rt)); 2775 2776 /* 2777 * In traditional C, the left operand would be extended 2778 * (possibly sign-extended) and then shifted. 2779 */ 2780 if (allow_trad && allow_c90 && hflag && !is_uinteger(ort) 2781 && portable_rank_cmp(lt, rt) < 0 2782 && !(ln->tn_op == CON && ln->u.value.u.integer >= 0)) 2783 /* '%s' %s '%s' differs between traditional C and C90 */ 2784 warning(118, tspec_name(lt), ">>", tspec_name(rt)); 2785 } 2786 2787 // C90 does not mention signed shift-left. Later standards mention that case 2788 // but leave open whether 'uint8_t << 24' is supposed to have an unsigned or a 2789 // signed result type. It depends on whether E1 is interpreted to be the left 2790 // operand's type before or after integral promotions. 2791 static void 2792 typeok_shl_signed_to_msb(const tnode_t *ln, const tnode_t *rn) 2793 { 2794 integer_constraints lc = ic_expr(ln); 2795 int64_t n; 2796 unsigned lw = width_in_bits(ln->tn_type); 2797 if (!is_uinteger(ln->tn_type->t_tspec) 2798 && ln->tn_op != CON 2799 && ((lc.smin == 0 && lc.smax != 0 && lc.smax != INT64_MAX 2800 && (lc.smax & (lc.smax + 1)) == 0) 2801 || (lc.smin != INT64_MAX && lc.smax != INT64_MIN 2802 && lc.smin + 1 == -lc.smax)) 2803 && rn->tn_op == CON 2804 && (n = rn->u.value.u.integer, 1 <= n && n <= lw) 2805 && u64_width((uint64_t)lc.smax - (uint64_t)lc.smin) + n == lw) 2806 /* bitwise '%s' on signed '%s' possibly nonportable */ 2807 warning(117, "<<", expr_type_name(ln)); 2808 } 2809 2810 static void 2811 typeok_shl(const tnode_t *ln, tspec_t lt, const tnode_t *rn, tspec_t rt) 2812 { 2813 /* 2814 * Traditional C performs the usual arithmetic conversions on the 2815 * operands, C90 and later don't. 2816 */ 2817 if (hflag && allow_trad && allow_c90 && portable_rank_cmp(lt, rt) < 0) 2818 /* '%s' %s '%s' differs between traditional C and C90 */ 2819 warning(118, tspec_name(lt), "<<", tspec_name(rt)); 2820 2821 typeok_shl_signed_to_msb(ln, rn); 2822 } 2823 2824 static void 2825 typeok_shift(const tnode_t *ln, tspec_t lt, const tnode_t *rn, tspec_t rt) 2826 { 2827 if (rn->tn_op != CON) 2828 return; 2829 2830 if (!is_uinteger(rt) && rn->u.value.u.integer < 0) 2831 /* negative shift */ 2832 warning(121); 2833 else if ((uint64_t)rn->u.value.u.integer == size_in_bits(lt)) 2834 /* shift amount %u equals bit-size of '%s' */ 2835 warning(267, 2836 (unsigned)rn->u.value.u.integer, expr_type_name(ln)); 2837 else if ((uint64_t)rn->u.value.u.integer > size_in_bits(lt)) { 2838 /* shift amount %llu is greater than bit-size %llu of '%s' */ 2839 warning(122, (unsigned long long)rn->u.value.u.integer, 2840 (unsigned long long)size_in_bits(lt), 2841 expr_type_name(ln)); 2842 } 2843 } 2844 2845 static bool 2846 is_typeok_eq(const tnode_t *ln, tspec_t lt, const tnode_t *rn, tspec_t rt) 2847 { 2848 if (lt == PTR && is_null_pointer(rn)) 2849 return true; 2850 if (rt == PTR && is_null_pointer(ln)) 2851 return true; 2852 return false; 2853 } 2854 2855 static void 2856 warn_incompatible_pointers(op_t op, const type_t *ltp, const type_t *rtp) 2857 { 2858 lint_assert(ltp->t_tspec == PTR); 2859 lint_assert(rtp->t_tspec == PTR); 2860 2861 tspec_t lt = ltp->t_subt->t_tspec; 2862 tspec_t rt = rtp->t_subt->t_tspec; 2863 2864 if (is_struct_or_union(lt) && is_struct_or_union(rt)) { 2865 if (op == RETURN) 2866 /* invalid structure pointer combination */ 2867 warning(244); 2868 else { 2869 /* incompatible structure pointers: '%s' '%s' '%s' */ 2870 warning(245, type_name(ltp), 2871 op_name(op), type_name(rtp)); 2872 } 2873 } else { 2874 if (op == RETURN) 2875 /* invalid combination of '%s' and '%s' */ 2876 warning(184, type_name(ltp), type_name(rtp)); 2877 else { 2878 /* invalid combination of '%s' and '%s', op '%s' */ 2879 warning(124, 2880 type_name(ltp), type_name(rtp), op_name(op)); 2881 } 2882 } 2883 } 2884 2885 static void 2886 check_pointer_comparison(op_t op, const tnode_t *ln, const tnode_t *rn) 2887 { 2888 type_t *ltp = ln->tn_type, *rtp = rn->tn_type; 2889 tspec_t lst = ltp->t_subt->t_tspec, rst = rtp->t_subt->t_tspec; 2890 2891 if (lst == VOID || rst == VOID) { 2892 /* TODO: C99 behaves like C90 here. */ 2893 if (!allow_trad && !allow_c99 && 2894 (lst == FUNC || rst == FUNC)) { 2895 /* (void *)0 is already handled in typeok() */ 2896 const char *lsts, *rsts; 2897 *(lst == FUNC ? &lsts : &rsts) = "function pointer"; 2898 *(lst == VOID ? &lsts : &rsts) = "'void *'"; 2899 /* C90 or later forbid comparison of %s with %s */ 2900 warning(274, lsts, rsts); 2901 } 2902 return; 2903 } 2904 2905 if (!types_compatible(ltp->t_subt, rtp->t_subt, true, false, NULL)) { 2906 warn_incompatible_pointers(op, ltp, rtp); 2907 return; 2908 } 2909 2910 if (lst == FUNC && rst == FUNC) { 2911 /* TODO: C99 behaves like C90 here, see C99 6.5.8p2. */ 2912 if (!allow_trad && !allow_c99 && op != EQ && op != NE) 2913 /* pointers to functions can only be compared ... */ 2914 warning(125); 2915 } 2916 } 2917 2918 static bool 2919 typeok_compare(op_t op, 2920 const tnode_t *ln, const type_t *ltp, tspec_t lt, 2921 const tnode_t *rn, const type_t *rtp, tspec_t rt) 2922 { 2923 if (lt == PTR && rt == PTR) { 2924 check_pointer_comparison(op, ln, rn); 2925 return true; 2926 } 2927 2928 if (lt != PTR && rt != PTR) 2929 return true; 2930 2931 if (!is_integer(lt) && !is_integer(rt)) { 2932 warn_incompatible_types(op, ltp, lt, rtp, rt); 2933 return false; 2934 } 2935 2936 const char *lx = lt == PTR ? "pointer" : "integer"; 2937 const char *rx = rt == PTR ? "pointer" : "integer"; 2938 /* invalid combination of %s '%s' and %s '%s', op '%s' */ 2939 warning(123, lx, type_name(ltp), rx, type_name(rtp), op_name(op)); 2940 return true; 2941 } 2942 2943 static bool 2944 typeok_quest(tspec_t lt, const tnode_t *rn) 2945 { 2946 if (!is_scalar(lt)) { 2947 /* first operand of '?' must have scalar type */ 2948 error(170); 2949 return false; 2950 } 2951 lint_assert(before_conversion(rn)->tn_op == COLON); 2952 return true; 2953 } 2954 2955 static void 2956 typeok_colon_pointer(const type_t *ltp, const type_t *rtp) 2957 { 2958 type_t *lstp = ltp->t_subt; 2959 type_t *rstp = rtp->t_subt; 2960 tspec_t lst = lstp->t_tspec; 2961 tspec_t rst = rstp->t_tspec; 2962 2963 if ((lst == VOID && rst == FUNC) || (lst == FUNC && rst == VOID)) { 2964 /* (void *)0 is handled in typeok_colon */ 2965 /* TODO: C99 behaves like C90 here. */ 2966 if (!allow_trad && !allow_c99) 2967 /* conversion of %s to %s requires a cast, op %s */ 2968 warning(305, "function pointer", "'void *'", 2969 op_name(COLON)); 2970 return; 2971 } 2972 2973 if (pointer_types_are_compatible(lstp, rstp, true)) 2974 return; 2975 if (!types_compatible(lstp, rstp, true, false, NULL)) 2976 warn_incompatible_pointers(COLON, ltp, rtp); 2977 } 2978 2979 static bool 2980 typeok_colon(const tnode_t *ln, const type_t *ltp, tspec_t lt, 2981 const tnode_t *rn, const type_t *rtp, tspec_t rt) 2982 { 2983 2984 if (is_arithmetic(lt) && is_arithmetic(rt)) 2985 return true; 2986 if (lt == BOOL && rt == BOOL) 2987 return true; 2988 2989 if (lt == STRUCT && rt == STRUCT && ltp->u.sou == rtp->u.sou) 2990 return true; 2991 if (lt == UNION && rt == UNION && ltp->u.sou == rtp->u.sou) 2992 return true; 2993 2994 if (lt == PTR && is_null_pointer(rn)) 2995 return true; 2996 if (rt == PTR && is_null_pointer(ln)) 2997 return true; 2998 2999 if ((lt == PTR && is_integer(rt)) || (is_integer(lt) && rt == PTR)) { 3000 const char *lx = lt == PTR ? "pointer" : "integer"; 3001 const char *rx = rt == PTR ? "pointer" : "integer"; 3002 /* invalid combination of %s '%s' and %s '%s', op '%s' */ 3003 warning(123, lx, type_name(ltp), 3004 rx, type_name(rtp), op_name(COLON)); 3005 return true; 3006 } 3007 3008 if (lt == VOID || rt == VOID) { 3009 if (lt != VOID || rt != VOID) 3010 /* incompatible types '%s' and '%s' in conditional */ 3011 warning(126, expr_type_name(ln), expr_type_name(rn)); 3012 return true; 3013 } 3014 3015 if (lt == PTR && rt == PTR) { 3016 typeok_colon_pointer(ltp, rtp); 3017 return true; 3018 } 3019 3020 /* incompatible types '%s' and '%s' in conditional */ 3021 error(126, expr_type_name(ln), expr_type_name(rn)); 3022 return false; 3023 } 3024 3025 static bool 3026 has_constant_member(const type_t *tp) 3027 { 3028 lint_assert(is_struct_or_union(tp->t_tspec)); 3029 3030 for (sym_t *m = tp->u.sou->sou_first_member; 3031 m != NULL; m = m->s_next) { 3032 const type_t *mtp = m->s_type; 3033 if (mtp->t_const) 3034 return true; 3035 if (is_struct_or_union(mtp->t_tspec) && 3036 has_constant_member(mtp)) 3037 return true; 3038 } 3039 return false; 3040 } 3041 3042 static bool 3043 typeok_assign(op_t op, const tnode_t *ln, const type_t *ltp, tspec_t lt) 3044 { 3045 if (op == RETURN || op == INIT || op == FARG) 3046 return true; 3047 3048 if (!ln->tn_lvalue) { 3049 if (ln->tn_op == CVT && ln->tn_cast && 3050 ln->u.ops.left->tn_op == LOAD) 3051 /* a cast does not yield an lvalue */ 3052 error(163); 3053 /* %soperand of '%s' must be lvalue */ 3054 error(114, "left ", op_name(op)); 3055 return false; 3056 } else if (ltp->t_const 3057 || (is_struct_or_union(lt) && has_constant_member(ltp))) { 3058 if (allow_c90) 3059 /* %soperand of '%s' must be modifiable lvalue */ 3060 warning(115, "left ", op_name(op)); 3061 } 3062 return true; 3063 } 3064 3065 static bool 3066 typeok_scalar(op_t op, const mod_t *mp, 3067 const type_t *ltp, tspec_t lt, 3068 const type_t *rtp, tspec_t rt) 3069 { 3070 if (mp->m_takes_bool && lt == BOOL && rt == BOOL) 3071 return true; 3072 if (mp->m_requires_integer) { 3073 if (!is_integer(lt) || (mp->m_binary && !is_integer(rt))) { 3074 warn_incompatible_types(op, ltp, lt, rtp, rt); 3075 return false; 3076 } 3077 } else if (mp->m_requires_integer_or_complex) { 3078 if ((!is_integer(lt) && !is_complex(lt)) || 3079 (mp->m_binary && (!is_integer(rt) && !is_complex(rt)))) { 3080 warn_incompatible_types(op, ltp, lt, rtp, rt); 3081 return false; 3082 } 3083 } else if (mp->m_requires_scalar) { 3084 if (!is_scalar(lt) || (mp->m_binary && !is_scalar(rt))) { 3085 warn_incompatible_types(op, ltp, lt, rtp, rt); 3086 return false; 3087 } 3088 } else if (mp->m_requires_arith) { 3089 if (!is_arithmetic(lt) || 3090 (mp->m_binary && !is_arithmetic(rt))) { 3091 warn_incompatible_types(op, ltp, lt, rtp, rt); 3092 return false; 3093 } 3094 } 3095 return true; 3096 } 3097 3098 static void 3099 check_assign_void_pointer(op_t op, int arg, 3100 tspec_t lt, tspec_t lst, 3101 tspec_t rt, tspec_t rst) 3102 { 3103 3104 if (!