1 /* $NetBSD: tree.c,v 1.670 2025/01/05 06:58:47 rillig Exp $ */ 2 3 /* 4 * Copyright (c) 1994, 1995 Jochen Pohl 5 * All Rights Reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by Jochen Pohl for 18 * The NetBSD Project. 19 * 4. The name of the author may not be used to endorse or promote products 20 * derived from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34 #if HAVE_NBTOOL_CONFIG_H 35 #include "nbtool_config.h" 36 #endif 37 38 #include <sys/cdefs.h> 39 #if defined(__RCSID) 40 __RCSID("$NetBSD: tree.c,v 1.670 2025/01/05 06:58:47 rillig Exp $"); 41 #endif 42 43 #include <float.h> 44 #include <limits.h> 45 #include <math.h> 46 #include <signal.h> 47 #include <stdlib.h> 48 #include <string.h> 49 50 #include "lint1.h" 51 52 53 typedef struct integer_constraints { 54 int64_t smin; /* signed minimum */ 55 int64_t smax; /* signed maximum */ 56 uint64_t umin; /* unsigned minimum */ 57 uint64_t umax; /* unsigned maximum */ 58 uint64_t bclr; /* bits that are definitely clear */ 59 } integer_constraints; 60 61 62 static int64_t 63 s64_min(int64_t a, int64_t b) 64 { 65 return a < b ? a : b; 66 } 67 68 static int64_t 69 s64_max(int64_t a, int64_t b) 70 { 71 return a > b ? a : b; 72 } 73 74 static uint64_t 75 s64_abs(int64_t x) 76 { 77 return x >= 0 ? (uint64_t)x : -(uint64_t)x; 78 } 79 80 static int64_t 81 s64_shr(int64_t x, unsigned amount) 82 { 83 return x >= 0 84 ? (int64_t)((uint64_t)x >> amount) 85 : (int64_t)~(~(uint64_t)x >> amount); 86 } 87 88 static uint64_t 89 u64_min(uint64_t a, uint64_t b) 90 { 91 return a < b ? a : b; 92 } 93 94 static uint64_t 95 u64_max(uint64_t a, uint64_t b) 96 { 97 return a > b ? a : b; 98 } 99 100 static uint64_t 101 u64_fill_right(uint64_t x) 102 { 103 x |= x >> 1; 104 x |= x >> 2; 105 x |= x >> 4; 106 x |= x >> 8; 107 x |= x >> 16; 108 x |= x >> 32; 109 return x; 110 } 111 112 static int 113 portable_rank_cmp(tspec_t t1, tspec_t t2) 114 { 115 const ttab_t *p1 = type_properties(t1), *p2 = type_properties(t2); 116 lint_assert(p1->tt_rank_kind == p2->tt_rank_kind); 117 lint_assert(p1->tt_rank_value > 0); 118 lint_assert(p2->tt_rank_value > 0); 119 return (int)p1->tt_rank_value - (int)p2->tt_rank_value; 120 } 121 122 static unsigned 123 width_in_bits(const type_t *tp) 124 { 125 lint_assert(is_integer(tp->t_tspec)); 126 return tp->t_bitfield 127 ? tp->t_bit_field_width 128 : size_in_bits(tp->t_tspec); 129 } 130 131 static uint64_t 132 ui_max_value(const type_t *tp) 133 { 134 return value_bits(width_in_bits(tp)); 135 } 136 137 static int64_t 138 si_max_value(const type_t *tp) 139 { 140 return (int64_t)(ui_max_value(tp) >> 1); 141 } 142 143 static int64_t 144 si_min_value(const type_t *tp) 145 { 146 return -si_max_value(tp) - 1; 147 } 148 149 static int64_t 150 si_mult_sat(const type_t *tp, int64_t l, int64_t r) 151 { 152 uint64_t al = s64_abs(l); 153 uint64_t ar = s64_abs(r); 154 bool neg = (l >= 0) != (r >= 0); 155 uint64_t max = ui_max_value(tp); 156 uint64_t max_prod = (uint64_t)max + (neg ? 1 : 0); 157 if (al == 0 || ar <= max_prod / al) 158 return l * r; 159 else if (neg) 160 return -1 - (int64_t)(max >> 1); 161 else 162 return (int64_t)(max >> 1); 163 } 164 165 static int64_t 166 si_plus_sat(const type_t *tp, int64_t a, int64_t b) 167 { 168 if (b >= 0) { 169 int64_t max = si_max_value(tp); 170 return a <= max - b ? a + b : max; 171 } else { 172 int64_t min = si_min_value(tp); 173 return a >= min - b ? a + b : min; 174 } 175 } 176 177 static int64_t 178 si_minus_sat(const type_t *tp, int64_t a, int64_t b) 179 { 180 if (b >= 0) { 181 int64_t min = si_min_value(tp); 182 return a >= min + b ? a - b : min; 183 } else { 184 int64_t max = si_max_value(tp); 185 return a <= max + b ? a - b : max; 186 } 187 } 188 189 static bool 190 ic_maybe_signed(const type_t *tp, integer_constraints ic) 191 { 192 return !is_uinteger(tp->t_tspec) && ic.bclr >> 63 == 0; 193 } 194 195 static bool 196 ic_maybe_signed_binary(const type_t *tp, 197 integer_constraints a, integer_constraints b) 198 { 199 return !is_uinteger(tp->t_tspec) && (a.bclr & b.bclr) >> 63 == 0; 200 } 201 202 static integer_constraints 203 ic_any(const type_t *tp) 204 { 205 integer_constraints c; 206 207 unsigned width = width_in_bits(tp); 208 uint64_t vbits = value_bits(width); 209 if (is_uinteger(tp->t_tspec)) { 210 c.smin = width < 64 ? 0 : INT64_MIN; 211 c.smax = width < 64 ? (int64_t)vbits : INT64_MAX; 212 c.umin = 0; 213 c.umax = vbits; 214 c.bclr = ~c.umax; 215 } else { 216 c.smin = -1 - (int64_t)(vbits >> 1); 217 c.smax = (int64_t)(vbits >> 1); 218 c.umin = 0; 219 c.umax = UINT64_MAX; 220 c.bclr = 0; 221 } 222 return c; 223 } 224 225 static integer_constraints 226 ic_mult(const type_t *tp, integer_constraints a, integer_constraints b) 227 { 228 integer_constraints c; 229 230 if (ic_maybe_signed_binary(tp, a, b)) { 231 int64_t ll = si_mult_sat(tp, a.smin, b.smin); 232 int64_t lu = si_mult_sat(tp, a.smin, b.smax); 233 int64_t ul = si_mult_sat(tp, a.smax, b.smin); 234 int64_t uu = si_mult_sat(tp, a.smax, b.smax); 235 236 c.smin = s64_min(ll, s64_min(lu, s64_min(ul, uu))); 237 c.smax = s64_max(ll, s64_max(lu, s64_max(ul, uu))); 238 c.umin = c.smin >= 0 ? (uint64_t)c.smin : 0; 239 c.umax = c.smin >= 0 ? (uint64_t)c.smax : UINT64_MAX; 240 c.bclr = ~u64_fill_right(c.umax); 241 return c; 242 } 243 244 if (a.umax > 0 && b.umax > ic_any(tp).umax / a.umax) 245 return ic_any(tp); 246 247 c.smin = INT64_MIN; 248 c.smax = INT64_MAX; 249 c.umin = a.umin * b.umin; 250 c.umax = a.umax * b.umax; 251 c.bclr = ~u64_fill_right(c.umax); 252 return c; 253 } 254 255 static integer_constraints 256 ic_div(const type_t *tp, integer_constraints a, integer_constraints b) 257 { 258 if (ic_maybe_signed_binary(tp, a, b)) { 259 if (b.smin >= 0) 260 return a; 261 return ic_any(tp); 262 } 263 264 integer_constraints c; 265 c.smin = INT64_MIN; 266 c.smax = INT64_MAX; 267 c.umin = a.umin / u64_max(b.umax, 1); 268 c.umax = a.umax / u64_max(b.umin, 1); 269 c.bclr = ~u64_fill_right(c.umax); 270 return c; 271 } 272 273 static integer_constraints 274 ic_mod(const type_t *tp, integer_constraints a, integer_constraints b) 275 { 276 if (ic_maybe_signed_binary(tp, a, b)) { 277 uint64_t max_abs_b = u64_max(s64_abs(b.smin), s64_abs(b.smax)); 278 if (max_abs_b >> 63 != 0 || max_abs_b == 0) 279 return a; 280 281 integer_constraints c; 282 c.smin = s64_max(a.smin, -(int64_t)(max_abs_b - 1)); 283 c.smax = s64_min(a.smax, (int64_t)(max_abs_b - 1)); 284 c.umin = 0; 285 c.umax = UINT64_MAX; 286 c.bclr = 0; 287 return c; 288 } 289 290 integer_constraints c; 291 c.smin = INT64_MIN; 292 c.smax = INT64_MAX; 293 c.umin = 0; 294 c.umax = b.umax - 1; 295 c.bclr = ~u64_fill_right(c.umax); 296 return c; 297 } 298 299 static integer_constraints 300 ic_plus(const type_t *tp, integer_constraints a, integer_constraints b) 301 { 302 if (ic_maybe_signed_binary(tp, a, b)) { 303 integer_constraints c; 304 c.smin = si_plus_sat(tp, a.smin, b.smin); 305 c.smax = si_plus_sat(tp, a.smax, b.smax); 306 c.umin = c.smin >= 0 ? (uint64_t)c.smin : 0; 307 c.umax = c.smin >= 0 ? (uint64_t)c.smax : UINT64_MAX; 308 c.bclr = 0; 309 return c; 310 } 311 312 uint64_t max = ui_max_value(tp); 313 integer_constraints c; 314 c.smin = INT64_MIN; 315 c.smax = INT64_MAX; 316 if (b.umax <= max - a.umax) { 317 c.umin = a.umin + b.umin; 318 c.umax = a.umax + b.umax; 319 } else { 320 c.umin = 0; 321 c.umax = max; 322 } 323 if (c.umax >> 63 == 0) { 324 c.smin = 0; 325 c.smax = (int64_t)c.umax; 326 } 327 c.bclr = ~u64_fill_right(c.umax); 328 return c; 329 } 330 331 static integer_constraints 332 ic_minus(const type_t *tp, integer_constraints a, integer_constraints b) 333 { 334 integer_constraints c; 335 