1 /* $NetBSD: tree.c,v 1.695 2025/09/17 19:25:22 rillig Exp $ */ 2 3 /* 4 * Copyright (c) 1994, 1995 Jochen Pohl 5 * All Rights Reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by Jochen Pohl for 18 * The NetBSD Project. 19 * 4. The name of the author may not be used to endorse or promote products 20 * derived from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34 #if HAVE_NBTOOL_CONFIG_H 35 #include "nbtool_config.h" 36 #endif 37 38 #include <sys/cdefs.h> 39 #if defined(__RCSID) 40 __RCSID("$NetBSD: tree.c,v 1.695 2025/09/17 19:25:22 rillig Exp $"); 41 #endif 42 43 #include <float.h> 44 #include <limits.h> 45 #include <math.h> 46 #include <signal.h> 47 #include <stdlib.h> 48 #include <string.h> 49 50 #include "lint1.h" 51 52 53 typedef struct integer_constraints { 54 int64_t smin; /* signed minimum */ 55 int64_t smax; /* signed maximum */ 56 uint64_t umin; /* unsigned minimum */ 57 uint64_t umax; /* unsigned maximum */ 58 uint64_t bclr; /* bits that are definitely clear */ 59 } integer_constraints; 60 61 62 static int64_t 63 s64_min(int64_t a, int64_t b) 64 { 65 return a < b ? a : b; 66 } 67 68 static int64_t 69 s64_max(int64_t a, int64_t b) 70 { 71 return a > b ? a : b; 72 } 73 74 static uint64_t 75 s64_abs(int64_t x) 76 { 77 return x >= 0 ? (uint64_t)x : -(uint64_t)x; 78 } 79 80 static int64_t 81 s64_shr(int64_t x, unsigned amount) 82 { 83 return x >= 0 84 ? (int64_t)((uint64_t)x >> amount) 85 : (int64_t)~(~(uint64_t)x >> amount); 86 } 87 88 static uint64_t 89 u64_min(uint64_t a, uint64_t b) 90 { 91 return a < b ? a : b; 92 } 93 94 static uint64_t 95 u64_max(uint64_t a, uint64_t b) 96 { 97 return a > b ? a : b; 98 } 99 100 static uint64_t 101 u64_fill_right(uint64_t x) 102 { 103 x |= x >> 1; 104 x |= x >> 2; 105 x |= x >> 4; 106 x |= x >> 8; 107 x |= x >> 16; 108 x |= x >> 32; 109 return x; 110 } 111 112 static unsigned 113 u64_width(uint64_t x) 114 { 115 unsigned m = 0; 116 if (x >> 32 != 0) 117 x >>= 32, m += 32; 118 if (x >> 16 != 0) 119 x >>= 16, m += 16; 120 if (x >> 8 != 0) 121 x >>= 8, m += 8; 122 if (x >> 4 != 0) 123 x >>= 4, m += 4; 124 if (x >> 2 != 0) 125 x >>= 2, m += 2; 126 if (x >> 1 != 0) 127 x >>= 1, m++; 128 if (x > 0) 129 m++; 130 return m; 131 } 132 133 static int 134 portable_rank_cmp(tspec_t t1, tspec_t t2) 135 { 136 const ttab_t *p1 = type_properties(t1), *p2 = type_properties(t2); 137 lint_assert(p1->tt_rank_kind == p2->tt_rank_kind); 138 lint_assert(p1->tt_rank_value > 0); 139 lint_assert(p2->tt_rank_value > 0); 140 return (int)p1->tt_rank_value - (int)p2->tt_rank_value; 141 } 142 143 static unsigned 144 width_in_bits(const type_t *tp) 145 { 146 lint_assert(is_integer(tp->t_tspec)); 147 return tp->t_bitfield 148 ? tp->t_bit_field_width 149 : size_in_bits(tp->t_tspec); 150 } 151 152 static uint64_t 153 ui_max_value(const type_t *tp) 154 { 155 return value_bits(width_in_bits(tp)); 156 } 157 158 static int64_t 159 si_max_value(const type_t *tp) 160 { 161 return (int64_t)(ui_max_value(tp) >> 1); 162 } 163 164 static int64_t 165 si_min_value(const type_t *tp) 166 { 167 return -si_max_value(tp) - 1; 168 } 169 170 static int64_t 171 si_mult_sat(const type_t *tp, int64_t l, int64_t r) 172 { 173 uint64_t al = s64_abs(l); 174 uint64_t ar = s64_abs(r); 175 bool neg = (l >= 0) != (r >= 0); 176 int64_t max = si_max_value(tp); 177 uint64_t max_prod = (uint64_t)max + (neg ? 1 : 0); 178 if (al == 0 || ar <= max_prod / al) 179 return l * r; 180 else if (neg) 181 return -1 - max; 182 else 183 return max; 184 } 185 186 static int64_t 187 si_plus_sat(const type_t *tp, int64_t a, int64_t b) 188 { 189 if (b >= 0) { 190 int64_t max = si_max_value(tp); 191 return a <= max - b ? a + b : max; 192 } else { 193 int64_t min = si_min_value(tp); 194 return a >= min - b ? a + b : min; 195 } 196 } 197 198 static int64_t 199 si_minus_sat(const type_t *tp, int64_t a, int64_t b) 200 { 201 if (b >= 0) { 202 int64_t min = si_min_value(tp); 203 return a >= min + b ? a - b : min; 204 } else { 205 int64_t max = si_max_value(tp); 206 return a <= max + b ? a - b : max; 207 } 208 } 209 210 static bool 211 ic_maybe_signed(const type_t *tp, integer_constraints ic) 212 { 213 return !is_uinteger(tp->t_tspec) && ic.bclr >> 63 == 0; 214 } 215 216 static bool 217 ic_maybe_signed_binary(const type_t *tp, 218 integer_constraints a, integer_constraints b) 219 { 220 return !is_uinteger(tp->t_tspec) && (a.bclr & b.bclr) >> 63 == 0; 221 } 222 223 static integer_constraints 224 ic_any(const type_t *tp) 225 { 226 integer_constraints c; 227 228 unsigned width = width_in_bits(tp); 229 uint64_t vbits = value_bits(width); 230 if (is_uinteger(tp->t_tspec)) { 231 c.smin = width < 64 ? 0 : INT64_MIN; 232 c.smax = width < 64 ? (int64_t)vbits : INT64_MAX; 233 c.umin = 0; 234 c.umax = vbits; 235 c.bclr = ~c.umax; 236 } else { 237 c.smin = -1 - (int64_t)(vbits >> 1); 238 c.smax = (int64_t)(vbits >> 1); 239 c.umin = 0; 240 c.umax = UINT64_MAX; 241 c.bclr = 0; 242 } 243 return c; 244 } 245 246 static integer_constraints 247 ic_mult(const type_t *tp, integer_constraints a, integer_constraints b) 248 { 249 integer_constraints c; 250 251 if (ic_maybe_signed_binary(tp, a, b)) { 252 int64_t ll = si_mult_sat(tp, a.smin, b.smin); 253 int64_t lu = si_mult_sat(tp, a.smin, b.smax); 254 int64_t ul = si_mult_sat(tp, a.smax, b.smin); 255 int64_t uu = si_mult_sat(tp, a.smax, b.smax); 256 257 c.smin = s64_min(ll, s64_min(lu, s64_min(ul, uu))); 258 c.smax = s64_max(ll, s64_max(lu, s64_max(ul, uu))); 259 c.umin = c.smin >= 0 ? (uint64_t)c.smin : 0; 260 c.umax = c.smin >= 0 ? (uint64_t)c.smax : UINT64_MAX; 261 c.bclr = ~u64_fill_right(c.umax); 262 return c; 263 } 264 265 if (a.umax > 0 && b.umax > ic_any(tp).umax / a.umax) 266 return ic_any(tp); 267 268 c.smin = INT64_MIN; 269 c.smax = INT64_MAX; 270 c.umin = a.umin * b.umin; 271 c.umax = a.umax * b.umax; 272 c.bclr = ~u64_fill_right(c.umax); 273 return c; 274 } 275 276 static integer_constraints 277 ic_div(const type_t *tp, integer_constraints a, integer_constraints b) 278 { 279 if (ic_maybe_signed_binary(tp, a, b)) { 280 if (b.smin >= 0) 281 return a; 282 return ic_any(tp); 283 } 284 285 integer_constraints c; 286 c.smin = INT64_MIN; 287 c.smax = INT64_MAX; 288 c.umin = a.umin / u64_max(b.umax, 1); 289 c.umax = a.umax / u64_max(b.umin, 1); 290 c.bclr = ~u64_fill_right(c.umax); 291 return c; 292 } 293 294 static integer_constraints 295 ic_mod(const type_t *tp, integer_constraints a, integer_constraints b) 296 { 297 if (ic_maybe_signed_binary(tp, a, b)) { 298 uint64_t max_abs_b = u64_max(s64_abs(b.smin), s64_abs(b.smax)); 299 if (max_abs_b >> 63 != 0 || max_abs_b == 0) 300 return a; 301 302 integer_constraints c; 303 c.smin = s64_max(a.smin, -(int64_t)(max_abs_b - 1)); 304 c.smax = s64_min(a.smax, (int64_t)(max_abs_b - 1)); 305 c.umin = 0; 306 c.umax = UINT64_MAX; 307 c.bclr = 0; 308 return c; 309 } 310 311 integer_constraints c; 312 c.smin = INT64_MIN; 313 c.smax = INT64_MAX; 314 c.umin = 0; 315 c.umax = b.umax - 1; 316 c.bclr = ~u64_fill_right(c.umax); 317 return c; 318 } 319 320 static integer_constraints 321 ic_plus(const type_t *tp, integer_constraints a, integer_constraints b) 322 { 323 if (ic_maybe_signed_binary(tp, a, b)) { 324 integer_constraints c; 325 c.smin = si_plus_sat(tp, a.smin, b.smin); 326 c.smax = si_plus_sat(tp, a.smax, b.smax); 327 c.umin = c.smin >= 0 ? (uint64_t)c.smin : 0; 328 c.umax = c.smin >= 0 ? (uint64_t)c.smax : UINT64_MAX; 329 c.bclr = 0; 330 return c; 331 } 332 333 uint64_t max = ui_max_value(tp); 334 integer_constraints c; 335 c.smin = INT64_MIN; 336 c.smax = INT64_MAX; 337 if (b.umax <= max - a.umax) { 338 c.umin = a.umin + b.umin; 339 c.umax = a.umax + b.umax; 340 } else { 341 c.umin = 0; 342 c.umax = max; 343 } 344 if (c.umax >> 63 == 0) { 345 c.smin = 0; 346 c.smax = (int64_t)c.umax; 347 } 348 c.bclr = ~u64_fill_right(c.umax); 349 return c; 350 } 351 352 static integer_constraints 353 ic_minus(const type_t *tp, integer_constraints a, integer_constraints b) 354 { 355 integer_constraints c; 356 c.smin = si_minus_sat(tp, a.smin, b.smax); 357 c.smax = si_minus_sat(tp, a.smax, b.smin); 358 359 if (ic_maybe_signed_binary(tp, a, b)) { 360 c.umin = c.smin >= 0 ? (uint64_t)c.smin : 0; 361 c.umax = c.smin >= 0 ? (uint64_t)c.smax : UINT64_MAX; 362 } else if (a.umin >= b.umax) { 363 c.umin = a.umin - b.umax; 364 c.umax = a.umax - b.umin; 365 } else { 366 c.umin = 0; 367 c.umax = is_uinteger(tp->t_tspec) ? ui_max_value(tp) 368 : UINT64_MAX; 369 } 370 c.bclr = ~u64_fill_right(c.umax); 371 return c; 372 } 373 374 static integer_constraints 375 ic_shl(const type_t *tp, integer_constraints a, integer_constraints b) 376 { 377 if (ic_maybe_signed(tp, a)) 378 return ic_any(tp); 379 380 unsigned amount; 381 if (b.smin == b.smax && b.smin >= 0 && b.smin < 64) 382 amount = (unsigned)b.smin; 383 else if (b.umin == b.umax && b.umin < 64) 384 amount = (unsigned)b.umin; 385 else 386 return ic_any(tp); 387 388 integer_constraints c; 389 c.umin = a.umin << amount; 390 c.umax = a.umax << amount; 391 if (c.umax >> (width_in_bits(tp) - 1) == 0) { 392 c.smin = (int64_t)c.umin; 393 c.smax = (int64_t)c.umax; 394 } else { 395 c.smin = INT64_MIN; 396 c.smax = INT64_MAX; 397 } 398 c.bclr = a.bclr << amount | (((uint64_t)1 << amount) - 1); 399 return c; 400 } 401 402 static integer_constraints 403 ic_shr(const type_t *tp, integer_constraints a, integer_constraints b) 404 { 405 if (ic_maybe_signed(tp, a)) 406 return ic_any(tp); 407 408 unsigned amount; 409 if (b.smin == b.smax && b.smin >= 0 && b.smin < 64) 410 amount = (unsigned)b.smin; 411 else if (b.umin == b.umax && b.umin < 64) 412 amount = (unsigned)b.umin; 413 else 414 return ic_any(tp); 415 416 integer_constraints c; 417 c.smin = s64_shr(a.smin, amount); 418 c.smax = s64_shr(a.smax, amount); 419 c.umin = a.umin >> amount; 420 c.umax = a.umax >> amount; 421 c.bclr = a.bclr >> amount | ~(~(uint64_t)0 >> amount); 422 return c; 423 } 424 425 static integer_constraints 426 ic_bitand(integer_constraints a, integer_constraints b) 427 { 428 integer_constraints c; 429 c.smin = a.smin & b.smin; 430 c.smax = a.smax & b.smax; 431 c.umin = a.umin & b.umin; 432 c.umax = a.umax & b.umax; 433 c.bclr = a.bclr | b.bclr; 434 return c; 435 } 436 437 static integer_constraints 438 ic_bitxor(const type_t *tp, integer_constraints a, integer_constraints b) 439 { 440 if (ic_maybe_signed_binary(tp, a, b)) 441 return ic_any(tp); 442 443 integer_constraints c; 444 c.smin = a.smin & b.smin; 445 c.smax = a.smax | b.smax; 446 c.umin = a.umin & b.umin; 447 c.umax = a.umax | b.umax; 448 c.bclr = a.bclr & b.bclr; 449 return c; 450 } 451 452 static integer_constraints 453 ic_bitor(integer_constraints a, integer_constraints b) 454 { 455 integer_constraints c; 456 c.smin = a.smin | b.smin; 457 c.smax = a.smax | b.smax; 458 c.umin = a.umin | b.umin; 459 c.umax = a.umax | b.umax; 460 c.bclr = a.bclr & b.bclr; 461 return c; 462 } 463 464 static integer_constraints 465 ic_quest_colon(integer_constraints a, integer_constraints b) 466 { 467 integer_constraints c; 468 c.smin = s64_min(a.smin, b.smin); 469 c.smax = s64_max(a.smax, b.smax); 470 c.umin = u64_min(a.umin, b.umin); 471 c.umax = u64_max(a.umax, b.umax); 472 c.bclr = a.bclr & b.bclr; 473 return c; 474 } 475 476 static integer_constraints 477 ic_con(const type_t *tp, const val_t *v) 478 { 479 lint_assert(is_integer(tp->t_tspec)); 480 int64_t si = v->u.integer; 481 uint64_t ui = (uint64_t)si; 482 483 integer_constraints c; 484 c.smin = si; 485 c.smax = si; 486 c.umin = ui; 487 c.umax = ui; 488 c.bclr = ~ui; 489 return c; 490 } 491 492 static integer_constraints 493 ic_cvt(const type_t *ntp, const type_t *otp, integer_constraints a) 494 { 495 unsigned new_width = width_in_bits(ntp); 496 unsigned old_width = width_in_bits(otp); 497 bool new_unsigned = is_uinteger(ntp->t_tspec); 498 bool old_unsigned = is_uinteger(otp->t_tspec); 499 500 if (new_width >= old_width && new_unsigned == old_unsigned) 501 return a; 502 if (new_width > old_width && old_unsigned) 503 return a; 504 if (new_unsigned && (~value_bits(new_width) & ~a.bclr) == 0) 505 return a; 506 return ic_any(ntp); 507 } 508 509 static integer_constraints 510 ic_expr(const tnode_t *tn) 511 { 512 integer_constraints lc, rc; 513 514 lint_assert(is_integer(tn->tn_type->t_tspec)); 515 516 switch (tn->tn_op) { 517 case MULT: 518 lc = ic_expr(tn->u.ops.left); 519 rc = ic_expr(tn->u.ops.right); 520 return ic_mult(tn->tn_type, lc, rc); 521 case DIV: 522 lc = ic_expr(tn->u.ops.left); 523 rc = ic_expr(tn->u.ops.right); 524 return ic_div(tn->tn_type, lc, rc); 525 case MOD: 526 lc = ic_expr(tn->u.ops.left); 527 rc = ic_expr(tn->u.ops.right); 528 return ic_mod(tn->tn_type, lc, rc); 529 case PLUS: 530 lc = ic_expr(tn->u.ops.left); 531 rc = ic_expr(tn->u.ops.right); 532 return ic_plus(tn->tn_type, lc, rc); 533 case MINUS: 534 if (tn->u.ops.left->tn_type->t_tspec == PTR) 535 return ic_any(tn->tn_type); 536 lc = ic_expr(tn->u.ops.left); 537 rc = ic_expr(tn->u.ops.right); 538 return ic_minus(tn->tn_type, lc, rc); 539 case SHL: 540 lc = ic_expr(tn->u.ops.left); 541 rc = ic_expr(tn->u.ops.right); 542 return ic_shl(tn->tn_type, lc, rc); 543 case SHR: 544 lc = ic_expr(tn->u.ops.left); 545 rc = ic_expr(tn->u.ops.right); 546 return ic_shr(tn->tn_type, lc, rc); 547 case BITAND: 548 lc = ic_expr(tn->u.ops.left); 549 rc = ic_expr(tn->u.ops.right); 550 return ic_bitand(lc, rc); 551 case BITXOR: 552 lc = ic_expr(tn->u.ops.left); 553 rc = ic_expr(tn->u.ops.right); 554 return ic_bitxor(tn->tn_type, lc, rc); 555 case BITOR: 556 lc = ic_expr(tn->u.ops.left); 557 rc = ic_expr(tn->u.ops.right); 558 return ic_bitor(lc, rc); 559 case QUEST: 560 lc = ic_expr(tn->u.ops.right->u.ops.left); 561 rc = ic_expr(tn->u.ops.right->u.ops.right); 562 return ic_quest_colon(lc, rc); 563 case CON: 564 return ic_con(tn->tn_type, &tn->u.value); 565 case CVT: 566 if (!is_integer(tn->u.ops.left->tn_type->t_tspec)) 567 return ic_any(tn->tn_type); 568 lc = ic_expr(tn->u.ops.left); 569 return ic_cvt(tn->tn_type, tn->u.ops.left->tn_type, lc); 570 default: 571 return ic_any(tn->tn_type); 572 } 573 } 574 575 uint64_t 576 possible_bits(const tnode_t *tn) 577 { 578 return ~ic_expr(tn).bclr; 579 } 580 581 bool 582 attributes_contain(const attribute_list *attrs, const char *str) 583 { 584 for (size_t i = 0, n = attrs->len; i < n; i++) { 585 const attribute *attr = attrs->attrs + i; 586 if (attr->prefix == NULL && strcmp(attr->name, str) == 0) 587 return true; 588 } 589 return false; 590 } 591 592 /* Build 'pointer to tp', 'array of tp' or 'function returning tp'. */ 593 type_t * 594 block_derive_type(type_t *tp, tspec_t t) 595 { 596 597 type_t *tp2 = block_zero_alloc(sizeof(*tp2), "type"); 598 tp2->t_tspec = t; 599 tp2->t_subt = tp; 600 return tp2; 601 } 602 603 /* 604 * Derive 'pointer to tp' or 'function returning tp'. 605 * The memory is freed at the end of the current expression. 606 */ 607 type_t * 608 expr_derive_type(type_t *tp, tspec_t t) 609 { 610 611 type_t *tp2 = expr_zero_alloc(sizeof(*tp2), "type"); 612 tp2->t_tspec = t; 613 tp2->t_subt = tp; 614 return tp2; 615 } 616 617 static const char * 618 function_call_descr(const function_call *call) 619 { 620 if ((call->func->tn_op == ADDR || call->func->tn_op == LOAD) 621 && call->func->u.ops.left->tn_op == NAME) 622 return call->func->u.ops.left->u.sym->s_name; 623 return type_name(call->func->tn_type->t_subt); 624 } 625 626 static size_t 627 str_len(const tnode_t *tn) 628 { 629 const buffer *buf = tn->u.str_literals; 630 if (tn->tn_type->t_subt->t_tspec != CHAR) 631 return buf->len; 632 quoted_iterator it = { .end = 0 }; 633 size_t len = 0; 634 while (quoted_next(buf, &it)) 635 len++; 636 return len; 637 } 638 639 /* Create an expression from a unary or binary operator and its operands. */ 640 static tnode_t * 641 build_op(op_t op, bool sys, type_t *type, tnode_t *ln, tnode_t *rn) 642 { 643 644 tnode_t *ntn = expr_alloc_tnode(); 645 ntn->tn_op = op; 646 ntn->tn_type = type; 647 ntn->tn_sys = sys; 648 ntn->u.ops.left = ln; 649 ntn->u.ops.right = rn; 650 651 if (op == INDIR || op == FSEL) { 652 lint_assert(ln->tn_type->t_tspec == PTR); 653 tspec_t t = ln->tn_type->t_subt->t_tspec; 654 ntn->tn_lvalue = t != FUNC && t != VOID; 655 } 656 657 return ntn; 658 } 659 660 tnode_t * 661 build_constant(type_t *tp, val_t *v) 662 { 663 664 tnode_t *n = expr_alloc_tnode(); 665 n->tn_op = CON; 666 n->tn_type = tp; 667 n->u.value = *v; 668 n->u.value.v_tspec = tp->t_tspec; 669 free(v); 670 return n; 671 } 672 673 static tnode_t * 674 build_integer_constant(tspec_t t, int64_t si) 675 { 676 677 tnode_t *n = expr_alloc_tnode(); 678 n->tn_op = CON; 679 n->tn_type = gettyp(t); 680 n->u.value.v_tspec = t; 681 n->u.value.v_unsigned_since_c90 = false; 682 n->u.value.v_char_constant = false; 683 n->u.value.u.integer = si; 684 return n; 685 } 686 687 static void 688 fallback_symbol(sym_t *sym) 689 { 690 691 if (Tflag && fallback_symbol_strict_bool(sym)) 692 return; 693 694 if (funcsym != NULL && (strcmp(sym->s_name, "__FUNCTION__") == 0 || 695 strcmp(sym->s_name, "__PRETTY_FUNCTION__") == 0)) { 696 /* __FUNCTION__/__PRETTY_FUNCTION__ is a GCC extension */ 697 gnuism(316); 698 goto return_function_name; 699 } 700 701 if (funcsym != NULL && strcmp(sym->s_name, "__func__") == 0) { 702 if (!allow_c99) 703 /* __func__ is a C99 feature */ 704 warning(317); 705 /* C11 6.4.2.2 */ 706 return_function_name: 707 sym->s_type = block_derive_type(gettyp(CHAR), ARRAY); 708 sym->s_type->t_const = true; 709 sym->s_type->u.dimension = (int)strlen(funcsym->s_name) + 1; 710 return; 711 } 712 713 /* '%s' undefined */ 714 error(99, sym->s_name); 715 } 716 717 /* 718 * Functions that are predeclared by GCC or other compilers can be called 719 * with arbitrary arguments. Since lint usually runs after a successful 720 * compilation, it's the compiler's job to catch any errors. 721 */ 722 bool 723 is_compiler_builtin(const char *name) 724 { 725 /* https://gcc.gnu.org/onlinedocs/gcc/C-Extensions.html */ 726 if (allow_gcc) { 727 if (strncmp(name, "__atomic_", 9) == 0 || 728 strncmp(name, "__builtin_", 10) == 0 || 729 strcmp(name, "alloca") == 0 || 730 /* obsolete but still in use, as of 2021 */ 731 strncmp(name, "__sync_", 7) == 0) 732 return true; 733 } 734 735 /* https://software.intel.com/sites/landingpage/IntrinsicsGuide/ */ 736 if (strncmp(name, "_mm_", 4) == 0) 737 return true; 738 739 return false; 740 } 741 742 static bool 743 str_ends_with(const char *haystack, const char *needle) 744 { 745 size_t hlen = strlen(haystack); 746 size_t nlen = strlen(needle); 747 748 return nlen <= hlen && 749 memcmp(haystack + hlen - nlen, needle, nlen) == 0; 750 } 751 752 /* https://gcc.gnu.org/onlinedocs/gcc/Integer-Overflow-Builtins.html */ 753 static bool 754 is_gcc_bool_builtin(const char *name) 755 { 756 return strncmp(name, "__builtin_", 10) == 0 && 757 (str_ends_with(name, "_overflow") || 758 str_ends_with(name, "_overflow_p")); 759 } 760 761 static void 762 build_name_call(sym_t *sym) 763 { 764 765 if (is_compiler_builtin(sym->s_name)) { 766 /* 767 * Do not warn about these, just assume that they are regular 768 * functions compatible with non-prototype calling conventions. 