(lt == PTR && rt == PTR && (lst == VOID || rst == VOID))) 3105 return; 3106 /* two pointers, at least one pointer to void */ 3107 3108 /* TODO: C99 behaves like C90 here. */ 3109 if (!(!allow_trad && !allow_c99 && (lst == FUNC || rst == FUNC))) 3110 return; 3111 /* comb. of ptr to func and ptr to void */ 3112 3113 const char *lts, *rts; 3114 *(lst == FUNC ? <s : &rts) = "function pointer"; 3115 *(lst == VOID ? <s : &rts) = "'void *'"; 3116 3117 switch (op) { 3118 case INIT: 3119 case RETURN: 3120 /* conversion of %s to %s requires a cast */ 3121 warning(303, rts, lts); 3122 break; 3123 case FARG: 3124 /* conversion of %s to %s requires a cast, arg #%d */ 3125 warning(304, rts, lts, arg); 3126 break; 3127 default: 3128 /* conversion of %s to %s requires a cast, op %s */ 3129 warning(305, rts, lts, op_name(op)); 3130 break; 3131 } 3132 } 3133 3134 static bool 3135 is_direct_function_call(const tnode_t *tn, const char **out_name) 3136 { 3137 3138 if (tn->tn_op == CALL 3139 && tn->u.call->func->tn_op == ADDR 3140 && tn->u.call->func->u.ops.left->tn_op == NAME) { 3141 *out_name = tn->u.call->func->u.ops.left->u.sym->s_name; 3142 return true; 3143 } 3144 return false; 3145 } 3146 3147 static bool 3148 is_unconst_function(const char *name) 3149 { 3150 3151 return strcmp(name, "memchr") == 0 || 3152 strcmp(name, "strchr") == 0 || 3153 strcmp(name, "strpbrk") == 0 || 3154 strcmp(name, "strrchr") == 0 || 3155 strcmp(name, "strstr") == 0; 3156 } 3157 3158 static bool 3159 is_const_char_pointer(const tnode_t *tn) 3160 { 3161 /* 3162 * For traditional reasons, C99 6.4.5p5 defines that string literals 3163 * have type 'char[]'. They are often implicitly converted to 'char 3164 * *', for example when they are passed as function arguments. 3165 * 3166 * C99 6.4.5p6 further defines that modifying a string that is 3167 * constructed from a string literal invokes undefined behavior. 3168 * 3169 * Out of these reasons, string literals are treated as 'effectively 3170 * const' here. 3171 */ 3172 if (tn->tn_op == CVT && 3173 tn->u.ops.left->tn_op == ADDR && 3174 tn->u.ops.left->u.ops.left->tn_op == STRING) 3175 return true; 3176 3177 const type_t *tp = before_conversion(tn)->tn_type; 3178 return tp->t_tspec == PTR && 3179 tp->t_subt->t_tspec == CHAR && 3180 tp->t_subt->t_const; 3181 } 3182 3183 static bool 3184 is_const_pointer(const tnode_t *tn) 3185 { 3186 const type_t *tp = before_conversion(tn)->tn_type; 3187 return tp->t_tspec == PTR && tp->t_subt->t_const; 3188 } 3189 3190 static void 3191 check_unconst_function(const type_t *lstp, const tnode_t *rn) 3192 { 3193 const char *function_name; 3194 3195 if (lstp->t_tspec == CHAR && !lstp->t_const && 3196 is_direct_function_call(rn, &function_name) && 3197 is_unconst_function(function_name) && 3198 rn->u.call->args_len >= 1 && 3199 is_const_char_pointer(rn->u.call->args[0])) { 3200 /* call to '%s' effectively discards 'const' from argument */ 3201 warning(346, function_name); 3202 } 3203 3204 if (!lstp->t_const && 3205 is_direct_function_call(rn, &function_name) && 3206 strcmp(function_name, "bsearch") == 0 && 3207 rn->u.call->args_len >= 2 && 3208 is_const_pointer(rn->u.call->args[1])) { 3209 /* call to '%s' effectively discards 'const' from argument */ 3210 warning(346, function_name); 3211 } 3212 } 3213 3214 static bool 3215 check_assign_void_pointer_compat(op_t op, const function_call *call, int arg, 3216 tspec_t lt, 3217 const type_t *lstp, tspec_t lst, 3218 const tnode_t *rn, 3219 const type_t *rtp, tspec_t rt, 3220 const type_t *rstp, tspec_t rst) 3221 { 3222 if (!(lt == PTR && rt == PTR && (lst == VOID || rst == VOID || 3223 types_compatible(lstp, rstp, 3224 true, false, NULL)))) 3225 return false; 3226 3227 /* compatible pointer types (qualifiers ignored) */ 3228 char qualifiers[32]; 3229 snprintf(qualifiers, sizeof(qualifiers), "%s%s", 3230 !lstp->t_const && rstp->t_const ? " const" : "", 3231 !lstp->t_volatile && rstp->t_volatile ? " volatile" : ""); 3232 if (allow_c90 && qualifiers[0] != '\0') { 3233 switch (op) { 3234 case INIT: 3235 case RETURN: 3236 /* '%s' discards '%s' from '%s' */ 3237 warning(182, op_name(op), 3238 qualifiers + 1, type_name(rtp)); 3239 break; 3240 case FARG: 3241 /* passing '%s' as argument %d to '%s' discards '%s' */ 3242 warning(383, type_name(rtp), arg, 3243 function_call_descr(call), qualifiers + 1); 3244 break; 3245 default: 3246 /* operator '%s' discards '%s' from '%s' */ 3247 warning(128, op_name(op), 3248 qualifiers + 1, type_name(rtp)); 3249 break; 3250 } 3251 } 3252 3253 if (allow_c90) 3254 check_unconst_function(lstp, rn); 3255 3256 return true; 3257 } 3258 3259 static bool 3260 check_assign_pointer_integer(op_t op, int arg, 3261 const type_t *ltp, tspec_t lt, 3262 const type_t *rtp, tspec_t rt) 3263 { 3264 3265 if (!((lt == PTR && is_integer(rt)) || (is_integer(lt) && rt == PTR))) 3266 return false; 3267 3268 const char *lx = lt == PTR ? "pointer" : "integer"; 3269 const char *rx = rt == PTR ? "pointer" : "integer"; 3270 3271 switch (op) { 3272 case INIT: 3273 case RETURN: 3274 /* invalid combination of %s '%s' and %s '%s' for '%s' */ 3275 warning(183, 3276 lx, type_name(ltp), rx, type_name(rtp), op_name(op)); 3277 break; 3278 case FARG: 3279 /* invalid combination of %s '%s' and %s '%s', arg #%d */ 3280 warning(154, 3281 lx, type_name(ltp), rx, type_name(rtp), arg); 3282 break; 3283 default: 3284 /* invalid combination of %s '%s' and %s '%s', op '%s' */ 3285 warning(123, 3286 lx, type_name(ltp), rx, type_name(rtp), op_name(op)); 3287 break; 3288 } 3289 return true; 3290 } 3291 3292 static bool 3293 check_assign_pointer(op_t op, int arg, 3294 const type_t *ltp, tspec_t lt, 3295 const type_t *rtp, tspec_t rt) 3296 { 3297 if (!(lt == PTR && rt == PTR)) 3298 return false; 3299 3300 if (op == FARG) 3301 /* converting '%s' to incompatible '%s' for ... */ 3302 warning(153, type_name(rtp), type_name(ltp), arg); 3303 else 3304 warn_incompatible_pointers(op, ltp, rtp); 3305 return true; 3306 } 3307 3308 static void 3309 warn_assign(op_t op, int arg, 3310 const type_t *ltp, tspec_t lt, 3311 const type_t *rtp, tspec_t rt) 3312 { 3313 switch (op) { 3314 case INIT: 3315 /* cannot initialize '%s' from '%s' */ 3316 error(185, type_name(ltp), type_name(rtp)); 3317 break; 3318 case RETURN: 3319 /* function has return type '%s' but returns '%s' */ 3320 error(211, type_name(ltp), type_name(rtp)); 3321 break; 3322 case FARG: 3323 /* passing '%s' to incompatible '%s', arg #%d */ 3324 warning(155, type_name(rtp), type_name(ltp), arg); 3325 break; 3326 default: 3327 warn_incompatible_types(op, ltp, lt, rtp, rt); 3328 break; 3329 } 3330 } 3331 3332 /* 3333 * Checks type compatibility for ASSIGN, INIT, FARG and RETURN 3334 * and prints warnings/errors if necessary. 3335 * Returns whether the types are (almost) compatible. 3336 */ 3337 static bool 3338 check_assign_types_compatible(op_t op, const function_call *call, int arg, 3339 const tnode_t *ln, const tnode_t *rn) 3340 { 3341 tspec_t lt, rt, lst = NO_TSPEC, rst = NO_TSPEC; 3342 type_t *ltp, *rtp, *lstp = NULL, *rstp = NULL; 3343 3344 if ((lt = (ltp = ln->tn_type)->t_tspec) == PTR) 3345 lst = (lstp = ltp->t_subt)->t_tspec; 3346 if ((rt = (rtp = rn->tn_type)->t_tspec) == PTR) 3347 rst = (rstp = rtp->t_subt)->t_tspec; 3348 3349 if (lt == BOOL && is_scalar(rt)) /* C99 6.3.1.2 */ 3350 return true; 3351 3352 if (is_arithmetic(lt) && (is_arithmetic(rt) || rt == BOOL)) 3353 return true; 3354 3355 if (is_struct_or_union(lt) && is_struct_or_union(rt)) 3356 return ltp->u.sou == rtp->u.sou; 3357 3358 if (lt == PTR && is_null_pointer(rn)) { 3359 if (is_integer(rn->tn_type->t_tspec)) 3360 /* implicit conversion from integer 0 to pointer ... */ 3361 query_message(15, type_name(ltp)); 3362 return true; 3363 } 3364 3365 check_assign_void_pointer(op, arg, lt, lst, rt, rst); 3366 3367 if (check_assign_void_pointer_compat(op, call, arg, 3368 lt, lstp, lst, rn, rtp, rt, rstp, rst)) 3369 return true; 3370 3371 if (check_assign_pointer_integer(op, arg, ltp, lt, rtp, rt)) 3372 return true; 3373 3374 if (check_assign_pointer(op, arg, ltp, lt, rtp, rt)) 3375 return true; 3376 3377 warn_assign(op, arg, ltp, lt, rtp, rt); 3378 return false; 3379 } 3380 3381 static bool 3382 has_side_effect(const tnode_t *tn) /* NOLINT(misc-no-recursion) */ 3383 { 3384 op_t op = tn->tn_op; 3385 3386 if (modtab[op].m_has_side_effect) 3387 return true; 3388 3389 if (op == CVT && tn->tn_type->t_tspec == VOID) 3390 return has_side_effect(tn->u.ops.left); 3391 3392 if (op == LOGAND || op == LOGOR) 3393 return has_side_effect(tn->u.ops.right); 3394 3395 if (op == QUEST) 3396 return has_side_effect(tn->u.ops.right); 3397 3398 if (op == COLON || op == COMMA) { 3399 return has_side_effect(tn->u.ops.left) || 3400 has_side_effect(tn->u.ops.right); 3401 } 3402 3403 return false; 3404 } 3405 3406 static bool 3407 is_void_cast(const tnode_t *tn) 3408 { 3409 3410 return tn->tn_op == CVT && tn->tn_cast && 3411 tn->tn_type->t_tspec == VOID; 3412 } 3413 3414 static bool 3415 is_local_symbol(const tnode_t *tn) 3416 { 3417 3418 return tn->tn_op == LOAD && 3419 tn->u.ops.left->tn_op == NAME && 3420 tn->u.ops.left->u.sym->s_scl == AUTO; 3421 } 3422 3423 static bool 3424 is_int_constant_zero(const tnode_t *tn) 3425 { 3426 3427 return tn->tn_op == CON && 3428 tn->tn_type->t_tspec == INT && 3429 tn->u.value.u.integer == 0; 3430 } 3431 3432 static void 3433 check_null_effect(const tnode_t *tn) 3434 { 3435 3436 if (hflag && 3437 !has_side_effect(tn) && 3438 !