c.smin = si_minus_sat(tp, a.smin, b.smax); 336 c.smax = si_minus_sat(tp, a.smax, b.smin); 337 338 if (ic_maybe_signed_binary(tp, a, b)) { 339 c.umin = c.smin >= 0 ? (uint64_t)c.smin : 0; 340 c.umax = c.smin >= 0 ? (uint64_t)c.smax : UINT64_MAX; 341 } else if (a.umin >= b.umax) { 342 c.umin = a.umin - b.umax; 343 c.umax = a.umax - b.umin; 344 } else { 345 c.umin = 0; 346 c.umax = is_uinteger(tp->t_tspec) ? ui_max_value(tp) 347 : UINT64_MAX; 348 } 349 c.bclr = ~u64_fill_right(c.umax); 350 return c; 351 } 352 353 static integer_constraints 354 ic_shl(const type_t *tp, integer_constraints a, integer_constraints b) 355 { 356 if (ic_maybe_signed(tp, a)) 357 return ic_any(tp); 358 359 unsigned amount; 360 if (b.smin == b.smax && b.smin >= 0 && b.smin < 64) 361 amount = (unsigned)b.smin; 362 else if (b.umin == b.umax && b.umin < 64) 363 amount = (unsigned)b.umin; 364 else 365 return ic_any(tp); 366 367 integer_constraints c; 368 c.umin = a.umin << amount; 369 c.umax = a.umax << amount; 370 if (c.umax >> (width_in_bits(tp) - 1) == 0) { 371 c.smin = (int64_t)c.umin; 372 c.smax = (int64_t)c.umax; 373 } else { 374 c.smin = INT64_MIN; 375 c.smax = INT64_MAX; 376 } 377 c.bclr = a.bclr << amount | (((uint64_t)1 << amount) - 1); 378 return c; 379 } 380 381 static integer_constraints 382 ic_shr(const type_t *tp, integer_constraints a, integer_constraints b) 383 { 384 if (ic_maybe_signed(tp, a)) 385 return ic_any(tp); 386 387 unsigned amount; 388 if (b.smin == b.smax && b.smin >= 0 && b.smin < 64) 389 amount = (unsigned)b.smin; 390 else if (b.umin == b.umax && b.umin < 64) 391 amount = (unsigned)b.umin; 392 else 393 return ic_any(tp); 394 395 integer_constraints c; 396 c.smin = s64_shr(a.smin, amount); 397 c.smax = s64_shr(a.smax, amount); 398 c.umin = a.umin >> amount; 399 c.umax = a.umax >> amount; 400 c.bclr = a.bclr >> amount | ~(~(uint64_t)0 >> amount); 401 return c; 402 } 403 404 static integer_constraints 405 ic_bitand(integer_constraints a, integer_constraints b) 406 { 407 integer_constraints c; 408 c.smin = a.smin & b.smin; 409 c.smax = a.smax & b.smax; 410 c.umin = a.umin & b.umin; 411 c.umax = a.umax & b.umax; 412 c.bclr = a.bclr | b.bclr; 413 return c; 414 } 415 416 static integer_constraints 417 ic_bitxor(const type_t *tp, integer_constraints a, integer_constraints b) 418 { 419 if (ic_maybe_signed_binary(tp, a, b)) 420 return ic_any(tp); 421 422 integer_constraints c; 423 c.smin = a.smin & b.smin; 424 c.smax = a.smax | b.smax; 425 c.umin = a.umin & b.umin; 426 c.umax = a.umax | b.umax; 427 c.bclr = a.bclr & b.bclr; 428 return c; 429 } 430 431 static integer_constraints 432 ic_bitor(integer_constraints a, integer_constraints b) 433 { 434 integer_constraints c; 435 c.smin = a.smin | b.smin; 436 c.smax = a.smax | b.smax; 437 c.umin = a.umin | b.umin; 438 c.umax = a.umax | b.umax; 439 c.bclr = a.bclr & b.bclr; 440 return c; 441 } 442 443 static integer_constraints 444 ic_quest_colon(integer_constraints a, integer_constraints b) 445 { 446 integer_constraints c; 447 c.smin = s64_min(a.smin, b.smin); 448 c.smax = s64_max(a.smax, b.smax); 449 c.umin = u64_min(a.umin, b.umin); 450 c.umax = u64_max(a.umax, b.umax); 451 c.bclr = a.bclr & b.bclr; 452 return c; 453 } 454 455 static integer_constraints 456 ic_con(const type_t *tp, const val_t *v) 457 { 458 lint_assert(is_integer(tp->t_tspec)); 459 int64_t si = v->u.integer; 460 uint64_t ui = (uint64_t)si; 461 462 integer_constraints c; 463 c.smin = si; 464 c.smax = si; 465 c.umin = ui; 466 c.umax = ui; 467 c.bclr = ~ui; 468 return c; 469 } 470 471 static integer_constraints 472 ic_cvt(const type_t *ntp, const type_t *otp, integer_constraints a) 473 { 474 unsigned new_width = width_in_bits(ntp); 475 unsigned old_width = width_in_bits(otp); 476 bool new_unsigned = is_uinteger(ntp->t_tspec); 477 bool old_unsigned = is_uinteger(otp->t_tspec); 478 479 if (new_width >= old_width && new_unsigned == old_unsigned) 480 return a; 481 if (new_width > old_width && old_unsigned) 482 return a; 483 if (new_unsigned && (~value_bits(new_width) & ~a.bclr) == 0) 484 return a; 485 return ic_any(ntp); 486 } 487 488 static integer_constraints 489 ic_expr(const tnode_t *tn) 490 { 491 integer_constraints lc, rc; 492 493 lint_assert(is_integer(tn->tn_type->t_tspec)); 494 495 switch (tn->tn_op) { 496 case MULT: 497 lc = ic_expr(tn->u.ops.left); 498 rc = ic_expr(tn->u.ops.right); 499 return ic_mult(tn->tn_type, lc, rc); 500 case DIV: 501 lc = ic_expr(tn->u.ops.left); 502 rc = ic_expr(tn->u.ops.right); 503 return ic_div(tn->tn_type, lc, rc); 504 case MOD: 505 lc = ic_expr(tn->u.ops.left); 506 rc = ic_expr(tn->u.ops.right); 507 return ic_mod(tn->tn_type, lc, rc); 508 case PLUS: 509 lc = ic_expr(tn->u.ops.left); 510 rc = ic_expr(tn->u.ops.right); 511 return ic_plus(tn->tn_type, lc, rc); 512 case MINUS: 513 if (tn->u.ops.left->tn_type->t_tspec == PTR) 514 return ic_any(tn->tn_type); 515 lc = ic_expr(tn->u.ops.left); 516 rc = ic_expr(tn->u.ops.right); 517 return ic_minus(tn->tn_type, lc, rc); 518 case SHL: 519 lc = ic_expr(tn->u.ops.left); 520 rc = ic_expr(tn->u.ops.right); 521 return ic_shl(tn->tn_type, lc, rc); 522 case SHR: 523 lc = ic_expr(tn->u.ops.left); 524 rc = ic_expr(tn->u.ops.right); 525 return ic_shr(tn->tn_type, lc, rc); 526 case BITAND: 527 lc = ic_expr(tn->u.ops.left); 528 rc = ic_expr(tn->u.ops.right); 529 return ic_bitand(lc, rc); 530 case BITXOR: 531 lc = ic_expr(tn->u.ops.left); 532 rc = ic_expr(tn->u.ops.right); 533 return ic_bitxor(tn->tn_type, lc, rc); 534 case BITOR: 535 lc = ic_expr(tn->u.ops.left); 536 rc = ic_expr(tn->u.ops.right); 537 return ic_bitor(lc, rc); 538 case QUEST: 539 lc = ic_expr(tn->u.ops.right->u.ops.left); 540 rc = ic_expr(tn->u.ops.right->u.ops.right); 541 return ic_quest_colon(lc, rc); 542 case CON: 543 return ic_con(tn->tn_type, &tn->u.value); 544 case CVT: 545 if (!is_integer(tn->u.ops.left->tn_type->t_tspec)) 546 return ic_any(tn->tn_type); 547 lc = ic_expr(tn->u.ops.left); 548 return ic_cvt(tn->tn_type, tn->u.ops.left->tn_type, lc); 549 default: 550 return ic_any(tn->tn_type); 551 } 552 } 553 554 uint64_t 555 possible_bits(const tnode_t *tn) 556 { 557 return ~ic_expr(tn).bclr; 558 } 559 560 bool 561 attributes_contain(const attribute_list *attrs, const char *str) 562 { 563 for (size_t i = 0, n = attrs->len; i < n; i++) { 564 const attribute *attr = attrs->attrs + i; 565 if (attr->prefix == NULL && strcmp(attr->name, str) == 0) 566 return true; 567 } 568 return false; 569 } 570 571 /* Build 'pointer to tp', 'array of tp' or 'function returning tp'. */ 572 type_t * 573 block_derive_type(type_t *tp, tspec_t t) 574 { 575 576 type_t *tp2 = block_zero_alloc(sizeof(*tp2), "type"); 577 tp2->t_tspec = t; 578 tp2->t_subt = tp; 579 return tp2; 580 } 581 582 /* 583 * Derive 'pointer to tp' or 'function returning tp'. 584 * The memory is freed at the end of the current expression. 