769 */ 770 if (allow_gcc && is_gcc_bool_builtin(sym->s_name)) 771 sym->s_type = gettyp(BOOL); 772 } else if (allow_c99) 773 /* function '%s' implicitly declared to return int */ 774 error(215, sym->s_name); 775 else if (!allow_trad) 776 /* function '%s' implicitly declared to return int */ 777 warning(215, sym->s_name); 778 779 /* XXX if !allow_c90, the symbol should be exported to level 0 */ 780 sym->s_type = block_derive_type(sym->s_type, FUNC); 781 } 782 783 /* Create a node for a name (symbol table entry). */ 784 tnode_t * 785 build_name(sym_t *sym, bool is_funcname) 786 { 787 788 if (sym->s_scl == NO_SCL && !in_gcc_attribute) { 789 sym->s_scl = EXTERN; 790 sym->s_def = DECL; 791 if (is_funcname) 792 build_name_call(sym); 793 else 794 fallback_symbol(sym); 795 } 796 797 lint_assert(sym->s_kind == SK_VCFT || sym->s_kind == SK_MEMBER); 798 799 tnode_t *n = expr_alloc_tnode(); 800 n->tn_type = sym->s_type; 801 if (sym->s_scl == BOOL_CONST) { 802 n->tn_op = CON; 803 n->u.value.v_tspec = BOOL; 804 n->u.value.v_unsigned_since_c90 = false; 805 n->u.value.v_char_constant = false; 806 n->u.value.u.integer = sym->u.s_bool_constant ? 1 : 0; 807 } else if (sym->s_scl == ENUM_CONST) { 808 n->tn_op = CON; 809 n->u.value.v_tspec = INT; /* ENUM is in n->tn_type */ 810 n->u.value.v_unsigned_since_c90 = false; 811 n->u.value.v_char_constant = false; 812 n->u.value.u.integer = sym->u.s_enum_constant; 813 } else { 814 n->tn_op = NAME; 815 n->u.sym = sym; 816 if (sym->s_kind == SK_VCFT && sym->s_type->t_tspec != FUNC) 817 n->tn_lvalue = true; 818 } 819 820 return n; 821 } 822 823 tnode_t * 824 build_string(buffer *lit) 825 { 826 size_t value_len = lit->len; 827 if (lit->data != NULL) { 828 quoted_iterator it = { .end = 0 }; 829 for (value_len = 0; quoted_next(lit, &it); value_len++) 830 continue; 831 } 832 833 type_t *tp = expr_zero_alloc(sizeof(*tp), "type"); 834 tp->t_tspec = ARRAY; 835 tp->t_subt = gettyp(lit->data != NULL ? CHAR : WCHAR_TSPEC); 836 tp->u.dimension = (int)(value_len + 1); 837 838 tnode_t *n = expr_alloc_tnode(); 839 n->tn_op = STRING; 840 n->tn_type = tp; 841 n->tn_lvalue = true; 842 843 n->u.str_literals = expr_zero_alloc(sizeof(*n->u.str_literals), "tnode.string"); 844 n->u.str_literals->len = lit->len; 845 846 if (lit->data != NULL) { 847 n->u.str_literals->data = expr_zero_alloc(lit->len + 1, 848 "tnode.string.data"); 849 (void)memcpy(n->u.str_literals->data, lit->data, lit->len + 1); 850 free(lit->data); 851 } 852 free(lit); 853 854 return n; 855 } 856 857 tnode_t * 858 build_generic_selection(const tnode_t *expr, 859 struct generic_association *sel) 860 { 861 tnode_t *default_result = NULL; 862 863 for (; sel != NULL; sel = sel->ga_prev) { 864 if (expr != NULL && 865 types_compatible(sel->ga_arg, expr->tn_type, 866 false, false, NULL)) 867 return sel->ga_result; 868 if (sel->ga_arg == NULL) 869 default_result = sel->ga_result; 870 } 871 return default_result; 872 } 873 874 static bool 875 is_out_of_char_range(const tnode_t *tn) 876 { 877 return tn->tn_op == CON && 878 !tn->u.value.v_char_constant && 879 !(0 <= tn->u.value.u.integer && 880 tn->u.value.u.integer < 1 << (CHAR_SIZE - 1)); 881 } 882 883 static bool 884 check_nonportable_char_comparison(op_t op, 885 const tnode_t *ln, tspec_t lt, 886 const tnode_t *rn, tspec_t rt) 887 { 888 if (!(hflag || pflag)) 889 return true; 890 891 if (lt == CHAR && is_out_of_char_range(rn)) { 892 char buf[128]; 893 (void)snprintf(buf, sizeof(buf), "%s %d", 894 op_name(op), (int)rn->u.value.u.integer); 895 /* nonportable character comparison '%s' */ 896 warning(230, buf); 897 return false; 898 } 899 if (rt == CHAR && is_out_of_char_range(ln)) { 900 char buf[128]; 901 (void)snprintf(buf, sizeof(buf), "%d %s ?", 902 (int)ln->u.value.u.integer, op_name(op)); 903 /* nonportable character comparison '%s' */ 904 warning(230, buf); 905 return false; 906 } 907 return true; 908 } 909 910 static void 911 check_integer_comparison(op_t op, tnode_t *ln, tnode_t *rn) 912 { 913 914 tspec_t lt = ln->tn_type->t_tspec; 915 tspec_t rt = rn->tn_type->t_tspec; 916 917 if (ln->tn_op != CON && rn->tn_op != CON) 918 return; 919 920 if (!is_integer(lt) || !is_integer(rt)) 921 return; 922 923 if (any_query_enabled && !in_system_header) { 924 if (lt == CHAR && rn->tn_op == CON && 925 !rn->u.value.v_char_constant) { 926 /* comparison '%s' of 'char' with plain integer %d */ 927 query_message(14, 928 op_name(op), (int)rn->u.value.u.integer); 929 } 930 if (rt == CHAR && ln->tn_op == CON && 931 !ln->u.value.v_char_constant) { 932 /* comparison '%s' of 'char' with plain integer %d */ 933 query_message(14, 934 op_name(op), (int)ln->u.value.u.integer); 935 } 936 } 937 938 if (!check_nonportable_char_comparison(op, ln, lt, rn, rt)) 939 return; 940 941 if (is_uinteger(lt) && !is_uinteger(rt) && 942 rn->tn_op == CON && rn->u.value.u.integer <= 0) { 943 if (rn->u.value.u.integer < 0) { 944 /* operator '%s' compares '%s' with '%s' */ 945 warning(162, op_name(op), 946 expr_type_name(ln), "negative constant"); 947 } else if (op == LT || op == GE) 948 /* operator '%s' compares '%s' with '%s' */ 949 warning(162, op_name(op), expr_type_name(ln), "0"); 950 return; 951 } 952 if (is_uinteger(rt) && !is_uinteger(lt) && 953 ln->tn_op == CON && ln->u.value.u.integer <= 0) { 954 if (ln->u.value.u.integer < 0) { 955 /* operator '%s' compares '%s' with '%s' */ 956 warning(162, op_name(op), 957 "negative constant", expr_type_name(rn)); 958 } else if (op == GT || op == LE) 959 /* operator '%s' compares '%s' with '%s' */ 960 warning(162, op_name(op), "0", expr_type_name(rn)); 961 return; 962 } 963 } 964 965 static const tspec_t arith_rank[] = { 966 LDOUBLE, DOUBLE, FLOAT, 967 #ifdef INT128_SIZE 968 UINT128, INT128, 969 #endif 970 ULLONG, LLONG, 971 ULONG, LONG, 972 UINT, INT, 973 }; 974 975 /* Keep unsigned in traditional C */ 976 static tspec_t 977 usual_arithmetic_conversion_trad(tspec_t lt, tspec_t rt) 978 { 979 980 size_t i; 981 for (i = 0; arith_rank[i] != INT; i++) 982 if (lt == arith_rank[i] || rt == arith_rank[i]) 983 break; 984 985 tspec_t t = arith_rank[i]; 986 if (is_uinteger(lt) || is_uinteger(rt)) 987 if (is_integer(t) && !is_uinteger(t)) 988 return unsigned_type(t); 989 return t; 990 } 991 992 static tspec_t 993 usual_arithmetic_conversion_c90(tspec_t lt, tspec_t rt) 994 { 995 996 if (lt == rt) 997 return lt; 998 999 if (lt == LCOMPLEX || rt == LCOMPLEX) 1000 return LCOMPLEX; 1001 if (lt == DCOMPLEX || rt == DCOMPLEX) 1002 return DCOMPLEX; 1003 if (lt == FCOMPLEX || rt == FCOMPLEX) 1004 return FCOMPLEX; 1005 if (lt == LDOUBLE || rt == LDOUBLE) 1006 return LDOUBLE; 1007 if (lt == DOUBLE || rt == DOUBLE) 1008 return DOUBLE; 1009 if (lt == FLOAT || rt == FLOAT) 1010 return FLOAT; 1011 1012 if (size_in_bits(lt) > size_in_bits(rt)) 1013 return lt; 1014 if (size_in_bits(lt) < size_in_bits(rt)) 1015 return rt; 1016 1017 size_t i; 1018 for (i = 3; arith_rank[i] != INT; i++) 1019 if (arith_rank[i] == lt || arith_rank[i] == rt) 1020 break; 1021 if ((is_uinteger(lt) || is_uinteger(rt)) && 1022 !is_uinteger(arith_rank[i])) 1023 i--; 1024 return arith_rank[i]; 1025 } 1026 1027 static tnode_t * 1028 apply_usual_arithmetic_conversions(op_t op, tnode_t *tn, tspec_t t) 1029 { 1030 type_t *ntp = expr_dup_type(tn->tn_type); 1031 ntp->t_tspec = t; 1032 if (tn->tn_op != CON) { 1033 /* usual arithmetic conversion for '%s' from '%s' to '%s' */ 1034 query_message(4, op_name(op), 1035 expr_type_name(tn), type_name(ntp)); 1036 } 1037 return convert(op, 0, ntp, tn); 1038 } 1039 1040 /* 1041 * Apply the "usual arithmetic conversions" (C99 6.3.1.8), which gives both 1042 * operands the same type. 1043 */ 1044 static void 1045 balance(op_t op, tnode_t **lnp, tnode_t **rnp) 1046 { 1047 1048 tspec_t lt = (*lnp)->tn_type->t_tspec; 1049 tspec_t rt = (*rnp)->tn_type->t_tspec; 1050 if (!is_arithmetic(lt) || !is_arithmetic(rt)) 1051 return; 1052 1053 tspec_t t = allow_c90 1054 ? usual_arithmetic_conversion_c90(lt, rt) 1055 : usual_arithmetic_conversion_trad(lt, rt); 1056 1057 if (modtab[op].m_comparison 1058 && is_integer(lt) && (*lnp)->tn_op != CON 1059 && is_floating(t) && (*rnp)->tn_op == CON) 1060 /* comparing integer '%s' to floating point constant %Lg */ 1061 warning(379, expr_type_name(*lnp), 1062 (*rnp)->u.value.u.floating); 1063 1064 if (t != lt) 1065 *lnp = apply_usual_arithmetic_conversions(op, *lnp, t); 1066 if (t != rt) 1067 *rnp = apply_usual_arithmetic_conversions(op, *rnp, t); 1068 1069 if (is_integer(t)) { 1070 unsigned lw = width_in_bits((*lnp)->tn_type); 1071 unsigned rw = width_in_bits((*rnp)->tn_type); 1072 if (lw < rw) 1073 *lnp = convert(NOOP, 0, (*rnp)->tn_type, *lnp); 1074 if (rw < lw) 1075 *rnp = convert(NOOP, 0, (*lnp)->tn_type, *rnp); 1076 } 1077 } 1078 1079 static tnode_t * 1080 build_address(bool sys, tnode_t *tn) 1081 { 1082 /* eliminate '&*' */ 1083 if (tn->tn_op == INDIR && 1084 tn->u.ops.left->tn_type->t_tspec == PTR && 1085 tn->u.ops.left->tn_type->t_subt == tn->tn_type) { 1086 return tn->u.ops.left; 1087 } 1088 1089 return build_op(ADDR, sys, expr_derive_type(tn->tn_type, PTR), 1090 tn, NULL); 1091 } 1092 1093 static uint64_t 1094 fold_unsigned_integer(op_t op, uint64_t l, uint64_t r, 1095 uint64_t max_value, bool *overflow) 1096 { 1097 switch (op) { 1098 case COMPL: 1099 return ~l & max_value; 1100 case UPLUS: 1101 return +l; 1102 case UMINUS: 1103 return -l & max_value; 1104 case MULT: 1105 *overflow = r > 0 && l > max_value / r; 1106 return l * r; 1107 case DIV: 1108 if (r == 0) { 1109 /* division by 0 */ 1110 error(139); 1111 return max_value; 1112 } 1113 return l / r; 1114 case MOD: 1115 if (r == 0) { 1116 /* modulus by 0 */ 1117 error(140); 1118 return 0; 1119 } 1120 return l % r; 1121 case PLUS: 1122 *overflow = l > max_value - r; 1123 return l + r; 1124 case MINUS: 1125 *overflow = l < r; 1126 return l - r; 1127 case SHL: 1128 /* TODO: warn about out-of-bounds 'r'. */ 1129 /* TODO: warn about overflow. */ 1130 return l << (r & 63); 1131 case SHR: 1132 /* TODO: warn about out-of-bounds 'r'. */ 1133 return l >> (r & 63); 1134 case LT: 1135 return l < r ? 1 : 0; 1136 case LE: 1137 return l <= r ? 1 : 0; 1138 case GT: 1139 return l > r ? 1 : 0; 1140 case GE: 1141 return l >= r ? 1 : 0; 1142 case EQ: 1143 return l == r ? 1 : 0; 1144 case NE: 1145 return l != r ? 1 : 0; 1146 case BITAND: 1147 return l & r; 1148 case BITXOR: 1149 return l ^ r; 1150 case BITOR: 1151 return l | r; 1152 default: 1153 lint_assert(false); 1154 /* NOTREACHED */ 1155 } 1156 } 1157 1158 static int64_t 1159 fold_signed_integer(op_t op, int64_t l, int64_t r, 1160 int64_t min_value, int64_t max_value, bool *overflow) 1161 { 1162 switch (op) { 1163 case COMPL: 1164 return ~l; 1165 case UPLUS: 1166 return +l; 1167 case UMINUS: 1168 *overflow = l == min_value; 1169 return *overflow ? l : -l; 1170 case MULT:; 1171 uint64_t al = s64_abs(l); 1172 uint64_t ar = s64_abs(r); 1173 bool neg = (l >= 0) != (r >= 0); 1174 uint64_t max_prod = (uint64_t)max_value + (neg ? 1 : 0); 1175 if (al > 0 && ar > max_prod / al) { 1176 *overflow = true; 1177 return neg ? min_value : max_value; 1178 } 1179 return l * r; 1180 case DIV: 1181 if (r == 0) { 1182 /* division by 0 */ 1183 error(139); 1184 return max_value; 1185 } 1186 if (l == min_value && r == -1) { 1187 *overflow = true; 1188 return l; 1189 } 1190 return l / r; 1191 case MOD: 1192 if (r == 0) { 1193 /* modulus by 0 */ 1194 error(140); 1195 return 0; 1196 } 1197 if (l == min_value && r == -1) { 1198 *overflow = true; 1199 return 0; 1200 } 1201 return l % r; 1202 case PLUS: 1203 if (r > 0 && l > max_value - r) { 1204 *overflow = true; 1205 return max_value; 1206 } 1207 if (r < 0 && l < min_value - r) { 1208 *overflow = true; 1209 return min_value; 1210 } 1211 return l + r; 1212 case MINUS: 1213 if (r > 0 && l < min_value + r) { 1214 *overflow = true; 1215 return min_value; 1216 } 1217 if (r < 0 && l > max_value + r) { 1218 *overflow = true; 1219 return max_value; 1220 } 1221 return l - r; 1222 case SHL: 1223 /* TODO: warn about out-of-bounds 'r'. */ 1224 /* TODO: warn about overflow. */ 1225 return (int64_t)((uint64_t)l << (r & 63)); 1226 case SHR: 1227 /* TODO: warn about out-of-bounds 'r'. */ 1228 return s64_shr(l, r & 63); 1229 case LT: 1230 return l < r ? 1 : 0; 1231 case LE: 1232 return l <= r ? 1 : 0; 1233 case GT: 1234 return l > r ? 1 : 0; 1235 case GE: 1236 return l >= r ? 1 : 0; 1237 case EQ: 1238 return l == r ? 1 : 0; 1239 case NE: 1240 return l != r ? 1 : 0; 1241 case BITAND: 1242 return l & r; 1243 case BITXOR: 1244 return l ^ r; 1245 case BITOR: 1246 return l | r; 1247 default: 1248 lint_assert(false); 1249 /* NOTREACHED */ 1250 } 1251 } 1252 1253 static tnode_t * 1254 fold_constant_integer(tnode_t *tn) 1255 { 1256 1257 lint_assert(has_operands(tn)); 1258 tspec_t t = tn->u.ops.left->tn_type->t_tspec; 1259 int64_t l = tn->u.ops.left->u.value.u.integer; 1260 int64_t r = is_binary(tn) ? tn->u.ops.right->u.value.u.integer : 0; 1261 uint64_t mask = value_bits(size_in_bits(t)); 1262 1263 int64_t res; 1264 bool overflow = false; 1265 if (!is_integer(t) || is_uinteger(t)) { 1266 uint64_t u_res = fold_unsigned_integer(tn->tn_op, 1267 (uint64_t)l, (uint64_t)r, mask, &overflow); 1268 if (u_res > mask) 1269 overflow = true; 1270 res = (int64_t)u_res; 1271 if (overflow && hflag) { 1272 char buf[128]; 1273 if (is_binary(tn)) { 1274 snprintf(buf, sizeof(buf), "%ju %s %ju", 1275 (uintmax_t)l, op_name(tn->tn_op), 1276 (uintmax_t)r); 1277 } else { 1278 snprintf(buf, sizeof(buf), "%s%ju", 1279 op_name(tn->tn_op), (uintmax_t)l); 1280 } 1281 /* '%s' overflows '%s' */ 1282 warning(141, buf, expr_type_name(tn)); 1283 } 1284 } else { 1285 int64_t max_value = (int64_t)(mask >> 1); 1286 int64_t min_value = -max_value - 1; 1287 res = fold_signed_integer(tn->tn_op, 1288 l, r, min_value, max_value, &overflow); 1289 if (res < min_value || res > max_value) 1290 overflow = true; 1291 if (overflow && hflag) { 1292 char buf[128]; 1293 if (is_binary(tn)) { 1294 snprintf(buf, sizeof(buf), "%jd %s %jd", 1295 (intmax_t)l, op_name(tn->tn_op), 1296 (intmax_t)r); 1297 } else if (tn->tn_op == UMINUS && l < 0) { 1298 snprintf(buf, sizeof(buf), "-(%jd)", 1299 (intmax_t)l); 1300 } else { 1301 snprintf(buf, sizeof(buf), "%s%jd", 1302 op_name(tn->tn_op), (intmax_t)l); 1303 } 1304 /* '%s' overflows '%s' */ 1305 warning(141, buf, expr_type_name(tn)); 1306 } 1307 } 1308 1309 val_t *v = xcalloc(1, sizeof(*v)); 1310 v->v_tspec = tn->tn_type->t_tspec; 1311 v->u.integer = convert_integer(res, t, size_in_bits(t)); 1312 1313 tnode_t *cn = build_constant(tn->tn_type, v); 1314 if (tn->u.ops.left->tn_system_dependent) 1315 cn->tn_system_dependent = true; 1316 if (is_binary(tn) && tn->u.ops.right->tn_system_dependent) 1317 cn->tn_system_dependent = true; 1318 1319 return cn; 1320 } 1321 1322 static tnode_t * 1323 build_struct_access(op_t op, bool sys, tnode_t *ln, tnode_t *rn) 1324 { 1325 1326 lint_assert(rn->tn_op == NAME); 1327 lint_assert(is_member(rn->u.sym)); 1328 1329 bool lvalue = op == ARROW || ln->tn_lvalue; 1330 1331 if (op == POINT) 1332 ln = build_address(sys, ln); 1333 else if (ln->tn_type->t_tspec != PTR) { 1334 lint_assert(!allow_c90); 1335 lint_assert(is_integer(ln->tn_type->t_tspec)); 1336 ln = convert(NOOP, 0, expr_derive_type(gettyp(VOID), PTR), ln); 1337 } 1338 1339 tnode_t *ctn = build_integer_constant(PTRDIFF_TSPEC, 1340 rn->u.sym->u.s_member.sm_offset_in_bits / CHAR_SIZE); 1341 1342 type_t *ptr_tp = expr_derive_type(rn->tn_type, PTR); 1343 tnode_t *ntn = build_op(PLUS, sys, ptr_tp, ln, ctn); 1344 if (ln->tn_op == CON) 1345 ntn = fold_constant_integer(ntn); 1346 1347 op_t nop = rn->tn_type->t_bitfield ? FSEL : INDIR; 1348 ntn = build_op(nop, sys, ntn->tn_type->t_subt, ntn, NULL); 1349 if (!lvalue) 1350 ntn->tn_lvalue = false; 1351 1352 return ntn; 1353 } 1354 1355 /* 1356 * Get the size in bytes of type tp->t_subt, as a constant expression of type 1357 * ptrdiff_t as seen from the target platform. 