(is_void_cast(tn) && is_local_symbol(tn->u.ops.left)) && 3439 !(is_void_cast(tn) && is_int_constant_zero(tn->u.ops.left))) { 3440 /* expression has null effect */ 3441 warning(129); 3442 } 3443 } 3444 3445 /* 3446 * Check the types for specific operators and type combinations. 3447 * 3448 * At this point, the operands already conform to the type requirements of 3449 * the operator, such as being integer, floating or scalar. 3450 */ 3451 static bool 3452 typeok_op(op_t op, const function_call *call, int arg, 3453 const tnode_t *ln, const type_t *ltp, tspec_t lt, 3454 const tnode_t *rn, const type_t *rtp, tspec_t rt) 3455 { 3456 switch (op) { 3457 case ARROW: 3458 return typeok_arrow(lt); 3459 case POINT: 3460 return typeok_point(ln, ltp, lt); 3461 case INCBEF: 3462 case DECBEF: 3463 case INCAFT: 3464 case DECAFT: 3465 return typeok_incdec(op, ln, ltp); 3466 case INDIR: 3467 return typeok_indir(ltp, lt); 3468 case ADDR: 3469 return typeok_address(op, ln, ltp, lt); 3470 case PLUS: 3471 return typeok_plus(op, ltp, lt, rtp, rt); 3472 case MINUS: 3473 return typeok_minus(op, ltp, lt, rtp, rt); 3474 case SHL: 3475 typeok_shl(ln, lt, rn, rt); 3476 goto shift; 3477 case SHR: 3478 typeok_shr(ln, lt, rn, rt); 3479 shift: 3480 typeok_shift(ln, lt, rn, rt); 3481 break; 3482 case LT: 3483 case LE: 3484 case GT: 3485 case GE: 3486 compare: 3487 return typeok_compare(op, ln, ltp, lt, rn, rtp, rt); 3488 case EQ: 3489 case NE: 3490 if (is_typeok_eq(ln, lt, rn, rt)) 3491 break; 3492 goto compare; 3493 case QUEST: 3494 return typeok_quest(lt, rn); 3495 case COLON: 3496 return typeok_colon(ln, ltp, lt, rn, rtp, rt); 3497 case ASSIGN: 3498 case INIT: 3499 case FARG: 3500 case RETURN: 3501 if (!check_assign_types_compatible(op, call, arg, ln, rn)) 3502 return false; 3503 goto assign; 3504 case MULASS: 3505 case DIVASS: 3506 case MODASS: 3507 goto assign; 3508 case ADDASS: 3509 case SUBASS: 3510 if ((lt == PTR && !is_integer(rt)) || rt == PTR) { 3511 warn_incompatible_types(op, ltp, lt, rtp, rt); 3512 return false; 3513 } 3514 goto assign; 3515 case SHLASS: 3516 goto assign; 3517 case SHRASS: 3518 if (pflag && !is_uinteger(lt) && 3519 !(!allow_c90 && is_uinteger(rt))) { 3520 /* bitwise '%s' on signed '%s' possibly nonportable */ 3521 warning(117, op_name(op), expr_type_name(rn)); 3522 } 3523 goto assign; 3524 case ANDASS: 3525 case XORASS: 3526 case ORASS: 3527 assign: 3528 return typeok_assign(op, ln, ltp, lt); 3529 case COMMA: 3530 if (!modtab[ln->tn_op].m_has_side_effect) 3531 check_null_effect(ln); 3532 break; 3533 default: 3534 break; 3535 } 3536 return true; 3537 } 3538 3539 static void 3540 check_bad_enum_operation(op_t op, const tnode_t *ln, const tnode_t *rn) 3541 { 3542 3543 if (!eflag) 3544 return; 3545 3546 /* Allow enum in array indices. */ 3547 if (op == PLUS && 3548 ((ln->tn_type->t_is_enum && rn->tn_type->t_tspec == PTR) || 3549 (rn->tn_type->t_is_enum && ln->tn_type->t_tspec == PTR))) { 3550 return; 3551 } 3552 3553 /* dubious operation '%s' on enum */ 3554 warning(241, op_name(op)); 3555 } 3556 3557 static void 3558 check_enum_type_mismatch(op_t op, int arg, const tnode_t *ln, const tnode_t *rn) 3559 { 3560 const mod_t *mp = &modtab[op]; 3561 3562 if (ln->tn_type->u.enumer != rn->tn_type->u.enumer) { 3563 switch (op) { 3564 case INIT: 3565 /* enum type mismatch between '%s' and '%s' in ... */ 3566 warning(210, 3567 type_name(ln->tn_type), type_name(rn->tn_type)); 3568 break; 3569 case FARG: 3570 /* function expects '%s', passing '%s' for arg #%d */ 3571 warning(156, 3572 type_name(ln->tn_type), type_name(rn->tn_type), 3573 arg); 3574 break; 3575 case RETURN: 3576 /* function has return type '%s' but returns '%s' */ 3577 warning(211, 3578 type_name(ln->tn_type), type_name(rn->tn_type)); 3579 break; 3580 default: 3581 /* enum type mismatch: '%s' '%s' '%s' */ 3582 warning(130, expr_type_name(before_conversion(ln)), 3583 op_name(op), 3584 expr_type_name(before_conversion(rn))); 3585 break; 3586 } 3587 } else if (Pflag && eflag && mp->m_comparison && op != EQ && op != NE) 3588 /* operator '%s' assumes that '%s' is ordered */ 3589 warning(243, op_name(op), type_name(ln->tn_type)); 3590 } 3591 3592 static void 3593 check_enum_int_mismatch(op_t op, int arg, const tnode_t *ln, const tnode_t *rn) 3594 { 3595 3596 if (!eflag) 3597 return; 3598 3599 switch (op) { 3600 case INIT: 3601 /* 3602 * Initialization with 0 is allowed. Otherwise, all implicit 3603 * initializations would need to be warned upon as well. 3604 */ 3605 if (!rn->tn_type->t_is_enum && rn->tn_op == CON && 3606 is_integer(rn->tn_type->t_tspec) && 3607 rn->u.value.u.integer == 0) { 3608 return; 3609 } 3610 /* initialization of '%s' with '%s' */ 3611 warning(277, type_name(ln->tn_type), expr_type_name(rn)); 3612 break; 3613 case FARG: 3614 /* combination of '%s' and '%s', arg #%d */ 3615 warning(278, 3616 type_name(ln->tn_type), expr_type_name(rn), arg); 3617 break; 3618 case RETURN: 3619 /* combination of '%s' and '%s' in return */ 3620 warning(279, type_name(ln->tn_type), expr_type_name(rn)); 3621 break; 3622 default: 3623 /* combination of '%s' and '%s', op '%s' */ 3624 warning(242, type_name(ln->tn_type), expr_type_name(rn), 3625 op_name(op)); 3626 break; 3627 } 3628 } 3629 3630 static void 3631 typeok_enum(op_t op, const mod_t *mp, int arg, 3632 const tnode_t *ln, const type_t *ltp, 3633 const tnode_t *rn, const type_t *rtp) 3634 { 3635 if (mp->m_bad_on_enum && 3636 (ltp->t_is_enum || (mp->m_binary && rtp->t_is_enum))) { 3637 check_bad_enum_operation(op, ln, rn); 3638 } else if (mp->m_valid_on_enum && 3639 (ltp->t_is_enum && rtp != NULL && rtp->t_is_enum)) { 3640 check_enum_type_mismatch(op, arg, ln, rn); 3641 } else if (mp->m_valid_on_enum && 3642 (ltp->t_is_enum || (rtp != NULL && rtp->t_is_enum))) { 3643 check_enum_int_mismatch(op, arg, ln, rn); 3644 } 3645 } 3646 3647 /* Perform most type checks. Return whether the types are ok. */ 3648 bool 3649 typeok(op_t op, const function_call *call, int arg, 3650 const tnode_t *ln, const tnode_t *rn) 3651 { 3652 3653 const mod_t *mp = &modtab[op]; 3654 3655 type_t *ltp = ln->tn_type; 3656 tspec_t lt = ltp->t_tspec; 3657 3658 type_t *rtp = mp->m_binary ? rn->tn_type : NULL; 3659 tspec_t rt = mp->m_binary ? rtp->t_tspec : NO_TSPEC; 3660 3661 if (Tflag && !typeok_scalar_strict_bool(op, mp, arg, ln, rn)) 3662 return false; 3663 if (!typeok_scalar(op, mp, ltp, lt, rtp, rt)) 3664 return false; 3665 3666 if (!typeok_op(op, call, arg, ln, ltp, lt, rn, rtp, rt)) 3667 return false; 3668 3669 typeok_enum(op, mp, arg, ln, ltp, rn, rtp); 3670 return true; 3671 } 3672 3673 /* In traditional C, keep unsigned and promote FLOAT to DOUBLE. */ 3674 static tspec_t 3675 promote_trad(tspec_t t) 3676 { 3677 3678 if (t == UCHAR || t == USHORT) 3679 return UINT; 3680 if (t == CHAR || t == SCHAR || t == SHORT) 3681 return INT; 3682 if (t == FLOAT) 3683 return DOUBLE; 3684 if (t == ENUM) 3685 return INT; 3686 return t; 3687 } 3688 3689 /* 3690 * C99 6.3.1.1p2 requires for types with lower rank than int that "If an int 3691 * can represent all the values of the original type, the value is converted 3692 * to an int; otherwise it is converted to an unsigned int", and that "All 3693 * other types are unchanged by the integer promotions". 3694 */ 3695 static tspec_t 3696 promote_c90(const tnode_t *tn, tspec_t t, bool farg) 3697 { 3698 if (tn->tn_type->t_bitfield) { 3699 unsigned int width = tn->tn_type->t_bit_field_width; 3700 unsigned int int_width = size_in_bits(INT); 3701 // XXX: What about _Bool bit-fields, since C99? 3702 if (width < int_width) 3703 return INT; 3704 if (width == int_width) 3705 return is_uinteger(t) ? UINT : INT; 3706 return t; 3707 } 3708 3709 if (t == CHAR || t == SCHAR) 3710 return INT; 3711 if (t == UCHAR) 3712 return size_in_bits(CHAR) < size_in_bits(INT) ? INT : UINT; 3713 if (t == SHORT) 3714 return INT; 3715 if (t == USHORT) 3716 return size_in_bits(SHORT) < size_in_bits(INT) ? INT : UINT; 3717 if (t == ENUM) 3718 return INT; 3719 if (farg && t == FLOAT) 3720 return DOUBLE; 3721 return t; 3722 } 3723 3724 /* 3725 * Performs the "integer promotions" (C99 6.3.1.1p2), which convert small 3726 * integer types to either int or unsigned int. 3727 * 3728 * If allow_c90 is unset or the operand is a function argument with no type 3729 * information (no prototype or variable # of args), converts float to double. 3730 */ 3731 tnode_t * 3732 promote(op_t op, bool farg, tnode_t *tn) 3733 { 3734 3735 const type_t *otp = tn->tn_type; 3736 tspec_t ot = otp->t_tspec; 3737 if (!is_arithmetic(ot)) 3738 return tn; 3739 3740 tspec_t nt = allow_c90 ? promote_c90(tn, ot, farg) : promote_trad(ot); 3741 if (nt == ot) 3742 return tn; 3743 3744 type_t *ntp = expr_dup_type(gettyp(nt)); 3745 ntp->t_tspec = nt; 3746 ntp->t_is_enum = otp->t_is_enum; 3747 if (ntp->t_is_enum) 3748 ntp->u.enumer = otp->u.enumer; 3749 return convert(op, 0, ntp, tn); 3750 } 3751 3752 static void 3753 check_lossy_floating_to_integer_conversion( 3754 op_t op, int arg, const type_t *tp, const tnode_t *tn) 3755 { 3756 long double x = tn->u.value.u.floating; 3757 long double oob = powl(2.0L, 3758 width_in_bits(tp) - (is_uinteger(tp->t_tspec) ? 