585 */ 586 type_t * 587 expr_derive_type(type_t *tp, tspec_t t) 588 { 589 590 type_t *tp2 = expr_zero_alloc(sizeof(*tp2), "type"); 591 tp2->t_tspec = t; 592 tp2->t_subt = tp; 593 return tp2; 594 } 595 596 /* Create an expression from a unary or binary operator and its operands. */ 597 static tnode_t * 598 build_op(op_t op, bool sys, type_t *type, tnode_t *ln, tnode_t *rn) 599 { 600 601 tnode_t *ntn = expr_alloc_tnode(); 602 ntn->tn_op = op; 603 ntn->tn_type = type; 604 ntn->tn_sys = sys; 605 ntn->u.ops.left = ln; 606 ntn->u.ops.right = rn; 607 608 if (op == INDIR || op == FSEL) { 609 lint_assert(ln->tn_type->t_tspec == PTR); 610 tspec_t t = ln->tn_type->t_subt->t_tspec; 611 ntn->tn_lvalue = t != FUNC && t != VOID; 612 } 613 614 return ntn; 615 } 616 617 tnode_t * 618 build_constant(type_t *tp, val_t *v) 619 { 620 621 tnode_t *n = expr_alloc_tnode(); 622 n->tn_op = CON; 623 n->tn_type = tp; 624 n->u.value = *v; 625 n->u.value.v_tspec = tp->t_tspec; 626 free(v); 627 return n; 628 } 629 630 static tnode_t * 631 build_integer_constant(tspec_t t, int64_t si) 632 { 633 634 tnode_t *n = expr_alloc_tnode(); 635 n->tn_op = CON; 636 n->tn_type = gettyp(t); 637 n->u.value.v_tspec = t; 638 n->u.value.v_unsigned_since_c90 = false; 639 n->u.value.v_char_constant = false; 640 n->u.value.u.integer = si; 641 return n; 642 } 643 644 static void 645 fallback_symbol(sym_t *sym) 646 { 647 648 if (Tflag && fallback_symbol_strict_bool(sym)) 649 return; 650 651 if (funcsym != NULL && (strcmp(sym->s_name, "__FUNCTION__") == 0 || 652 strcmp(sym->s_name, "__PRETTY_FUNCTION__") == 0)) { 653 /* __FUNCTION__/__PRETTY_FUNCTION__ is a GCC extension */ 654 gnuism(316); 655 goto return_function_name; 656 } 657 658 if (funcsym != NULL && strcmp(sym->s_name, "__func__") == 0) { 659 if (!allow_c99) 660 /* __func__ is a C99 feature */ 661 warning(317); 662 /* C11 6.4.2.2 */ 663 return_function_name: 664 sym->s_type = block_derive_type(gettyp(CHAR), ARRAY); 665 sym->s_type->t_const = true; 666 sym->s_type->u.dimension = (int)strlen(funcsym->s_name) + 1; 667 return; 668 } 669 670 /* '%s' undefined */ 671 error(99, sym->s_name); 672 } 673 674 /* 675 * Functions that are predeclared by GCC or other compilers can be called 676 * with arbitrary arguments. Since lint usually runs after a successful 677 * compilation, it's the compiler's job to catch any errors. 678 */ 679 bool 680 is_compiler_builtin(const char *name) 681 { 682 /* https://gcc.gnu.org/onlinedocs/gcc/C-Extensions.html */ 683 if (allow_gcc) { 684 if (strncmp(name, "__atomic_", 9) == 0 || 685 strncmp(name, "__builtin_", 10) == 0 || 686 strcmp(name, "alloca") == 0 || 687 /* obsolete but still in use, as of 2021 */ 688 strncmp(name, "__sync_", 7) == 0) 689 return true; 690 } 691 692 /* https://software.intel.com/sites/landingpage/IntrinsicsGuide/ */ 693 if (strncmp(name, "_mm_", 4) == 0) 694 return true; 695 696 return false; 697 } 698 699 static bool 700 str_ends_with(const char *haystack, const char *needle) 701 { 702 size_t hlen = strlen(haystack); 703 size_t nlen = strlen(needle); 704 705 return nlen <= hlen && 706 memcmp(haystack + hlen - nlen, needle, nlen) == 0; 707 } 708 709 /* https://gcc.gnu.org/onlinedocs/gcc/Integer-Overflow-Builtins.html */ 710 static bool 711 is_gcc_bool_builtin(const char *name) 712 { 713 return strncmp(name, "__builtin_", 10) == 0 && 714 (str_ends_with(name, "_overflow") || 715 str_ends_with(name, "_overflow_p")); 716 } 717 718 static void 719 build_name_call(sym_t *sym) 720 { 721 722 if (is_compiler_builtin(sym->s_name)) { 723 /* 724 * Do not warn about these, just assume that they are regular 725 * functions compatible with non-prototype calling conventions. 726 */ 727 if (allow_gcc && is_gcc_bool_builtin(sym->s_name)) 728 sym->s_type = gettyp(BOOL); 729 } else if (allow_c99) 730 /* function '%s' implicitly declared to return int */ 731 error(215, sym->s_name); 732 else if (!allow_trad) 733 /* function '%s' implicitly declared to return int */ 734 warning(215, sym->s_name); 735 736 /* XXX if !allow_c90, the symbol should be exported to level 0 */ 737 sym->s_type = block_derive_type(sym->s_type, FUNC); 738 } 739 740 /* Create a node for a name (symbol table entry). */ 741 tnode_t * 742 build_name(sym_t *sym, bool is_funcname) 743 { 744 745 if (sym->s_scl == NO_SCL && !in_gcc_attribute) { 746 sym->s_scl = EXTERN; 747 sym->s_def = DECL; 748 if (is_funcname) 749 build_name_call(sym); 750 else 751 fallback_symbol(sym); 752 } 753 754 lint_assert(sym->s_kind == SK_VCFT || sym->s_kind == SK_MEMBER); 755 756 tnode_t *n = expr_alloc_tnode(); 757 n->tn_type = sym->s_type; 758 if (sym->s_scl == BOOL_CONST) { 759 n->tn_op = CON; 760 n->u.value.v_tspec = BOOL; 761 n->u.value.v_unsigned_since_c90 = false; 762 n->u.value.v_char_constant = false; 763 n->u.value.u.integer = sym->u.s_bool_constant ? 1 : 0; 764 } else if (sym->s_scl == ENUM_CONST) { 765 n->tn_op = CON; 766 n->u.value.v_tspec = INT; /* ENUM is in n->tn_type */ 767 n->u.value.v_unsigned_since_c90 = false; 768 n->u.value.v_char_constant = false; 769 n->u.value.u.integer = sym->u.s_enum_constant; 770 } else { 771 n->tn_op = NAME; 772 n->u.sym = sym; 773 if (sym->s_kind == SK_VCFT && sym->s_type->t_tspec != FUNC) 774 n->tn_lvalue = true; 775 } 776 777 return n; 778 } 779 780 tnode_t * 781 build_string(buffer *lit) 782 { 783 size_t value_len = lit->len; 784 if (lit->data != NULL) { 785 quoted_iterator it = { .end = 0 }; 786 for (value_len = 0; quoted_next(lit, &it); value_len++) 787 continue; 788 } 789 790 type_t *tp = expr_zero_alloc(sizeof(*tp), "type"); 791 tp->t_tspec = ARRAY; 792 tp->t_subt = gettyp(lit->data != NULL ? CHAR : WCHAR_TSPEC); 793 tp->u.dimension = (int)(value_len + 1); 794 795 tnode_t *n = expr_alloc_tnode(); 796 n->tn_op = STRING; 797 n->tn_type = tp; 798 n->tn_lvalue = true; 799 800 n->u.str_literals = expr_zero_alloc(sizeof(*n->u.str_literals), "tnode.string"); 801 n->u.str_literals->len = lit->len; 802 803 if (lit->data != NULL) { 804 n->u.str_literals->data = expr_zero_alloc(lit->len + 1, 805 "tnode.string.data"); 806 (void)memcpy(n->u.str_literals->data, lit->data, lit->len + 1); 807 free(lit->data); 808 } 809 free(lit); 810 811 return n; 812 } 813 814 tnode_t * 815 build_generic_selection(const tnode_t *expr, 816 struct generic_association *sel) 817 { 818 tnode_t *default_result = NULL; 819 820 for (; sel != NULL; sel = sel->ga_prev) { 821 if (expr != NULL && 822 types_compatible(sel->ga_arg, expr->tn_type, 823 false, false, NULL)) 824 return sel->ga_result; 825 else if (sel->ga_arg == NULL) 826 default_result = sel->ga_result; 827 } 828 return default_result; 829 } 830 831 static bool 832 is_out_of_char_range(const tnode_t *tn) 833 { 834 return tn->tn_op == CON && 835 !tn->u.value.v_char_constant && 836 !(0 <= tn->u.value.u.integer && 837 tn->u.value.u.integer < 1 << (CHAR_SIZE - 1)); 838 } 839 840 static bool 841 check_nonportable_char_comparison(op_t op, 842 const tnode_t *ln, tspec_t lt, 843 const tnode_t *rn, tspec_t rt) 844 { 845 if (!(hflag || pflag)) 846 return true; 847 848 if (lt == CHAR && is_out_of_char_range(rn)) { 849 char buf[128]; 850 (void)snprintf(buf, sizeof(buf), "%s %d", 851 op_name(op), (int)rn->u.value.u.integer); 852 /* nonportable character comparison '%s' */ 853 warning(230, buf); 854 return false; 855 } 856 if (rt == CHAR && is_out_of_char_range(ln)) { 857 char buf[128]; 858 (void)snprintf(buf, sizeof(buf), "%d %s ?", 859 (int)ln->u.value.u.integer, op_name(op)); 860 /* nonportable character comparison '%s' */ 861 warning(230, buf); 862 return false; 863 } 864 return true; 865 } 866 867 static void 868 check_integer_comparison(op_t op, tnode_t *ln, tnode_t *rn) 869 { 870 871 tspec_t lt = ln->tn_type->t_tspec; 872 tspec_t rt = rn->tn_type->t_tspec; 873 874 if (ln->tn_op != CON && rn->tn_op != CON) 875 return; 876 877 if (!is_integer(lt) || !is_integer(rt)) 878 return; 879 880 if (any_query_enabled && !in_system_header) { 881 if (lt == CHAR && rn->tn_op == CON && 882 !rn->u.value.v_char_constant) { 883 /* comparison '%s' of 'char' with plain integer %d */ 884 query_message(14, 885 op_name(op), (int)rn->u.value.u.integer); 886 } 887 if (rt == CHAR && ln->tn_op == CON && 888 !ln->u.value.v_char_constant) { 889 /* comparison '%s' of 'char' with plain integer %d */ 890 query_message(14, 891 op_name(op), (int)ln->u.value.u.integer); 892 } 893 } 894 895 if (!check_nonportable_char_comparison(op, ln, lt, rn, rt)) 896 return; 897 898 if (is_uinteger(lt) && !is_uinteger(rt) && 899 rn->tn_op == CON && rn->u.value.u.integer <= 0) { 900 if (rn->u.value.u.integer < 0) { 901 /* operator '%s' compares '%s' with '%s' */ 902 warning(162, op_name(op), 903 type_name(ln->tn_type), "negative constant"); 904 } else if (op == LT || op == GE) 905 /* operator '%s' compares '%s' with '%s' */ 906 warning(162, op_name(op), type_name(ln->tn_type), "0"); 907 return; 908 } 909 if (is_uinteger(rt) && !is_uinteger(lt) && 910 ln->tn_op == CON && ln->u.value.u.integer <= 0) { 911 if (ln->u.value.u.integer < 0) { 912 /* operator '%s' compares '%s' with '%s' */ 913 warning(162, op_name(op), 914 "negative constant", type_name(rn->tn_type)); 915 } else if (op == GT || op == LE) 916 /* operator '%s' compares '%s' with '%s' */ 917 warning(162, op_name(op), "0", type_name(rn->tn_type)); 918 return; 919 } 920 } 921 922 static const tspec_t arith_rank[] = { 923 LDOUBLE, DOUBLE, FLOAT, 924 #ifdef INT128_SIZE 925 UINT128, INT128, 926 #endif 927 ULLONG, LLONG, 928 ULONG, LONG, 929 UINT, INT, 930 }; 931 932 /* Keep unsigned in traditional C */ 933 static tspec_t 934 usual_arithmetic_conversion_trad(tspec_t lt, tspec_t rt) 935 { 936 937 size_t i; 938 for (i = 0; arith_rank[i] != INT; i++) 939 if (lt == arith_rank[i] || rt == arith_rank[i]) 940 break; 941 942 tspec_t t = arith_rank[i]; 943 if (is_uinteger(lt) || is_uinteger(rt)) 944 if (is_integer(t) && !is_uinteger(t)) 945 return unsigned_type(t); 946 return t; 947 } 948 949 static tspec_t 950 usual_arithmetic_conversion_c90(tspec_t lt, tspec_t rt) 951 { 952 953 if (lt == rt) 954 return lt; 955 956 if (lt == LCOMPLEX || rt == LCOMPLEX) 957 return LCOMPLEX; 958 if (lt == DCOMPLEX || rt == DCOMPLEX) 959 return DCOMPLEX; 960 if (lt == FCOMPLEX || rt == FCOMPLEX) 961 return FCOMPLEX; 962 if (lt == LDOUBLE || rt == LDOUBLE) 963 return LDOUBLE; 964 if (lt == DOUBLE || rt == DOUBLE) 965 return DOUBLE; 966 if (lt == FLOAT || rt == FLOAT) 967 return FLOAT; 968 969 if (size_in_bits(lt) > size_in_bits(rt)) 970 return lt; 971 if (size_in_bits(lt) < size_in_bits(rt)) 972 return rt; 973 974 size_t i; 975 for (i = 3; arith_rank[i] != INT; i++) 976 if (arith_rank[i] == lt || arith_rank[i] == rt) 977 break; 978 if ((is_uinteger(lt) || is_uinteger(rt)) && 979 !is_uinteger(arith_rank[i])) 980 i--; 981 return arith_rank[i]; 982 } 983 984 static tnode_t * 985 apply_usual_arithmetic_conversions(op_t op, tnode_t *tn, tspec_t t) 986 { 987 type_t *ntp = expr_dup_type(tn->tn_type); 988 ntp->t_tspec = t; 989 if (tn->tn_op != CON) { 990 /* usual arithmetic conversion for '%s' from '%s' to '%s' */ 991 query_message(4, op_name(op), 992 type_name(tn->tn_type), type_name(ntp)); 993 } 994 return convert(op, 0, ntp, tn); 995 } 996 997 /* 998 * Apply the "usual arithmetic conversions" (C99 6.3.1.8), which gives both 999 * operands the same type. 1000 */ 1001 static void 1002 balance(op_t op, tnode_t **lnp, tnode_t **rnp) 1003 { 1004 1005 tspec_t lt = (*lnp)->tn_type->t_tspec; 1006 tspec_t rt = (*rnp)->tn_type->t_tspec; 1007 if (!is_arithmetic(lt) || !is_arithmetic(rt)) 1008 return; 1009 1010 tspec_t t = allow_c90 1011 ? usual_arithmetic_conversion_c90(lt, rt) 1012 : usual_arithmetic_conversion_trad(lt, rt); 1013 1014 if (modtab[op].m_comparison 1015 && is_integer(lt) && (*lnp)->tn_op != CON 1016 && is_floating(t) && (*rnp)->tn_op == CON) 1017 /* comparing integer '%s' to floating point constant %Lg */ 1018 warning(379, type_name((*lnp)->tn_type), 1019 (*rnp)->u.value.u.floating); 1020 1021 if (t != lt) 1022 *lnp = apply_usual_arithmetic_conversions(op, *lnp, t); 1023 if (t != rt) 1024 *rnp = apply_usual_arithmetic_conversions(op, *rnp, t); 1025 1026 if (is_integer(t)) { 1027 unsigned lw = width_in_bits((*lnp)->tn_type); 1028 unsigned rw = width_in_bits((*rnp)->tn_type); 1029 if (lw < rw) 1030 *lnp = convert(NOOP, 0, (*rnp)->tn_type, *lnp); 1031 if (rw < lw) 1032 *rnp = convert(NOOP, 0, (*lnp)->tn_type, *rnp); 1033 } 1034 } 1035 1036 static tnode_t * 1037 build_address(bool sys, tnode_t *tn, bool force) 1038 { 1039 tspec_t t; 1040 1041 if (!force && ((t = tn->tn_type->t_tspec) == ARRAY || t == FUNC)) { 1042 if (!allow_c90) 1043 /* '&' before array or function: ignored */ 1044 warning(127); 1045 return tn; 1046 } 1047 1048 /* eliminate '&*' */ 1049 if (tn->tn_op == INDIR && 1050 tn->u.ops.left->tn_type->t_tspec == PTR && 1051 tn->u.ops.left->tn_type->t_subt == tn->tn_type) { 1052 return tn->u.ops.left; 1053 } 1054 1055 return build_op(ADDR, sys, expr_derive_type(tn->tn_type, PTR), 1056 tn, NULL); 1057 } 1058 1059 static uint64_t 1060 fold_unsigned_integer(op_t op, uint64_t l, uint64_t r, 1061 uint64_t max_value, bool *overflow) 1062 { 1063 switch (op) { 1064 case COMPL: 1065 return ~l & max_value; 1066 case UPLUS: 1067 return +l; 1068 case UMINUS: 1069 return -l & max_value; 1070 case MULT: 1071 *overflow = r > 0 && l > max_value / r; 1072 return l * r; 1073 case DIV: 1074 if (r == 0) { 1075 /* division by 0 */ 1076 error(139); 1077 return max_value; 1078 } 1079 return l / r; 1080 case MOD: 1081 if (r == 0) { 1082 /* modulus by 0 */ 1083 error(140); 1084 return 0; 1085 } 1086 return l % r; 1087 case PLUS: 1088 *overflow = l > max_value - r; 1089 return l + r; 1090 case MINUS: 1091 *overflow = l < r; 1092 return l - r; 1093 case SHL: 1094 /* TODO: warn about out-of-bounds 'r'. */ 1095 /* TODO: warn about overflow. */ 1096 return l << (r & 63); 1097 case SHR: 1098 /* TODO: warn about out-of-bounds 'r'. */ 1099 return l >> (r & 63); 1100 case LT: 1101 return l < r ? 1 : 0; 1102 case LE: 1103 return l <= r ? 1 : 0; 1104 case GT: 1105 return l > r ? 1 : 0; 1106 case GE: 1107 return l >= r ? 1 : 0; 1108 case EQ: 1109 return l == r ? 1 : 0; 1110 case NE: 1111 return l != r ? 1 : 0; 1112 case BITAND: 1113 return l & r; 1114 case BITXOR: 1115 return l ^ r; 1116 case BITOR: 1117 return l | r; 1118 default: 1119 lint_assert(/*CONSTCOND*/false); 1120 /* NOTREACHED */ 1121 } 1122 } 1123 1124 static int64_t 1125 fold_signed_integer(op_t op, int64_t l, int64_t r, 1126 int64_t min_value, int64_t max_value, bool *overflow) 1127 { 1128 switch (op) { 1129 case COMPL: 1130 return ~l; 1131 case UPLUS: 1132 return +l; 1133 case UMINUS: 1134 *overflow = l == min_value; 1135 return *overflow ? l : -l; 1136 case MULT:; 1137 uint64_t al = s64_abs(l); 1138 uint64_t ar = s64_abs(r); 1139 bool neg = (l >= 0) != (r >= 0); 1140 uint64_t max_prod = (uint64_t)max_value + (neg ? 1 : 0); 1141 if (al > 0 && ar > max_prod / al) { 1142 *overflow = true; 1143 return neg ? min_value : max_value; 1144 } 1145 return l * r; 1146 case DIV: 1147 if (r == 0) { 1148 /* division by 0 */ 1149 error(139); 1150 return max_value; 1151 } 1152 if (l == min_value && r == -1) { 1153 *overflow = true; 1154 return l; 1155 } 1156 return l / r; 1157 case MOD: 1158 if (r == 0) { 1159 /* modulus by 0 */ 1160 error(140); 1161 return 0; 1162 } 1163 if (l == min_value && r == -1) { 1164 *overflow = true; 1165 return 0; 1166 } 1167 return l % r; 1168 case PLUS: 1169 if (r > 0 && l > max_value - r) { 1170 *overflow = true; 1171 return max_value; 1172 } 1173 if (r < 0 && l < min_value - r) { 1174 *overflow = true; 1175 return min_value; 1176 } 1177 return l + r; 1178 case MINUS: 1179 if (r > 0 && l < min_value + r) { 1180 *overflow = true; 1181 return min_value; 1182 } 1183 if (r < 0 && l > max_value + r) { 1184 *overflow = true; 1185 return max_value; 1186 } 1187 return l - r; 1188 case SHL: 1189 /* TODO: warn about out-of-bounds 'r'. */ 1190 /* TODO: warn about overflow. */ 1191 return l << (r & 63); 1192 case SHR: 1193 /* TODO: warn about out-of-bounds 'r'. */ 1194 return s64_shr(l, r & 63); 1195 case LT: 1196 return l < r ? 