1358 */ 1359 static tnode_t * 1360 subt_size_in_bytes(type_t *tp) 1361 { 1362 1363 lint_assert(tp->t_tspec == PTR); 1364 tp = tp->t_subt; 1365 1366 int elem = 1; 1367 while (tp->t_tspec == ARRAY) { 1368 elem *= tp->u.dimension; 1369 tp = tp->t_subt; 1370 } 1371 1372 int elsz_in_bits = 0; 1373 switch (tp->t_tspec) { 1374 case FUNC: 1375 /* pointer to function is not allowed here */ 1376 error(110); 1377 break; 1378 case VOID: 1379 /* cannot do pointer arithmetic on operand of unknown size */ 1380 gnuism(136); 1381 break; 1382 case STRUCT: 1383 case UNION: 1384 if ((elsz_in_bits = (int)tp->u.sou->sou_size_in_bits) == 0) 1385 /* cannot do pointer arithmetic on operand of ... */ 1386 error(136); 1387 break; 1388 case ENUM: 1389 if (is_incomplete(tp)) 1390 /* cannot do pointer arithmetic on operand of ... */ 1391 warning(136); 1392 /* FALLTHROUGH */ 1393 default: 1394 if ((elsz_in_bits = size_in_bits(tp->t_tspec)) == 0) 1395 /* cannot do pointer arithmetic on operand of ... */ 1396 error(136); 1397 else 1398 lint_assert(elsz_in_bits != -1); 1399 break; 1400 } 1401 1402 if (elem == 0 && elsz_in_bits != 0) 1403 /* cannot do pointer arithmetic on operand of unknown size */ 1404 error(136); 1405 1406 if (elsz_in_bits == 0) 1407 elsz_in_bits = CHAR_SIZE; 1408 1409 return build_integer_constant(PTRDIFF_TSPEC, 1410 (int64_t)(elem * elsz_in_bits / CHAR_SIZE)); 1411 } 1412 1413 static tnode_t * 1414 build_prepost_incdec(op_t op, bool sys, tnode_t *ln) 1415 { 1416 1417 lint_assert(ln != NULL); 1418 tnode_t *cn = ln->tn_type->t_tspec == PTR 1419 ? subt_size_in_bytes(ln->tn_type) 1420 : build_integer_constant(INT, 1); 1421 return build_op(op, sys, ln->tn_type, ln, cn); 1422 } 1423 1424 static void 1425 check_enum_array_index(const tnode_t *ln, const tnode_t *rn) 1426 { 1427 1428 if (ln->tn_op != ADDR) 1429 return; 1430 ln = ln->u.ops.left; 1431 if (ln->tn_op != NAME && ln->tn_op != STRING) 1432 return; 1433 1434 const type_t *ltp = ln->tn_type; 1435 if (ltp->t_tspec != ARRAY || ltp->t_incomplete_array) 1436 return; 1437 1438 if (rn->tn_op != CVT || !rn->tn_type->t_is_enum) 1439 return; 1440 if (rn->u.ops.left->tn_op != LOAD) 1441 return; 1442 1443 const type_t *rtp = rn->u.ops.left->tn_type; 1444 const sym_t *ec = rtp->u.enumer->en_first_enumerator; 1445 const sym_t *max_ec = ec; 1446 lint_assert(ec != NULL); 1447 for (ec = ec->s_next; ec != NULL; ec = ec->s_next) 1448 if (ec->u.s_enum_constant > max_ec->u.s_enum_constant) 1449 max_ec = ec; 1450 1451 int64_t max_enum_value = max_ec->u.s_enum_constant; 1452 lint_assert(INT_MIN <= max_enum_value && max_enum_value <= INT_MAX); 1453 1454 int max_array_index = ltp->u.dimension - 1; 1455 size_t nonnull_dimension = ln->tn_op == STRING 1456 ? str_len(ln) 1457 : ln->u.sym->u.s_array_nonnull_dimension; 1458 if (nonnull_dimension > 0) 1459 max_array_index = (int)nonnull_dimension - 1; 1460 if (max_enum_value == max_array_index) 1461 return; 1462 1463 if (max_enum_value == max_array_index + 1 && 1464 (strstr(max_ec->s_name, "MAX") != NULL || 1465 strstr(max_ec->s_name, "max") != NULL || 1466 strstr(max_ec->s_name, "NUM") != NULL || 1467 strstr(max_ec->s_name, "num") != NULL || 1468 strncmp(max_ec->s_name, "N_", 2) == 0)) 1469 return; 1470 1471 /* maximum value %d for '%s' of type '%s' does not match maximum array index %d */ 1472 warning(348, (int)max_enum_value, max_ec->s_name, type_name(rtp), 1473 max_array_index); 1474 print_previous_declaration(max_ec); 1475 } 1476 1477 static tnode_t * 1478 build_plus_minus(op_t op, bool sys, tnode_t *ln, tnode_t *rn) 1479 { 1480 1481 if (rn->tn_type->t_tspec == PTR && is_integer(ln->tn_type->t_tspec)) { 1482 tnode_t *tmp = ln; 1483 ln = rn; 1484 rn = tmp; 1485 /* pointer addition has integer on the left-hand side */ 1486 query_message(5); 1487 } 1488 1489 /* pointer +- integer */ 1490 tspec_t lt = ln->tn_type->t_tspec; 1491 tspec_t rt = rn->tn_type->t_tspec; 1492 if (lt == PTR && rt != PTR) { 1493 lint_assert(is_integer(rt)); 1494 1495 check_ctype_macro_invocation(ln, rn); 1496 check_enum_array_index(ln, rn); 1497 1498 tnode_t *elsz = subt_size_in_bytes(ln->tn_type); 1499 tspec_t szt = elsz->tn_type->t_tspec; 1500 if (rt != szt && rt != unsigned_type(szt)) 1501 rn = convert(NOOP, 0, elsz->tn_type, rn); 1502 1503 tnode_t *prod = build_op(MULT, sys, rn->tn_type, rn, elsz); 1504 if (rn->tn_op == CON) 1505 prod = fold_constant_integer(prod); 1506 1507 return build_op(op, sys, ln->tn_type, ln, prod); 1508 } 1509 1510 /* pointer - pointer */ 1511 if (rt == PTR) { 1512 lint_assert(lt == PTR); 1513 lint_assert(op == MINUS); 1514 1515 type_t *ptrdiff = gettyp(PTRDIFF_TSPEC); 1516 tnode_t *raw_diff = build_op(op, sys, ptrdiff, ln, rn); 1517 if (ln->tn_op == CON && rn->tn_op == CON) 1518 raw_diff = fold_constant_integer(raw_diff); 1519 1520 tnode_t *elsz = subt_size_in_bytes(ln->tn_type); 1521 balance(NOOP, &raw_diff, &elsz); 1522 1523 return build_op(DIV, sys, ptrdiff, raw_diff, elsz); 1524 } 1525 1526 return build_op(op, sys, ln->tn_type, ln, rn); 1527 } 1528 1529 static tnode_t * 1530 build_bit_shift(op_t op, bool sys, tnode_t *ln, tnode_t *rn) 1531 { 1532 1533 if (!allow_c90 && rn->tn_type->t_tspec != INT) 1534 // XXX: C1978 7.5 says: "Both [operators] perform the usual 1535 // arithmetic conversions on their operands." 1536 // TODO: Add a test to exercise this part of the code. 1537 rn = convert(NOOP, 0, gettyp(INT), rn); 1538 return build_op(op, sys, ln->tn_type, ln, rn); 1539 } 1540 1541 static bool 1542 is_null_pointer(const tnode_t *tn) 1543 { 1544 tspec_t t = tn->tn_type->t_tspec; 1545 1546 // TODO: Investigate how other pointers are stored, in particular, 1547 // whether a pointer constant can have a non-zero value. 1548 // If not, simplify the code below. 1549 return ((t == PTR && tn->tn_type->t_subt->t_tspec == VOID) 1550 || is_integer(t)) 1551 && (tn->tn_op == CON && tn->u.value.u.integer == 0); 1552 } 1553 1554 /* Return a type based on tp1, with added qualifiers from tp2. */ 1555 static type_t * 1556 merge_qualifiers(type_t *tp1, const type_t *tp2) 1557 { 1558 1559 lint_assert(tp1->t_tspec == PTR); 1560 lint_assert(tp2->t_tspec == PTR); 1561 1562 bool c1 = tp1->t_subt->t_const; 1563 bool c2 = tp2->t_subt->t_const; 1564 bool v1 = tp1->t_subt->t_volatile; 1565 bool v2 = tp2->t_subt->t_volatile; 1566 1567 if (c1 == (c1 | c2) && v1 == (v1 | v2)) 1568 return tp1; 1569 1570 type_t *nstp = expr_dup_type(tp1->t_subt); 1571 nstp->t_const |= c2; 1572 nstp->t_volatile |= v2; 1573 1574 type_t *ntp = expr_dup_type(tp1); 1575 ntp->t_subt = nstp; 1576 return ntp; 1577 } 1578 1579 /* See C99 6.5.15 "Conditional operator". */ 1580 static tnode_t * 1581 build_colon(bool sys, tnode_t *ln, tnode_t *rn) 1582 { 1583 tspec_t lt = ln->tn_type->t_tspec; 1584 tspec_t rt = rn->tn_type->t_tspec; 1585 1586 type_t *tp; 1587 if (is_arithmetic(lt) && is_arithmetic(rt)) 1588 /* The operands were already balanced in build_binary. */ 1589 tp = ln->tn_type; 1590 else if (lt == BOOL && rt == BOOL) 1591 tp = ln->tn_type; 1592 else if (lt == VOID || rt == VOID) 1593 tp = gettyp(VOID); 1594 else if (is_struct_or_union(lt)) { 1595 lint_assert(is_struct_or_union(rt)); 1596 lint_assert(ln->tn_type->u.sou == rn->tn_type->u.sou); 1597 if (is_incomplete(ln->tn_type)) { 1598 /* unknown operand size, op '%s' */ 1599 error(138, op_name(COLON)); 1600 return NULL; 1601 } 1602 tp = ln->tn_type; 1603 } else if (lt == PTR && is_integer(rt)) { 1604 if (rt != PTRDIFF_TSPEC) 1605 rn = convert(NOOP, 0, gettyp(PTRDIFF_TSPEC), rn); 1606 tp = ln->tn_type; 1607 } else if (rt == PTR && is_integer(lt)) { 1608 if (lt != PTRDIFF_TSPEC) 1609 ln = convert(NOOP, 0, gettyp(PTRDIFF_TSPEC), ln); 1610 tp = rn->tn_type; 1611 } else if (lt == PTR && is_null_pointer(rn)) 1612 tp = merge_qualifiers(ln->tn_type, rn->tn_type); 1613 else if (rt == PTR && is_null_pointer(ln)) 1614 tp = merge_qualifiers(rn->tn_type, ln->tn_type); 1615 else if (lt == PTR && ln->tn_type->t_subt->t_tspec == VOID) 1616 tp = merge_qualifiers(ln->tn_type, rn->tn_type); 1617 else if (rt == PTR && rn->tn_type->t_subt->t_tspec == VOID) 1618 tp = merge_qualifiers(rn->tn_type, ln->tn_type); 1619 else { 1620 /* 1621 * XXX For now we simply take the left type. This is probably 1622 * wrong, if one type contains a function prototype and the 1623 * other one, at the same place, only an old-style declaration. 1624 */ 1625 tp = merge_qualifiers(ln->tn_type, rn->tn_type); 1626 } 1627 1628 return build_op(COLON, sys, tp, ln, rn); 1629 } 1630 1631 /* TODO: check for varargs */ 1632 static bool 1633 is_cast_redundant(const tnode_t *tn) 1634 { 1635 const type_t *ntp = tn->tn_type, *otp = tn->u.ops.left->tn_type; 1636 tspec_t nt = ntp->t_tspec, ot = otp->t_tspec; 1637 1638 if (nt == BOOL || ot == BOOL) 1639 return nt == BOOL && ot == BOOL; 1640 1641 if (is_integer(nt) && is_integer(ot)) { 1642 unsigned int nw = width_in_bits(ntp), ow = width_in_bits(otp); 1643 if (is_uinteger(nt) == is_uinteger(ot)) 1644 return nw >= ow; 1645 return is_uinteger(ot) && nw > ow; 1646 } 1647 1648 if (is_complex(nt) || is_complex(ot)) 1649 return is_complex(nt) && is_complex(ot) && 1650 size_in_bits(nt) >= size_in_bits(ot); 1651 1652 if (is_floating(nt) && is_floating(ot)) 1653 return size_in_bits(nt) >= size_in_bits(ot); 1654 1655 if (nt == PTR && ot == PTR) { 1656 if (!ntp->t_subt->t_const && otp->t_subt->t_const) 1657 return false; 1658 if (!ntp->t_subt->t_volatile && otp->t_subt->t_volatile) 1659 return false; 1660 1661 if (ntp->t_subt->t_tspec == VOID || 1662 otp->t_subt->t_tspec == VOID || 1663 types_compatible(ntp->t_subt, otp->t_subt, 1664 false, false, NULL)) 1665 return true; 1666 } 1667 1668 return false; 1669 } 1670 1671 static bool 1672 is_assignment(op_t op) 1673 { 1674 1675 return op == ASSIGN || 1676 op == MULASS || 1677 op == DIVASS || 1678 op == MODASS || 1679 op == ADDASS || 1680 op == SUBASS || 1681 op == SHLASS || 1682 op == SHRASS || 1683 op == ANDASS || 1684 op == XORASS || 1685 op == ORASS || 1686 op == RETURN || 1687 op == INIT; 1688 } 1689 1690 static tnode_t * 1691 build_assignment(op_t op, bool sys, tnode_t *ln, tnode_t *rn) 1692 { 1693 1694 tspec_t lt = ln->tn_type->t_tspec; 1695 tspec_t rt = rn->tn_type->t_tspec; 1696 1697 if (is_assignment(rn->tn_op)) 1698 /* chained assignment with '%s' and '%s' */ 1699 query_message(10, op_name(op), op_name(rn->tn_op)); 1700 1701 if ((op == ADDASS || op == SUBASS) && lt == PTR) { 1702 lint_assert(is_integer(rt)); 1703 tnode_t *ctn = subt_size_in_bytes(ln->tn_type); 1704 if (rn->tn_type->t_tspec != ctn->tn_type->t_tspec) 1705 rn = convert(NOOP, 0, ctn->tn_type, rn); 1706 rn = build_op(MULT, sys, rn->tn_type, rn, ctn); 1707 if (rn->u.ops.left->tn_op == CON) 1708 rn = fold_constant_integer(rn); 1709 } 1710 1711 if ((op == ASSIGN || op == RETURN || op == INIT) && 1712 (lt == STRUCT || rt == STRUCT)) { 1713 lint_assert(lt == rt); 1714 lint_assert(ln->tn_type->u.sou == rn->tn_type->u.sou); 1715 if (is_incomplete(ln->tn_type)) { 1716 if (op == RETURN) 1717 /* cannot return incomplete type */ 1718 error(212); 1719 else 1720 /* unknown operand size, op '%s' */ 1721 error(138, op_name(op)); 1722 return NULL; 1723 } 1724 } 1725 1726 if (op == SHLASS && hflag && allow_trad && allow_c90 1727 && portable_rank_cmp(lt, rt) < 0) 1728 /* '%s' %s '%s' differs between traditional C and C90 */ 1729 warning(118, tspec_name(lt), "<<=", tspec_name(rt)); 1730 1731 if (op != SHLASS && op != SHRASS 1732 && (op == ASSIGN || lt != PTR) 1733 && (lt != rt || (ln->tn_type->t_bitfield && rn->tn_op == CON))) { 1734 rn = convert(op, 0, ln->tn_type, rn); 1735 rt = lt; 1736 } 1737 1738 if (lt == PTR && ln->tn_type->t_subt->t_tspec != VOID 1739 && rt == PTR && rn->tn_type->t_subt->t_tspec == VOID 1740 && !is_null_pointer(rn)) 1741 /* implicit narrowing conversion from void ... */ 1742 query_message(20, type_name(ln->tn_type)); 1743 1744 if (any_query_enabled && rn->tn_op == CVT && rn->tn_cast && 1745 types_compatible(ln->tn_type, rn->tn_type, false, false, NULL) && 1746 is_cast_redundant(rn)) { 1747 /* redundant cast from '%s' to '%s' before assignment */ 1748 query_message(7, expr_type_name(rn->u.ops.left), 1749 type_name(rn->tn_type)); 1750 } 1751 1752 return build_op(op, sys, ln->tn_type, ln, rn); 1753 } 1754 1755 static tnode_t * 1756 build_real_imag(op_t op, bool sys, tnode_t *ln) 1757 { 1758 1759 lint_assert(ln != NULL); 1760 if (ln->tn_op == NAME) { 1761 /* 1762 * This may be too much, but it avoids wrong warnings. See 1763 * d_c99_complex_split.c. 1764 */ 1765 mark_as_used(ln->u.sym, false, false); 1766 mark_as_set(ln->u.sym); 1767 } 1768 1769 tspec_t t; 1770 switch (ln->tn_type->t_tspec) { 1771 case LCOMPLEX: 1772 t = LDOUBLE; 1773 break; 1774 case DCOMPLEX: 1775 t = DOUBLE; 1776 break; 1777 case FCOMPLEX: 1778 t = FLOAT; 1779 break; 1780 default: 1781 /* '__%s__' is invalid for type '%s' */ 1782 error(276, op == REAL ? "real" : "imag", 1783 type_name(ln->tn_type)); 1784 return NULL; 1785 } 1786 1787 tnode_t *ntn = build_op(op, sys, gettyp(t), ln, NULL); 1788 ntn->tn_lvalue = true; 1789 return ntn; 1790 } 1791 1792 static bool 1793 is_confusing_precedence(op_t op, const tnode_t *operand, op_t *cop) 1794 { 1795 if (operand->tn_parenthesized) 1796 return false; 1797 op_t oop = operand->tn_op; 1798 1799 if (op == SHL || op == SHR) { 1800 if (oop == PLUS || oop == MINUS) 1801 return *cop = oop, true; 1802 return false; 1803 } 1804 1805 if (op == LOGOR) { 1806 if (oop == LOGAND) 1807 return *cop = oop, true; 1808 return false; 1809 } 1810 1811 lint_assert(op == BITAND || op == BITXOR || op == BITOR); 1812 if (oop != op 1813 && (oop == PLUS || oop == MINUS || oop == BITAND || oop == BITXOR)) 1814 return *cop = oop, true; 1815 return false; 1816 } 1817 1818 /* 1819 * Print a warning if the given node has operands which should be 1820 * parenthesized. 1821 * 1822 * XXX Does not work if an operand is a constant expression. Constant 1823 * expressions are already folded. 1824 */ 1825 static void 1826 check_precedence_confusion(tnode_t *tn) 1827 { 1828 tnode_t *ln, *rn; 1829 1830 if (!hflag) 1831 return; 1832 1833 debug_node(tn); 1834 1835 lint_assert(is_binary(tn)); 1836 for (ln = tn->u.ops.left; ln->tn_op == CVT; ln = ln->u.ops.left) 1837 continue; 1838 for (rn = tn->u.ops.right; rn->tn_op == CVT; rn = rn->u.ops.left) 1839 continue; 1840 1841 op_t cop; 1842 if (is_confusing_precedence(tn->tn_op, ln, &cop) || 1843 is_confusing_precedence(tn->tn_op, rn, &cop)) { 1844 /* possible precedence confusion between '%s' and '%s' */ 1845 warning(169, op_name(tn->tn_op), op_name(cop)); 1846 } 1847 } 1848 1849 static tnode_t * 1850 fold_constant_compare_zero(tnode_t *tn) 1851 { 1852 1853 val_t *v = xcalloc(1, sizeof(*v)); 1854 v->v_tspec = tn->tn_type->t_tspec; 1855 lint_assert(v->v_tspec == INT || (Tflag && v->v_tspec == BOOL)); 1856 1857 lint_assert(has_operands(tn)); 1858 bool l = constant_is_nonzero(tn->u.ops.left); 1859 bool r = is_binary(tn) && constant_is_nonzero(tn->u.ops.right); 1860 1861 switch (tn->tn_op) { 1862 case NOT: 1863 v->u.integer = !l ? 1 : 0; 1864 break; 1865 case LOGAND: 1866 v->u.integer = l && r ? 1 : 0; 1867 break; 1868 case LOGOR: 1869 v->u.integer = l || r ? 1 : 0; 1870 break; 1871 default: 1872 lint_assert(false); 1873 } 1874 1875 return build_constant(tn->tn_type, v); 1876 } 1877 1878 static long double 1879 floating_error_value(tspec_t t, long double lv) 1880 { 1881 if (t == FLOAT) 1882 return lv < 0 ? -FLT_MAX : FLT_MAX; 1883 if (t == DOUBLE) 1884 return lv < 0 ? -DBL_MAX : DBL_MAX; 1885 /* 1886 * When NetBSD is cross-built in MKLINT=yes mode on x86_64 for sparc64, 1887 * tools/lint checks this code while building usr.bin/xlint. In that 1888 * situation, lint uses the preprocessor for sparc64, in which the type 1889 * 'long double' is IEEE-754-binary128, affecting the macro LDBL_MAX 1890 * below. The type 'long double', as well as the strtold 1891 * implementation, comes from the host platform x86_64 though, where 1892 * 'long double' consumes 128 bits as well but only uses 80 of them. 1893 * The exponent range of the two 'long double' types is the same, but 1894 * the maximum finite value differs due to the extended precision on 1895 * sparc64. 1896 * 1897 * To properly handle the data types of the target platform, lint would 1898 * have to implement the floating-point types in a platform-independent 1899 * way, which is not worth the effort, given how few programs 1900 * practically use 'long double'. 1901 */ 1902 /* LINTED 248: floating-point constant out of range */ 1903 long double max = LDBL_MAX; 1904 return lv < 0 ? -max : max; 1905 } 1906 1907 static bool 1908 is_floating_overflow(tspec_t t, long double val) 1909 { 1910 if (fpe != 0 || isfinite(val) == 0) 1911 return true; 1912 if (t == FLOAT && (val > FLT_MAX || val < -FLT_MAX)) 1913 return true; 1914 if (t == DOUBLE && (val > DBL_MAX || val < -DBL_MAX)) 1915 return true; 1916 return false; 1917 } 1918 1919 static tnode_t * 1920 fold_constant_floating(tnode_t *tn) 1921 { 1922 1923 fpe = 0; 1924 1925 tspec_t t = tn->tn_type->t_tspec; 1926 1927 val_t *v = xcalloc(1, sizeof(*v)); 1928 v->v_tspec = t; 1929 1930 lint_assert(is_floating(t)); 1931 lint_assert(has_operands(tn)); 1932 lint_assert(t == tn->u.ops.left->tn_type->t_tspec); 1933 lint_assert(!is_binary(tn) || t == tn->u.ops.right->tn_type->t_tspec); 1934 1935 long double lv = tn->u.ops.left->u.value.u.floating; 1936 long double rv = is_binary(tn) ? tn->u.ops.right->u.value.u.floating 1937 : 0.0; 1938 1939 switch (tn->tn_op) { 1940 case UPLUS: 1941 v->u.floating = lv; 1942 break; 1943 case UMINUS: 1944 v->u.floating = -lv; 1945 break; 1946 case MULT: 1947 v->u.floating = lv * rv; 1948 break; 1949 case DIV: 1950 if (rv == 0.0) { 1951 /* division by 0 */ 1952 error(139); 1953 v->u.floating = floating_error_value(t, lv); 1954 } else { 1955 v->u.floating = lv / rv; 1956 } 1957 break; 1958 case PLUS: 1959 v->u.floating = lv + rv; 1960 break; 1961 case MINUS: 1962 v->u.floating = lv - rv; 1963 break; 1964 case LT: 1965 v->u.integer = lv < rv ? 1 : 0; 1966 break; 1967 case LE: 1968 v->u.integer = lv <= rv ? 1 : 0; 1969 break; 1970 case GE: 1971 v->u.integer = lv >= rv ? 1 : 0; 1972 break; 1973 case GT: 1974 v->u.integer = lv > rv ? 1 : 0; 1975 break; 1976 case EQ: 1977 v->u.integer = lv == rv ? 1 : 0; 1978 break; 1979 case NE: 1980 v->u.integer = lv != rv ? 1 : 0; 1981 break; 1982 default: 1983 lint_assert(false); 1984 } 1985 1986 // XXX: Must not access u.floating after setting u.integer. 1987 lint_assert(fpe != 0 || isnan(v->u.floating) == 0); 1988 if (is_complex(v->v_tspec)) { 1989 /* 1990 * Don't warn, as lint doesn't model the imaginary part of 1991 * complex numbers. 1992 */ 1993 fpe = 0; 1994 } else if (is_floating_overflow(t, v->u.floating)) { 1995 /* operator '%s' produces floating point overflow */ 1996 warning(142, op_name(tn->tn_op)); 1997 v->u.floating = floating_error_value(t, v->u.floating); 1998 fpe = 0; 1999 } 2000 2001 return build_constant(tn->tn_type, v); 2002 } 2003 2004 static void 2005 use(const tnode_t *tn) 2006 { 2007 if (tn == NULL) 2008 return; 2009 switch (tn->tn_op) { 2010 case NAME: 2011 mark_as_used(tn->u.sym, false /* XXX */, false /* XXX */); 2012 break; 2013 case CON: 2014 case STRING: 2015 break; 2016 case CALL:; 2017 const function_call *call = tn->u.call; 2018 for (size_t i = 0, n = call->args_len; i < n; i++) 2019 use(call->args[i]); 2020 break; 2021 default: 2022 lint_assert(has_operands(tn)); 2023 use(tn->u.ops.left); 2024 if (is_binary(tn)) 2025 use(tn->u.ops.right); 2026 } 2027 } 2028 2029 /* 2030 * Create a tree node for a binary operator and its two operands. Also called 2031 * for unary operators; in that case rn is NULL. 2032 * 2033 * Function calls, sizeof and casts are handled elsewhere. 