0 : 1)); 3759 if (is_uinteger(tp->t_tspec) 3760 ? x >= 0.0L && x < oob && x == (uint64_t)x 3761 : x >= -oob && x < oob && x == (int64_t)x) 3762 return; 3763 if (op == FARG) 3764 /* lossy conversion of %Lg (%La) to '%s', arg #%d */ 3765 warning(380, x, x, type_name(tp), arg); 3766 else 3767 /* lossy conversion of %Lg (%La) to '%s' */ 3768 warning(381, x, x, type_name(tp)); 3769 } 3770 3771 static void 3772 convert_integer_from_floating( 3773 op_t op, int arg, const type_t *tp, const tnode_t *tn) 3774 { 3775 3776 if (op == CVT) 3777 /* cast from floating point '%s' to integer '%s' */ 3778 query_message(2, type_name(tn->tn_type), type_name(tp)); 3779 else 3780 /* implicit conversion from floating point '%s' to ... */ 3781 query_message(1, type_name(tn->tn_type), type_name(tp)); 3782 if (tn->tn_op == CON && op != CVT) 3783 check_lossy_floating_to_integer_conversion(op, arg, tp, tn); 3784 } 3785 3786 static bool 3787 should_warn_about_prototype_conversion(tspec_t nt, 3788 tspec_t ot, const tnode_t *ptn) 3789 { 3790 3791 if (nt == ot) 3792 return false; 3793 3794 if (nt == ENUM && ot == INT) 3795 return false; 3796 3797 if (is_floating(nt) != is_floating(ot) || 3798 portable_rank_cmp(nt, ot) != 0) { 3799 /* representation and/or width change */ 3800 if (!is_integer(ot)) 3801 return true; 3802 /* 3803 * XXX: Investigate whether this rule makes sense; see 3804 * tests/usr.bin/xlint/lint1/platform_long.c. 3805 */ 3806 return portable_rank_cmp(ot, INT) > 0; 3807 } 3808 3809 if (!hflag) 3810 return false; 3811 3812 /* 3813 * If the types differ only in sign and the argument has the same 3814 * representation in both types, print no warning. 3815 */ 3816 if (ptn->tn_op == CON && is_integer(nt) && 3817 signed_type(nt) == signed_type(ot) && 3818 !msb(ptn->u.value.u.integer, ot)) 3819 return false; 3820 3821 return true; 3822 } 3823 3824 /* 3825 * Warn if a prototype causes a type conversion that is different from what 3826 * would happen to the same argument in the absence of a prototype. This 3827 * check is intended for code that needs to stay compatible with pre-C90 C. 3828 * 3829 * Errors/warnings about invalid type combinations are already printed 3830 * in check_assign_types_compatible(). 3831 */ 3832 static void 3833 check_prototype_conversion(int arg, tspec_t nt, tspec_t ot, type_t *tp, 3834 tnode_t *tn) 3835 { 3836 3837 if (!is_arithmetic(nt) || !is_arithmetic(ot)) 3838 return; 3839 3840 /* 3841 * If the type of the formal parameter is char/short, a warning would 3842 * be useless, because functions declared the old style can't expect 3843 * char/short arguments. 3844 */ 3845 if (nt == CHAR || nt == SCHAR || nt == UCHAR || 3846 nt == SHORT || nt == USHORT) 3847 return; 3848 3849 tnode_t *ptn = promote(NOOP, true, tn); 3850 ot = ptn->tn_type->t_tspec; 3851 3852 if (should_warn_about_prototype_conversion(nt, ot, ptn)) { 3853 /* argument %d is converted from '%s' to '%s' ... */ 3854 warning(259, arg, expr_type_name(tn), type_name(tp)); 3855 } 3856 } 3857 3858 /* 3859 * When converting a large integer type to a small integer type, in some 3860 * cases the value of the actual expression is further restricted than the 3861 * type bounds, such as in (expr & 0xFF) or (expr % 100) or (expr >> 24). 3862 */ 3863 static bool 3864 can_represent(const type_t *tp, const tnode_t *tn) 3865 { 3866 uint64_t nmask = value_bits(width_in_bits(tp)); 3867 if (!is_uinteger(tp->t_tspec)) 3868 nmask >>= 1; 3869 3870 integer_constraints c = ic_expr(tn); 3871 if ((~c.bclr & ~nmask) == 0) 3872 return true; 3873 3874 integer_constraints tpc = ic_any(tp); 3875 if (is_uinteger(tp->t_tspec) 3876 ? tpc.umin <= c.umin && tpc.umax >= c.umax 3877 : tpc.smin <= c.smin && tpc.smax >= c.smax) 3878 return true; 3879 3880 debug_enter(); 3881 debug_step("type '%s' cannot represent:", type_name(tp)); 3882 debug_node(tn); 3883 debug_leave(); 3884 return false; 3885 } 3886 3887 static bool 3888 should_warn_about_integer_conversion(const type_t *ntp, tspec_t nt, 3889 const tnode_t *otn, tspec_t ot) 3890 { 3891 3892 // XXX: The portable_rank_cmp aims at portable mode, independent of the 3893 // current platform, while can_represent acts on the actual type sizes 3894 // from the current platform. This mix is inconsistent, but anything 3895 // else would make the exact conditions too complicated to grasp. 3896 if (aflag > 0 && portable_rank_cmp(nt, ot) < 0) { 3897 if (ot == LONG || ot == ULONG 3898 || ot == LLONG || ot == ULLONG 3899 || ot == INT128 || ot == UINT128 3900 || aflag > 1) 3901 return !can_represent(ntp, otn); 3902 } 3903 return false; 3904 } 3905 3906 static void 3907 convert_integer_from_integer(op_t op, int arg, tspec_t nt, tspec_t ot, 3908 type_t *tp, tnode_t *tn) 3909 { 3910 3911 if (tn->tn_op == CON) 3912 return; 3913 3914 if (op == CVT) 3915 return; 3916 3917 if (Pflag && pflag && aflag > 0 && 3918 portable_rank_cmp(nt, ot) > 0 && 3919 is_uinteger(nt) != is_uinteger(ot)) { 3920 if (op == FARG) 3921 /* conversion to '%s' may sign-extend ... */ 3922 warning(297, type_name(tp), arg); 3923 else 3924 /* conversion to '%s' may sign-extend ... */ 3925 warning(131, type_name(tp)); 3926 } 3927 3928 if (Pflag && portable_rank_cmp(nt, ot) > 0 && 3929 (tn->tn_op == PLUS || tn->tn_op == MINUS || tn->tn_op == MULT || 3930 tn->tn_op == SHL)) { 3931 /* suggest cast from '%s' to '%s' on op '%s' to ... */ 3932 warning(324, type_name(gettyp(ot)), type_name(tp), 3933 op_name(tn->tn_op)); 3934 } 3935 3936 if (should_warn_about_integer_conversion(tp, nt, tn, ot)) { 3937 if (op == FARG) 3938 /* conversion from '%s' to '%s' may lose ... */ 3939 warning(298, expr_type_name(tn), type_name(tp), arg); 3940 else 3941 /* conversion from '%s' to '%s' may lose accuracy */ 3942 warning(132, expr_type_name(tn), type_name(tp)); 3943 } 3944 3945 if (is_uinteger(nt) != is_uinteger(ot)) 3946 /* implicit conversion changes sign from '%s' to '%s' */ 3947 query_message(3, expr_type_name(tn), type_name(tp)); 3948 } 3949 3950 static void 3951 convert_integer_from_pointer(op_t op, tspec_t nt, type_t *tp, tnode_t *tn) 3952 { 3953 3954 if (tn->tn_op == CON) 3955 return; 3956 if (op != CVT) 3957 return; /* We already got an error. */ 3958 if (portable_rank_cmp(nt, PTR) >= 0) 3959 return; 3960 3961 if (pflag && size_in_bits(nt) >= size_in_bits(PTR)) { 3962 /* conversion of pointer to '%s' may lose bits */ 3963 warning(134, type_name(tp)); 3964 } else { 3965 /* conversion of pointer to '%s' loses bits */ 3966 warning(133, type_name(tp)); 3967 } 3968 } 3969 3970 static bool 3971 struct_starts_with(const type_t *struct_tp, const type_t *member_tp) 3972 { 3973 3974 return struct_tp->u.sou->sou_first_member != NULL && 3975 types_compatible(struct_tp->u.sou->sou_first_member->s_type, 3976 member_tp, true, false, NULL); 3977 } 3978 3979 static bool 3980 is_byte_array(const type_t *tp) 3981 { 3982 3983 return tp->t_tspec == ARRAY && 3984 (tp->t_subt->t_tspec == CHAR || tp->t_subt->t_tspec == UCHAR); 3985 } 3986 3987 static bool 3988 union_contains(const type_t *utp, const type_t *mtp) 3989 { 3990 for (const sym_t *mem = utp->u.sou->sou_first_member; 3991 mem != NULL; mem = mem->s_next) { 3992 if (types_compatible(mem->s_type, mtp, true, false, NULL)) 3993 return true; 3994 } 3995 return false; 3996 } 3997 3998 static bool 3999 should_warn_about_pointer_cast(const type_t *nstp, tspec_t nst, 4000 const type_t *ostp, tspec_t ost) 4001 { 4002 4003 while (nst == ARRAY) 4004 nstp = nstp->t_subt, nst = nstp->t_tspec; 4005 while (ost == ARRAY) 4006 ostp = ostp->t_subt, ost = ostp->t_tspec; 4007 4008 if (nst == STRUCT && ost == STRUCT && 4009 (struct_starts_with(nstp, ostp) || 4010 struct_starts_with(ostp, nstp))) 4011 return false; 4012 4013 if (is_incomplete(nstp) || is_incomplete(ostp)) 4014 return false; 4015 4016 if (nst == CHAR || nst == UCHAR) 4017 return false; /* for the sake of traditional C code */ 4018 if (ost == CHAR || ost == UCHAR) 4019 return false; /* for the sake of traditional C code */ 4020 4021 /* Allow cast between pointers to sockaddr variants. */ 4022 if (nst == STRUCT && ost == STRUCT) { 4023 const sym_t *nmem = nstp->u.sou->sou_first_member; 4024 const sym_t *omem = ostp->u.sou->sou_first_member; 4025 while (nmem != NULL && omem != NULL && 4026 types_compatible(nmem->s_type, omem->s_type, 4027 true, false, NULL)) 4028 nmem = nmem->s_next, omem = omem->s_next; 4029 if (nmem != NULL && is_byte_array(nmem->s_type)) 4030 return false; 4031 if (omem != NULL && is_byte_array(omem->s_type)) 4032 return false; 4033 if (nmem == NULL && omem == NULL) 4034 return false; 4035 } 4036 4037 if (nst == UNION || ost == UNION) { 4038 const type_t *union_tp = nst == UNION ? nstp : ostp; 4039 const type_t *other_tp = nst == UNION ? ostp : nstp; 4040 if (union_contains(union_tp, other_tp)) 4041 return false; 4042 } 4043 4044 if (is_struct_or_union(nst) && is_struct_or_union(ost)) 4045 return nstp->u.sou != ostp->u.sou; 4046 4047 enum rank_kind rk1 = type_properties(nst)->tt_rank_kind; 4048 enum rank_kind rk2 = type_properties(ost)->tt_rank_kind; 4049 if (rk1 != rk2 || rk1 == RK_NONE) 4050 return true; 4051 4052 return portable_rank_cmp(nst, ost) != 0; 4053 } 4054 4055 static void 4056 convert_pointer_from_pointer(type_t *ntp, tnode_t *tn) 4057 { 4058 const type_t *nstp = ntp->t_subt; 4059 const type_t *otp = tn->tn_type; 4060 const type_t *ostp = otp->t_subt; 4061 tspec_t nst = nstp->t_tspec; 4062 tspec_t ost = ostp->t_tspec; 4063 4064 if (nst == VOID || ost == VOID) { 4065 /* TODO: C99 behaves like C90 here. */ 4066 if (!allow_trad && !allow_c99 && (nst == FUNC || ost == FUNC)) { 4067 const char *nts, *ots; 4068 /* null pointers are already handled in convert() */ 4069 *(nst == FUNC ? &nts : &ots) = "function pointer"; 4070 *(nst == VOID ? &nts : &ots) = "'void *'"; 4071 /* conversion of %s to %s requires a cast */ 4072 warning(303, ots, nts); 4073 } 4074 return; 4075 } 4076 if (nst == FUNC && ost == FUNC) 4077 return; 4078 if (nst == FUNC || ost == FUNC) { 4079 /* converting '%s' to '%s' is questionable */ 4080 warning(229, type_name(otp), type_name(ntp)); 4081 return; 4082 } 4083 4084 if (hflag && alignment(nstp) > alignment(ostp) && 4085 !is_incomplete(ostp) && alignment(ostp) > 1 && 4086 !