1 : 0; 1197 case LE: 1198 return l <= r ? 1 : 0; 1199 case GT: 1200 return l > r ? 1 : 0; 1201 case GE: 1202 return l >= r ? 1 : 0; 1203 case EQ: 1204 return l == r ? 1 : 0; 1205 case NE: 1206 return l != r ? 1 : 0; 1207 case BITAND: 1208 return l & r; 1209 case BITXOR: 1210 return l ^ r; 1211 case BITOR: 1212 return l | r; 1213 default: 1214 lint_assert(/*CONSTCOND*/false); 1215 /* NOTREACHED */ 1216 } 1217 } 1218 1219 static tnode_t * 1220 fold_constant_integer(tnode_t *tn) 1221 { 1222 1223 lint_assert(has_operands(tn)); 1224 tspec_t t = tn->u.ops.left->tn_type->t_tspec; 1225 int64_t l = tn->u.ops.left->u.value.u.integer; 1226 int64_t r = is_binary(tn) ? tn->u.ops.right->u.value.u.integer : 0; 1227 uint64_t mask = value_bits(size_in_bits(t)); 1228 1229 int64_t res; 1230 bool overflow = false; 1231 if (!is_integer(t) || is_uinteger(t)) { 1232 uint64_t u_res = fold_unsigned_integer(tn->tn_op, 1233 (uint64_t)l, (uint64_t)r, mask, &overflow); 1234 if (u_res > mask) 1235 overflow = true; 1236 res = (int64_t)u_res; 1237 if (overflow && hflag) { 1238 char buf[128]; 1239 if (is_binary(tn)) { 1240 snprintf(buf, sizeof(buf), "%ju %s %ju", 1241 (uintmax_t)l, op_name(tn->tn_op), 1242 (uintmax_t)r); 1243 } else { 1244 snprintf(buf, sizeof(buf), "%s%ju", 1245 op_name(tn->tn_op), (uintmax_t)l); 1246 } 1247 /* '%s' overflows '%s' */ 1248 warning(141, buf, type_name(tn->tn_type)); 1249 } 1250 } else { 1251 int64_t max_value = (int64_t)(mask >> 1); 1252 int64_t min_value = -max_value - 1; 1253 res = fold_signed_integer(tn->tn_op, 1254 l, r, min_value, max_value, &overflow); 1255 if (res < min_value || res > max_value) 1256 overflow = true; 1257 if (overflow && hflag) { 1258 char buf[128]; 1259 if (is_binary(tn)) { 1260 snprintf(buf, sizeof(buf), "%jd %s %jd", 1261 (intmax_t)l, op_name(tn->tn_op), 1262 (intmax_t)r); 1263 } else if (tn->tn_op == UMINUS && l < 0) { 1264 snprintf(buf, sizeof(buf), "-(%jd)", 1265 (intmax_t)l); 1266 } else { 1267 snprintf(buf, sizeof(buf), "%s%jd", 1268 op_name(tn->tn_op), (intmax_t)l); 1269 } 1270 /* '%s' overflows '%s' */ 1271 warning(141, buf, type_name(tn->tn_type)); 1272 } 1273 } 1274 1275 val_t *v = xcalloc(1, sizeof(*v)); 1276 v->v_tspec = tn->tn_type->t_tspec; 1277 v->u.integer = convert_integer(res, t, size_in_bits(t)); 1278 1279 tnode_t *cn = build_constant(tn->tn_type, v); 1280 if (tn->u.ops.left->tn_system_dependent) 1281 cn->tn_system_dependent = true; 1282 if (is_binary(tn) && tn->u.ops.right->tn_system_dependent) 1283 cn->tn_system_dependent = true; 1284 1285 return cn; 1286 } 1287 1288 static tnode_t * 1289 build_struct_access(op_t op, bool sys, tnode_t *ln, tnode_t *rn) 1290 { 1291 1292 lint_assert(rn->tn_op == NAME); 1293 lint_assert(is_member(rn->u.sym)); 1294 1295 bool lvalue = op == ARROW || ln->tn_lvalue; 1296 1297 if (op == POINT) 1298 ln = build_address(sys, ln, true); 1299 else if (ln->tn_type->t_tspec != PTR) { 1300 lint_assert(!allow_c90); 1301 lint_assert(is_integer(ln->tn_type->t_tspec)); 1302 ln = convert(NOOP, 0, expr_derive_type(gettyp(VOID), PTR), ln); 1303 } 1304 1305 tnode_t *ctn = build_integer_constant(PTRDIFF_TSPEC, 1306 rn->u.sym->u.s_member.sm_offset_in_bits / CHAR_SIZE); 1307 1308 type_t *ptr_tp = expr_derive_type(rn->tn_type, PTR); 1309 tnode_t *ntn = build_op(PLUS, sys, ptr_tp, ln, ctn); 1310 if (ln->tn_op == CON) 1311 ntn = fold_constant_integer(ntn); 1312 1313 op_t nop = rn->tn_type->t_bitfield ? FSEL : INDIR; 1314 ntn = build_op(nop, sys, ntn->tn_type->t_subt, ntn, NULL); 1315 if (!lvalue) 1316 ntn->tn_lvalue = false; 1317 1318 return ntn; 1319 } 1320 1321 /* 1322 * Get the size in bytes of type tp->t_subt, as a constant expression of type 1323 * ptrdiff_t as seen from the target platform. 1324 */ 1325 static tnode_t * 1326 subt_size_in_bytes(type_t *tp) 1327 { 1328 1329 lint_assert(tp->t_tspec == PTR); 1330 tp = tp->t_subt; 1331 1332 int elem = 1; 1333 while (tp->t_tspec == ARRAY) { 1334 elem *= tp->u.dimension; 1335 tp = tp->t_subt; 1336 } 1337 1338 int elsz_in_bits = 0; 1339 switch (tp->t_tspec) { 1340 case FUNC: 1341 /* pointer to function is not allowed here */ 1342 error(110); 1343 break; 1344 case VOID: 1345 /* cannot do pointer arithmetic on operand of unknown size */ 1346 gnuism(136); 1347 break; 1348 case STRUCT: 1349 case UNION: 1350 if ((elsz_in_bits = (int)tp->u.sou->sou_size_in_bits) == 0) 1351 /* cannot do pointer arithmetic on operand of ... */ 1352 error(136); 1353 break; 1354 case ENUM: 1355 if (is_incomplete(tp)) 1356 /* cannot do pointer arithmetic on operand of ... */ 1357 warning(136); 1358 /* FALLTHROUGH */ 1359 default: 1360 if ((elsz_in_bits = size_in_bits(tp->t_tspec)) == 0) 1361 /* cannot do pointer arithmetic on operand of ... */ 1362 error(136); 1363 else 1364 lint_assert(elsz_in_bits != -1); 1365 break; 1366 } 1367 1368 if (elem == 0 && elsz_in_bits != 0) 1369 /* cannot do pointer arithmetic on operand of unknown size */ 1370 error(136); 1371 1372 if (elsz_in_bits == 0) 1373 elsz_in_bits = CHAR_SIZE; 1374 1375 return build_integer_constant(PTRDIFF_TSPEC, 1376 (int64_t)(elem * elsz_in_bits / CHAR_SIZE)); 1377 } 1378 1379 static tnode_t * 1380 build_prepost_incdec(op_t op, bool sys, tnode_t *ln) 1381 { 1382 1383 lint_assert(ln != NULL); 1384 tnode_t *cn = ln->tn_type->t_tspec == PTR 1385 ? subt_size_in_bytes(ln->tn_type) 1386 : build_integer_constant(INT, 1); 1387 return build_op(op, sys, ln->tn_type, ln, cn); 1388 } 1389 1390 static void 1391 check_enum_array_index(const tnode_t *ln, const tnode_t *rn) 1392 { 1393 1394 if (ln->tn_op != ADDR || ln->u.ops.left->tn_op != NAME) 1395 return; 1396 1397 const type_t *ltp = ln->u.ops.left->tn_type; 1398 if (ltp->t_tspec != ARRAY || ltp->t_incomplete_array) 1399 return; 1400 1401 if (rn->tn_op != CVT || !rn->tn_type->t_is_enum) 1402 return; 1403 if (rn->u.ops.left->tn_op != LOAD) 1404 return; 1405 1406 const type_t *rtp = rn->u.ops.left->tn_type; 1407 const sym_t *ec = rtp->u.enumer->en_first_enumerator; 1408 const sym_t *max_ec = ec; 1409 lint_assert(ec != NULL); 1410 for (ec = ec->s_next; ec != NULL; ec = ec->s_next) 1411 if (ec->u.s_enum_constant > max_ec->u.s_enum_constant) 1412 max_ec = ec; 1413 1414 int64_t max_enum_value = max_ec->u.s_enum_constant; 1415 lint_assert(INT_MIN <= max_enum_value && max_enum_value <= INT_MAX); 1416 1417 int max_array_index = ltp->u.dimension - 1; 1418 if (max_enum_value == max_array_index) 1419 return; 1420 1421 if (max_enum_value == max_array_index + 1 && 1422 (strstr(max_ec->s_name, "MAX") != NULL || 1423 strstr(max_ec->s_name, "max") != NULL || 1424 strstr(max_ec->s_name, "NUM") != NULL || 1425 strstr(max_ec->s_name, "num") != NULL || 1426 strncmp(max_ec->s_name, "N_", 2) == 0)) 1427 return; 1428 1429 /* maximum value %d for '%s' of type '%s' does not match maximum array index %d */ 1430 warning(348, (int)max_enum_value, max_ec->s_name, type_name(rtp), 1431 max_array_index); 1432 print_previous_declaration(max_ec); 1433 } 1434 1435 static tnode_t * 1436 build_plus_minus(op_t op, bool sys, tnode_t *ln, tnode_t *rn) 1437 { 1438 1439 if (rn->tn_type->t_tspec == PTR && is_integer(ln->tn_type->t_tspec)) { 1440 tnode_t *tmp = ln; 1441 ln = rn; 1442 rn = tmp; 1443 /* pointer addition has integer on the left-hand side */ 1444 query_message(5); 1445 } 1446 1447 /* pointer +- integer */ 1448 tspec_t lt = ln->tn_type->t_tspec; 1449 tspec_t rt = rn->tn_type->t_tspec; 1450 if (lt == PTR && rt != PTR) { 1451 lint_assert(is_integer(rt)); 1452 1453 check_ctype_macro_invocation(ln, rn); 1454 check_enum_array_index(ln, rn); 1455 1456 tnode_t *elsz = subt_size_in_bytes(ln->tn_type); 1457 tspec_t szt = elsz->tn_type->t_tspec; 1458 if (rt != szt && rt != unsigned_type(szt)) 1459 rn = convert(NOOP, 0, elsz->tn_type, rn); 1460 1461 tnode_t *prod = build_op(MULT, sys, rn->tn_type, rn, elsz); 1462 if (rn->tn_op == CON) 1463 prod = fold_constant_integer(prod); 1464 1465 return build_op(op, sys, ln->tn_type, ln, prod); 1466 } 1467 1468 /* pointer - pointer */ 1469 if (rt == PTR) { 1470 lint_assert(lt == PTR); 1471 lint_assert(op == MINUS); 1472 1473 type_t *ptrdiff = gettyp(PTRDIFF_TSPEC); 1474 tnode_t *raw_diff = build_op(op, sys, ptrdiff, ln, rn); 1475 if (ln->tn_op == CON && rn->tn_op == CON) 1476 raw_diff = fold_constant_integer(raw_diff); 1477 1478 tnode_t *elsz = subt_size_in_bytes(ln->tn_type); 1479 balance(NOOP, &raw_diff, &elsz); 1480 1481 return build_op(DIV, sys, ptrdiff, raw_diff, elsz); 1482 } 1483 1484 return build_op(op, sys, ln->tn_type, ln, rn); 1485 } 1486 1487 static tnode_t * 1488 build_bit_shift(op_t op, bool sys, tnode_t *ln, tnode_t *rn) 1489 { 1490 1491 if (!allow_c90 && rn->tn_type->t_tspec != INT) 1492 // XXX: C1978 7.5 says: "Both [operators] perform the usual 1493 // arithmetic conversions on their operands." 