2034 */ 2035 tnode_t * 2036 build_binary(tnode_t *ln, op_t op, bool sys, tnode_t *rn) 2037 { 2038 const mod_t *mp = &modtab[op]; 2039 2040 /* If there was an error in one of the operands, return. */ 2041 if (ln == NULL || (mp->m_binary && rn == NULL)) 2042 return NULL; 2043 2044 if (mp->m_value_context || mp->m_compares_with_zero) 2045 ln = cconv(ln); 2046 if (mp->m_binary && op != ARROW && op != POINT) 2047 rn = cconv(rn); 2048 2049 if (mp->m_comparison) 2050 check_integer_comparison(op, ln, rn); 2051 2052 if (mp->m_value_context || mp->m_compares_with_zero) 2053 ln = promote(op, false, ln); 2054 if (mp->m_binary && op != ARROW && op != POINT && 2055 op != ASSIGN && op != RETURN && op != INIT) 2056 rn = promote(op, false, rn); 2057 2058 if (mp->m_warn_if_left_unsigned_in_c90 && 2059 ln->tn_op == CON && ln->u.value.v_unsigned_since_c90) { 2060 /* C90 treats constant as unsigned, op '%s' */ 2061 warning(218, op_name(op)); 2062 ln->u.value.v_unsigned_since_c90 = false; 2063 } 2064 if (mp->m_warn_if_right_unsigned_in_c90 && 2065 rn->tn_op == CON && rn->u.value.v_unsigned_since_c90) { 2066 /* C90 treats constant as unsigned, op '%s' */ 2067 warning(218, op_name(op)); 2068 rn->u.value.v_unsigned_since_c90 = false; 2069 } 2070 2071 if (mp->m_balance_operands || (!allow_c90 && (op == SHL || op == SHR))) 2072 balance(op, &ln, &rn); 2073 2074 if (!typeok(op, NULL, 0, ln, rn)) 2075 return NULL; 2076 2077 tnode_t *ntn; 2078 switch (op) { 2079 case POINT: 2080 case ARROW: 2081 ntn = build_struct_access(op, sys, ln, rn); 2082 break; 2083 case INCAFT: 2084 case DECAFT: 2085 case INCBEF: 2086 case DECBEF: 2087 ntn = build_prepost_incdec(op, sys, ln); 2088 break; 2089 case ADDR: 2090 ntn = build_address(sys, ln); 2091 break; 2092 case INDIR: 2093 ntn = build_op(INDIR, sys, ln->tn_type->t_subt, ln, NULL); 2094 break; 2095 case PLUS: 2096 case MINUS: 2097 ntn = build_plus_minus(op, sys, ln, rn); 2098 break; 2099 case SHL: 2100 case SHR: 2101 ntn = build_bit_shift(op, sys, ln, rn); 2102 break; 2103 case COLON: 2104 ntn = build_colon(sys, ln, rn); 2105 break; 2106 case ASSIGN: 2107 case MULASS: 2108 case DIVASS: 2109 case MODASS: 2110 case ADDASS: 2111 case SUBASS: 2112 case SHLASS: 2113 case SHRASS: 2114 case ANDASS: 2115 case XORASS: 2116 case ORASS: 2117 case RETURN: 2118 case INIT: 2119 ntn = build_assignment(op, sys, ln, rn); 2120 break; 2121 case COMMA: 2122 /* comma operator with types '%s' and '%s' */ 2123 query_message(12, 2124 expr_type_name(ln), expr_type_name(rn)); 2125 /* FALLTHROUGH */ 2126 case QUEST: 2127 ntn = build_op(op, sys, rn->tn_type, ln, rn); 2128 break; 2129 case REAL: 2130 case IMAG: 2131 ntn = build_real_imag(op, sys, ln); 2132 break; 2133 default: 2134 lint_assert(mp->m_binary == (rn != NULL)); 2135 if ((op == NOT || op == LOGAND || op == LOGOR) 2136 && ln->tn_op == ASSIGN && ln->u.ops.right->tn_op == CON) { 2137 /* constant assignment of type '%s' in operand ... */ 2138 warning(382, expr_type_name(ln), op_name(op), 2139 is_nonzero_val(&ln->u.ops.right->u.value) 2140 ? "true" : "false"); 2141 } 2142 if ((op == LOGAND || op == LOGOR) 2143 && rn->tn_op == ASSIGN && rn->u.ops.right->tn_op == CON) { 2144 /* constant assignment of type '%s' in operand ... */ 2145 warning(382, expr_type_name(rn), op_name(op), 2146 is_nonzero_val(&rn->u.ops.right->u.value) 2147 ? "true" : "false"); 2148 } 2149 type_t *rettp = mp->m_returns_bool 2150 ? gettyp(Tflag ? BOOL : INT) : ln->tn_type; 2151 ntn = build_op(op, sys, rettp, ln, rn); 2152 break; 2153 } 2154 2155 if (ntn == NULL) 2156 return NULL; 2157 2158 if (mp->m_possible_precedence_confusion) 2159 check_precedence_confusion(ntn); 2160 2161 if (mp->m_fold_constant_operands && ln->tn_op == CON) { 2162 if (!mp->m_binary || rn->tn_op == CON) { 2163 if (mp->m_compares_with_zero) 2164 ntn = fold_constant_compare_zero(ntn); 2165 else if (is_floating(ntn->tn_type->t_tspec)) 2166 ntn = fold_constant_floating(ntn); 2167 else 2168 ntn = fold_constant_integer(ntn); 2169 } else if (op == QUEST) { 2170 lint_assert(has_operands(rn)); 2171 use(ln->u.value.u.integer != 0 2172 ? rn->u.ops.right : rn->u.ops.left); 2173 ntn = ln->u.value.u.integer != 0 2174 ? rn->u.ops.left : rn->u.ops.right; 2175 } 2176 } 2177 2178 return ntn; 2179 } 2180 2181 tnode_t * 2182 build_unary(op_t op, bool sys, tnode_t *tn) 2183 { 2184 return build_binary(tn, op, sys, NULL); 2185 } 2186 2187 static bool 2188 are_members_compatible(const sym_t *a, const sym_t *b) 2189 { 2190 if (a->u.s_member.sm_offset_in_bits != b->u.s_member.sm_offset_in_bits) 2191 return false; 2192 2193 const type_t *atp = a->s_type; 2194 const type_t *btp = b->s_type; 2195 bool w = false; 2196 if (!types_compatible(atp, btp, false, false, &w) && !w) 2197 return false; 2198 if (a->s_bitfield != b->s_bitfield) 2199 return false; 2200 if (a->s_bitfield) { 2201 if (atp->t_bit_field_width != btp->t_bit_field_width) 2202 return false; 2203 if (atp->t_bit_field_offset != btp->t_bit_field_offset) 2204 return false; 2205 } 2206 return true; 2207 } 2208 2209 /* 2210 * Return whether all struct/union members with the same name have the same 2211 * type and offset. 2212 */ 2213 static bool 2214 all_members_compatible(const sym_t *msym) 2215 { 2216 for (const sym_t *csym = msym; 2217 csym != NULL; csym = csym->s_symtab_next) { 2218 if (!is_member(csym)) 2219 continue; 2220 if (strcmp(msym->s_name, csym->s_name) != 0) 2221 continue; 2222 2223 for (const sym_t *sym = csym->s_symtab_next; 2224 sym != NULL; sym = sym->s_symtab_next) { 2225 if (is_member(sym) 2226 && strcmp(csym->s_name, sym->s_name) == 0 2227 && !are_members_compatible(csym, sym)) 2228 return false; 2229 } 2230 } 2231 return true; 2232 } 2233 2234 sym_t * 2235 find_member(const struct_or_union *sou, const char *name) 2236 { 2237 for (sym_t *mem = sou->sou_first_member; 2238 mem != NULL; mem = mem->s_next) { 2239 lint_assert(is_member(mem)); 2240 lint_assert(mem->u.s_member.sm_containing_type == sou); 2241 if (strcmp(mem->s_name, name) == 0) 2242 return mem; 2243 } 2244 2245 for (sym_t *mem = sou->sou_first_member; 2246 mem != NULL; mem = mem->s_next) { 2247 if (is_struct_or_union(mem->s_type->t_tspec) 2248 && mem->s_name == unnamed) { 2249 sym_t *nested_mem = 2250 find_member(mem->s_type->u.sou, name); 2251 if (nested_mem != NULL) 2252 return nested_mem; 2253 } 2254 } 2255 return NULL; 2256 } 2257 2258 /* 2259 * Remove the member if it was unknown until now, which means 2260 * that no defined struct or union has a member with the same name. 2261 */ 2262 static void 2263 remove_unknown_member(tnode_t *tn, sym_t *msym) 2264 { 2265 /* type '%s' does not have member '%s' */ 2266 error(101, type_name(tn->tn_type), msym->s_name); 2267 symtab_remove_forever(msym); 2268 msym->s_kind = SK_MEMBER; 2269 msym->s_scl = STRUCT_MEMBER; 2270 2271 struct_or_union *sou = expr_zero_alloc(sizeof(*sou), 2272 "struct_or_union"); 2273 sou->sou_tag = expr_zero_alloc(sizeof(*sou->sou_tag), "sym"); 2274 sou->sou_tag->s_name = unnamed; 2275 2276 msym->u.s_member.sm_containing_type = sou; 2277 /* 2278 * The member sm_offset_in_bits is not needed here since this symbol 2279 * can only be used for error reporting. 2280 */ 2281 } 2282 2283 /* 2284 * Returns a symbol which has the same name as 'msym' and is a member of the 2285 * struct or union specified by 'tn'. 2286 */ 2287 static sym_t * 2288 struct_or_union_member(tnode_t *tn, op_t op, sym_t *msym) 2289 { 2290 2291 /* Determine the tag type of which msym is expected to be a member. */ 2292 const type_t *tp = NULL; 2293 if (op == POINT && is_struct_or_union(tn->tn_type->t_tspec)) 2294 tp = tn->tn_type; 2295 if (op == ARROW && tn->tn_type->t_tspec == PTR 2296 && is_struct_or_union(tn->tn_type->t_subt->t_tspec)) 2297 tp = tn->tn_type->t_subt; 2298 struct_or_union *sou = tp != NULL ? tp->u.sou : NULL; 2299 2300 if (sou != NULL) { 2301 sym_t *nested_mem = find_member(sou, msym->s_name); 2302 if (nested_mem != NULL) 2303 return nested_mem; 2304 } 2305 2306 if (msym->s_scl == NO_SCL) { 2307 remove_unknown_member(tn, msym); 2308 return msym; 2309 } 2310 2311 bool eq = all_members_compatible(msym); 2312 2313 /* 2314 * Now handle the case in which the left operand refers really to a 2315 * struct/union, but the right operand is not member of it. 2316 */ 2317 if (sou != NULL) { 2318 if (eq && !allow_c90) 2319 /* invalid use of member '%s' */ 2320 warning(102, msym->s_name); 2321 else 2322 /* invalid use of member '%s' */ 2323 error(102, msym->s_name); 2324 return msym; 2325 } 2326 2327 if (eq) { 2328 if (op == POINT) { 2329 if (!allow_c90) 2330 /* left operand of '.' must be struct ... */ 2331 warning(103, expr_type_name(tn)); 2332 else 2333 /* left operand of '.' must be struct ... */ 2334 error(103, expr_type_name(tn)); 2335 } else { 2336 if (!allow_c90 && tn->tn_type->t_tspec == PTR) 2337 /* left operand of '->' must be pointer ... */ 2338 warning(104, expr_type_name(tn)); 2339 else 2340 /* left operand of '->' must be pointer ... */ 2341 error(104, expr_type_name(tn)); 2342 } 2343 } else { 2344 if (!allow_c90) 2345 /* non-unique member requires struct/union %s */ 2346 error(105, op == POINT ? "object" : "pointer"); 2347 else 2348 /* unacceptable operand of '%s' */ 2349 error(111, op_name(op)); 2350 } 2351 2352 return msym; 2353 } 2354 2355 tnode_t * 2356 build_member_access(tnode_t *ln, op_t op, bool sys, sbuf_t *member) 2357 { 2358 sym_t *msym; 2359 2360 if (ln == NULL) 2361 return NULL; 2362 2363 if (op == ARROW) 2364 /* must do this before struct_or_union_member is called */ 2365 ln = cconv(ln); 2366 msym = struct_or_union_member(ln, op, getsym(member)); 2367 return build_binary(ln, op, sys, build_name(msym, false)); 2368 } 2369 2370 /* 2371 * Perform class conversions. 2372 * 2373 * Arrays of type T are converted into pointers to type T. 2374 * Functions are converted to pointers to functions. 2375 * Lvalues are converted to rvalues. 2376 * 2377 * C99 6.3 "Conversions" 2378 * C99 6.3.2 "Other operands" 2379 * C99 6.3.2.1 "Lvalues, arrays, and function designators" 2380 */ 2381 tnode_t * 2382 cconv(tnode_t *tn) 2383 { 2384 if (tn->tn_type->t_tspec == ARRAY) { 2385 if (!tn->tn_lvalue) { 2386 /* XXX print correct operator */ 2387 /* %soperand of '%s' must be lvalue */ 2388 gnuism(114, "", op_name(ADDR)); 2389 } 2390 tn = build_op(ADDR, tn->tn_sys, 2391 expr_derive_type(tn->tn_type->t_subt, PTR), tn, NULL); 2392 } 2393 2394 if (tn->tn_type->t_tspec == FUNC) 2395 tn = build_address(tn->tn_sys, tn); 2396 2397 if (tn->tn_lvalue) { 2398 type_t *tp = expr_dup_type(tn->tn_type); 2399 /* C99 6.3.2.1p2 sentence 2 says to remove the qualifiers. */ 2400 tp->t_const = tp->t_volatile = false; 2401 tn = build_op(LOAD, tn->tn_sys, tp, tn, NULL); 2402 } 2403 2404 return tn; 2405 } 2406 2407 const tnode_t * 2408 before_conversion(const tnode_t *tn) 2409 { 2410 while (tn->tn_op == CVT && !tn->tn_cast) 2411 tn = tn->u.ops.left; 2412 return tn; 2413 } 2414 2415 /* 2416 * Most errors required by C90 are reported in struct_or_union_member(). 2417 * Here we only check for totally wrong things. 2418 */ 2419 static bool 2420 typeok_point(const tnode_t *ln, const type_t *ltp, tspec_t lt) 2421 { 2422 if (is_struct_or_union(lt)) 2423 return true; 2424 2425 if (lt == FUNC || lt == VOID || ltp->t_bitfield) 2426 goto wrong; 2427 2428 /* 2429 * Some C dialects from before C90 tolerated any lvalue on the 2430 * left-hand side of the '.' operator, allowing things like 'char 2431 * st[100]; st.st_mtime', assuming that the member 'st_mtime' only 2432 * occurred in a single struct; see typeok_arrow. 2433 */ 2434 if (ln->tn_lvalue) 2435 return true; 2436 2437 wrong: 2438 /* With allow_c90 we already got an error */ 2439 if (!allow_c90) 2440 /* unacceptable operand of '%s' */ 2441 error(111, op_name(POINT)); 2442 2443 return false; 2444 } 2445 2446 static bool 2447 typeok_arrow(tspec_t lt) 2448 { 2449 /* 2450 * C1978 Appendix A 14.1 says: <quote>In fact, any lvalue is allowed 2451 * before '.', and that lvalue is then assumed to have the form of the 2452 * structure of which the name of the right is a member. [...] Such 2453 * constructions are non-portable.</quote> 2454 */ 2455 if (lt == PTR || (!allow_c90 && is_integer(lt))) 2456 return true; 2457 2458 /* With allow_c90 we already got an error */ 2459 if (!allow_c90) 2460 /* unacceptable operand of '%s' */ 2461 error(111, op_name(ARROW)); 2462 return false; 2463 } 2464 2465 static bool 2466 typeok_incdec(op_t op, const tnode_t *tn, const type_t *tp) 2467 { 2468 /* operand has scalar type (checked in typeok) */ 2469 if (!tn->tn_lvalue) { 2470 if (tn->tn_op == CVT && tn->tn_cast && 2471 tn->u.ops.left->tn_op == LOAD) 2472 /* a cast does not yield an lvalue */ 2473 error(163); 2474 /* %soperand of '%s' must be lvalue */ 2475 error(114, "", op_name(op)); 2476 return false; 2477 } 2478 if (tp->t_const && allow_c90) 2479 /* %soperand of '%s' must be modifiable lvalue */ 2480 warning(115, "", op_name(op)); 2481 return true; 2482 } 2483 2484 static bool 2485 typeok_address(op_t op, const tnode_t *tn, const type_t *tp, tspec_t t) 2486 { 2487 if (t == ARRAY || t == FUNC) { 2488 /* ok, a warning comes later (in build_address()) */ 2489 } else if (!tn->tn_lvalue) { 2490 if (tn->tn_op == CVT && tn->tn_cast && 2491 tn->u.ops.left->tn_op == LOAD) 2492 /* a cast does not yield an lvalue */ 2493 error(163); 2494 /* %soperand of '%s' must be lvalue */ 2495 error(114, "", op_name(op)); 2496 return false; 2497 } else if (is_scalar(t)) { 2498 if (tp->t_bitfield) { 2499 /* cannot take address of bit-field */ 2500 error(112); 2501 return false; 2502 } 2503 } else if (t != STRUCT && t != UNION) { 2504 /* unacceptable operand of '%s' */ 2505 error(111, op_name(op)); 2506 return false; 2507 } 2508 if (tn->tn_op == NAME && tn->u.sym->s_register) { 2509 /* cannot take address of register '%s' */ 2510 error(113, tn->u.sym->s_name); 2511 return false; 2512 } 2513 return true; 2514 } 2515 2516 static bool 2517 typeok_indir(const type_t *tp, tspec_t t) 2518 { 2519 2520 if (t != PTR) { 2521 /* cannot dereference non-pointer type '%s' */ 2522 error(96, type_name(tp)); 2523 return false; 2524 } 2525 return true; 2526 } 2527 2528 static void 2529 warn_incompatible_types(op_t op, 2530 const type_t *ltp, tspec_t lt, 2531 const type_t *rtp, tspec_t rt) 2532 { 2533 bool binary = modtab[op].m_binary; 2534 2535 if (lt == VOID || (binary && rt == VOID)) { 2536 /* void type invalid in expression */ 2537 error(109); 2538 } else if (op == ASSIGN) 2539 /* cannot assign to '%s' from '%s' */ 2540 error(171, type_name(ltp), type_name(rtp)); 2541 else if (binary) 2542 /* operands of '%s' have incompatible types '%s' and '%s' */ 2543 error(107, op_name(op), type_name(ltp), type_name(rtp)); 2544 else { 2545 lint_assert(rt == NO_TSPEC); 2546 /* operand of '%s' has invalid type '%s' */ 2547 error(108, op_name(op), type_name(ltp)); 2548 } 2549 } 2550 2551 static bool 2552 typeok_plus(op_t op, 2553 const type_t *ltp, tspec_t lt, 2554 const type_t *rtp, tspec_t rt) 2555 { 2556 /* operands have scalar types (checked in typeok) */ 2557 if ((lt == PTR && !is_integer(rt)) || (rt == PTR && !is_integer(lt))) { 2558 warn_incompatible_types(op, ltp, lt, rtp, rt); 2559 return false; 2560 } 2561 return true; 2562 } 2563 2564 static bool 2565 typeok_minus(op_t op, 2566 const type_t *ltp, tspec_t lt, 2567 const type_t *rtp, tspec_t rt) 2568 { 2569 /* operands have scalar types (checked in typeok) */ 2570 if ((lt == PTR && rt != PTR && !is_integer(rt)) || 2571 (lt != PTR && rt == PTR)) { 2572 warn_incompatible_types(op, ltp, lt, rtp, rt); 2573 return false; 2574 } 2575 if (lt == PTR && rt == PTR && 2576 !types_compatible(ltp->t_subt, rtp->t_subt, true, false, NULL)) { 2577 /* invalid pointer subtraction */ 2578 error(116); 2579 } 2580 return true; 2581 } 2582 2583 static void 2584 typeok_shr(const tnode_t *ln, tspec_t lt, 2585 const tnode_t *rn, tspec_t rt) 2586 { 2587 tspec_t olt = before_conversion(ln)->tn_type->t_tspec; 2588 tspec_t ort = before_conversion(rn)->tn_type->t_tspec; 2589 2590 if (is_uinteger(olt)) 2591 return; 2592 2593 if (pflag) { 2594 integer_constraints lc = ic_expr(ln); 2595 if (lc.bclr >> 63 != 0) 2596 return; 2597 2598 if (ln->tn_op != CON) 2599 /* bitwise '%s' on signed '%s' possibly nonportable */ 2600 warning(117, ">>", expr_type_name(ln)); 2601 else if (ln->u.value.u.integer < 0) 2602 /* bitwise '%s' on signed '%s' nonportable */ 2603 warning(120, ">>", expr_type_name(ln)); 2604 return; 2605 } 2606 2607 /* The left operand would become unsigned in traditional C. */ 2608 if (allow_trad && allow_c90 && hflag && is_uinteger(ort) 2609 && !(ln->tn_op == CON && ln->u.value.u.integer >= 0)) 2610 /* '%s' %s '%s' differs between traditional C and C90 */ 2611 warning(118, tspec_name(lt), ">>", tspec_name(rt)); 2612 2613 /* 2614 * In traditional C, the left operand would be extended 2615 * (possibly sign-extended) and then shifted. 2616 */ 2617 if (allow_trad && allow_c90 && hflag && !is_uinteger(ort) 2618 && portable_rank_cmp(lt, rt) < 0 2619 && !(ln->tn_op == CON && ln->u.value.u.integer >= 0)) 2620 /* '%s' %s '%s' differs between traditional C and C90 */ 2621 warning(118, tspec_name(lt), ">>", tspec_name(rt)); 2622 } 2623 2624 // C90 does not mention signed shift-left. Later standards mention that case 2625 // but leave open whether 'uint8_t << 24' is supposed to have an unsigned or a 2626 // signed result type. It depends on whether E1 is interpreted to be the left 2627 // operand's type before or after integral promotions. 