(nst == UNION && union_contains(nstp, ostp))) { 4087 /* converting '%s' to '%s' increases alignment ... */ 4088 warning(135, type_name(otp), type_name(ntp), 4089 alignment(ostp), alignment(nstp)); 4090 } 4091 4092 if (cflag && should_warn_about_pointer_cast(nstp, nst, ostp, ost)) { 4093 /* pointer cast from '%s' to unrelated '%s' */ 4094 warning(247, type_name(ostp), type_name(nstp)); 4095 } 4096 } 4097 4098 /* 4099 * Insert a conversion operator, which converts the type of the node 4100 * to another given type. 4101 * 4102 * Possible values for 'op': 4103 * CVT a cast-expression 4104 * binary integer promotion for one of the operands, or a usual 4105 * arithmetic conversion 4106 * binary plain or compound assignments to bit-fields 4107 * FARG 'arg' is the number of the parameter (used for warnings) 4108 * NOOP several other implicit conversions 4109 * ... 4110 */ 4111 tnode_t * 4112 convert(op_t op, int arg, type_t *tp, tnode_t *tn) 4113 { 4114 tspec_t nt = tp->t_tspec; 4115 tspec_t ot = tn->tn_type->t_tspec; 4116 4117 if (allow_trad && allow_c90 && op == FARG) 4118 check_prototype_conversion(arg, nt, ot, tp, tn); 4119 4120 if (nt == BOOL) { 4121 /* No further checks. */ 4122 4123 } else if (is_integer(nt)) { 4124 if (ot == BOOL) { 4125 /* No further checks. */ 4126 } else if (is_integer(ot)) 4127 convert_integer_from_integer(op, arg, nt, ot, tp, tn); 4128 else if (is_floating(ot)) 4129 convert_integer_from_floating(op, arg, tp, tn); 4130 else if (ot == PTR) 4131 convert_integer_from_pointer(op, nt, tp, tn); 4132 4133 } else if (is_floating(nt)) { 4134 if (is_integer(ot) && op != CVT) { 4135 /* implicit conversion from integer '%s' to ... */ 4136 query_message(19, 4137 type_name(tn->tn_type), type_name(tp)); 4138 } 4139 4140 } else if (nt == PTR) { 4141 if (is_null_pointer(tn)) { 4142 /* a null pointer may be assigned to any pointer. */ 4143 } else if (ot == PTR && op == CVT) 4144 convert_pointer_from_pointer(tp, tn); 4145 } 4146 4147 tnode_t *ntn = expr_alloc_tnode(); 4148 ntn->tn_op = CVT; 4149 ntn->tn_type = tp; 4150 ntn->tn_cast = op == CVT; 4151 ntn->tn_sys |= tn->tn_sys; 4152 ntn->u.ops.right = NULL; 4153 if (tn->tn_op != CON || nt == VOID) { 4154 ntn->u.ops.left = tn; 4155 } else { 4156 ntn->tn_op = CON; 4157 convert_constant(op, arg, ntn->tn_type, &ntn->u.value, 4158 &tn->u.value); 4159 } 4160 4161 return ntn; 4162 } 4163 4164 static void 4165 convert_constant_from_floating(op_t op, int arg, const type_t *ntp, 4166 tspec_t nt, val_t *nv, val_t *ov) 4167 { 4168 long double max = 0.0, min = 0.0; 4169 4170 switch (nt) { 4171 case CHAR: 4172 max = TARG_CHAR_MAX; min = TARG_CHAR_MIN; break; 4173 case UCHAR: 4174 max = TARG_UCHAR_MAX; min = 0; break; 4175 case SCHAR: 4176 max = TARG_SCHAR_MAX; min = TARG_SCHAR_MIN; break; 4177 case SHORT: 4178 max = TARG_SHRT_MAX; min = TARG_SHRT_MIN; break; 4179 case USHORT: 4180 max = TARG_USHRT_MAX; min = 0; break; 4181 case ENUM: 4182 case INT: 4183 max = TARG_INT_MAX; min = TARG_INT_MIN; break; 4184 case UINT: 4185 max = TARG_UINT_MAX; min = 0; break; 4186 case LONG: 4187 max = TARG_LONG_MAX; min = TARG_LONG_MIN; break; 4188 case ULONG: 4189 max = TARG_ULONG_MAX; min = 0; break; 4190 case LLONG: 4191 max = LLONG_MAX; min = LLONG_MIN; break; 4192 case ULLONG: 4193 max = ULLONG_MAX; min = 0; break; 4194 case FLOAT: 4195 case FCOMPLEX: 4196 max = FLT_MAX; min = -FLT_MAX; break; 4197 case DOUBLE: 4198 case DCOMPLEX: 4199 max = DBL_MAX; min = -DBL_MAX; break; 4200 case LDOUBLE: 4201 case LCOMPLEX: 4202 /* LINTED 248; see floating_error_value. */ 4203 max = LDBL_MAX; min = -max; break; 4204 default: 4205 lint_assert(false); 4206 } 4207 if (ov->u.floating > max || ov->u.floating < min) { 4208 lint_assert(nt != LDOUBLE); 4209 const char *ot_name = type_name(gettyp(ov->v_tspec)); 4210 const char *nt_name = type_name(ntp); 4211 if (is_integer(nt)) 4212 goto after_warning; 4213 if (op == FARG) 4214 /* conversion of '%s' to '%s' is out of range, ... */ 4215 warning(295, ot_name, nt_name, arg); 4216 else 4217 /* conversion of '%s' to '%s' is out of range */ 4218 warning(119, ot_name, nt_name); 4219 after_warning: 4220 ov->u.floating = ov->u.floating > 0 ? max : min; 4221 } 4222 4223 if (nt == FLOAT || nt == FCOMPLEX) 4224 nv->u.floating = (float)ov->u.floating; 4225 else if (nt == DOUBLE || nt == DCOMPLEX) 4226 nv->u.floating = (double)ov->u.floating; 4227 else if (nt == LDOUBLE || nt == LCOMPLEX) 4228 nv->u.floating = ov->u.floating; 4229 else 4230 nv->u.integer = (int64_t)ov->u.floating; 4231 } 4232 4233 static bool 4234 convert_constant_to_floating(tspec_t nt, val_t *nv, 4235 tspec_t ot, const val_t *v) 4236 { 4237 if (nt == FLOAT) { 4238 nv->u.floating = (ot == PTR || is_uinteger(ot)) ? 4239 (float)(uint64_t)v->u.integer : (float)v->u.integer; 4240 } else if (nt == DOUBLE) { 4241 nv->u.floating = (ot == PTR || is_uinteger(ot)) ? 4242 (double)(uint64_t)v->u.integer : (double)v->u.integer; 4243 } else if (nt == LDOUBLE) { 4244 nv->u.floating = (ot == PTR || is_uinteger(ot)) 4245 ? (long double)(uint64_t)v->u.integer 4246 : (long double)v->u.integer; 4247 } else 4248 return false; 4249 return true; 4250 } 4251 4252 static void 4253 warn_constant_truncated(op_t op, const val_t *v) 4254 { 4255 char buf[256]; 4256 bool is_unsigned = is_uinteger(v->v_tspec); 4257 int64_t val = v->u.integer; 4258 unsigned long long abs_val = is_unsigned || val >= 0 4259 ? (unsigned long long)val 4260 : -(unsigned long long)val; 4261 const char *sign = is_unsigned || val >= 0 ? "" : "-"; 4262 snprintf(buf, sizeof(buf), "%s%#llx", sign, abs_val); 4263 /* constant %s truncated by conversion, op '%s' */ 4264 warning(306, buf, op_name(op)); 4265 } 4266 4267 static void 4268 convert_constant_check_range_bitor(size_t nsz, size_t osz, const val_t *v, 4269 uint64_t xmask, op_t op) 4270 { 4271 if (nsz < osz && (v->u.integer & xmask) != 0) 4272 warn_constant_truncated(op, v); 4273 } 4274 4275 static void 4276 convert_constant_check_range_bitand(size_t nsz, size_t osz, 4277 uint64_t xmask, const val_t *nv, 4278 tspec_t ot, const val_t *v, 4279 const type_t *tp, op_t op) 4280 { 4281 if (nsz > osz && 4282 (nv->u.integer & bit((unsigned int)(osz - 1))) != 0 && 4283 (nv->u.integer & xmask) != xmask) { 4284 /* '%s' converts '%s' with its most significant bit being set to '%s' */ 4285 warning(309, 4286 op_name(op), type_name(gettyp(ot)), type_name(tp)); 4287 } else if (nsz < osz && 4288 (v->u.integer & xmask) != xmask && 4289 (v->u.integer & xmask) != 0) 4290 warn_constant_truncated(op, v); 4291 } 4292 4293 static void 4294 convert_constant_check_range_signed(op_t op, int arg, 4295 const type_t *ntp, int64_t ov) 4296 { 4297 if (op == ASSIGN) 4298 /* assignment of negative constant %lld to unsigned ... */ 4299 warning(164, (long long)ov, type_name(ntp)); 4300 else if (op == INIT) 4301 /* initialization of unsigned type '%s' with negative ... */ 4302 warning(221, type_name(ntp), (long long)ov); 4303 else if (op == FARG) 4304 /* conversion of negative constant %lld to unsigned ... */ 4305 warning(296, (long long)ov, type_name(ntp), arg); 4306 else if (modtab[op].m_comparison) { 4307 /* handled by check_integer_comparison() */ 4308 } else 4309 /* conversion of negative constant %lld to unsigned ... */ 4310 warning(222, (long long)ov, type_name(ntp)); 4311 } 4312 4313 /* 4314 * Loss of significant bit(s). All truncated bits of unsigned types or all 4315 * truncated bits plus the msb of the target for signed types are considered 4316 * to be significant bits. Loss of significant bits means that at least one 4317 * of the bits was set in an unsigned type or that at least one but not all 4318 * of the bits was set in a signed type. Loss of significant bits means that 4319 * it is not possible, also not with necessary casts, to convert back to the 4320 * original type. An example for a necessary cast is: 4321 * char c; int i; c = 128; 4322 * i = c; ** yields -128 ** 4323 * i = (unsigned char)c; ** yields 128 ** 4324 */ 4325 static void 4326 warn_constant_check_range_truncated(op_t op, int arg, const type_t *tp, 4327 tspec_t ot) 4328 { 4329 if (op == ASSIGN && tp->t_bitfield) 4330 /* precision lost in bit-field assignment */ 4331 warning(166); 4332 else if (op == ASSIGN) 4333 /* constant truncated by assignment */ 4334 warning(165); 4335 else if (op == INIT && tp->t_bitfield) 4336 /* bit-field initializer does not fit */ 4337 warning(180); 4338 else if (op == INIT) 4339 /* initializer does not fit */ 4340 warning(178); 4341 else if (op == CASE) 4342 /* case label is converted from '%s' to '%s' */ 4343 warning(196, tspec_name(ot), type_name(tp)); 4344 else if (op == FARG) 4345 /* conversion of '%s' to '%s' is out of range, arg #%d */ 4346 warning(295, type_name(gettyp(ot)), type_name(tp), arg); 4347 else 4348 /* conversion of '%s' to '%s' is out of range */ 4349 warning(119, type_name(gettyp(ot)), type_name(tp)); 4350 } 4351 4352 static void 4353 warn_constant_check_range_loss(op_t op, int arg, const type_t *tp, 4354 tspec_t ot) 4355 { 4356 if (op == ASSIGN && tp->t_bitfield) 4357 /* precision lost in bit-field assignment */ 4358 warning(166); 4359 else if (op == INIT && tp->t_bitfield) 4360 /* bit-field initializer out of range */ 4361 warning(11); 4362 else if (op == CASE) 4363 /* case label is converted from '%s' to '%s' */ 4364 warning(196, tspec_name(ot), type_name(tp)); 4365 else if (op == FARG) 4366 /* conversion of '%s' to '%s' is out of range, arg #%d */ 4367 warning(295, type_name(gettyp(ot)), type_name(tp), arg); 4368 else 4369 /* conversion of '%s' to '%s' is out of range */ 4370 warning(119, type_name(gettyp(ot)), type_name(tp)); 4371 } 4372 4373 static void 4374 convert_constant_check_range(tspec_t ot, const type_t *tp, tspec_t nt, 4375 op_t op, int arg, const val_t *v, val_t *nv) 4376 { 4377 unsigned int obitsz, nbitsz; 4378 uint64_t xmask, xmsk1; 4379 4380 obitsz = size_in_bits(ot); 4381 nbitsz = tp->t_bitfield ? tp->t_bit_field_width : size_in_bits(nt); 4382 xmask = value_bits(nbitsz) ^ value_bits(obitsz); 4383 xmsk1 = value_bits(nbitsz) ^ value_bits(obitsz - 1); 4384 if (op == ORASS || op == BITOR || op == BITXOR) { 4385 convert_constant_check_range_bitor( 4386 nbitsz, obitsz, v, xmask, op); 4387 } else if (op == ANDASS || op == BITAND) { 4388 convert_constant_check_range_bitand( 4389 nbitsz, obitsz, xmask, nv, ot, v, tp, op); 4390 } else if (nt != PTR && is_uinteger(nt) && 4391 ot != PTR && !is_uinteger(ot) && v->u.integer < 0) 4392 convert_constant_check_range_signed(op, arg, tp, v->u.integer); 4393 else if (nv->u.integer != v->u.integer && nbitsz <= obitsz && 4394 (v->u.integer & xmask) != 0 && 4395 (is_uinteger(ot) || (v->u.integer & xmsk1) != xmsk1)) 4396 warn_constant_check_range_truncated(op, arg, tp, ot); 4397 else if (nv->u.integer != v->u.integer) 4398 warn_constant_check_range_loss(op, arg, tp, ot); 4399 } 4400 4401 /* Converts a typed constant to a constant of another type. */ 4402 void 4403 convert_constant(op_t op, int arg, const type_t *ntp, val_t *nv, val_t *ov) 4404 { 4405 /* 4406 * TODO: make 'ov' const; the name of this function does not suggest 4407 * that it modifies 'ov'. 4408 */ 4409 tspec_t ot = ov->v_tspec; 4410 tspec_t nt = nv->v_tspec = ntp->t_tspec; 4411 bool range_check = false; 4412 4413 if (nt == BOOL) { /* C99 6.3.1.2 */ 4414 nv->v_unsigned_since_c90 = false; 4415 nv->u.integer = is_nonzero_val(ov) ? 1 : 0; 4416 return; 4417 } 4418 4419 if (ot == FLOAT || ot == DOUBLE || ot == LDOUBLE) 4420 convert_constant_from_floating(op, arg, ntp, nt, nv, ov); 4421 else if (!convert_constant_to_floating(nt, nv, ot, ov)) { 4422 range_check = true; /* Check for lost precision. */ 4423 nv->u.integer = ov->u.integer; 4424 } 4425 4426 if (allow_trad && allow_c90 && ov->v_unsigned_since_c90 && 4427 (is_floating(nt) || ( 4428 (is_integer(nt) && !is_uinteger(nt) && 4429 portable_rank_cmp(nt, ot) > 0)))) { 4430 /* C90 treats constant as unsigned */ 4431 warning(157); 4432 ov->v_unsigned_since_c90 = false; 4433 } 4434 4435 if (is_integer(nt)) { 4436 unsigned int size = ntp->t_bitfield 4437 ? ntp->t_bit_field_width : size_in_bits(nt); 4438 nv->u.integer = convert_integer(nv->u.integer, nt, size); 4439 } 4440 4441 if (range_check && op != CVT) 4442 convert_constant_check_range(ot, ntp, nt, op, arg, ov, nv); 4443 } 4444 4445 tnode_t * 4446 build_sizeof(const type_t *tp) 4447 { 4448 unsigned int size_in_bytes = type_size_in_bits(tp) / CHAR_SIZE; 4449 tnode_t *tn = build_integer_constant(SIZEOF_TSPEC, size_in_bytes); 4450 tn->tn_system_dependent = true; 4451 debug_step("build_sizeof '%s' = %u", type_name(tp), size_in_bytes); 4452 return tn; 4453 } 4454 4455 tnode_t * 4456 build_offsetof(const type_t *tp, designation dn) 4457 { 4458 unsigned int offset_in_bits = 0; 4459 4460 if (!is_struct_or_union(tp->t_tspec)) { 4461 /* unacceptable operand of '%s' */ 4462 error(111, "offsetof"); 4463 goto proceed; 4464 } 4465 for (size_t i = 0; i < dn.dn_len; i++) { 4466 const designator *dr = dn.dn_items + i; 4467 if (dr->dr_kind == DK_SUBSCRIPT) { 4468 if (tp->t_tspec != ARRAY) 4469 goto proceed; /* silent error */ 4470 tp = tp->t_subt; 4471 offset_in_bits += (unsigned)dr->dr_subscript 4472 * type_size_in_bits(tp); 4473 } else { 4474 if (!is_struct_or_union(tp->t_tspec)) 4475 goto proceed; /* silent error */ 4476 const char *name = dr->dr_member->s_name; 4477 sym_t *mem = find_member(tp->u.sou, name); 4478 if (mem == NULL) { 4479 /* type '%s' does not have member '%s' */ 4480 error(101, name, type_name(tp)); 4481 goto proceed; 4482 } 4483 tp = mem->s_type; 4484 offset_in_bits += mem->u.s_member.sm_offset_in_bits; 4485 } 4486 } 4487 free(dn.dn_items); 4488 4489 proceed:; 4490 unsigned int offset_in_bytes = offset_in_bits / CHAR_SIZE; 4491 tnode_t *tn = build_integer_constant(SIZEOF_TSPEC, offset_in_bytes); 4492 tn->tn_system_dependent = true; 4493 return tn; 4494 } 4495 4496 unsigned int 4497 type_size_in_bits(const type_t *tp) 4498 { 4499 4500 unsigned int elem = 1; 4501 bool flex = false; 4502 lint_assert(tp != NULL); 4503 while (tp->t_tspec == ARRAY) { 4504 flex = true; /* allow c99 flex arrays [] [0] */ 4505 elem *= tp->u.dimension; 4506 tp = tp->t_subt; 4507 } 4508 if (elem == 0 && !flex) { 4509 /* cannot take size/alignment of incomplete type */ 4510 error(143); 4511 elem = 1; 4512 } 4513 4514 unsigned int elsz; 4515 switch (tp->t_tspec) { 4516 case VOID: 4517 /* cannot take size/alignment of void */ 4518 error(146); 4519 elsz = 1; 4520 break; 4521 case FUNC: 4522 /* cannot take size/alignment of function type '%s' */ 4523 error(144, type_name(tp)); 4524 elsz = 1; 4525 break; 4526 case STRUCT: 4527 case UNION: 4528 if (is_incomplete(tp)) { 4529 /* cannot take size/alignment of incomplete type */ 4530 error(143); 4531 elsz = 1; 4532 } else 4533 elsz = tp->u.sou->sou_size_in_bits; 4534 break; 4535 case ENUM: 4536 if (is_incomplete(tp)) { 4537 /* cannot take size/alignment of incomplete type */ 4538 warning(143); 4539 } 4540 /* FALLTHROUGH */ 4541 default: 4542 if (tp->t_bitfield) 4543 /* cannot take size/alignment of bit-field */ 4544 error(145); 4545 elsz = size_in_bits(tp->t_tspec); 4546 lint_assert(elsz > 0); 4547 break; 4548 } 4549 4550 return elem * elsz; 4551 } 4552 4553 /* C11 6.5.3.4, GCC */ 4554 tnode_t * 4555 build_alignof(const type_t *tp) 4556 { 4557 if (tp->t_tspec == FUNC) { 4558 /* cannot take size/alignment of function type '%s' */ 4559 error(144, type_name(tp)); 4560 return NULL; 4561 } 4562 if (tp->t_tspec == VOID) { 4563 /* cannot take size/alignment of void */ 4564 error(146); 4565 return NULL; 4566 } 4567 if (is_incomplete(tp)) { 4568 /* cannot take size/alignment of incomplete type */ 4569 error(143); 4570 return NULL; 4571 } 4572 if (tp->t_bitfield) { 4573 /* cannot take size/alignment of bit-field */ 4574 error(145); 4575 return NULL; 4576 } 4577 return build_integer_constant(SIZEOF_TSPEC, (int64_t)alignment(tp)); 4578 } 4579 4580 static tnode_t * 4581 cast_to_union(tnode_t *otn, bool sys, type_t *ntp) 4582 { 4583 4584 if (!allow_gcc) { 4585 /* union cast is a GCC extension */ 4586 error(328); 4587 return NULL; 4588 } 4589 4590 for (const sym_t *m = ntp->u.sou->sou_first_member; 4591 m != NULL; m = m->s_next) { 4592 if (types_compatible(m->s_type, otn->tn_type, 4593 false, false, NULL)) { 4594 tnode_t *ntn = build_op(CVT, sys, ntp, otn, NULL); 4595 ntn->tn_cast = true; 4596 return ntn; 4597 } 4598 } 4599 4600 /* type '%s' is not a member of '%s' */ 4601 error(329, type_name(otn->tn_type), type_name(ntp)); 4602 return NULL; 4603 } 4604 4605 // In GCC mode, allow 'nullptr + offset' as a constant expression. 4606 static tnode_t * 4607 null_pointer_offset(tnode_t *tn) 4608 { 4609 uint64_t off = 0; 4610 const tnode_t *n = tn; 4611 while ((n->tn_op == PLUS || n->tn_op == MINUS) 4612 && is_integer(n->u.ops.right->tn_type->t_tspec)) { 4613 off += (uint64_t)n->u.ops.right->u.value.u.integer; 4614 n = n->u.ops.left; 4615 } 4616 if (n->tn_type->t_tspec == PTR 4617 && n->tn_op == ADDR 4618 && n->u.ops.left->tn_op == INDIR 4619 && n->u.ops.left->u.ops.left->tn_op == CON 4620 && n->u.ops.left->u.ops.left->tn_type->t_tspec == PTR) { 4621 off += (uint64_t)n->u.ops.left->u.ops.left->u.value.u.integer; 4622 return build_integer_constant(SIZEOF_TSPEC, (int64_t)off); 4623 } 4624 return tn; 4625 } 4626 4627 tnode_t * 4628 cast(tnode_t *tn, bool sys, type_t *tp) 4629 { 4630 4631 if (tn == NULL) 4632 return NULL; 4633 4634 tn = cconv(tn); 4635 4636 lint_assert(tp != NULL); 4637 tspec_t nt = tp->t_tspec; 4638 tspec_t ot = tn->tn_type->t_tspec; 4639 4640 if (nt == VOID) { 4641 /* 4642 * C90 6.3.4, C99 6.5.4p2 and C11 6.5.4p2 allow any type to be 4643 * cast to void. The only other allowed casts are from a 4644 * scalar type to a scalar type. 4645 */ 4646 } else if (nt == UNION) 4647 return cast_to_union(tn, sys, tp); 4648 else if (nt == STRUCT || nt == ARRAY || nt == FUNC) { 4649 /* Casting to a struct is an undocumented GCC extension. */ 4650 if (!(allow_gcc && nt == STRUCT)) 4651 goto invalid_cast; 4652 } else if (is_struct_or_union(ot)) 4653 goto invalid_cast; 4654 else if (ot == VOID) { 4655 /* improper cast of void expression */ 4656 error(148); 4657 return NULL; 4658 } else if (is_integer(nt) && is_scalar(ot)) { 4659 tn = null_pointer_offset(tn); 4660 } else if (is_floating(nt) && is_arithmetic(ot)) { 4661 /* ok */ 4662 } else if (nt == PTR && is_integer(ot)) { 4663 /* ok */ 4664 } else if (nt == PTR && ot == PTR) { 4665 if (!tp->t_subt->t_const && tn->tn_type->t_subt->t_const) { 4666 if (hflag) 4667 /* cast discards 'const' from type '%s' */ 4668 warning(275, type_name(tn->tn_type)); 4669 } 4670 } else 4671 goto invalid_cast; 4672 4673 if (any_query_enabled 4674 && types_compatible(tp, tn->tn_type, false, false, NULL)) 4675 /* no-op cast from '%s' to '%s' */ 4676 query_message(6, expr_type_name(tn), type_name(tp)); 4677 4678 tn = convert(CVT, 0, tp, tn); 4679 tn->tn_cast = true; 4680 tn->tn_sys = sys; 4681 4682 return tn; 4683 4684 invalid_cast: 4685 /* invalid cast from '%s' to '%s' */ 4686 error(147, expr_type_name(tn), type_name(tp)); 4687 return NULL; 4688 } 4689 4690 void 4691 add_function_argument(function_call *call, tnode_t *arg) 4692 { 4693 /* 4694 * If there was a serious error in the expression for the argument, 4695 * create a dummy argument so the positions of the remaining arguments 4696 * will not change. 