1494 // TODO: Add a test to exercise this part of the code. 1495 rn = convert(NOOP, 0, gettyp(INT), rn); 1496 return build_op(op, sys, ln->tn_type, ln, rn); 1497 } 1498 1499 static bool 1500 is_null_pointer(const tnode_t *tn) 1501 { 1502 tspec_t t = tn->tn_type->t_tspec; 1503 1504 // TODO: Investigate how other pointers are stored, in particular, 1505 // whether a pointer constant can have a non-zero value. 1506 // If not, simplify the code below. 1507 return ((t == PTR && tn->tn_type->t_subt->t_tspec == VOID) 1508 || is_integer(t)) 1509 && (tn->tn_op == CON && tn->u.value.u.integer == 0); 1510 } 1511 1512 /* Return a type based on tp1, with added qualifiers from tp2. */ 1513 static type_t * 1514 merge_qualifiers(type_t *tp1, const type_t *tp2) 1515 { 1516 1517 lint_assert(tp1->t_tspec == PTR); 1518 lint_assert(tp2->t_tspec == PTR); 1519 1520 bool c1 = tp1->t_subt->t_const; 1521 bool c2 = tp2->t_subt->t_const; 1522 bool v1 = tp1->t_subt->t_volatile; 1523 bool v2 = tp2->t_subt->t_volatile; 1524 1525 if (c1 == (c1 | c2) && v1 == (v1 | v2)) 1526 return tp1; 1527 1528 type_t *nstp = expr_dup_type(tp1->t_subt); 1529 nstp->t_const |= c2; 1530 nstp->t_volatile |= v2; 1531 1532 type_t *ntp = expr_dup_type(tp1); 1533 ntp->t_subt = nstp; 1534 return ntp; 1535 } 1536 1537 /* See C99 6.5.15 "Conditional operator". */ 1538 static tnode_t * 1539 build_colon(bool sys, tnode_t *ln, tnode_t *rn) 1540 { 1541 tspec_t lt = ln->tn_type->t_tspec; 1542 tspec_t rt = rn->tn_type->t_tspec; 1543 1544 type_t *tp; 1545 if (is_arithmetic(lt) && is_arithmetic(rt)) 1546 /* The operands were already balanced in build_binary. */ 1547 tp = ln->tn_type; 1548 else if (lt == BOOL && rt == BOOL) 1549 tp = ln->tn_type; 1550 else if (lt == VOID || rt == VOID) 1551 tp = gettyp(VOID); 1552 else if (is_struct_or_union(lt)) { 1553 lint_assert(is_struct_or_union(rt)); 1554 lint_assert(ln->tn_type->u.sou == rn->tn_type->u.sou); 1555 if (is_incomplete(ln->tn_type)) { 1556 /* unknown operand size, op '%s' */ 1557 error(138, op_name(COLON)); 1558 return NULL; 1559 } 1560 tp = ln->tn_type; 1561 } else if (lt == PTR && is_integer(rt)) { 1562 if (rt != PTRDIFF_TSPEC) 1563 rn = convert(NOOP, 0, gettyp(PTRDIFF_TSPEC), rn); 1564 tp = ln->tn_type; 1565 } else if (rt == PTR && is_integer(lt)) { 1566 if (lt != PTRDIFF_TSPEC) 1567 ln = convert(NOOP, 0, gettyp(PTRDIFF_TSPEC), ln); 1568 tp = rn->tn_type; 1569 } else if (lt == PTR && is_null_pointer(rn)) 1570 tp = merge_qualifiers(ln->tn_type, rn->tn_type); 1571 else if (rt == PTR && is_null_pointer(ln)) 1572 tp = merge_qualifiers(rn->tn_type, ln->tn_type); 1573 else if (lt == PTR && ln->tn_type->t_subt->t_tspec == VOID) 1574 tp = merge_qualifiers(ln->tn_type, rn->tn_type); 1575 else if (rt == PTR && rn->tn_type->t_subt->t_tspec == VOID) 1576 tp = merge_qualifiers(rn->tn_type, ln->tn_type); 1577 else { 1578 /* 1579 * XXX For now we simply take the left type. This is probably 1580 * wrong, if one type contains a function prototype and the 1581 * other one, at the same place, only an old-style declaration. 1582 */ 1583 tp = merge_qualifiers(ln->tn_type, rn->tn_type); 1584 } 1585 1586 return build_op(COLON, sys, tp, ln, rn); 1587 } 1588 1589 /* TODO: check for varargs */ 1590 static bool 1591 is_cast_redundant(const tnode_t *tn) 1592 { 1593 const type_t *ntp = tn->tn_type, *otp = tn->u.ops.left->tn_type; 1594 tspec_t nt = ntp->t_tspec, ot = otp->t_tspec; 1595 1596 if (nt == BOOL || ot == BOOL) 1597 return nt == BOOL && ot == BOOL; 1598 1599 if (is_integer(nt) && is_integer(ot)) { 1600 unsigned int nw = width_in_bits(ntp), ow = width_in_bits(otp); 1601 if (is_uinteger(nt) == is_uinteger(ot)) 1602 return nw >= ow; 1603 return is_uinteger(ot) && nw > ow; 1604 } 1605 1606 if (is_complex(nt) || is_complex(ot)) 1607 return is_complex(nt) && is_complex(ot) && 1608 size_in_bits(nt) >= size_in_bits(ot); 1609 1610 if (is_floating(nt) && is_floating(ot)) 1611 return size_in_bits(nt) >= size_in_bits(ot); 1612 1613 if (nt == PTR && ot == PTR) { 1614 if (!ntp->t_subt->t_const && otp->t_subt->t_const) 1615 return false; 1616 if (!ntp->t_subt->t_volatile && otp->t_subt->t_volatile) 1617 return false; 1618 1619 if (ntp->t_subt->t_tspec == VOID || 1620 otp->t_subt->t_tspec == VOID || 1621 types_compatible(ntp->t_subt, otp->t_subt, 1622 false, false, NULL)) 1623 return true; 1624 } 1625 1626 return false; 1627 } 1628 1629 static bool 1630 is_assignment(op_t op) 1631 { 1632 1633 return op == ASSIGN || 1634 op == MULASS || 1635 op == DIVASS || 1636 op == MODASS || 1637 op == ADDASS || 1638 op == SUBASS || 1639 op == SHLASS || 1640 op == SHRASS || 1641 op == ANDASS || 1642 op == XORASS || 1643 op == ORASS || 1644 op == RETURN || 1645 op == INIT; 1646 } 1647 1648 static tnode_t * 1649 build_assignment(op_t op, bool sys, tnode_t *ln, tnode_t *rn) 1650 { 1651 1652 tspec_t lt = ln->tn_type->t_tspec; 1653 tspec_t rt = rn->tn_type->t_tspec; 1654 1655 if (is_assignment(rn->tn_op)) 1656 /* chained assignment with '%s' and '%s' */ 1657 query_message(10, op_name(op), op_name(rn->tn_op)); 1658 1659 if ((op == ADDASS || op == SUBASS) && lt == PTR) { 1660 lint_assert(is_integer(rt)); 1661 tnode_t *ctn = subt_size_in_bytes(ln->tn_type); 1662 if (rn->tn_type->t_tspec != ctn->tn_type->t_tspec) 1663 rn = convert(NOOP, 0, ctn->tn_type, rn); 1664 rn = build_op(MULT, sys, rn->tn_type, rn, ctn); 1665 if (rn->u.ops.left->tn_op == CON) 1666 rn = fold_constant_integer(rn); 1667 } 1668 1669 if ((op == ASSIGN || op == RETURN || op == INIT) && 1670 (lt == STRUCT || rt == STRUCT)) { 1671 lint_assert(lt == rt); 1672 lint_assert(ln->tn_type->u.sou == rn->tn_type->u.sou); 1673 if (is_incomplete(ln->tn_type)) { 1674 if (op == RETURN) 1675 /* cannot return incomplete type */ 1676 error(212); 1677 else 1678 /* unknown operand size, op '%s' */ 1679 error(138, op_name(op)); 1680 return NULL; 1681 } 1682 } 1683 1684 if (op == SHLASS && hflag && allow_trad && allow_c90 1685 && portable_rank_cmp(lt, rt) < 0) 1686 /* semantics of '%s' change in C90; ... */ 1687 warning(118, "<<="); 1688 1689 if (op != SHLASS && op != SHRASS 1690 && (op == ASSIGN || lt != PTR) 1691 && (lt != rt || (ln->tn_type->t_bitfield && rn->tn_op == CON))) { 1692 rn = convert(op, 0, ln->tn_type, rn); 1693 rt = lt; 1694 } 1695 1696 if (lt == PTR && ln->tn_type->t_subt->t_tspec != VOID 1697 && rt == PTR && rn->tn_type->t_subt->t_tspec == VOID 1698 && !is_null_pointer(rn)) 1699 /* implicit narrowing conversion from void ... */ 1700 query_message(20, type_name(ln->tn_type)); 1701 1702 if (any_query_enabled && rn->tn_op == CVT && rn->tn_cast && 1703 types_compatible(ln->tn_type, rn->tn_type, false, false, NULL) && 1704 is_cast_redundant(rn)) { 1705 /* redundant cast from '%s' to '%s' before assignment */ 1706 query_message(7, type_name(rn->u.ops.left->tn_type), 1707 type_name(rn->tn_type)); 1708 } 1709 1710 return build_op(op, sys, ln->tn_type, ln, rn); 1711 } 1712 1713 static tnode_t * 1714 build_real_imag(op_t op, bool sys, tnode_t *ln) 1715 { 1716 1717 lint_assert(ln != NULL); 1718 if (ln->tn_op == NAME) { 1719 /* 1720 * This may be too much, but it avoids wrong warnings. See 1721 * d_c99_complex_split.c. 1722 */ 1723 mark_as_used(ln->u.sym, false, false); 1724 mark_as_set(ln->u.sym); 1725 } 1726 1727 tspec_t t; 1728 switch (ln->tn_type->t_tspec) { 1729 case LCOMPLEX: 1730 t = LDOUBLE; 1731 break; 1732 case DCOMPLEX: 1733 t = DOUBLE; 1734 break; 1735 case FCOMPLEX: 1736 t = FLOAT; 1737 break; 1738 default: 1739 /* '__%s__' is illegal for type '%s' */ 1740 error(276, op == REAL ? "real" : "imag", 1741 type_name(ln->tn_type)); 1742 return NULL; 1743 } 1744 1745 tnode_t *ntn = build_op(op, sys, gettyp(t), ln, NULL); 1746 ntn->tn_lvalue = true; 1747 return ntn; 1748 } 1749 1750 static bool 1751 is_confusing_precedence(op_t op, const tnode_t *operand, op_t *cop) 1752 { 1753 if (operand->tn_parenthesized) 1754 return false; 1755 op_t oop = operand->tn_op; 1756 1757 if (op == SHL || op == SHR) { 1758 if (oop == PLUS || oop == MINUS) 1759 return *cop = oop, true; 1760 return false; 1761 } 1762 1763 if (op == LOGOR) { 1764 if (oop == LOGAND) 1765 return *cop = oop, true; 1766 return false; 1767 } 1768 1769 lint_assert(op == BITAND || op == BITXOR || op == BITOR); 1770 if (oop != op 1771 && (oop == PLUS || oop == MINUS || oop == BITAND || oop == BITXOR)) 1772 return *cop = oop, true; 1773 return false; 1774 } 1775 1776 /* 1777 * Print a warning if the given node has operands which should be 1778 * parenthesized. 1779 * 1780 * XXX Does not work if an operand is a constant expression. Constant 1781 * expressions are already folded. 1782 */ 1783 static void 1784 check_precedence_confusion(tnode_t *tn) 1785 { 1786 tnode_t *ln, *rn; 1787 1788 if (!hflag) 1789 return; 1790 1791 debug_node(tn); 1792 1793 lint_assert(is_binary(tn)); 1794 for (ln = tn->u.ops.left; ln->tn_op == CVT; ln = ln->u.ops.left) 1795 continue; 1796 for (rn = tn->u.ops.right; rn->tn_op == CVT; rn = rn->u.ops.left) 1797 continue; 1798 1799 op_t cop; 1800 if (is_confusing_precedence(tn->tn_op, ln, &cop) || 1801 is_confusing_precedence(tn->tn_op, rn, &cop)) { 1802 /* possible precedence confusion between '%s' and '%s' */ 1803 warning(169, op_name(tn->tn_op), op_name(cop)); 1804 } 1805 } 1806 1807 static tnode_t * 1808 fold_constant_compare_zero(tnode_t *tn) 1809 { 1810 1811 val_t *v = xcalloc(1, sizeof(*v)); 1812 v->v_tspec = tn->tn_type->t_tspec; 1813 lint_assert(v->v_tspec == INT || (Tflag && v->v_tspec == BOOL)); 1814 1815 lint_assert(has_operands(tn)); 1816 bool l = constant_is_nonzero(tn->u.ops.left); 1817 bool r = is_binary(tn) && constant_is_nonzero(tn->u.ops.right); 1818 1819 switch (tn->tn_op) { 1820 case NOT: 1821 if (hflag && !suppress_constcond) 1822 /* constant operand to '!' */ 1823 warning(239); 1824 v->u.integer = !l ? 1 : 0; 1825 break; 1826 case LOGAND: 1827 v->u.integer = l && r ? 1 : 0; 1828 break; 1829 case LOGOR: 1830 v->u.integer = l || r ? 1 : 0; 1831 break; 1832 default: 1833 lint_assert(/*CONSTCOND*/false); 1834 } 1835 1836 return build_constant(tn->tn_type, v); 1837 } 1838 1839 static long double 1840 floating_error_value(tspec_t t, long double lv) 1841 { 1842 if (t == FLOAT) 1843 return lv < 0 ? -FLT_MAX : FLT_MAX; 1844 if (t == DOUBLE) 1845 return lv < 0 ? -DBL_MAX : DBL_MAX; 1846 /* 1847 * When NetBSD is cross-built in MKLINT=yes mode on x86_64 for sparc64, 1848 * tools/lint checks this code while building usr.bin/xlint. In that 1849 * situation, lint uses the preprocessor for sparc64, in which the type 1850 * 'long double' is IEEE-754-binary128, affecting the macro LDBL_MAX 1851 * below. The type 'long double', as well as the strtold 1852 * implementation, comes from the host platform x86_64 though, where 1853 * 'long double' consumes 128 bits as well but only uses 80 of them. 1854 * The exponent range of the two 'long double' types is the same, but 1855 * the maximum finite value differs due to the extended precision on 1856 * sparc64. 1857 * 1858 * To properly handle the data types of the target platform, lint would 1859 * have to implement the floating-point types in a platform-independent 1860 * way, which is not worth the effort, given how few programs 1861 * practically use 'long double'. 1862 */ 1863 /* LINTED 248: floating-point constant out of range */ 1864 long double max = LDBL_MAX; 1865 return lv < 0 ? -max : max; 1866 } 1867 1868 static bool 1869 is_floating_overflow(tspec_t t, long double val) 1870 { 1871 if (fpe != 0 || isfinite(val) == 0) 1872 return true; 1873 if (t == FLOAT && (val > FLT_MAX || val < -FLT_MAX)) 1874 return true; 1875 if (t == DOUBLE && (val > DBL_MAX || val < -DBL_MAX)) 1876 return true; 1877 return false; 1878 } 1879 1880 static tnode_t * 1881 fold_constant_floating(tnode_t *tn) 1882 { 1883 1884 fpe = 0; 1885 1886 tspec_t t = tn->tn_type->t_tspec; 1887 1888 val_t *v = xcalloc(1, sizeof(*v)); 1889 v->v_tspec = t; 1890 1891 lint_assert(is_floating(t)); 1892 lint_assert(has_operands(tn)); 1893 lint_assert(t == tn->u.ops.left->tn_type->t_tspec); 1894 lint_assert(!is_binary(tn) || t == tn->u.ops.right->tn_type->t_tspec); 1895 1896 long double lv = tn->u.ops.left->u.value.u.floating; 1897 long double rv = is_binary(tn) ? tn->u.ops.right->u.value.u.floating 1898 : 0.0; 1899 1900 switch (tn->tn_op) { 1901 case UPLUS: 1902 v->u.floating = lv; 1903 break; 1904 case UMINUS: 1905 v->u.floating = -lv; 1906 break; 1907 case MULT: 1908 v->u.floating = lv * rv; 1909 break; 1910 case DIV: 1911 if (rv == 0.0) { 1912 /* division by 0 */ 1913 error(139); 1914 v->u.floating = floating_error_value(t, lv); 1915 } else { 1916 v->u.floating = lv / rv; 1917 } 1918 break; 1919 case PLUS: 1920 v->u.floating = lv + rv; 1921 break; 1922 case MINUS: 1923 v->u.floating = lv - rv; 1924 break; 1925 case LT: 1926 v->u.integer = lv < rv ? 1 : 0; 1927 break; 1928 case LE: 1929 v->u.integer = lv <= rv ? 1 : 0; 1930 break; 1931 case GE: 1932 v->u.integer = lv >= rv ? 1 : 0; 1933 break; 1934 case GT: 1935 v->u.integer = lv > rv ? 1 : 0; 1936 break; 1937 case EQ: 1938 v->u.integer = lv == rv ? 1 : 0; 1939 break; 1940 case NE: 1941 v->u.integer = lv != rv ? 1 : 0; 1942 break; 1943 default: 1944 lint_assert(/*CONSTCOND*/false); 1945 } 1946 1947 // XXX: Must not access u.floating after setting u.integer. 1948 lint_assert(fpe != 0 || isnan(v->u.floating) == 0); 1949 if (is_complex(v->v_tspec)) { 1950 /* 1951 * Don't warn, as lint doesn't model the imaginary part of 1952 * complex numbers. 1953 */ 1954 fpe = 0; 1955 } else if (is_floating_overflow(t, v->u.floating)) { 1956 /* operator '%s' produces floating point overflow */ 1957 warning(142, op_name(tn->tn_op)); 1958 v->u.floating = floating_error_value(t, v->u.floating); 1959 fpe = 0; 1960 } 1961 1962 return build_constant(tn->tn_type, v); 1963 } 1964 1965 static void 1966 use(const tnode_t *tn) 1967 { 1968 if (tn == NULL) 1969 return; 1970 switch (tn->tn_op) { 1971 case NAME: 1972 mark_as_used(tn->u.sym, false /* XXX */, false /* XXX */); 1973 break; 1974 case CON: 1975 case STRING: 1976 break; 1977 case CALL:; 1978 const function_call *call = tn->u.call; 1979 for (size_t i = 0, n = call->args_len; i < n; i++) 1980 use(call->args[i]); 1981 break; 1982 default: 1983 lint_assert(has_operands(tn)); 1984 use(tn->u.ops.left); 1985 if (is_binary(tn)) 1986 use(tn->u.ops.right); 1987 } 1988 } 1989 1990 /* 1991 * Create a tree node for a binary operator and its two operands. Also called 1992 * for unary operators; in that case rn is NULL. 1993 * 1994 * Function calls, sizeof and casts are handled elsewhere. 