2628 static void 2629 typeok_shl_signed_to_msb(const tnode_t *ln, const tnode_t *rn) 2630 { 2631 integer_constraints lc = ic_expr(ln); 2632 int64_t n; 2633 unsigned lw = width_in_bits(ln->tn_type); 2634 if (!is_uinteger(ln->tn_type->t_tspec) 2635 && ln->tn_op != CON 2636 && ((lc.smin == 0 && lc.smax != 0 && lc.smax != INT64_MAX 2637 && (lc.smax & (lc.smax + 1)) == 0) 2638 || (lc.smin != INT64_MAX && lc.smax != INT64_MIN 2639 && lc.smin + 1 == -lc.smax)) 2640 && rn->tn_op == CON 2641 && (n = rn->u.value.u.integer, 1 <= n && n <= lw) 2642 && u64_width((uint64_t)lc.smax - (uint64_t)lc.smin) + n == lw) 2643 /* bitwise '%s' on signed '%s' possibly nonportable */ 2644 warning(117, "<<", expr_type_name(ln)); 2645 } 2646 2647 static void 2648 typeok_shl(const tnode_t *ln, tspec_t lt, const tnode_t *rn, tspec_t rt) 2649 { 2650 /* 2651 * Traditional C performs the usual arithmetic conversions on the 2652 * operands, C90 and later don't. 2653 */ 2654 if (hflag && allow_trad && allow_c90 && portable_rank_cmp(lt, rt) < 0) 2655 /* '%s' %s '%s' differs between traditional C and C90 */ 2656 warning(118, tspec_name(lt), "<<", tspec_name(rt)); 2657 2658 typeok_shl_signed_to_msb(ln, rn); 2659 } 2660 2661 static void 2662 typeok_shift(const tnode_t *ln, tspec_t lt, const tnode_t *rn, tspec_t rt) 2663 { 2664 if (rn->tn_op != CON) 2665 return; 2666 2667 if (!is_uinteger(rt) && rn->u.value.u.integer < 0) 2668 /* negative shift */ 2669 warning(121); 2670 else if ((uint64_t)rn->u.value.u.integer == size_in_bits(lt)) 2671 /* shift amount %u equals bit-size of '%s' */ 2672 warning(267, 2673 (unsigned)rn->u.value.u.integer, expr_type_name(ln)); 2674 else if ((uint64_t)rn->u.value.u.integer > size_in_bits(lt)) { 2675 /* shift amount %llu is greater than bit-size %llu of '%s' */ 2676 warning(122, (unsigned long long)rn->u.value.u.integer, 2677 (unsigned long long)size_in_bits(lt), 2678 expr_type_name(ln)); 2679 } 2680 } 2681 2682 static bool 2683 is_typeok_eq(const tnode_t *ln, tspec_t lt, const tnode_t *rn, tspec_t rt) 2684 { 2685 if (lt == PTR && is_null_pointer(rn)) 2686 return true; 2687 if (rt == PTR && is_null_pointer(ln)) 2688 return true; 2689 return false; 2690 } 2691 2692 static void 2693 warn_incompatible_pointers(op_t op, const type_t *ltp, const type_t *rtp) 2694 { 2695 lint_assert(ltp->t_tspec == PTR); 2696 lint_assert(rtp->t_tspec == PTR); 2697 2698 tspec_t lt = ltp->t_subt->t_tspec; 2699 tspec_t rt = rtp->t_subt->t_tspec; 2700 2701 if (is_struct_or_union(lt) && is_struct_or_union(rt)) { 2702 if (op == RETURN) 2703 /* invalid structure pointer combination */ 2704 warning(244); 2705 else { 2706 /* incompatible structure pointers: '%s' '%s' '%s' */ 2707 warning(245, type_name(ltp), 2708 op_name(op), type_name(rtp)); 2709 } 2710 } else { 2711 if (op == RETURN) 2712 /* invalid combination of '%s' and '%s' */ 2713 warning(184, type_name(ltp), type_name(rtp)); 2714 else { 2715 /* invalid combination of '%s' and '%s', op '%s' */ 2716 warning(124, 2717 type_name(ltp), type_name(rtp), op_name(op)); 2718 } 2719 } 2720 } 2721 2722 static void 2723 check_pointer_comparison(op_t op, const tnode_t *ln, const tnode_t *rn) 2724 { 2725 type_t *ltp = ln->tn_type, *rtp = rn->tn_type; 2726 tspec_t lst = ltp->t_subt->t_tspec, rst = rtp->t_subt->t_tspec; 2727 2728 if (lst == VOID || rst == VOID) { 2729 /* TODO: C99 behaves like C90 here. */ 2730 if (!allow_trad && !allow_c99 && 2731 (lst == FUNC || rst == FUNC)) { 2732 /* (void *)0 is already handled in typeok() */ 2733 const char *lsts, *rsts; 2734 *(lst == FUNC ? &lsts : &rsts) = "function pointer"; 2735 *(lst == VOID ? &lsts : &rsts) = "'void *'"; 2736 /* C90 or later forbid comparison of %s with %s */ 2737 warning(274, lsts, rsts); 2738 } 2739 return; 2740 } 2741 2742 if (!types_compatible(ltp->t_subt, rtp->t_subt, true, false, NULL)) { 2743 warn_incompatible_pointers(op, ltp, rtp); 2744 return; 2745 } 2746 2747 if (lst == FUNC && rst == FUNC) { 2748 /* TODO: C99 behaves like C90 here, see C99 6.5.8p2. */ 2749 if (!allow_trad && !allow_c99 && op != EQ && op != NE) 2750 /* pointers to functions can only be compared ... */ 2751 warning(125); 2752 } 2753 } 2754 2755 static bool 2756 typeok_compare(op_t op, 2757 const tnode_t *ln, const type_t *ltp, tspec_t lt, 2758 const tnode_t *rn, const type_t *rtp, tspec_t rt) 2759 { 2760 if (lt == PTR && rt == PTR) { 2761 check_pointer_comparison(op, ln, rn); 2762 return true; 2763 } 2764 2765 if (lt != PTR && rt != PTR) 2766 return true; 2767 2768 if (!is_integer(lt) && !is_integer(rt)) { 2769 warn_incompatible_types(op, ltp, lt, rtp, rt); 2770 return false; 2771 } 2772 2773 const char *lx = lt == PTR ? "pointer" : "integer"; 2774 const char *rx = rt == PTR ? "pointer" : "integer"; 2775 /* invalid combination of %s '%s' and %s '%s', op '%s' */ 2776 warning(123, lx, type_name(ltp), rx, type_name(rtp), op_name(op)); 2777 return true; 2778 } 2779 2780 static bool 2781 typeok_quest(tspec_t lt, const tnode_t *rn) 2782 { 2783 if (!is_scalar(lt)) { 2784 /* first operand of '?' must have scalar type */ 2785 error(170); 2786 return false; 2787 } 2788 lint_assert(before_conversion(rn)->tn_op == COLON); 2789 return true; 2790 } 2791 2792 static void 2793 typeok_colon_pointer(const type_t *ltp, const type_t *rtp) 2794 { 2795 type_t *lstp = ltp->t_subt; 2796 type_t *rstp = rtp->t_subt; 2797 tspec_t lst = lstp->t_tspec; 2798 tspec_t rst = rstp->t_tspec; 2799 2800 if ((lst == VOID && rst == FUNC) || (lst == FUNC && rst == VOID)) { 2801 /* (void *)0 is handled in typeok_colon */ 2802 /* TODO: C99 behaves like C90 here. */ 2803 if (!allow_trad && !allow_c99) 2804 /* conversion of %s to %s requires a cast, op %s */ 2805 warning(305, "function pointer", "'void *'", 2806 op_name(COLON)); 2807 return; 2808 } 2809 2810 if (pointer_types_are_compatible(lstp, rstp, true)) 2811 return; 2812 if (!types_compatible(lstp, rstp, true, false, NULL)) 2813 warn_incompatible_pointers(COLON, ltp, rtp); 2814 } 2815 2816 static bool 2817 typeok_colon(const tnode_t *ln, const type_t *ltp, tspec_t lt, 2818 const tnode_t *rn, const type_t *rtp, tspec_t rt) 2819 { 2820 2821 if (is_arithmetic(lt) && is_arithmetic(rt)) 2822 return true; 2823 if (lt == BOOL && rt == BOOL) 2824 return true; 2825 2826 if (lt == STRUCT && rt == STRUCT && ltp->u.sou == rtp->u.sou) 2827 return true; 2828 if (lt == UNION && rt == UNION && ltp->u.sou == rtp->u.sou) 2829 return true; 2830 2831 if (lt == PTR && is_null_pointer(rn)) 2832 return true; 2833 if (rt == PTR && is_null_pointer(ln)) 2834 return true; 2835 2836 if ((lt == PTR && is_integer(rt)) || (is_integer(lt) && rt == PTR)) { 2837 const char *lx = lt == PTR ? "pointer" : "integer"; 2838 const char *rx = rt == PTR ? "pointer" : "integer"; 2839 /* invalid combination of %s '%s' and %s '%s', op '%s' */ 2840 warning(123, lx, type_name(ltp), 2841 rx, type_name(rtp), op_name(COLON)); 2842 return true; 2843 } 2844 2845 if (lt == VOID || rt == VOID) { 2846 if (lt != VOID || rt != VOID) 2847 /* incompatible types '%s' and '%s' in conditional */ 2848 warning(126, expr_type_name(ln), expr_type_name(rn)); 2849 return true; 2850 } 2851 2852 if (lt == PTR && rt == PTR) { 2853 typeok_colon_pointer(ltp, rtp); 2854 return true; 2855 } 2856 2857 /* incompatible types '%s' and '%s' in conditional */ 2858 error(126, expr_type_name(ln), expr_type_name(rn)); 2859 return false; 2860 } 2861 2862 static bool 2863 has_constant_member(const type_t *tp) 2864 { 2865 lint_assert(is_struct_or_union(tp->t_tspec)); 2866 2867 for (sym_t *m = tp->u.sou->sou_first_member; 2868 m != NULL; m = m->s_next) { 2869 const type_t *mtp = m->s_type; 2870 if (mtp->t_const) 2871 return true; 2872 if (is_struct_or_union(mtp->t_tspec) && 2873 has_constant_member(mtp)) 2874 return true; 2875 } 2876 return false; 2877 } 2878 2879 static bool 2880 typeok_assign(op_t op, const tnode_t *ln, const type_t *ltp, tspec_t lt) 2881 { 2882 if (op == RETURN || op == INIT || op == FARG) 2883 return true; 2884 2885 if (!ln->tn_lvalue) { 2886 if (ln->tn_op == CVT && ln->tn_cast && 2887 ln->u.ops.left->tn_op == LOAD) 2888 /* a cast does not yield an lvalue */ 2889 error(163); 2890 /* %soperand of '%s' must be lvalue */ 2891 error(114, "left ", op_name(op)); 2892 return false; 2893 } else if (ltp->t_const 2894 || (is_struct_or_union(lt) && has_constant_member(ltp))) { 2895 if (allow_c90) 2896 /* %soperand of '%s' must be modifiable lvalue */ 2897 warning(115, "left ", op_name(op)); 2898 } 2899 return true; 2900 } 2901 2902 static bool 2903 typeok_scalar(op_t op, const mod_t *mp, 2904 const type_t *ltp, tspec_t lt, 2905 const type_t *rtp, tspec_t rt) 2906 { 2907 if (mp->m_takes_bool && lt == BOOL && rt == BOOL) 2908 return true; 2909 if (mp->m_requires_integer) { 2910 if (!is_integer(lt) || (mp->m_binary && !is_integer(rt))) { 2911 warn_incompatible_types(op, ltp, lt, rtp, rt); 2912 return false; 2913 } 2914 } else if (mp->m_requires_integer_or_complex) { 2915 if ((!is_integer(lt) && !is_complex(lt)) || 2916 (mp->m_binary && (!is_integer(rt) && !is_complex(rt)))) { 2917 warn_incompatible_types(op, ltp, lt, rtp, rt); 2918 return false; 2919 } 2920 } else if (mp->m_requires_scalar) { 2921 if (!is_scalar(lt) || (mp->m_binary && !is_scalar(rt))) { 2922 warn_incompatible_types(op, ltp, lt, rtp, rt); 2923 return false; 2924 } 2925 } else if (mp->m_requires_arith) { 2926 if (!is_arithmetic(lt) || 2927 (mp->m_binary && !is_arithmetic(rt))) { 2928 warn_incompatible_types(op, ltp, lt, rtp, rt); 2929 return false; 2930 } 2931 } 2932 return true; 2933 } 2934 2935 static void 2936 check_assign_void_pointer(op_t op, int arg, 2937 tspec_t lt, tspec_t lst, 2938 tspec_t rt, tspec_t rst) 2939 { 2940 2941 if (!(lt == PTR && rt == PTR && (lst == VOID || rst == VOID))) 2942 return; 2943 /* two pointers, at least one pointer to void */ 2944 2945 /* TODO: C99 behaves like C90 here. */ 2946 if (!(!allow_trad && !allow_c99 && (lst == FUNC || rst == FUNC))) 2947 return; 2948 /* comb. of ptr to func and ptr to void */ 2949 2950 const char *lts, *rts; 2951 *(lst == FUNC ? <s : &rts) = "function pointer"; 2952 *(lst == VOID ? <s : &rts) = "'void *'"; 2953 2954 switch (op) { 2955 case INIT: 2956 case RETURN: 2957 /* conversion of %s to %s requires a cast */ 2958 warning(303, rts, lts); 2959 break; 2960 case FARG: 2961 /* conversion of %s to %s requires a cast, arg #%d */ 2962 warning(304, rts, lts, arg); 2963 break; 2964 default: 2965 /* conversion of %s to %s requires a cast, op %s */ 2966 warning(305, rts, lts, op_name(op)); 2967 break; 2968 } 2969 } 2970 2971 static bool 2972 is_direct_function_call(const tnode_t *tn, const char **out_name) 2973 { 2974 2975 if (tn->tn_op == CALL 2976 && tn->u.call->func->tn_op == ADDR 2977 && tn->u.call->func->u.ops.left->tn_op == NAME) { 2978 *out_name = tn->u.call->func->u.ops.left->u.sym->s_name; 2979 return true; 2980 } 2981 return false; 2982 } 2983 2984 static bool 2985 is_unconst_function(const char *name) 2986 { 2987 2988 return strcmp(name, "memchr") == 0 || 2989 strcmp(name, "strchr") == 0 || 2990 strcmp(name, "strpbrk") == 0 || 2991 strcmp(name, "strrchr") == 0 || 2992 strcmp(name, "strstr") == 0; 2993 } 2994 2995 static bool 2996 is_const_char_pointer(const tnode_t *tn) 2997 { 2998 /* 2999 * For traditional reasons, C99 6.4.5p5 defines that string literals 3000 * have type 'char[]'. They are often implicitly converted to 'char 3001 * *', for example when they are passed as function arguments. 3002 * 3003 * C99 6.4.5p6 further defines that modifying a string that is 3004 * constructed from a string literal invokes undefined behavior. 3005 * 3006 * Out of these reasons, string literals are treated as 'effectively 3007 * const' here. 3008 */ 3009 if (tn->tn_op == CVT && 3010 tn->u.ops.left->tn_op == ADDR && 3011 tn->u.ops.left->u.ops.left->tn_op == STRING) 3012 return true; 3013 3014 const type_t *tp = before_conversion(tn)->tn_type; 3015 return tp->t_tspec == PTR && 3016 tp->t_subt->t_tspec == CHAR && 3017 tp->t_subt->t_const; 3018 } 3019 3020 static bool 3021 is_const_pointer(const tnode_t *tn) 3022 { 3023 const type_t *tp = before_conversion(tn)->tn_type; 3024 return tp->t_tspec == PTR && tp->t_subt->t_const; 3025 } 3026 3027 static void 3028 check_unconst_function(const type_t *lstp, const tnode_t *rn) 3029 { 3030 const char *function_name; 3031 3032 if (lstp->t_tspec == CHAR && !lstp->t_const && 3033 is_direct_function_call(rn, &function_name) && 3034 is_unconst_function(function_name) && 3035 rn->u.call->args_len >= 1 && 3036 is_const_char_pointer(rn->u.call->args[0])) { 3037 /* call to '%s' effectively discards 'const' from argument */ 3038 warning(346, function_name); 3039 } 3040 3041 if (!lstp->t_const && 3042 is_direct_function_call(rn, &function_name) && 3043 strcmp(function_name, "bsearch") == 0 && 3044 rn->u.call->args_len >= 2 && 3045 is_const_pointer(rn->u.call->args[1])) { 3046 /* call to '%s' effectively discards 'const' from argument */ 3047 warning(346, function_name); 3048 } 3049 } 3050 3051 static bool 3052 check_assign_void_pointer_compat(op_t op, const function_call *call, int arg, 3053 tspec_t lt, 3054 const type_t *lstp, tspec_t lst, 3055 const tnode_t *rn, 3056 const type_t *rtp, tspec_t rt, 3057 const type_t *rstp, tspec_t rst) 3058 { 3059 if (!(lt == PTR && rt == PTR && (lst == VOID || rst == VOID || 3060 types_compatible(lstp, rstp, 3061 true, false, NULL)))) 3062 return false; 3063 3064 /* compatible pointer types (qualifiers ignored) */ 3065 char qualifiers[32]; 3066 snprintf(qualifiers, sizeof(qualifiers), "%s%s", 3067 !lstp->t_const && rstp->t_const ? " const" : "", 3068 !lstp->t_volatile && rstp->t_volatile ? " volatile" : ""); 3069 if (allow_c90 && qualifiers[0] != '\0') { 3070 switch (op) { 3071 case INIT: 3072 case RETURN: 3073 /* '%s' discards '%s' from '%s' */ 3074 warning(182, op_name(op), 3075 qualifiers + 1, type_name(rtp)); 3076 break; 3077 case FARG: 3078 /* passing '%s' as argument %d to '%s' discards '%s' */ 3079 warning(383, type_name(rtp), arg, 3080 function_call_descr(call), qualifiers + 1); 3081 break; 3082 default: 3083 /* operator '%s' discards '%s' from '%s' */ 3084 warning(128, op_name(op), 3085 qualifiers + 1, type_name(rtp)); 3086 break; 3087 } 3088 } 3089 3090 if (allow_c90) 3091 check_unconst_function(lstp, rn); 3092 3093 return true; 3094 } 3095 3096 static bool 3097 check_assign_pointer_integer(op_t op, int arg, 3098 const type_t *ltp, tspec_t lt, 3099 const type_t *rtp, tspec_t rt) 3100 { 3101 3102 if (!((lt == PTR && is_integer(rt)) || (is_integer(lt) && rt == PTR))) 3103 return false; 3104 3105 const char *lx = lt == PTR ? "pointer" : "integer"; 3106 const char *rx = rt == PTR ? "pointer" : "integer"; 3107 3108 switch (op) { 3109 case INIT: 3110 case RETURN: 3111 /* invalid combination of %s '%s' and %s '%s' for '%s' */ 3112 warning(183, 3113 lx, type_name(ltp), rx, type_name(rtp), op_name(op)); 3114 break; 3115 case FARG: 3116 /* invalid combination of %s '%s' and %s '%s', arg #%d */ 3117 warning(154, 3118 lx, type_name(ltp), rx, type_name(rtp), arg); 3119 break; 3120 default: 3121 /* invalid combination of %s '%s' and %s '%s', op '%s' */ 3122 warning(123, 3123 lx, type_name(ltp), rx, type_name(rtp), op_name(op)); 3124 break; 3125 } 3126 return true; 3127 } 3128 3129 static bool 3130 check_assign_pointer(op_t op, int arg, 3131 const type_t *ltp, tspec_t lt, 3132 const type_t *rtp, tspec_t rt) 3133 { 3134 if (!(lt == PTR && rt == PTR)) 3135 return false; 3136 3137 if (op == FARG) 3138 /* converting '%s' to incompatible '%s' for ... */ 3139 warning(153, type_name(rtp), type_name(ltp), arg); 3140 else 3141 warn_incompatible_pointers(op, ltp, rtp); 3142 return true; 3143 } 3144 3145 static void 3146 warn_assign(op_t op, int arg, 3147 const type_t *ltp, tspec_t lt, 3148 const type_t *rtp, tspec_t rt) 3149 { 3150 switch (op) { 3151 case INIT: 3152 /* cannot initialize '%s' from '%s' */ 3153 error(185, type_name(ltp), type_name(rtp)); 3154 break; 3155 case RETURN: 3156 /* function has return type '%s' but returns '%s' */ 3157 error(211, type_name(ltp), type_name(rtp)); 3158 break; 3159 case FARG: 3160 /* passing '%s' to incompatible '%s', arg #%d */ 3161 warning(155, type_name(rtp), type_name(ltp), arg); 3162 break; 3163 default: 3164 warn_incompatible_types(op, ltp, lt, rtp, rt); 3165 break; 3166 } 3167 } 3168 3169 /* 3170 * Checks type compatibility for ASSIGN, INIT, FARG and RETURN 3171 * and prints warnings/errors if necessary. 3172 * Returns whether the types are (almost) compatible. 3173 */ 3174 static bool 3175 check_assign_types_compatible(op_t op, const function_call *call, int arg, 3176 const tnode_t *ln, const tnode_t *rn) 3177 { 3178 tspec_t lt, rt, lst = NO_TSPEC, rst = NO_TSPEC; 3179 type_t *ltp, *rtp, *lstp = NULL, *rstp = NULL; 3180 3181 if ((lt = (ltp = ln->tn_type)->t_tspec) == PTR) 3182 lst = (lstp = ltp->t_subt)->t_tspec; 3183 if ((rt = (rtp = rn->tn_type)->t_tspec) == PTR) 3184 rst = (rstp = rtp->t_subt)->t_tspec; 3185 3186 if (lt == BOOL && is_scalar(rt)) /* C99 6.3.1.2 */ 3187 return true; 3188 3189 if (is_arithmetic(lt) && (is_arithmetic(rt) || rt == BOOL)) 3190 return true; 3191 3192 if (is_struct_or_union(lt) && is_struct_or_union(rt)) 3193 return ltp->u.sou == rtp->u.sou; 3194 3195 if (lt == PTR && is_null_pointer(rn)) { 3196 if (is_integer(rn->tn_type->t_tspec)) 3197 /* implicit conversion from integer 0 to pointer ... */ 3198 query_message(15, type_name(ltp)); 3199 return true; 3200 } 3201 3202 check_assign_void_pointer(op, arg, lt, lst, rt, rst); 3203 3204 if (check_assign_void_pointer_compat(op, call, arg, 3205 lt, lstp, lst, rn, rtp, rt, rstp, rst)) 3206 return true; 3207 3208 if (check_assign_pointer_integer(op, arg, ltp, lt, rtp, rt)) 3209 return true; 3210 3211 if (check_assign_pointer(op, arg, ltp, lt, rtp, rt)) 3212 return true; 3213 3214 warn_assign(op, arg, ltp, lt, rtp, rt); 3215 return false; 3216 } 3217 3218 static bool 3219 has_side_effect(const tnode_t *tn) /* NOLINT(misc-no-recursion) */ 3220 { 3221 op_t op = tn->tn_op; 3222 3223 if (modtab[op].m_has_side_effect) 3224 return true; 3225 3226 if (op == CVT && tn->tn_type->t_tspec == VOID) 3227 return has_side_effect(tn->u.ops.left); 3228 3229 if (op == LOGAND || op == LOGOR) 3230 return has_side_effect(tn->u.ops.right); 3231 3232 if (op == QUEST) 3233 return has_side_effect(tn->u.ops.right); 3234 3235 if (op == COLON || op == COMMA) { 3236 return has_side_effect(tn->u.ops.left) || 3237 has_side_effect(tn->u.ops.right); 3238 } 3239 3240 return false; 3241 } 3242 3243 static bool 3244 is_void_cast(const tnode_t *tn) 3245 { 3246 3247 return tn->tn_op == CVT && tn->tn_cast && 3248 tn->tn_type->t_tspec == VOID; 3249 } 3250 3251 static bool 3252 is_local_symbol(const tnode_t *tn) 3253 { 3254 3255 return tn->tn_op == LOAD && 3256 tn->u.ops.left->tn_op == NAME && 3257 tn->u.ops.left->u.sym->s_scl == AUTO; 3258 } 3259 3260 static bool 3261 is_int_constant_zero(const tnode_t *tn) 3262 { 3263 3264 return tn->tn_op == CON && 3265 tn->tn_type->t_tspec == INT && 3266 tn->u.value.u.integer == 0; 3267 } 3268 3269 static void 3270 check_null_effect(const tnode_t *tn) 3271 { 3272 3273 if (hflag && 3274 !has_side_effect(tn) && 3275 !(is_void_cast(tn) && is_local_symbol(tn->u.ops.left)) && 3276 !(is_void_cast(tn) && is_int_constant_zero(tn->u.ops.left))) { 3277 /* expression has null effect */ 3278 warning(129); 3279 } 3280 } 3281 3282 /* 3283 * Check the types for specific operators and type combinations. 3284 * 3285 * At this point, the operands already conform to the type requirements of 3286 * the operator, such as being integer, floating or scalar. 3287 */ 3288 static bool 3289 typeok_op(op_t op, const function_call *call, int arg, 3290 const tnode_t *ln, const type_t *ltp, tspec_t lt, 3291 const tnode_t *rn, const type_t *rtp, tspec_t rt) 3292 { 3293 switch (op) { 3294 case ARROW: 3295 return typeok_arrow(lt); 3296 case POINT: 3297 return typeok_point(ln, ltp, lt); 3298 case INCBEF: 3299 case DECBEF: 3300 case INCAFT: 3301 case DECAFT: 3302 return typeok_incdec(op, ln, ltp); 3303 case INDIR: 3304 return typeok_indir(ltp, lt); 3305 case ADDR: 3306 return typeok_address(op, ln, ltp, lt); 3307 case PLUS: 3308 return typeok_plus(op, ltp, lt, rtp, rt); 3309 case MINUS: 3310 return typeok_minus(op, ltp, lt, rtp, rt); 3311 case SHL: 3312 typeok_shl(ln, lt, rn, rt); 3313 goto shift; 3314 case SHR: 3315 typeok_shr(ln, lt, rn, rt); 3316 shift: 3317 typeok_shift(ln, lt, rn, rt); 3318 break; 3319 case LT: 3320 case LE: 3321 case GT: 3322 case GE: 3323 compare: 3324 return typeok_compare(op, ln, ltp, lt, rn, rtp, rt); 3325 case EQ: 3326 case NE: 3327 if (is_typeok_eq(ln, lt, rn, rt)) 3328 break; 3329 goto compare; 3330 case QUEST: 3331 return typeok_quest(lt, rn); 3332 case COLON: 3333 return typeok_colon(ln, ltp, lt, rn, rtp, rt); 3334 case ASSIGN: 3335 case INIT: 3336 case FARG: 3337 case RETURN: 3338 if (!check_assign_types_compatible(op, call, arg, ln, rn)) 3339 return false; 3340 goto assign; 3341 case MULASS: 3342 case DIVASS: 3343 case MODASS: 3344 goto assign; 3345 case ADDASS: 3346 case SUBASS: 3347 if ((lt == PTR && !is_integer(rt)) || rt == PTR) { 3348 warn_incompatible_types(op, ltp, lt, rtp, rt); 3349 return false; 3350 } 3351 goto assign; 3352 case SHLASS: 3353 goto assign; 3354 case SHRASS: 3355 if (pflag && !is_uinteger(lt) && 3356 !