4697 */ 4698 if (arg == NULL) 4699 arg = build_integer_constant(INT, 0); 4700 4701 if (call->args_len >= call->args_cap) { 4702 call->args_cap += 8; 4703 tnode_t **new_args = expr_zero_alloc( 4704 call->args_cap * sizeof(*call->args), "tnode*[]"); 4705 if (call->args_len > 0) 4706 memcpy(new_args, call->args, 4707 call->args_len * sizeof(*call->args)); 4708 call->args = new_args; 4709 } 4710 call->args[call->args_len++] = arg; 4711 } 4712 4713 /* 4714 * Compare the type of an argument with the corresponding type of a 4715 * prototype parameter. If it is a valid combination, but both types 4716 * are not the same, insert a conversion to convert the argument into 4717 * the type of the parameter. 4718 */ 4719 static tnode_t * 4720 convert_prototype_argument(const function_call *call, int arg, 4721 type_t *tp, tnode_t *tn) 4722 { 4723 tnode_t *ln = xcalloc(1, sizeof(*ln)); 4724 ln->tn_type = expr_unqualified_type(tp); 4725 ln->tn_lvalue = true; 4726 if (typeok(FARG, call, arg, ln, tn)) { 4727 bool dowarn; 4728 if (!types_compatible(tp, tn->tn_type, 4729 true, false, (dowarn = false, &dowarn)) || dowarn) 4730 tn = convert(FARG, arg, tp, tn); 4731 } 4732 free(ln); 4733 return tn; 4734 } 4735 4736 static void 4737 convert_function_arguments(const function_call *call) 4738 { 4739 type_t *ftp = call->func->tn_type->t_subt; 4740 4741 int npar = 0; 4742 for (const sym_t *p = ftp->u.params; p != NULL; p = p->s_next) 4743 npar++; 4744 4745 int narg = (int)call->args_len; 4746 4747 const sym_t *param = ftp->u.params; 4748 if (ftp->t_proto && npar != narg && !(ftp->t_vararg && npar < narg)) { 4749 /* argument mismatch: %d %s passed, %d expected */ 4750 error(150, narg, narg != 1 ? "arguments" : "argument", npar); 4751 param = NULL; 4752 } 4753 4754 for (int i = 0; i < narg; i++) { 4755 tnode_t *arg = call->args[i]; 4756 4757 tspec_t at = arg->tn_type->t_tspec; 4758 if (at == VOID) { 4759 /* void expressions may not be arguments, arg #%d */ 4760 error(151, i + 1); 4761 return; 4762 } 4763 if (is_struct_or_union(at) && is_incomplete(arg->tn_type)) { 4764 /* argument cannot have unknown size, arg #%d */ 4765 error(152, i + 1); 4766 return; 4767 } 4768 if (is_integer(at) && 4769 arg->tn_type->t_is_enum && 4770 is_incomplete(arg->tn_type)) { 4771 /* argument cannot have unknown size, arg #%d */ 4772 warning(152, i + 1); 4773 } 4774 4775 arg = cconv(arg); 4776 call->args[i] = arg; 4777 4778 arg = param != NULL 4779 ? convert_prototype_argument(call, 4780 i + 1, param->s_type, arg) 4781 : promote(NOOP, true, arg); 4782 call->args[i] = arg; 4783 4784 if (param != NULL) 4785 param = param->s_next; 4786 } 4787 } 4788 4789 static bool 4790 is_gcc_generic_atomic(const char *name) 4791 { 4792 // https://gcc.gnu.org/onlinedocs/gcc/_005f_005fatomic-Builtins.html 4793 return strcmp(name, "__atomic_load_n") == 0 4794 || strcmp(name, "__atomic_exchange_n") == 0 4795 || strcmp(name, "__atomic_add_fetch") == 0 4796 || strcmp(name, "__atomic_sub_fetch") == 0 4797 || strcmp(name, "__atomic_and_fetch") == 0 4798 || strcmp(name, "__atomic_xor_fetch") == 0 4799 || strcmp(name, "__atomic_or_fetch") == 0 4800 || strcmp(name, "__atomic_nand_fetch") == 0 4801 || strcmp(name, "__atomic_fetch_add") == 0 4802 || strcmp(name, "__atomic_fetch_sub") == 0 4803 || strcmp(name, "__atomic_fetch_and") == 0 4804 || strcmp(name, "__atomic_fetch_xor") == 0 4805 || strcmp(name, "__atomic_fetch_or") == 0 4806 || strcmp(name, "__atomic_fetch_nand") == 0; 4807 } 4808 4809 static type_t * 4810 return_type(const function_call *call) 4811 { 4812 const tnode_t *func = call->func; 4813 if (allow_gcc 4814 && func->tn_op == ADDR 4815 && func->u.ops.left->tn_op == NAME 4816 && is_gcc_generic_atomic(func->u.ops.left->u.sym->s_name) 4817 && call->args_len > 0 4818 && call->args[0]->tn_type->t_tspec == PTR) 4819 return call->args[0]->tn_type->t_subt; 4820 return func->tn_type->t_subt->t_subt; 4821 } 4822 4823 tnode_t * 4824 build_function_call(tnode_t *func, bool sys, function_call *call) 4825 { 4826 4827 if (func == NULL) 4828 return NULL; 4829 4830 call->func = func; 4831 check_ctype_function_call(call); 4832 4833 func = cconv(func); 4834 call->func = func; 4835 4836 if (func->tn_type->t_tspec != PTR || 4837 func->tn_type->t_subt->t_tspec != FUNC) { 4838 /* cannot call '%s', must be a function */ 4839 error(149, expr_type_name(func)); 4840 return NULL; 4841 } 4842 4843 convert_function_arguments(call); 4844 4845 tnode_t *ntn = expr_alloc_tnode(); 4846 ntn->tn_op = CALL; 4847 ntn->tn_type = return_type(call); 4848 ntn->tn_sys = sys; 4849 ntn->u.call = call; 4850 return ntn; 4851 } 4852 4853 /* 4854 * Return the value of an integral constant expression. 4855 * If the expression is not constant or its type is not an integer 4856 * type, an error message is printed. 4857 */ 4858 val_t * 4859 integer_constant(tnode_t *tn, bool required) 4860 { 4861 4862 if (tn != NULL) 4863 tn = cconv(tn); 4864 if (tn != NULL) 4865 tn = promote(NOOP, false, tn); 4866 4867 val_t *v = xcalloc(1, sizeof(*v)); 4868 4869 if (tn == NULL) { 4870 lint_assert(seen_error); 4871 debug_step("constant node is null; returning 1 instead"); 4872 v->v_tspec = INT; 4873 v->u.integer = 1; 4874 return v; 4875 } 4876 4877 v->v_tspec = tn->tn_type->t_tspec; 4878 4879 if (tn->tn_op == CON) { 4880 lint_assert(tn->tn_type->t_tspec == tn->u.value.v_tspec); 4881 if (is_integer(tn->u.value.v_tspec)) { 4882 v->v_unsigned_since_c90 = 4883 tn->u.value.v_unsigned_since_c90; 4884 v->u.integer = tn->u.value.u.integer; 4885 return v; 4886 } 4887 v->u.integer = (int64_t)tn->u.value.u.floating; 4888 } else 4889 v->u.integer = 1; 4890 4891 if (required) 4892 /* integral constant expression expected */ 4893 error(55); 4894 else 4895 /* variable array dimension is a C99/GCC extension */ 4896 c99ism(318); 4897 4898 if (!is_integer(v->v_tspec)) 4899 v->v_tspec = INT; 4900 4901 return v; 4902 } 4903 4904 /* 4905 * Perform some tests on expressions which can't be done in build_binary() 4906 * and functions called by build_binary(). These tests must be done here 4907 * because we need some information about the context in which the operations 4908 * are performed. 4909 * After all tests are performed, if free_expr is true, expr() frees the 4910 * memory for the expression. 4911 */ 4912 void 4913 expr(tnode_t *tn, bool used, bool cond, bool free_expr, bool is_do_while, 4914 const char *stmt_kind) 4915 { 4916 4917 if (tn == NULL) { /* in case of errors */ 4918 expr_free_all(); 4919 return; 4920 } 4921 4922 /* expr() is also called in global initializations */ 4923 if (dcs->d_kind != DLK_EXTERN && !is_do_while) 4924 check_statement_reachable(stmt_kind); 4925 4926 check_expr_misc(tn, used, cond, !cond, false, false, false); 4927 if (tn->tn_op == ASSIGN && !tn->tn_parenthesized) { 4928 if (hflag && cond) 4929 /* assignment in conditional context */ 4930 warning(159); 4931 } 4932 if (!modtab[tn->tn_op].m_has_side_effect) { 4933 /* 4934 * for left operands of COMMA this warning is already printed 4935 */ 4936 if (tn->tn_op != COMMA && !used && !cond) 4937 check_null_effect(tn); 4938 } 4939 debug_node(tn); 4940 4941 if (free_expr) 4942 expr_free_all(); 4943 } 4944 4945 /* If the expression has the form '*(arr + idx)', check the array index. */ 4946 static void 4947 check_array_index(const tnode_t *indir, bool taking_address) 4948 { 4949 const tnode_t *plus, *arr, *idx; 4950 4951 if (indir->tn_op == INDIR 4952 && (plus = indir->u.ops.left, plus->tn_op == PLUS) 4953 && plus->u.ops.left->tn_op == ADDR 4954 && (arr = plus->u.ops.left->u.ops.left, true) 4955 && (arr->tn_op == STRING || arr->tn_op == NAME) 4956 && arr->tn_type->t_tspec == ARRAY 4957 && (idx = plus->u.ops.right, idx->tn_op == CON) 4958 && (!is_incomplete(arr->tn_type) || idx->u.value.u.integer < 0)) 4959 goto proceed; 4960 return; 4961 4962 proceed:; 4963 int elsz = length_in_bits(arr->tn_type->t_subt, NULL); 4964 if (elsz == 0) 4965 return; 4966 elsz /= CHAR_SIZE; 4967 4968 /* Change the unit of the index from bytes to element size. */ 4969 int64_t con = is_uinteger(idx->tn_type->t_tspec) 4970 ? (int64_t)((uint64_t)idx->u.value.u.integer / elsz) 4971 : idx->u.value.u.integer / elsz; 4972 4973 int dim = arr->tn_type->u.dimension + (taking_address ? 