(!allow_c90 && is_uinteger(rt))) { 3357 /* bitwise '%s' on signed '%s' possibly nonportable */ 3358 warning(117, op_name(op), expr_type_name(rn)); 3359 } 3360 goto assign; 3361 case ANDASS: 3362 case XORASS: 3363 case ORASS: 3364 assign: 3365 return typeok_assign(op, ln, ltp, lt); 3366 case COMMA: 3367 if (!modtab[ln->tn_op].m_has_side_effect) 3368 check_null_effect(ln); 3369 break; 3370 default: 3371 break; 3372 } 3373 return true; 3374 } 3375 3376 static void 3377 check_bad_enum_operation(op_t op, const tnode_t *ln, const tnode_t *rn) 3378 { 3379 3380 if (!eflag) 3381 return; 3382 3383 /* Allow enum in array indices. */ 3384 if (op == PLUS && 3385 ((ln->tn_type->t_is_enum && rn->tn_type->t_tspec == PTR) || 3386 (rn->tn_type->t_is_enum && ln->tn_type->t_tspec == PTR))) { 3387 return; 3388 } 3389 3390 /* dubious operation '%s' on enum */ 3391 warning(241, op_name(op)); 3392 } 3393 3394 static void 3395 check_enum_type_mismatch(op_t op, int arg, const tnode_t *ln, const tnode_t *rn) 3396 { 3397 const mod_t *mp = &modtab[op]; 3398 3399 if (ln->tn_type->u.enumer != rn->tn_type->u.enumer) { 3400 switch (op) { 3401 case INIT: 3402 /* enum type mismatch between '%s' and '%s' in ... */ 3403 warning(210, 3404 type_name(ln->tn_type), type_name(rn->tn_type)); 3405 break; 3406 case FARG: 3407 /* function expects '%s', passing '%s' for arg #%d */ 3408 warning(156, 3409 type_name(ln->tn_type), type_name(rn->tn_type), 3410 arg); 3411 break; 3412 case RETURN: 3413 /* function has return type '%s' but returns '%s' */ 3414 warning(211, 3415 type_name(ln->tn_type), type_name(rn->tn_type)); 3416 break; 3417 default: 3418 /* enum type mismatch: '%s' '%s' '%s' */ 3419 warning(130, expr_type_name(before_conversion(ln)), 3420 op_name(op), 3421 expr_type_name(before_conversion(rn))); 3422 break; 3423 } 3424 } else if (Pflag && eflag && mp->m_comparison && op != EQ && op != NE) 3425 /* operator '%s' assumes that '%s' is ordered */ 3426 warning(243, op_name(op), type_name(ln->tn_type)); 3427 } 3428 3429 static void 3430 check_enum_int_mismatch(op_t op, int arg, const tnode_t *ln, const tnode_t *rn) 3431 { 3432 3433 if (!eflag) 3434 return; 3435 3436 switch (op) { 3437 case INIT: 3438 /* 3439 * Initialization with 0 is allowed. Otherwise, all implicit 3440 * initializations would need to be warned upon as well. 3441 */ 3442 if (!rn->tn_type->t_is_enum && rn->tn_op == CON && 3443 is_integer(rn->tn_type->t_tspec) && 3444 rn->u.value.u.integer == 0) { 3445 return; 3446 } 3447 /* initialization of '%s' with '%s' */ 3448 warning(277, type_name(ln->tn_type), expr_type_name(rn)); 3449 break; 3450 case FARG: 3451 /* combination of '%s' and '%s', arg #%d */ 3452 warning(278, 3453 type_name(ln->tn_type), expr_type_name(rn), arg); 3454 break; 3455 case RETURN: 3456 /* combination of '%s' and '%s' in return */ 3457 warning(279, type_name(ln->tn_type), expr_type_name(rn)); 3458 break; 3459 default: 3460 /* combination of '%s' and '%s', op '%s' */ 3461 warning(242, type_name(ln->tn_type), expr_type_name(rn), 3462 op_name(op)); 3463 break; 3464 } 3465 } 3466 3467 static void 3468 typeok_enum(op_t op, const mod_t *mp, int arg, 3469 const tnode_t *ln, const type_t *ltp, 3470 const tnode_t *rn, const type_t *rtp) 3471 { 3472 if (mp->m_bad_on_enum && 3473 (ltp->t_is_enum || (mp->m_binary && rtp->t_is_enum))) { 3474 check_bad_enum_operation(op, ln, rn); 3475 } else if (mp->m_valid_on_enum && 3476 (ltp->t_is_enum && rtp != NULL && rtp->t_is_enum)) { 3477 check_enum_type_mismatch(op, arg, ln, rn); 3478 } else if (mp->m_valid_on_enum && 3479 (ltp->t_is_enum || (rtp != NULL && rtp->t_is_enum))) { 3480 check_enum_int_mismatch(op, arg, ln, rn); 3481 } 3482 } 3483 3484 /* Perform most type checks. Return whether the types are ok. */ 3485 bool 3486 typeok(op_t op, const function_call *call, int arg, 3487 const tnode_t *ln, const tnode_t *rn) 3488 { 3489 3490 const mod_t *mp = &modtab[op]; 3491 3492 type_t *ltp = ln->tn_type; 3493 tspec_t lt = ltp->t_tspec; 3494 3495 type_t *rtp = mp->m_binary ? rn->tn_type : NULL; 3496 tspec_t rt = mp->m_binary ? rtp->t_tspec : NO_TSPEC; 3497 3498 if (Tflag && !typeok_scalar_strict_bool(op, mp, arg, ln, rn)) 3499 return false; 3500 if (!typeok_scalar(op, mp, ltp, lt, rtp, rt)) 3501 return false; 3502 3503 if (!typeok_op(op, call, arg, ln, ltp, lt, rn, rtp, rt)) 3504 return false; 3505 3506 typeok_enum(op, mp, arg, ln, ltp, rn, rtp); 3507 return true; 3508 } 3509 3510 /* In traditional C, keep unsigned and promote FLOAT to DOUBLE. */ 3511 static tspec_t 3512 promote_trad(tspec_t t) 3513 { 3514 3515 if (t == UCHAR || t == USHORT) 3516 return UINT; 3517 if (t == CHAR || t == SCHAR || t == SHORT) 3518 return INT; 3519 if (t == FLOAT) 3520 return DOUBLE; 3521 if (t == ENUM) 3522 return INT; 3523 return t; 3524 } 3525 3526 /* 3527 * C99 6.3.1.1p2 requires for types with lower rank than int that "If an int 3528 * can represent all the values of the original type, the value is converted 3529 * to an int; otherwise it is converted to an unsigned int", and that "All 3530 * other types are unchanged by the integer promotions". 3531 */ 3532 static tspec_t 3533 promote_c90(const tnode_t *tn, tspec_t t, bool farg) 3534 { 3535 if (tn->tn_type->t_bitfield) { 3536 unsigned int width = tn->tn_type->t_bit_field_width; 3537 unsigned int int_width = size_in_bits(INT); 3538 // XXX: What about _Bool bit-fields, since C99? 3539 if (width < int_width) 3540 return INT; 3541 if (width == int_width) 3542 return is_uinteger(t) ? UINT : INT; 3543 return t; 3544 } 3545 3546 if (t == CHAR || t == SCHAR) 3547 return INT; 3548 if (t == UCHAR) 3549 return size_in_bits(CHAR) < size_in_bits(INT) ? INT : UINT; 3550 if (t == SHORT) 3551 return INT; 3552 if (t == USHORT) 3553 return size_in_bits(SHORT) < size_in_bits(INT) ? INT : UINT; 3554 if (t == ENUM) 3555 return INT; 3556 if (farg && t == FLOAT) 3557 return DOUBLE; 3558 return t; 3559 } 3560 3561 /* 3562 * Performs the "integer promotions" (C99 6.3.1.1p2), which convert small 3563 * integer types to either int or unsigned int. 3564 * 3565 * If allow_c90 is unset or the operand is a function argument with no type 3566 * information (no prototype or variable # of args), converts float to double. 3567 */ 3568 tnode_t * 3569 promote(op_t op, bool farg, tnode_t *tn) 3570 { 3571 3572 const type_t *otp = tn->tn_type; 3573 tspec_t ot = otp->t_tspec; 3574 if (!is_arithmetic(ot)) 3575 return tn; 3576 3577 tspec_t nt = allow_c90 ? promote_c90(tn, ot, farg) : promote_trad(ot); 3578 if (nt == ot) 3579 return tn; 3580 3581 type_t *ntp = expr_dup_type(gettyp(nt)); 3582 ntp->t_tspec = nt; 3583 ntp->t_is_enum = otp->t_is_enum; 3584 if (ntp->t_is_enum) 3585 ntp->u.enumer = otp->u.enumer; 3586 return convert(op, 0, ntp, tn); 3587 } 3588 3589 static void 3590 check_lossy_floating_to_integer_conversion( 3591 op_t op, int arg, const type_t *tp, const tnode_t *tn) 3592 { 3593 long double x = tn->u.value.u.floating; 3594 integer_constraints ic = ic_any(tp); 3595 if (is_uinteger(tp->t_tspec) 3596 ? x >= ic.umin && x <= ic.umax && x == (uint64_t)x 3597 : x >= ic.smin && x <= ic.smax && x == (int64_t)x) 3598 return; 3599 if (op == FARG) 3600 /* lossy conversion of %Lg to '%s', arg #%d */ 3601 warning(380, x, type_name(tp), arg); 3602 else 3603 /* lossy conversion of %Lg to '%s' */ 3604 warning(381, x, type_name(tp)); 3605 } 3606 3607 static void 3608 convert_integer_from_floating( 3609 op_t op, int arg, const type_t *tp, const tnode_t *tn) 3610 { 3611 3612 if (op == CVT) 3613 /* cast from floating point '%s' to integer '%s' */ 3614 query_message(2, type_name(tn->tn_type), type_name(tp)); 3615 else 3616 /* implicit conversion from floating point '%s' to ... */ 3617 query_message(1, type_name(tn->tn_type), type_name(tp)); 3618 if (tn->tn_op == CON) 3619 check_lossy_floating_to_integer_conversion(op, arg, tp, tn); 3620 } 3621 3622 static bool 3623 should_warn_about_prototype_conversion(tspec_t nt, 3624 tspec_t ot, const tnode_t *ptn) 3625 { 3626 3627 if (nt == ot) 3628 return false; 3629 3630 if (nt == ENUM && ot == INT) 3631 return false; 3632 3633 if (is_floating(nt) != is_floating(ot) || 3634 portable_rank_cmp(nt, ot) != 0) { 3635 /* representation and/or width change */ 3636 if (!is_integer(ot)) 3637 return true; 3638 /* 3639 * XXX: Investigate whether this rule makes sense; see 3640 * tests/usr.bin/xlint/lint1/platform_long.c. 3641 */ 3642 return portable_rank_cmp(ot, INT) > 0; 3643 } 3644 3645 if (!hflag) 3646 return false; 3647 3648 /* 3649 * If the types differ only in sign and the argument has the same 3650 * representation in both types, print no warning. 3651 */ 3652 if (ptn->tn_op == CON && is_integer(nt) && 3653 signed_type(nt) == signed_type(ot) && 3654 !msb(ptn->u.value.u.integer, ot)) 3655 return false; 3656 3657 return true; 3658 } 3659 3660 /* 3661 * Warn if a prototype causes a type conversion that is different from what 3662 * would happen to the same argument in the absence of a prototype. This 3663 * check is intended for code that needs to stay compatible with pre-C90 C. 3664 * 3665 * Errors/warnings about invalid type combinations are already printed 3666 * in check_assign_types_compatible(). 3667 */ 3668 static void 3669 check_prototype_conversion(int arg, tspec_t nt, tspec_t ot, type_t *tp, 3670 tnode_t *tn) 3671 { 3672 3673 if (!is_arithmetic(nt) || !is_arithmetic(ot)) 3674 return; 3675 3676 /* 3677 * If the type of the formal parameter is char/short, a warning would 3678 * be useless, because functions declared the old style can't expect 3679 * char/short arguments. 3680 */ 3681 if (nt == CHAR || nt == SCHAR || nt == UCHAR || 3682 nt == SHORT || nt == USHORT) 3683 return; 3684 3685 tnode_t *ptn = promote(NOOP, true, tn); 3686 ot = ptn->tn_type->t_tspec; 3687 3688 if (should_warn_about_prototype_conversion(nt, ot, ptn)) { 3689 /* argument %d is converted from '%s' to '%s' ... */ 3690 warning(259, arg, expr_type_name(tn), type_name(tp)); 3691 } 3692 } 3693 3694 /* 3695 * When converting a large integer type to a small integer type, in some 3696 * cases the value of the actual expression is further restricted than the 3697 * type bounds, such as in (expr & 0xFF) or (expr % 100) or (expr >> 24). 3698 */ 3699 static bool 3700 can_represent(const type_t *tp, const tnode_t *tn) 3701 { 3702 uint64_t nmask = value_bits(width_in_bits(tp)); 3703 if (!is_uinteger(tp->t_tspec)) 3704 nmask >>= 1; 3705 3706 integer_constraints c = ic_expr(tn); 3707 if ((~c.bclr & ~nmask) == 0) 3708 return true; 3709 3710 integer_constraints tpc = ic_any(tp); 3711 if (is_uinteger(tp->t_tspec) 3712 ? tpc.umin <= c.umin && tpc.umax >= c.umax 3713 : tpc.smin <= c.smin && tpc.smax >= c.smax) 3714 return true; 3715 3716 debug_enter(); 3717 debug_step("type '%s' cannot represent:", type_name(tp)); 3718 debug_node(tn); 3719 debug_leave(); 3720 return false; 3721 } 3722 3723 static bool 3724 should_warn_about_integer_conversion(const type_t *ntp, tspec_t nt, 3725 const tnode_t *otn, tspec_t ot) 3726 { 3727 3728 // XXX: The portable_rank_cmp aims at portable mode, independent of the 3729 // current platform, while can_represent acts on the actual type sizes 3730 // from the current platform. This mix is inconsistent, but anything 3731 // else would make the exact conditions too complicated to grasp. 3732 if (aflag > 0 && portable_rank_cmp(nt, ot) < 0) { 3733 if (ot == LONG || ot == ULONG 3734 || ot == LLONG || ot == ULLONG 3735 #ifdef INT128_SIZE 3736 || ot == INT128 || ot == UINT128 3737 #endif 3738 || aflag > 1) 3739 return !can_represent(ntp, otn); 3740 } 3741 return false; 3742 } 3743 3744 static void 3745 convert_integer_from_integer(op_t op, int arg, tspec_t nt, tspec_t ot, 3746 type_t *tp, tnode_t *tn) 3747 { 3748 3749 if (tn->tn_op == CON) 3750 return; 3751 3752 if (op == CVT) 3753 return; 3754 3755 if (Pflag && pflag && aflag > 0 && 3756 portable_rank_cmp(nt, ot) > 0 && 3757 is_uinteger(nt) != is_uinteger(ot)) { 3758 if (op == FARG) 3759 /* conversion to '%s' may sign-extend ... */ 3760 warning(297, type_name(tp), arg); 3761 else 3762 /* conversion to '%s' may sign-extend ... */ 3763 warning(131, type_name(tp)); 3764 } 3765 3766 if (Pflag && portable_rank_cmp(nt, ot) > 0 && 3767 (tn->tn_op == PLUS || tn->tn_op == MINUS || tn->tn_op == MULT || 3768 tn->tn_op == SHL)) { 3769 /* suggest cast from '%s' to '%s' on op '%s' to ... */ 3770 warning(324, type_name(gettyp(ot)), type_name(tp), 3771 op_name(tn->tn_op)); 3772 } 3773 3774 if (should_warn_about_integer_conversion(tp, nt, tn, ot)) { 3775 if (op == FARG) 3776 /* conversion from '%s' to '%s' may lose ... */ 3777 warning(298, expr_type_name(tn), type_name(tp), arg); 3778 else 3779 /* conversion from '%s' to '%s' may lose accuracy */ 3780 warning(132, expr_type_name(tn), type_name(tp)); 3781 } 3782 3783 if (is_uinteger(nt) != is_uinteger(ot)) 3784 /* implicit conversion changes sign from '%s' to '%s' */ 3785 query_message(3, expr_type_name(tn), type_name(tp)); 3786 } 3787 3788 static void 3789 convert_integer_from_pointer(op_t op, tspec_t nt, type_t *tp, tnode_t *tn) 3790 { 3791 3792 if (tn->tn_op == CON) 3793 return; 3794 if (op != CVT) 3795 return; /* We already got an error. */ 3796 if (portable_rank_cmp(nt, PTR) >= 0) 3797 return; 3798 3799 if (pflag && size_in_bits(nt) >= size_in_bits(PTR)) { 3800 /* conversion of pointer to '%s' may lose bits */ 3801 warning(134, type_name(tp)); 3802 } else { 3803 /* conversion of pointer to '%s' loses bits */ 3804 warning(133, type_name(tp)); 3805 } 3806 } 3807 3808 static bool 3809 struct_starts_with(const type_t *struct_tp, const type_t *member_tp) 3810 { 3811 3812 return struct_tp->u.sou->sou_first_member != NULL && 3813 types_compatible(struct_tp->u.sou->sou_first_member->s_type, 3814 member_tp, true, false, NULL); 3815 } 3816 3817 static bool 3818 is_byte_array(const type_t *tp) 3819 { 3820 3821 return tp->t_tspec == ARRAY && 3822 (tp->t_subt->t_tspec == CHAR || tp->t_subt->t_tspec == UCHAR); 3823 } 3824 3825 static bool 3826 union_contains(const type_t *utp, const type_t *mtp) 3827 { 3828 for (const sym_t *mem = utp->u.sou->sou_first_member; 3829 mem != NULL; mem = mem->s_next) { 3830 if (types_compatible(mem->s_type, mtp, true, false, NULL)) 3831 return true; 3832 } 3833 return false; 3834 } 3835 3836 static bool 3837 should_warn_about_pointer_cast(const type_t *nstp, tspec_t nst, 3838 const type_t *ostp, tspec_t ost) 3839 { 3840 3841 while (nst == ARRAY) 3842 nstp = nstp->t_subt, nst = nstp->t_tspec; 3843 while (ost == ARRAY) 3844 ostp = ostp->t_subt, ost = ostp->t_tspec; 3845 3846 if (nst == STRUCT && ost == STRUCT && 3847 (struct_starts_with(nstp, ostp) || 3848 struct_starts_with(ostp, nstp))) 3849 return false; 3850 3851 if (is_incomplete(nstp) || is_incomplete(ostp)) 3852 return false; 3853 3854 if (nst == CHAR || nst == UCHAR) 3855 return false; /* for the sake of traditional C code */ 3856 if (ost == CHAR || ost == UCHAR) 3857 return false; /* for the sake of traditional C code */ 3858 3859 /* Allow cast between pointers to sockaddr variants. */ 3860 if (nst == STRUCT && ost == STRUCT) { 3861 const sym_t *nmem = nstp->u.sou->sou_first_member; 3862 const sym_t *omem = ostp->u.sou->sou_first_member; 3863 while (nmem != NULL && omem != NULL && 3864 types_compatible(nmem->s_type, omem->s_type, 3865 true, false, NULL)) 3866 nmem = nmem->s_next, omem = omem->s_next; 3867 if (nmem != NULL && is_byte_array(nmem->s_type)) 3868 return false; 3869 if (omem != NULL && is_byte_array(omem->s_type)) 3870 return false; 3871 if (nmem == NULL && omem == NULL) 3872 return false; 3873 } 3874 3875 if (nst == UNION || ost == UNION) { 3876 const type_t *union_tp = nst == UNION ? nstp : ostp; 3877 const type_t *other_tp = nst == UNION ? ostp : nstp; 3878 if (union_contains(union_tp, other_tp)) 3879 return false; 3880 } 3881 3882 if (is_struct_or_union(nst) && is_struct_or_union(ost)) 3883 return nstp->u.sou != ostp->u.sou; 3884 3885 enum rank_kind rk1 = type_properties(nst)->tt_rank_kind; 3886 enum rank_kind rk2 = type_properties(ost)->tt_rank_kind; 3887 if (rk1 != rk2 || rk1 == RK_NONE) 3888 return true; 3889 3890 return portable_rank_cmp(nst, ost) != 0; 3891 } 3892 3893 static void 3894 convert_pointer_from_pointer(type_t *ntp, tnode_t *tn) 3895 { 3896 const type_t *nstp = ntp->t_subt; 3897 const type_t *otp = tn->tn_type; 3898 const type_t *ostp = otp->t_subt; 3899 tspec_t nst = nstp->t_tspec; 3900 tspec_t ost = ostp->t_tspec; 3901 3902 if (nst == VOID || ost == VOID) { 3903 /* TODO: C99 behaves like C90 here. */ 3904 if (!allow_trad && !allow_c99 && (nst == FUNC || ost == FUNC)) { 3905 const char *nts, *ots; 3906 /* null pointers are already handled in convert() */ 3907 *(nst == FUNC ? &nts : &ots) = "function pointer"; 3908 *(nst == VOID ? &nts : &ots) = "'void *'"; 3909 /* conversion of %s to %s requires a cast */ 3910 warning(303, ots, nts); 3911 } 3912 return; 3913 } 3914 if (nst == FUNC && ost == FUNC) 3915 return; 3916 if (nst == FUNC || ost == FUNC) { 3917 /* converting '%s' to '%s' is questionable */ 3918 warning(229, type_name(otp), type_name(ntp)); 3919 return; 3920 } 3921 3922 if (hflag && alignment(nstp) > alignment(ostp) && 3923 !is_incomplete(ostp) && alignment(ostp) > 1 && 3924 !(nst == UNION && union_contains(nstp, ostp))) { 3925 /* converting '%s' to '%s' increases alignment ... */ 3926 warning(135, type_name(otp), type_name(ntp), 3927 alignment(ostp), alignment(nstp)); 3928 } 3929 3930 if (cflag && should_warn_about_pointer_cast(nstp, nst, ostp, ost)) { 3931 /* pointer cast from '%s' to unrelated '%s' */ 3932 warning(247, type_name(ostp), type_name(nstp)); 3933 } 3934 } 3935 3936 /* 3937 * Insert a conversion operator, which converts the type of the node 3938 * to another given type. 3939 * 3940 * Possible values for 'op': 3941 * CVT a cast-expression 3942 * binary integer promotion for one of the operands, or a usual 3943 * arithmetic conversion 3944 * binary plain or compound assignments to bit-fields 3945 * FARG 'arg' is the number of the parameter (used for warnings) 3946 * NOOP several other implicit conversions 3947 * ... 3948 */ 3949 tnode_t * 3950 convert(op_t op, int arg, type_t *tp, tnode_t *tn) 3951 { 3952 tspec_t nt = tp->t_tspec; 3953 tspec_t ot = tn->tn_type->t_tspec; 3954 3955 if (allow_trad && allow_c90 && op == FARG) 3956 check_prototype_conversion(arg, nt, ot, tp, tn); 3957 3958 if (nt == BOOL) { 3959 /* No further checks. */ 3960 3961 } else if (is_integer(nt)) { 3962 if (ot == BOOL) { 3963 /* No further checks. */ 3964 } else if (is_integer(ot)) 3965 convert_integer_from_integer(op, arg, nt, ot, tp, tn); 3966 else if (is_floating(ot)) 3967 convert_integer_from_floating(op, arg, tp, tn); 3968 else if (ot == PTR) 3969 convert_integer_from_pointer(op, nt, tp, tn); 3970 3971 } else if (is_floating(nt)) { 3972 if (is_integer(ot) && op != CVT) { 3973 /* implicit conversion from integer '%s' to ... */ 3974 query_message(19, 3975 type_name(tn->tn_type), type_name(tp)); 3976 } 3977 3978 } else if (nt == PTR) { 3979 if (is_null_pointer(tn)) { 3980 /* a null pointer may be assigned to any pointer. */ 3981 } else if (ot == PTR && op == CVT) 3982 convert_pointer_from_pointer(tp, tn); 3983 } 3984 3985 tnode_t *ntn = expr_alloc_tnode(); 3986 ntn->tn_op = CVT; 3987 ntn->tn_type = tp; 3988 ntn->tn_cast = op == CVT; 3989 ntn->tn_sys |= tn->tn_sys; 3990 ntn->u.ops.right = NULL; 3991 if (tn->tn_op != CON || nt == VOID) { 3992 ntn->u.ops.left = tn; 3993 } else { 3994 ntn->tn_op = CON; 3995 convert_constant(op, arg, ntn->tn_type, &ntn->u.value, 3996 &tn->u.value); 3997 } 3998 3999 return ntn; 4000 } 4001 4002 static void 4003 convert_constant_from_floating(op_t op, int arg, const type_t *ntp, 4004 tspec_t nt, val_t *nv, val_t *ov) 4005 { 4006 long double max = 0.0, min = 0.0; 4007 4008 switch (nt) { 4009 case CHAR: 4010 max = TARG_CHAR_MAX; min = TARG_CHAR_MIN; break; 4011 case UCHAR: 4012 max = TARG_UCHAR_MAX; min = 0; break; 4013 case SCHAR: 4014 max = TARG_SCHAR_MAX; min = TARG_SCHAR_MIN; break; 4015 case SHORT: 4016 max = TARG_SHRT_MAX; min = TARG_SHRT_MIN; break; 4017 case USHORT: 4018 max = TARG_USHRT_MAX; min = 0; break; 4019 case ENUM: 4020 case INT: 4021 max = TARG_INT_MAX; min = TARG_INT_MIN; break; 4022 case UINT: 4023 max = TARG_UINT_MAX; min = 0; break; 4024 case LONG: 4025 max = TARG_LONG_MAX; min = TARG_LONG_MIN; break; 4026 case ULONG: 4027 max = TARG_ULONG_MAX; min = 0; break; 4028 case LLONG: 4029 max = LLONG_MAX; min = LLONG_MIN; break; 4030 case ULLONG: 4031 max = ULLONG_MAX; min = 0; break; 4032 case FLOAT: 4033 case FCOMPLEX: 4034 max = FLT_MAX; min = -FLT_MAX; break; 4035 case DOUBLE: 4036 case DCOMPLEX: 4037 max = DBL_MAX; min = -DBL_MAX; break; 4038 case LDOUBLE: 4039 case LCOMPLEX: 4040 /* LINTED 248; see floating_error_value. */ 4041 max = LDBL_MAX; min = -max; break; 4042 default: 4043 lint_assert(false); 4044 } 4045 if (ov->u.floating > max || ov->u.floating < min) { 4046 lint_assert(nt != LDOUBLE); 4047 const char *ot_name = type_name(gettyp(ov->v_tspec)); 4048 const char *nt_name = type_name(ntp); 4049 if (is_integer(nt)) 4050 goto after_warning; 4051 if (op == FARG) 4052 /* conversion of '%s' to '%s' is out of range, ... */ 4053 warning(295, ot_name, nt_name, arg); 4054 else 4055 /* conversion of '%s' to '%s' is out of range */ 4056 warning(119, ot_name, nt_name); 4057 after_warning: 4058 ov->u.floating = ov->u.floating > 0 ? max : min; 4059 } 4060 4061 if (nt == FLOAT || nt == FCOMPLEX) 4062 nv->u.floating = (float)ov->u.floating; 4063 else if (nt == DOUBLE || nt == DCOMPLEX) 4064 nv->u.floating = (double)ov->u.floating; 4065 else if (nt == LDOUBLE || nt == LCOMPLEX) 4066 nv->u.floating = ov->u.floating; 4067 else 4068 nv->u.integer = (int64_t)ov->u.floating; 4069 } 4070 4071 static bool 4072 convert_constant_to_floating(tspec_t nt, val_t *nv, 4073 tspec_t ot, const val_t *v) 4074 { 4075 if (nt == FLOAT) { 4076 nv->u.floating = (ot == PTR || is_uinteger(ot)) ? 4077 (float)(uint64_t)v->u.integer : (float)v->u.integer; 4078 } else if (nt == DOUBLE) { 4079 nv->u.floating = (ot == PTR || is_uinteger(ot)) ? 4080 (double)(uint64_t)v->u.integer : (double)v->u.integer; 4081 } else if (nt == LDOUBLE) { 4082 nv->u.floating = (ot == PTR || is_uinteger(ot)) 4083 ? (long double)(uint64_t)v->u.integer 4084 : (long double)v->u.integer; 4085 } else 4086 return false; 4087 return true; 4088 } 4089 4090 static void 4091 warn_constant_truncated(op_t op, const val_t *v) 4092 { 4093 char buf[256]; 4094 bool is_unsigned = is_uinteger(v->v_tspec); 4095 int64_t val = v->u.integer; 4096 unsigned long long abs_val = is_unsigned || val >= 0 4097 ? (unsigned long long)val 4098 : -(unsigned long long)val; 4099 const char *sign = is_unsigned || val >= 0 ? "" : "-"; 4100 snprintf(buf, sizeof(buf), "%s%#llx", sign, abs_val); 4101 /* constant %s truncated by conversion, op '%s' */ 4102 warning(306, buf, op_name(op)); 4103 } 4104 4105 static void 4106 convert_constant_check_range_bitor(size_t nsz, size_t osz, const val_t *v, 4107 uint64_t xmask, op_t op) 4108 { 4109 if (nsz < osz && (v->u.integer & xmask) != 0) 4110 warn_constant_truncated(op, v); 4111 } 4112 4113 static void 4114 convert_constant_check_range_bitand(size_t nsz, size_t osz, 4115 uint64_t xmask, const val_t *nv, 4116 tspec_t ot, const val_t *v, 4117 const type_t *tp, op_t op) 4118 { 4119 if (nsz > osz && 4120 (nv->u.integer & bit((unsigned int)(osz - 1))) != 0 && 4121 (nv->u.integer & xmask) != xmask) { 4122 /* '%s' converts '%s' with its most significant bit being set to '%s' */ 4123 warning(309, 4124 op_name(op), type_name(gettyp(ot)), type_name(tp)); 4125 } else if (nsz < osz && 4126 (v->u.integer & xmask) != xmask && 4127 (v->u.integer & xmask) != 0) 4128 warn_constant_truncated(op, v); 4129 } 4130 4131 static void 4132 convert_constant_check_range_signed(op_t op, int arg, 4133 const type_t *ntp, int64_t ov) 4134 { 4135 if (op == ASSIGN) 4136 /* assignment of negative constant %lld to unsigned ... */ 4137 warning(164, (long long)ov, type_name(ntp)); 4138 else if (op == INIT) 4139 /* initialization of unsigned type '%s' with negative ... */ 4140 warning(221, type_name(ntp), (long long)ov); 4141 else if (op == FARG) 4142 /* conversion of negative constant %lld to unsigned ... */ 4143 warning(296, (long long)ov, type_name(ntp), arg); 4144 else if (modtab[op].m_comparison) { 4145 /* handled by check_integer_comparison() */ 4146 } else 4147 /* conversion of negative constant %lld to unsigned ... */ 4148 warning(222, (long long)ov, type_name(ntp)); 4149 } 4150 4151 /* 4152 * Loss of significant bit(s). All truncated bits of unsigned types or all 4153 * truncated bits plus the msb of the target for signed types are considered 4154 * to be significant bits. Loss of significant bits means that at least one 4155 * of the bits was set in an unsigned type or that at least one but not all 4156 * of the bits was set in a signed type. Loss of significant bits means that 4157 * it is not possible, also not with necessary casts, to convert back to the 4158 * original type. An example for a necessary cast is: 4159 * char c; int i; c = 128; 4160 * i = c; ** yields -128 ** 4161 * i = (unsigned char)c; ** yields 128 ** 4162 */ 4163 static void 4164 warn_constant_check_range_truncated(op_t op, int arg, const type_t *tp, 4165 tspec_t ot) 4166 { 4167 if (op == ASSIGN && tp->t_bitfield) 4168 /* precision lost in bit-field assignment */ 4169 warning(166); 4170 else if (op == ASSIGN) 4171 /* constant truncated by assignment */ 4172 warning(165); 4173 else if (op == INIT && tp->t_bitfield) 4174 /* bit-field initializer does not fit */ 4175 warning(180); 4176 else if (op == INIT) 4177 /* initializer does not fit */ 4178 warning(178); 4179 else if (op == CASE) 4180 /* case label is converted from '%s' to '%s' */ 4181 warning(196, tspec_name(ot), type_name(tp)); 4182 else if (op == FARG) 4183 /* conversion of '%s' to '%s' is out of range, arg #%d */ 4184 warning(295, type_name(gettyp(ot)), type_name(tp), arg); 4185 else 4186 /* conversion of '%s' to '%s' is out of range */ 4187 warning(119, type_name(gettyp(ot)), type_name(tp)); 4188 } 4189 4190 static void 4191 warn_constant_check_range_loss(op_t op, int arg, const type_t *tp, 4192 tspec_t ot) 4193 { 4194 if (op == ASSIGN && tp->t_bitfield) 4195 /* precision lost in bit-field assignment */ 4196 warning(166); 4197 else if (op == INIT && tp->t_bitfield) 4198 /* bit-field initializer out of range */ 4199 warning(11); 4200 else if (op == CASE) 4201 /* case label is converted from '%s' to '%s' */ 4202 warning(196, tspec_name(ot), type_name(tp)); 4203 else if (op == FARG) 4204 /* conversion of '%s' to '%s' is out of range, arg #%d */ 4205 warning(295, type_name(gettyp(ot)), type_name(tp), arg); 4206 else 4207 /* conversion of '%s' to '%s' is out of range */ 4208 warning(119, type_name(gettyp(ot)), type_name(tp)); 4209 } 4210 4211 static void 4212 convert_constant_check_range(tspec_t ot, const type_t *tp, tspec_t nt, 4213 op_t op, int arg, const val_t *v, val_t *nv) 4214 { 4215 unsigned int obitsz, nbitsz; 4216 uint64_t xmask, xmsk1; 4217 4218 obitsz = size_in_bits(ot); 4219 nbitsz = tp->t_bitfield ? tp->t_bit_field_width : size_in_bits(nt); 4220 xmask = value_bits(nbitsz) ^ value_bits(obitsz); 4221 xmsk1 = value_bits(nbitsz) ^ value_bits(obitsz - 1); 4222 if (op == ORASS || op == BITOR || op == BITXOR) { 4223 convert_constant_check_range_bitor( 4224 nbitsz, obitsz, v, xmask, op); 4225 } else if (op == ANDASS || op == BITAND) { 4226 convert_constant_check_range_bitand( 4227 nbitsz, obitsz, xmask, nv, ot, v, tp, op); 4228 } else if (nt != PTR && is_uinteger(nt) && 4229 ot != PTR && !is_uinteger(ot) && v->u.integer < 0) 4230 convert_constant_check_range_signed(op, arg, tp, v->u.integer); 4231 else if (nv->u.integer != v->u.integer && nbitsz <= obitsz && 4232 (v->u.integer & xmask) != 0 && 4233 (is_uinteger(ot) || (v->u.integer & xmsk1) != xmsk1)) 4234 warn_constant_check_range_truncated(op, arg, tp, ot); 4235 else if (nv->u.integer != v->u.integer) 4236 warn_constant_check_range_loss(op, arg, tp, ot); 4237 } 4238 4239 /* Converts a typed constant to a constant of another type. */ 4240 void 4241 convert_constant(op_t op, int arg, const type_t *ntp, val_t *nv, val_t *ov) 4242 { 4243 /* 4244 * TODO: make 'ov' const; the name of this function does not suggest 4245 * that it modifies 'ov'. 4246 */ 4247 tspec_t ot = ov->v_tspec; 4248 tspec_t nt = nv->v_tspec = ntp->t_tspec; 4249 bool range_check = false; 4250 4251 if (nt == BOOL) { /* C99 6.3.1.2 */ 4252 nv->v_unsigned_since_c90 = false; 4253 nv->u.integer = is_nonzero_val(ov) ? 1 : 0; 4254 return; 4255 } 4256 4257 if (ot == FLOAT || ot == DOUBLE || ot == LDOUBLE) 4258 convert_constant_from_floating(op, arg, ntp, nt, nv, ov); 4259 else if (!convert_constant_to_floating(nt, nv, ot, ov)) { 4260 range_check = true; /* Check for lost precision. */ 4261 nv->u.integer = ov->u.integer; 4262 } 4263 4264 if (allow_trad && allow_c90 && ov->v_unsigned_since_c90 && 4265 (is_floating(nt) || ( 4266 (is_integer(nt) && !is_uinteger(nt) && 4267 portable_rank_cmp(nt, ot) > 0)))) { 4268 /* C90 treats constant as unsigned */ 4269 warning(157); 4270 ov->v_unsigned_since_c90 = false; 4271 } 4272 4273 if (is_integer(nt)) { 4274 unsigned int size = ntp->t_bitfield 4275 ? ntp->t_bit_field_width : size_in_bits(nt); 4276 nv->u.integer = convert_integer(nv->u.integer, nt, size); 4277 } 4278 4279 if (range_check && op != CVT) 4280 convert_constant_check_range(ot, ntp, nt, op, arg, ov, nv); 4281 } 4282 4283 tnode_t * 4284 build_sizeof(const type_t *tp) 4285 { 4286 unsigned int size_in_bytes = type_size_in_bits(tp) / CHAR_SIZE; 4287 tnode_t *tn = build_integer_constant(SIZEOF_TSPEC, size_in_bytes); 4288 tn->tn_system_dependent = true; 4289 debug_step("build_sizeof '%s' = %u", type_name(tp), size_in_bytes); 4290 return tn; 4291 } 4292 4293 tnode_t * 4294 build_offsetof(const type_t *tp, designation dn) 4295 { 4296 unsigned int offset_in_bits = 0; 4297 4298 if (!is_struct_or_union(tp->t_tspec)) { 4299 /* unacceptable operand of '%s' */ 4300 error(111, "offsetof"); 4301 goto proceed; 4302 } 4303 for (size_t i = 0; i < dn.dn_len; i++) { 4304 const designator *dr = dn.dn_items + i; 4305 if (dr->dr_kind == DK_SUBSCRIPT) { 4306 if (tp->t_tspec != ARRAY) 4307 goto proceed; /* silent error */ 4308 tp = tp->t_subt; 4309 offset_in_bits += (unsigned)dr->dr_subscript 4310 * type_size_in_bits(tp); 4311 } else { 4312 if (!is_struct_or_union(tp->t_tspec)) 4313 goto proceed; /* silent error */ 4314 const char *name = dr->dr_member->s_name; 4315 sym_t *mem = find_member(tp->u.sou, name); 4316 if (mem == NULL) { 4317 /* type '%s' does not have member '%s' */ 4318 error(101, name, type_name(tp)); 4319 goto proceed; 4320 } 4321 tp = mem->s_type; 4322 offset_in_bits += mem->u.s_member.sm_offset_in_bits; 4323 } 4324 } 4325 free(dn.dn_items); 4326 4327 proceed:; 4328 unsigned int offset_in_bytes = offset_in_bits / CHAR_SIZE; 4329 tnode_t *tn = build_integer_constant(SIZEOF_TSPEC, offset_in_bytes); 4330 tn->tn_system_dependent = true; 4331 return tn; 4332 } 4333 4334 unsigned int 4335 type_size_in_bits(const type_t *tp) 4336 { 4337 4338 unsigned int elem = 1; 4339 bool flex = false; 4340 lint_assert(tp != NULL); 4341 while (tp->t_tspec == ARRAY) { 4342 flex = true; /* allow c99 flex arrays [] [0] */ 4343 elem *= tp->u.dimension; 4344 tp = tp->t_subt; 4345 } 4346 if (elem == 0 && !flex) { 4347 /* cannot take size/alignment of incomplete type */ 4348 error(143); 4349 elem = 1; 4350 } 4351 4352 unsigned int elsz; 4353 switch (tp->t_tspec) { 4354 case VOID: 4355 /* cannot take size/alignment of void */ 4356 error(146); 4357 elsz = 1; 4358 break; 4359 case FUNC: 4360 /* cannot take size/alignment of function type '%s' */ 4361 error(144, type_name(tp)); 4362 elsz = 1; 4363 break; 4364 case STRUCT: 4365 case UNION: 4366 if (is_incomplete(tp)) { 4367 /* cannot take size/alignment of incomplete type */ 4368 error(143); 4369 elsz = 1; 4370 } else 4371 elsz = tp->u.sou->sou_size_in_bits; 4372 break; 4373 case ENUM: 4374 if (is_incomplete(tp)) { 4375 /* cannot take size/alignment of incomplete type */ 4376 warning(143); 4377 } 4378 /* FALLTHROUGH */ 4379 default: 4380 if (tp->t_bitfield) 4381 /* cannot take size/alignment of bit-field */ 4382 error(145); 4383 elsz = size_in_bits(tp->t_tspec); 4384 lint_assert(elsz > 0); 4385 break; 4386 } 4387 4388 return elem * elsz; 4389 } 4390 4391 /* C11 6.5.3.4, GCC */ 4392 tnode_t * 4393 build_alignof(const type_t *tp) 4394 { 4395 if (tp->t_tspec == FUNC) { 4396 /* cannot take size/alignment of function type '%s' */ 4397 error(144, type_name(tp)); 4398 return NULL; 4399 } 4400 if (tp->t_tspec == VOID) { 4401 /* cannot take size/alignment of void */ 4402 error(146); 4403 return NULL; 4404 } 4405 if (is_incomplete(tp)) { 4406 /* cannot take size/alignment of incomplete type */ 4407 error(143); 4408 return NULL; 4409 } 4410 if (tp->t_bitfield) { 4411 /* cannot take size/alignment of bit-field */ 4412 error(145); 4413 return NULL; 4414 } 4415 return build_integer_constant(SIZEOF_TSPEC, (int64_t)alignment(tp)); 4416 } 4417 4418 static tnode_t * 4419 cast_to_union(tnode_t *otn, bool sys, type_t *ntp) 4420 { 4421 4422 if (!allow_gcc) { 4423 /* union cast is a GCC extension */ 4424 error(328); 4425 return NULL; 4426 } 4427 4428 for (const sym_t *m = ntp->u.sou->sou_first_member; 4429 m != NULL; m = m->s_next) { 4430 if (types_compatible(m->s_type, otn->tn_type, 4431 false, false, NULL)) { 4432 tnode_t *ntn = build_op(CVT, sys, ntp, otn, NULL); 4433 ntn->tn_cast = true; 4434 return ntn; 4435 } 4436 } 4437 4438 /* type '%s' is not a member of '%s' */ 4439 error(329, type_name(otn->tn_type), type_name(ntp)); 4440 return NULL; 4441 } 4442 4443 // In GCC mode, allow 'nullptr + offset' as a constant expression. 4444 static tnode_t * 4445 null_pointer_offset(tnode_t *tn) 4446 { 4447 uint64_t off = 0; 4448 const tnode_t *n = tn; 4449 while ((n->tn_op == PLUS || n->tn_op == MINUS) 4450 && is_integer(n->u.ops.right->tn_type->t_tspec)) { 4451 off += (uint64_t)n->u.ops.right->u.value.u.integer; 4452 n = n->u.ops.left; 4453 } 4454 if (n->tn_type->t_tspec == PTR 4455 && n->tn_op == ADDR 4456 && n->u.ops.left->tn_op == INDIR 4457 && n->u.ops.left->u.ops.left->tn_op == CON 4458 && n->u.ops.left->u.ops.left->tn_type->t_tspec == PTR) { 4459 off += (uint64_t)n->u.ops.left->u.ops.left->u.value.u.integer; 4460 return build_integer_constant(SIZEOF_TSPEC, (int64_t)off); 4461 } 4462 return tn; 4463 } 4464 4465 tnode_t * 4466 cast(tnode_t *tn, bool sys, type_t *tp) 4467 { 4468 4469 if (tn == NULL) 4470 return NULL; 4471 4472 tn = cconv(tn); 4473 4474 lint_assert(tp != NULL); 4475 tspec_t nt = tp->t_tspec; 4476 tspec_t ot = tn->tn_type->t_tspec; 4477 4478 if (nt == VOID) { 4479 /* 4480 * C90 6.3.4, C99 6.5.4p2 and C11 6.5.4p2 allow any type to be 4481 * cast to void. The only other allowed casts are from a 4482 * scalar type to a scalar type. 4483 */ 4484 } else if (nt == UNION) 4485 return cast_to_union(tn, sys, tp); 4486 else if (nt == STRUCT || nt == ARRAY || nt == FUNC) { 4487 /* Casting to a struct is an undocumented GCC extension. */ 4488 if (!(allow_gcc && nt == STRUCT)) 4489 goto invalid_cast; 4490 } else if (is_struct_or_union(ot)) 4491 goto invalid_cast; 4492 else if (ot == VOID) { 4493 /* improper cast of void expression */ 4494 error(148); 4495 return NULL; 4496 } else if (is_integer(nt) && is_scalar(ot)) { 4497 tn = null_pointer_offset(tn); 4498 } else if (is_floating(nt) && is_arithmetic(ot)) { 4499 /* ok */ 4500 } else if (nt == PTR && is_integer(ot)) { 4501 /* ok */ 4502 } else if (nt == PTR && ot == PTR) { 4503 if (!tp->t_subt->t_const && tn->tn_type->t_subt->t_const) { 4504 if (hflag) 4505 /* cast discards 'const' from type '%s' */ 4506 warning(275, type_name(tn->tn_type)); 4507 } 4508 } else 4509 goto invalid_cast; 4510 4511 if (any_query_enabled 4512 && types_compatible(tp, tn->tn_type, false, false, NULL)) 4513 /* no-op cast from '%s' to '%s' */ 4514 query_message(6, expr_type_name(tn), type_name(tp)); 4515 4516 tn = convert(CVT, 0, tp, tn); 4517 tn->tn_cast = true; 4518 tn->tn_sys = sys; 4519 4520 return tn; 4521 4522 invalid_cast: 4523 /* invalid cast from '%s' to '%s' */ 4524 error(147, expr_type_name(tn), type_name(tp)); 4525 return NULL; 4526 } 4527 4528 void 4529 add_function_argument(function_call *call, tnode_t *arg) 4530 { 4531 /* 4532 * If there was a serious error in the expression for the argument, 4533 * create a dummy argument so the positions of the remaining arguments 4534 * will not change. 