1 : 0); 4974 4975 if (!is_uinteger(idx->tn_type->t_tspec) && con < 0) 4976 /* array subscript %jd cannot be negative */ 4977 warning(167, (intmax_t)con); 4978 else if (dim > 0 && (uint64_t)con >= (uint64_t)dim) 4979 /* array subscript %ju cannot be > %d */ 4980 warning(168, (uintmax_t)con, dim - 1); 4981 } 4982 4983 static void 4984 check_expr_addr(const tnode_t *ln, bool szof, bool fcall) 4985 { 4986 /* XXX: Taking warn_about_unreachable into account here feels wrong. */ 4987 if (ln->tn_op == NAME && (reached || !warn_about_unreachable)) { 4988 if (!szof) 4989 mark_as_set(ln->u.sym); 4990 mark_as_used(ln->u.sym, fcall, szof); 4991 } 4992 check_array_index(ln, true); 4993 } 4994 4995 /* 4996 * If there is an asm statement in one of the compound statements around, 4997 * there may be other side effects, so don't warn. 4998 */ 4999 static bool 5000 is_asm_around(void) 5001 { 5002 for (decl_level *dl = dcs; dl != NULL; dl = dl->d_enclosing) 5003 if (dl->d_asm) 5004 return true; 5005 return false; 5006 } 5007 5008 static void 5009 check_expr_side_effect(const tnode_t *ln, bool szof) 5010 { 5011 5012 /* XXX: Taking warn_about_unreachable into account here feels wrong. */ 5013 if (ln->tn_op == NAME && (reached || !warn_about_unreachable)) { 5014 scl_t sc = ln->u.sym->s_scl; 5015 if (sc != EXTERN && sc != STATIC && 5016 !ln->u.sym->s_set && !szof && !is_asm_around()) { 5017 /* '%s' may be used before set */ 5018 warning(158, ln->u.sym->s_name); 5019 mark_as_set(ln->u.sym); 5020 } 5021 mark_as_used(ln->u.sym, false, false); 5022 } 5023 } 5024 5025 static void 5026 check_expr_assign(const tnode_t *ln, bool szof) 5027 { 5028 /* XXX: Taking warn_about_unreachable into account here feels wrong. */ 5029 if (ln->tn_op == NAME && !szof && (reached || !warn_about_unreachable)) { 5030 mark_as_set(ln->u.sym); 5031 if (ln->u.sym->s_scl == EXTERN) 5032 outusg(ln->u.sym); 5033 } 5034 check_array_index(ln, false); 5035 } 5036 5037 static void 5038 check_expr_call(const tnode_t *tn, const tnode_t *ln, 5039 bool szof, bool vctx, bool cond, bool retval_discarded) 5040 { 5041 lint_assert(ln->tn_op == ADDR); 5042 lint_assert(ln->u.ops.left->tn_op == NAME); 5043 if (!szof && !is_compiler_builtin(ln->u.ops.left->u.sym->s_name)) 5044 outcall(tn, vctx || cond, retval_discarded); 5045 5046 const function_call *call = tn->u.call; 5047 if (call->args_len == 4 || call->args_len == 5) 5048 check_snprintb(call); 5049 } 5050 5051 static void 5052 check_expr_op(op_t op, const tnode_t *ln, bool szof, bool fcall, bool eqwarn) 5053 { 5054 switch (op) { 5055 case ADDR: 5056 check_expr_addr(ln, szof, fcall); 5057 break; 5058 case LOAD: 5059 check_array_index(ln, false); 5060 /* FALLTHROUGH */ 5061 case INCBEF: 5062 case DECBEF: 5063 case INCAFT: 5064 case DECAFT: 5065 case ADDASS: 5066 case SUBASS: 5067 case MULASS: 5068 case DIVASS: 5069 case MODASS: 5070 case ANDASS: 5071 case ORASS: 5072 case XORASS: 5073 case SHLASS: 5074 case SHRASS: 5075 case REAL: 5076 case IMAG: 5077 check_expr_side_effect(ln, szof); 5078 break; 5079 case ASSIGN: 5080 check_expr_assign(ln, szof); 5081 break; 5082 case EQ: 5083 if (hflag && eqwarn) 5084 /* operator '==' found where '=' was expected */ 5085 warning(160); 5086 break; 5087 default: 5088 break; 5089 } 5090 } 5091 5092 /* 5093 * vctx ??? 5094 * cond whether the expression is a condition that 5095 * will be compared with 0 5096 * eqwarn whether the operator '==' might be a 5097 * misspelled '=' 5098 * fcall whether the expression is a function call 5099 * retval_discarded whether the return value of a function call 5100 * is discarded; such calls will be analyzed by 5101 * lint2 in messages 4, 8 and 9 5102 * szof whether the expression is part of a sizeof 5103 * expression, which means that its value is 5104 * discarded since only the type is relevant 5105 */ 5106 void 5107 check_expr_misc(const tnode_t *tn, bool vctx, bool cond, 5108 bool eqwarn, bool fcall, bool retval_discarded, bool szof) 5109 { 5110 5111 if (tn == NULL) 5112 return; 5113 op_t op = tn->tn_op; 5114 if (op == NAME || op == CON || op == STRING) 5115 return; 5116 bool is_direct = op == CALL 5117 && tn->u.call->func->tn_op == ADDR 5118 && tn->u.call->func->u.ops.left->tn_op == NAME; 5119 if (op == CALL) { 5120 const function_call *call = tn->u.call; 5121 if (is_direct) 5122 check_expr_call(tn, call->func, 5123 szof, vctx, cond, retval_discarded); 5124 bool discard = op == CVT && tn->tn_type->t_tspec == VOID; 5125 check_expr_misc(call->func, false, false, false, is_direct, 5126 discard, szof); 5127 for (size_t i = 0, n = call->args_len; i < n; i++) 5128 check_expr_misc(call->args[i], 5129 true, false, false, false, false, szof); 5130 return; 5131 } 5132 5133 lint_assert(has_operands(tn)); 5134 tnode_t *ln = tn->u.ops.left; 5135 tnode_t *rn = tn->u.ops.right; 5136 check_expr_op(op, ln, szof, fcall, eqwarn); 5137 5138 const mod_t *mp = &modtab[op]; 5139 bool cvctx = mp->m_value_context; 5140 bool ccond = mp->m_compares_with_zero; 5141 bool eq = mp->m_warn_if_operand_eq && 5142 !ln->tn_parenthesized && 5143 rn != NULL && !rn->tn_parenthesized; 5144 5145 /* 5146 * Values of operands of ':' are not used if the type of at least 5147 * one of the operands (for GCC compatibility) is 'void'. 5148 * 5149 * XXX test/value context of QUEST should probably be used as 5150 * context for both operands of COLON. 5151 */ 5152 if (op == COLON && tn->tn_type->t_tspec == VOID) 5153 cvctx = ccond = false; 5154 bool discard = op == CVT && tn->tn_type->t_tspec == VOID; 5155 check_expr_misc(ln, cvctx, ccond, eq, is_direct, discard, szof); 5156 5157 switch (op) { 5158 case LOGAND: 5159 case LOGOR: 5160 check_expr_misc(rn, false, true, eq, false, false, szof); 5161 break; 5162 case COLON: 5163 check_expr_misc(rn, cvctx, ccond, eq, false, false, szof); 5164 break; 5165 case COMMA: 5166 check_expr_misc(rn, vctx, cond, false, false, false, szof); 5167 break; 5168 default: 5169 if (mp->m_binary) 5170 check_expr_misc(rn, true, false, eq, false, false, 5171 szof); 5172 break; 5173 } 5174 } 5175 5176 /* 5177 * Return whether the expression can be used for static initialization. 5178 * 5179 * Constant initialization expressions must be constant or an address 5180 * of a static object with an optional offset. In the first case, 5181 * the result is returned in *offsp. In the second case, the static 5182 * object is returned in *symp and the offset in *offsp. 5183 * 5184 * The expression can consist of PLUS, MINUS, ADDR, NAME, STRING and 5185 * CON. Type conversions are allowed if they do not change binary 5186 * representation (including width). 5187 * 5188 * C99 6.6 "Constant expressions" 5189 * C99 6.7.8p4 restricts initializers for static storage duration 5190 */ 5191 bool 5192 constant_addr(const tnode_t *tn, const sym_t **symp, ptrdiff_t *offsp) 5193 { 5194 const sym_t *sym; 5195 ptrdiff_t offs1, offs2; 5196 tspec_t t, ot; 5197 5198 switch (tn->tn_op) { 5199 case MINUS: 5200 if (tn->u.ops.right->tn_op == CVT) 5201 return constant_addr(tn->u.ops.right, symp, offsp); 5202 if (tn->u.ops.right->tn_op != CON) 5203 return false; 5204 /* FALLTHROUGH */ 5205 case PLUS: 5206 offs1 = offs2 = 0; 5207 if (tn->u.ops.left->tn_op == CON) { 5208 offs1 = (ptrdiff_t)tn->u.ops.left->u.value.u.integer; 5209 if (!constant_addr(tn->u.ops.right, &sym, &offs2)) 5210 return false; 5211 } else if (tn->u.ops.right->tn_op == CON) { 5212 offs2 = (ptrdiff_t)tn->u.ops.right->u.value.u.integer; 5213 if (tn->tn_op == MINUS) 5214 offs2 = -offs2; 5215 if (!constant_addr(tn->u.ops.left, &sym, &offs1)) 5216 return false; 5217 } else { 5218 return false; 5219 } 5220 *symp = sym; 5221 *offsp = offs1 + offs2; 5222 return true; 5223 case ADDR: 5224 if (tn->u.ops.left->tn_op == NAME) { 5225 *symp = tn->u.ops.left->u.sym; 5226 *offsp = 0; 5227 return true; 5228 } 5229 *symp = NULL; 5230 *offsp = 0; 5231 return true; 5232 case CVT: 5233 t = tn->tn_type->t_tspec; 5234 ot = tn->u.ops.left->tn_type->t_tspec; 5235 if ((!is_integer(t) && t != PTR) || 5236 (!is_integer(ot) && ot != PTR)) { 5237 return false; 5238 } 5239 #if 0 5240 /*- 5241 * consider: 5242 * struct foo { 5243 * unsigned char a; 5244 * } f = { 5245 * (unsigned char)(unsigned long) 5246 * (&(((struct foo *)0)->a)) 5247 * }; 5248 * since psize(unsigned long) != psize(unsigned char), 5249 * this fails. 5250 */ 5251 else if (psize(t) != psize(ot)) 5252 return -1; 5253 #endif 5254 return constant_addr(tn->u.ops.left, symp, offsp); 5255 default: 5256 return false; 5257 } 5258 } 5259 5260 /* Append s2 to s1, then free s2. */ 5261 buffer * 5262 cat_strings(buffer *s1, buffer *s2) 5263 { 5264 5265 if ((s1->data != NULL) != (s2->data != NULL)) { 5266 /* cannot concatenate wide and regular string literals */ 5267 error(292); 5268 return s1; 5269 } 5270 5271 if (s1->data != NULL) { 5272 while (s1->len + s2->len + 1 > s1->cap) 5273 s1->cap *= 2; 5274 s1->data = xrealloc(s1->data, s1->cap); 5275 memcpy(s1->data + s1->len, s2->data, s2->len + 1); 5276 free(s2->data); 5277 } 5278 s1->len += s2->len; 5279 free(s2); 5280 5281 return s1; 5282 } 5283 5284 5285 typedef struct stmt_expr { 5286 memory_pool se_mem; 5287 sym_t *se_sym; 5288 struct stmt_expr *se_enclosing; 5289 } stmt_expr; 5290 5291 static stmt_expr *stmt_exprs; 5292 5293 void 5294 begin_statement_expr(void) 5295 { 5296 debug_enter(); 5297 5298 stmt_expr *se = xmalloc(sizeof(*se)); 5299 se->se_mem = expr_save_memory(); 5300 se->se_sym = NULL; 5301 se->se_enclosing = stmt_exprs; 5302 stmt_exprs = se; 5303 } 5304 5305 void 5306 do_statement_expr(tnode_t *tn) 5307 { 5308 block_level--; 5309 mem_block_level--; 5310 stmt_exprs->se_sym = tn != NULL 5311 ? mktempsym(block_dup_type(tn->tn_type)) 5312 : NULL; /* after a syntax error */ 5313 mem_block_level++; 5314 block_level++; 5315 /* '({ ... })' is a GCC extension */ 5316 gnuism(320); 5317 } 5318 5319 tnode_t * 5320 end_statement_expr(void) 5321 { 5322 tnode_t *tn; 5323 5324 stmt_expr *se = stmt_exprs; 5325 if (se->se_sym == NULL) { 5326 tn = NULL; /* after a syntax error */ 5327 goto end; 5328 } 5329 5330 tn = build_name(se->se_sym, false); 5331 (void)expr_save_memory(); /* leak */ 5332 expr_restore_memory(se->se_mem); 5333 stmt_exprs = se->se_enclosing; 5334 free(se); 5335 5336 end: 5337 debug_leave(); 5338 return tn; 5339 } 5340 5341 bool 5342 in_statement_expr(void) 5343 { 5344 return stmt_exprs != NULL; 5345 } 5346
Indexes created Tue Jun 23 00:25:03 UTC 2026