4535 */ 4536 if (arg == NULL) 4537 arg = build_integer_constant(INT, 0); 4538 4539 if (call->args_len >= call->args_cap) { 4540 call->args_cap += 8; 4541 tnode_t **new_args = expr_zero_alloc( 4542 call->args_cap * sizeof(*call->args), "tnode*[]"); 4543 if (call->args_len > 0) 4544 memcpy(new_args, call->args, 4545 call->args_len * sizeof(*call->args)); 4546 call->args = new_args; 4547 } 4548 call->args[call->args_len++] = arg; 4549 } 4550 4551 /* 4552 * Compare the type of an argument with the corresponding type of a 4553 * prototype parameter. If it is a valid combination, but both types 4554 * are not the same, insert a conversion to convert the argument into 4555 * the type of the parameter. 4556 */ 4557 static tnode_t * 4558 check_prototype_argument(const function_call *call, int arg, 4559 type_t *tp, tnode_t *tn) 4560 { 4561 tnode_t *ln = xcalloc(1, sizeof(*ln)); 4562 ln->tn_type = expr_unqualified_type(tp); 4563 ln->tn_lvalue = true; 4564 if (typeok(FARG, call, arg, ln, tn)) { 4565 bool dowarn; 4566 if (!types_compatible(tp, tn->tn_type, 4567 true, false, (dowarn = false, &dowarn)) || dowarn) 4568 tn = convert(FARG, arg, tp, tn); 4569 } 4570 free(ln); 4571 return tn; 4572 } 4573 4574 /* 4575 * Check types of all function arguments and insert conversions, 4576 * if necessary. 4577 */ 4578 static void 4579 check_function_arguments(const function_call *call) 4580 { 4581 type_t *ftp = call->func->tn_type->t_subt; 4582 4583 /* get # of parameters in the prototype */ 4584 int npar = 0; 4585 for (const sym_t *p = ftp->u.params; p != NULL; p = p->s_next) 4586 npar++; 4587 4588 int narg = (int)call->args_len; 4589 4590 const sym_t *param = ftp->u.params; 4591 if (ftp->t_proto && npar != narg && !(ftp->t_vararg && npar < narg)) { 4592 /* argument mismatch: %d %s passed, %d expected */ 4593 error(150, narg, narg != 1 ? "arguments" : "argument", npar); 4594 param = NULL; 4595 } 4596 4597 for (int i = 0; i < narg; i++) { 4598 tnode_t *arg = call->args[i]; 4599 4600 /* some things which are always not allowed */ 4601 tspec_t at = arg->tn_type->t_tspec; 4602 if (at == VOID) { 4603 /* void expressions may not be arguments, arg #%d */ 4604 error(151, i + 1); 4605 return; 4606 } 4607 if (is_struct_or_union(at) && is_incomplete(arg->tn_type)) { 4608 /* argument cannot have unknown size, arg #%d */ 4609 error(152, i + 1); 4610 return; 4611 } 4612 if (is_integer(at) && 4613 arg->tn_type->t_is_enum && 4614 is_incomplete(arg->tn_type)) { 4615 /* argument cannot have unknown size, arg #%d */ 4616 warning(152, i + 1); 4617 } 4618 4619 arg = cconv(arg); 4620 call->args[i] = arg; 4621 4622 arg = param != NULL 4623 ? check_prototype_argument(call, i + 1, param->s_type, arg) 4624 : promote(NOOP, true, arg); 4625 call->args[i] = arg; 4626 4627 if (param != NULL) 4628 param = param->s_next; 4629 } 4630 } 4631 4632 static bool 4633 is_gcc_generic_atomic(const char *name) 4634 { 4635 // https://gcc.gnu.org/onlinedocs/gcc/_005f_005fatomic-Builtins.html 4636 return strcmp(name, "__atomic_load_n") == 0 4637 || strcmp(name, "__atomic_exchange_n") == 0 4638 || strcmp(name, "__atomic_add_fetch") == 0 4639 || strcmp(name, "__atomic_sub_fetch") == 0 4640 || strcmp(name, "__atomic_and_fetch") == 0 4641 || strcmp(name, "__atomic_xor_fetch") == 0 4642 || strcmp(name, "__atomic_or_fetch") == 0 4643 || strcmp(name, "__atomic_nand_fetch") == 0 4644 || strcmp(name, "__atomic_fetch_add") == 0 4645 || strcmp(name, "__atomic_fetch_sub") == 0 4646 || strcmp(name, "__atomic_fetch_and") == 0 4647 || strcmp(name, "__atomic_fetch_xor") == 0 4648 || strcmp(name, "__atomic_fetch_or") == 0 4649 || strcmp(name, "__atomic_fetch_nand") == 0; 4650 } 4651 4652 static type_t * 4653 return_type(const function_call *call) 4654 { 4655 const tnode_t *func = call->func; 4656 if (allow_gcc 4657 && func->tn_op == ADDR 4658 && func->u.ops.left->tn_op == NAME 4659 && is_gcc_generic_atomic(func->u.ops.left->u.sym->s_name) 4660 && call->args_len > 0 4661 && call->args[0]->tn_type->t_tspec == PTR) 4662 return call->args[0]->tn_type->t_subt; 4663 return func->tn_type->t_subt->t_subt; 4664 } 4665 4666 tnode_t * 4667 build_function_call(tnode_t *func, bool sys, function_call *call) 4668 { 4669 4670 if (func == NULL) 4671 return NULL; 4672 4673 call->func = func; 4674 check_ctype_function_call(call); 4675 4676 func = cconv(func); 4677 call->func = func; 4678 4679 if (func->tn_type->t_tspec != PTR || 4680 func->tn_type->t_subt->t_tspec != FUNC) { 4681 /* cannot call '%s', must be a function */ 4682 error(149, expr_type_name(func)); 4683 return NULL; 4684 } 4685 4686 check_function_arguments(call); 4687 4688 tnode_t *ntn = expr_alloc_tnode(); 4689 ntn->tn_op = CALL; 4690 ntn->tn_type = return_type(call); 4691 ntn->tn_sys = sys; 4692 ntn->u.call = call; 4693 return ntn; 4694 } 4695 4696 /* 4697 * Return the value of an integral constant expression. 4698 * If the expression is not constant or its type is not an integer 4699 * type, an error message is printed. 4700 */ 4701 val_t * 4702 integer_constant(tnode_t *tn, bool required) 4703 { 4704 4705 if (tn != NULL) 4706 tn = cconv(tn); 4707 if (tn != NULL) 4708 tn = promote(NOOP, false, tn); 4709 4710 val_t *v = xcalloc(1, sizeof(*v)); 4711 4712 if (tn == NULL) { 4713 lint_assert(seen_error); 4714 debug_step("constant node is null; returning 1 instead"); 4715 v->v_tspec = INT; 4716 v->u.integer = 1; 4717 return v; 4718 } 4719 4720 v->v_tspec = tn->tn_type->t_tspec; 4721 4722 if (tn->tn_op == CON) { 4723 lint_assert(tn->tn_type->t_tspec == tn->u.value.v_tspec); 4724 if (is_integer(tn->u.value.v_tspec)) { 4725 v->v_unsigned_since_c90 = 4726 tn->u.value.v_unsigned_since_c90; 4727 v->u.integer = tn->u.value.u.integer; 4728 return v; 4729 } 4730 v->u.integer = (int64_t)tn->u.value.u.floating; 4731 } else 4732 v->u.integer = 1; 4733 4734 if (required) 4735 /* integral constant expression expected */ 4736 error(55); 4737 else 4738 /* variable array dimension is a C99/GCC extension */ 4739 c99ism(318); 4740 4741 if (!is_integer(v->v_tspec)) 4742 v->v_tspec = INT; 4743 4744 return v; 4745 } 4746 4747 /* 4748 * Perform some tests on expressions which can't be done in build_binary() 4749 * and functions called by build_binary(). These tests must be done here 4750 * because we need some information about the context in which the operations 4751 * are performed. 4752 * After all tests are performed, if free_expr is true, expr() frees the 4753 * memory for the expression. 4754 */ 4755 void 4756 expr(tnode_t *tn, bool used, bool cond, bool free_expr, bool is_do_while, 4757 const char *stmt_kind) 4758 { 4759 4760 if (tn == NULL) { /* in case of errors */ 4761 expr_free_all(); 4762 return; 4763 } 4764 4765 /* expr() is also called in global initializations */ 4766 if (dcs->d_kind != DLK_EXTERN && !is_do_while) 4767 check_statement_reachable(stmt_kind); 4768 4769 check_expr_misc(tn, used, cond, !cond, false, false, false); 4770 if (tn->tn_op == ASSIGN && !tn->tn_parenthesized) { 4771 if (hflag && cond) 4772 /* assignment in conditional context */ 4773 warning(159); 4774 } 4775 if (!modtab[tn->tn_op].m_has_side_effect) { 4776 /* 4777 * for left operands of COMMA this warning is already printed 4778 */ 4779 if (tn->tn_op != COMMA && !used && !cond) 4780 check_null_effect(tn); 4781 } 4782 debug_node(tn); 4783 4784 if (free_expr) 4785 expr_free_all(); 4786 } 4787 4788 /* If the expression has the form '*(arr + idx)', check the array index. */ 4789 static void 4790 check_array_index(const tnode_t *indir, bool taking_address) 4791 { 4792 const tnode_t *plus, *arr, *idx; 4793 4794 if (indir->tn_op == INDIR 4795 && (plus = indir->u.ops.left, plus->tn_op == PLUS) 4796 && plus->u.ops.left->tn_op == ADDR 4797 && (arr = plus->u.ops.left->u.ops.left, true) 4798 && (arr->tn_op == STRING || arr->tn_op == NAME) 4799 && arr->tn_type->t_tspec == ARRAY 4800 && (idx = plus->u.ops.right, idx->tn_op == CON) 4801 && (!is_incomplete(arr->tn_type) || idx->u.value.u.integer < 0)) 4802 goto proceed; 4803 return; 4804 4805 proceed:; 4806 int elsz = length_in_bits(arr->tn_type->t_subt, NULL); 4807 if (elsz == 0) 4808 return; 4809 elsz /= CHAR_SIZE; 4810 4811 /* Change the unit of the index from bytes to element size. */ 4812 int64_t con = is_uinteger(idx->tn_type->t_tspec) 4813 ? (int64_t)((uint64_t)idx->u.value.u.integer / elsz) 4814 : idx->u.value.u.integer / elsz; 4815 4816 int dim = arr->tn_type->u.dimension + (taking_address ? 1 : 0); 4817 4818 if (!is_uinteger(idx->tn_type->t_tspec) && con < 0) 4819 /* array subscript %jd cannot be negative */ 4820 warning(167, (intmax_t)con); 4821 else if (dim > 0 && (uint64_t)con >= (uint64_t)dim) 4822 /* array subscript %ju cannot be > %d */ 4823 warning(168, (uintmax_t)con, dim - 1); 4824 } 4825 4826 static void 4827 check_expr_addr(const tnode_t *ln, bool szof, bool fcall) 4828 { 4829 /* XXX: Taking warn_about_unreachable into account here feels wrong. */ 4830 if (ln->tn_op == NAME && (reached || !warn_about_unreachable)) { 4831 if (!szof) 4832 mark_as_set(ln->u.sym); 4833 mark_as_used(ln->u.sym, fcall, szof); 4834 } 4835 check_array_index(ln, true); 4836 } 4837 4838 /* 4839 * If there is an asm statement in one of the compound statements around, 4840 * there may be other side effects, so don't warn. 4841 */ 4842 static bool 4843 is_asm_around(void) 4844 { 4845 for (decl_level *dl = dcs; dl != NULL; dl = dl->d_enclosing) 4846 if (dl->d_asm) 4847 return true; 4848 return false; 4849 } 4850 4851 static void 4852 check_expr_side_effect(const tnode_t *ln, bool szof) 4853 { 4854 4855 /* XXX: Taking warn_about_unreachable into account here feels wrong. */ 4856 if (ln->tn_op == NAME && (reached || !warn_about_unreachable)) { 4857 scl_t sc = ln->u.sym->s_scl; 4858 if (sc != EXTERN && sc != STATIC && 4859 !ln->u.sym->s_set && !szof && !is_asm_around()) { 4860 /* '%s' may be used before set */ 4861 warning(158, ln->u.sym->s_name); 4862 mark_as_set(ln->u.sym); 4863 } 4864 mark_as_used(ln->u.sym, false, false); 4865 } 4866 } 4867 4868 static void 4869 check_expr_assign(const tnode_t *ln, bool szof) 4870 { 4871 /* XXX: Taking warn_about_unreachable into account here feels wrong. */ 4872 if (ln->tn_op == NAME && !szof && (reached || !warn_about_unreachable)) { 4873 mark_as_set(ln->u.sym); 4874 if (ln->u.sym->s_scl == EXTERN) 4875 outusg(ln->u.sym); 4876 } 4877 check_array_index(ln, false); 4878 } 4879 4880 static void 4881 check_expr_call(const tnode_t *tn, const tnode_t *ln, 4882 bool szof, bool vctx, bool cond, bool retval_discarded) 4883 { 4884 lint_assert(ln->tn_op == ADDR); 4885 lint_assert(ln->u.ops.left->tn_op == NAME); 4886 if (!szof && !is_compiler_builtin(ln->u.ops.left->u.sym->s_name)) 4887 outcall(tn, vctx || cond, retval_discarded); 4888 4889 const function_call *call = tn->u.call; 4890 if (call->args_len == 4 || call->args_len == 5) 4891 check_snprintb(call); 4892 } 4893 4894 static void 4895 check_expr_op(op_t op, const tnode_t *ln, bool szof, bool fcall, bool eqwarn) 4896 { 4897 switch (op) { 4898 case ADDR: 4899 check_expr_addr(ln, szof, fcall); 4900 break; 4901 case LOAD: 4902 check_array_index(ln, false); 4903 /* FALLTHROUGH */ 4904 case INCBEF: 4905 case DECBEF: 4906 case INCAFT: 4907 case DECAFT: 4908 case ADDASS: 4909 case SUBASS: 4910 case MULASS: 4911 case DIVASS: 4912 case MODASS: 4913 case ANDASS: 4914 case ORASS: 4915 case XORASS: 4916 case SHLASS: 4917 case SHRASS: 4918 case REAL: 4919 case IMAG: 4920 check_expr_side_effect(ln, szof); 4921 break; 4922 case ASSIGN: 4923 check_expr_assign(ln, szof); 4924 break; 4925 case EQ: 4926 if (hflag && eqwarn) 4927 /* operator '==' found where '=' was expected */ 4928 warning(160); 4929 break; 4930 default: 4931 break; 4932 } 4933 } 4934 4935 /* 4936 * vctx ??? 4937 * cond whether the expression is a condition that 4938 * will be compared with 0 4939 * eqwarn whether the operator '==' might be a 4940 * misspelled '=' 4941 * fcall whether the expression is a function call 4942 * retval_discarded whether the return value of a function call 4943 * is discarded; such calls will be analyzed by 4944 * lint2 in messages 4, 8 and 9 4945 * szof whether the expression is part of a sizeof 4946 * expression, which means that its value is 4947 * discarded since only the type is relevant 4948 */ 4949 void 4950 check_expr_misc(const tnode_t *tn, bool vctx, bool cond, 4951 bool eqwarn, bool fcall, bool retval_discarded, bool szof) 4952 { 4953 4954 if (tn == NULL) 4955 return; 4956 op_t op = tn->tn_op; 4957 if (op == NAME || op == CON || op == STRING) 4958 return; 4959 bool is_direct = op == CALL 4960 && tn->u.call->func->tn_op == ADDR 4961 && tn->u.call->func->u.ops.left->tn_op == NAME; 4962 if (op == CALL) { 4963 const function_call *call = tn->u.call; 4964 if (is_direct) 4965 check_expr_call(tn, call->func, 4966 szof, vctx, cond, retval_discarded); 4967 bool discard = op == CVT && tn->tn_type->t_tspec == VOID; 4968 check_expr_misc(call->func, false, false, false, is_direct, 4969 discard, szof); 4970 for (size_t i = 0, n = call->args_len; i < n; i++) 4971 check_expr_misc(call->args[i], 4972 true, false, false, false, false, szof); 4973 return; 4974 } 4975 4976 lint_assert(has_operands(tn)); 4977 tnode_t *ln = tn->u.ops.left; 4978 tnode_t *rn = tn->u.ops.right; 4979 check_expr_op(op, ln, szof, fcall, eqwarn); 4980 4981 const mod_t *mp = &modtab[op]; 4982 bool cvctx = mp->m_value_context; 4983 bool ccond = mp->m_compares_with_zero; 4984 bool eq = mp->m_warn_if_operand_eq && 4985 !ln->tn_parenthesized && 4986 rn != NULL && !rn->tn_parenthesized; 4987 4988 /* 4989 * Values of operands of ':' are not used if the type of at least 4990 * one of the operands (for GCC compatibility) is 'void'. 4991 * 4992 * XXX test/value context of QUEST should probably be used as 4993 * context for both operands of COLON. 4994 */ 4995 if (op == COLON && tn->tn_type->t_tspec == VOID) 4996 cvctx = ccond = false; 4997 bool discard = op == CVT && tn->tn_type->t_tspec == VOID; 4998 check_expr_misc(ln, cvctx, ccond, eq, is_direct, discard, szof); 4999 5000 switch (op) { 5001 case LOGAND: 5002 case LOGOR: 5003 check_expr_misc(rn, false, true, eq, false, false, szof); 5004 break; 5005 case COLON: 5006 check_expr_misc(rn, cvctx, ccond, eq, false, false, szof); 5007 break; 5008 case COMMA: 5009 check_expr_misc(rn, vctx, cond, false, false, false, szof); 5010 break; 5011 default: 5012 if (mp->m_binary) 5013 check_expr_misc(rn, true, false, eq, false, false, 5014 szof); 5015 break; 5016 } 5017 } 5018 5019 /* 5020 * Return whether the expression can be used for static initialization. 5021 * 5022 * Constant initialization expressions must be constant or an address 5023 * of a static object with an optional offset. In the first case, 5024 * the result is returned in *offsp. In the second case, the static 5025 * object is returned in *symp and the offset in *offsp. 5026 * 5027 * The expression can consist of PLUS, MINUS, ADDR, NAME, STRING and 5028 * CON. Type conversions are allowed if they do not change binary 5029 * representation (including width). 5030 * 5031 * C99 6.6 "Constant expressions" 5032 * C99 6.7.8p4 restricts initializers for static storage duration 5033 */ 5034 bool 5035 constant_addr(const tnode_t *tn, const sym_t **symp, ptrdiff_t *offsp) 5036 { 5037 const sym_t *sym; 5038 ptrdiff_t offs1, offs2; 5039 tspec_t t, ot; 5040 5041 switch (tn->tn_op) { 5042 case MINUS: 5043 if (tn->u.ops.right->tn_op == CVT) 5044 return constant_addr(tn->u.ops.right, symp, offsp); 5045 if (tn->u.ops.right->tn_op != CON) 5046 return false; 5047 /* FALLTHROUGH */ 5048 case PLUS: 5049 offs1 = offs2 = 0; 5050 if (tn->u.ops.left->tn_op == CON) { 5051 offs1 = (ptrdiff_t)tn->u.ops.left->u.value.u.integer; 5052 if (!constant_addr(tn->u.ops.right, &sym, &offs2)) 5053 return false; 5054 } else if (tn->u.ops.right->tn_op == CON) { 5055 offs2 = (ptrdiff_t)tn->u.ops.right->u.value.u.integer; 5056 if (tn->tn_op == MINUS) 5057 offs2 = -offs2; 5058 if (!constant_addr(tn->u.ops.left, &sym, &offs1)) 5059 return false; 5060 } else { 5061 return false; 5062 } 5063 *symp = sym; 5064 *offsp = offs1 + offs2; 5065 return true; 5066 case ADDR: 5067 if (tn->u.ops.left->tn_op == NAME) { 5068 *symp = tn->u.ops.left->u.sym; 5069 *offsp = 0; 5070 return true; 5071 } 5072 *symp = NULL; 5073 *offsp = 0; 5074 return true; 5075 case CVT: 5076 t = tn->tn_type->t_tspec; 5077 ot = tn->u.ops.left->tn_type->t_tspec; 5078 if ((!is_integer(t) && t != PTR) || 5079 (!is_integer(ot) && ot != PTR)) { 5080 return false; 5081 } 5082 #if 0 5083 /*- 5084 * consider: 5085 * struct foo { 5086 * unsigned char a; 5087 * } f = { 5088 * (unsigned char)(unsigned long) 5089 * (&(((struct foo *)0)->a)) 5090 * }; 5091 * since psize(unsigned long) != psize(unsigned char), 5092 * this fails. 5093 */ 5094 else if (psize(t) != psize(ot)) 5095 return -1; 5096 #endif 5097 return constant_addr(tn->u.ops.left, symp, offsp); 5098 default: 5099 return false; 5100 } 5101 } 5102 5103 /* Append s2 to s1, then free s2. */ 5104 buffer * 5105 cat_strings(buffer *s1, buffer *s2) 5106 { 5107 5108 if ((s1->data != NULL) != (s2->data != NULL)) { 5109 /* cannot concatenate wide and regular string literals */ 5110 error(292); 5111 return s1; 5112 } 5113 5114 if (s1->data != NULL) { 5115 while (s1->len + s2->len + 1 > s1->cap) 5116 s1->cap *= 2; 5117 s1->data = xrealloc(s1->data, s1->cap); 5118 memcpy(s1->data + s1->len, s2->data, s2->len + 1); 5119 free(s2->data); 5120 } 5121 s1->len += s2->len; 5122 free(s2); 5123 5124 return s1; 5125 } 5126 5127 5128 typedef struct stmt_expr { 5129 memory_pool se_mem; 5130 sym_t *se_sym; 5131 struct stmt_expr *se_enclosing; 5132 } stmt_expr; 5133 5134 static stmt_expr *stmt_exprs; 5135 5136 void 5137 begin_statement_expr(void) 5138 { 5139 debug_enter(); 5140 5141 stmt_expr *se = xmalloc(sizeof(*se)); 5142 se->se_mem = expr_save_memory(); 5143 se->se_sym = NULL; 5144 se->se_enclosing = stmt_exprs; 5145 stmt_exprs = se; 5146 } 5147 5148 void 5149 do_statement_expr(tnode_t *tn) 5150 { 5151 block_level--; 5152 mem_block_level--; 5153 stmt_exprs->se_sym = tn != NULL 5154 ? mktempsym(block_dup_type(tn->tn_type)) 5155 : NULL; /* after a syntax error */ 5156 mem_block_level++; 5157 block_level++; 5158 /* '({ ... })' is a GCC extension */ 5159 gnuism(320); 5160 } 5161 5162 tnode_t * 5163 end_statement_expr(void) 5164 { 5165 tnode_t *tn; 5166 5167 stmt_expr *se = stmt_exprs; 5168 if (se->se_sym == NULL) { 5169 tn = NULL; /* after a syntax error */ 5170 goto end; 5171 } 5172 5173 tn = build_name(se->se_sym, false); 5174 (void)expr_save_memory(); /* leak */ 5175 expr_restore_memory(se->se_mem); 5176 stmt_exprs = se->se_enclosing; 5177 free(se); 5178 5179 end: 5180 debug_leave(); 5181 return tn; 5182 } 5183 5184 bool 5185 in_statement_expr(void) 5186 { 5187 return stmt_exprs != NULL; 5188 } 5189
Indexes created Sat Sep 20 22:09:52 GMT 2025