1995 */ 1996 tnode_t * 1997 build_binary(tnode_t *ln, op_t op, bool sys, tnode_t *rn) 1998 { 1999 const mod_t *mp = &modtab[op]; 2000 2001 /* If there was an error in one of the operands, return. */ 2002 if (ln == NULL || (mp->m_binary && rn == NULL)) 2003 return NULL; 2004 2005 if (mp->m_value_context || mp->m_compares_with_zero) 2006 ln = cconv(ln); 2007 if (mp->m_binary && op != ARROW && op != POINT) 2008 rn = cconv(rn); 2009 2010 if (mp->m_comparison) 2011 check_integer_comparison(op, ln, rn); 2012 2013 if (mp->m_value_context || mp->m_compares_with_zero) 2014 ln = promote(op, false, ln); 2015 if (mp->m_binary && op != ARROW && op != POINT && 2016 op != ASSIGN && op != RETURN && op != INIT) 2017 rn = promote(op, false, rn); 2018 2019 if (mp->m_warn_if_left_unsigned_in_c90 && 2020 ln->tn_op == CON && ln->u.value.v_unsigned_since_c90) { 2021 /* C90 treats constant as unsigned, op '%s' */ 2022 warning(218, op_name(op)); 2023 ln->u.value.v_unsigned_since_c90 = false; 2024 } 2025 if (mp->m_warn_if_right_unsigned_in_c90 && 2026 rn->tn_op == CON && rn->u.value.v_unsigned_since_c90) { 2027 /* C90 treats constant as unsigned, op '%s' */ 2028 warning(218, op_name(op)); 2029 rn->u.value.v_unsigned_since_c90 = false; 2030 } 2031 2032 if (mp->m_balance_operands || (!allow_c90 && (op == SHL || op == SHR))) 2033 balance(op, &ln, &rn); 2034 2035 if (!typeok(op, 0, ln, rn)) 2036 return NULL; 2037 2038 tnode_t *ntn; 2039 switch (op) { 2040 case POINT: 2041 case ARROW: 2042 ntn = build_struct_access(op, sys, ln, rn); 2043 break; 2044 case NOT: 2045 if (ln->tn_op == ASSIGN && ln->u.ops.right->tn_op == CON) { 2046 /* constant assignment of type '%s' in operand ... */ 2047 warning(382, type_name(ln->tn_type), 2048 is_nonzero_val(&ln->u.ops.right->u.value) 2049 ? "true" : "false"); 2050 } 2051 ntn = build_op(op, sys, gettyp(Tflag ? BOOL : INT), ln, NULL); 2052 break; 2053 case INCAFT: 2054 case DECAFT: 2055 case INCBEF: 2056 case DECBEF: 2057 ntn = build_prepost_incdec(op, sys, ln); 2058 break; 2059 case ADDR: 2060 ntn = build_address(sys, ln, false); 2061 break; 2062 case INDIR: 2063 ntn = build_op(INDIR, sys, ln->tn_type->t_subt, ln, NULL); 2064 break; 2065 case PLUS: 2066 case MINUS: 2067 ntn = build_plus_minus(op, sys, ln, rn); 2068 break; 2069 case SHL: 2070 case SHR: 2071 ntn = build_bit_shift(op, sys, ln, rn); 2072 break; 2073 case COLON: 2074 ntn = build_colon(sys, ln, rn); 2075 break; 2076 case ASSIGN: 2077 case MULASS: 2078 case DIVASS: 2079 case MODASS: 2080 case ADDASS: 2081 case SUBASS: 2082 case SHLASS: 2083 case SHRASS: 2084 case ANDASS: 2085 case XORASS: 2086 case ORASS: 2087 case RETURN: 2088 case INIT: 2089 ntn = build_assignment(op, sys, ln, rn); 2090 break; 2091 case COMMA: 2092 /* comma operator with types '%s' and '%s' */ 2093 query_message(12, 2094 type_name(ln->tn_type), type_name(rn->tn_type)); 2095 /* FALLTHROUGH */ 2096 case QUEST: 2097 ntn = build_op(op, sys, rn->tn_type, ln, rn); 2098 break; 2099 case REAL: 2100 case IMAG: 2101 ntn = build_real_imag(op, sys, ln); 2102 break; 2103 default: 2104 lint_assert(mp->m_binary == (rn != NULL)); 2105 type_t *rettp = mp->m_returns_bool 2106 ? gettyp(Tflag ? BOOL : INT) : ln->tn_type; 2107 ntn = build_op(op, sys, rettp, ln, rn); 2108 break; 2109 } 2110 2111 if (ntn == NULL) 2112 return NULL; 2113 2114 if (mp->m_possible_precedence_confusion) 2115 check_precedence_confusion(ntn); 2116 2117 if (hflag && !suppress_constcond && 2118 mp->m_compares_with_zero && 2119 (ln->tn_op == CON || 2120 (mp->m_binary && op != QUEST && rn->tn_op == CON)) && 2121 /* XXX: rn->tn_system_dependent should be checked as well */ 2122 !ln->tn_system_dependent) 2123 /* constant in conditional context */ 2124 warning(161); 2125 2126 if (mp->m_fold_constant_operands && ln->tn_op == CON) { 2127 if (!mp->m_binary || rn->tn_op == CON) { 2128 if (mp->m_compares_with_zero) 2129 ntn = fold_constant_compare_zero(ntn); 2130 else if (is_floating(ntn->tn_type->t_tspec)) 2131 ntn = fold_constant_floating(ntn); 2132 else 2133 ntn = fold_constant_integer(ntn); 2134 } else if (op == QUEST) { 2135 lint_assert(has_operands(rn)); 2136 use(ln->u.value.u.integer != 0 2137 ? rn->u.ops.right : rn->u.ops.left); 2138 ntn = ln->u.value.u.integer != 0 2139 ? rn->u.ops.left : rn->u.ops.right; 2140 } 2141 } 2142 2143 return ntn; 2144 } 2145 2146 tnode_t * 2147 build_unary(op_t op, bool sys, tnode_t *tn) 2148 { 2149 return build_binary(tn, op, sys, NULL); 2150 } 2151 2152 static bool 2153 are_members_compatible(const sym_t *a, const sym_t *b) 2154 { 2155 if (a->u.s_member.sm_offset_in_bits != b->u.s_member.sm_offset_in_bits) 2156 return false; 2157 2158 const type_t *atp = a->s_type; 2159 const type_t *btp = b->s_type; 2160 bool w = false; 2161 if (!types_compatible(atp, btp, false, false, &w) && !w) 2162 return false; 2163 if (a->s_bitfield != b->s_bitfield) 2164 return false; 2165 if (a->s_bitfield) { 2166 if (atp->t_bit_field_width != btp->t_bit_field_width) 2167 return false; 2168 if (atp->t_bit_field_offset != btp->t_bit_field_offset) 2169 return false; 2170 } 2171 return true; 2172 } 2173 2174 /* 2175 * Return whether all struct/union members with the same name have the same 2176 * type and offset. 2177 */ 2178 static bool 2179 all_members_compatible(const sym_t *msym) 2180 { 2181 for (const sym_t *csym = msym; 2182 csym != NULL; csym = csym->s_symtab_next) { 2183 if (!is_member(csym)) 2184 continue; 2185 if (strcmp(msym->s_name, csym->s_name) != 0) 2186 continue; 2187 2188 for (const sym_t *sym = csym->s_symtab_next; 2189 sym != NULL; sym = sym->s_symtab_next) { 2190 if (is_member(sym) 2191 && strcmp(csym->s_name, sym->s_name) == 0 2192 && !are_members_compatible(csym, sym)) 2193 return false; 2194 } 2195 } 2196 return true; 2197 } 2198 2199 sym_t * 2200 find_member(const struct_or_union *sou, const char *name) 2201 { 2202 for (sym_t *mem = sou->sou_first_member; 2203 mem != NULL; mem = mem->s_next) { 2204 lint_assert(is_member(mem)); 2205 lint_assert(mem->u.s_member.sm_containing_type == sou); 2206 if (strcmp(mem->s_name, name) == 0) 2207 return mem; 2208 } 2209 2210 for (sym_t *mem = sou->sou_first_member; 2211 mem != NULL; mem = mem->s_next) { 2212 if (is_struct_or_union(mem->s_type->t_tspec) 2213 && mem->s_name == unnamed) { 2214 sym_t *nested_mem = 2215 find_member(mem->s_type->u.sou, name); 2216 if (nested_mem != NULL) 2217 return nested_mem; 2218 } 2219 } 2220 return NULL; 2221 } 2222 2223 /* 2224 * Remove the member if it was unknown until now, which means 2225 * that no defined struct or union has a member with the same name. 2226 */ 2227 static void 2228 remove_unknown_member(tnode_t *tn, sym_t *msym) 2229 { 2230 /* type '%s' does not have member '%s' */ 2231 error(101, type_name(tn->tn_type), msym->s_name); 2232 symtab_remove_forever(msym); 2233 msym->s_kind = SK_MEMBER; 2234 msym->s_scl = STRUCT_MEMBER; 2235 2236 struct_or_union *sou = expr_zero_alloc(sizeof(*sou), 2237 "struct_or_union"); 2238 sou->sou_tag = expr_zero_alloc(sizeof(*sou->sou_tag), "sym"); 2239 sou->sou_tag->s_name = unnamed; 2240 2241 msym->u.s_member.sm_containing_type = sou; 2242 /* 2243 * The member sm_offset_in_bits is not needed here since this symbol 2244 * can only be used for error reporting. 2245 */ 2246 } 2247 2248 /* 2249 * Returns a symbol which has the same name as 'msym' and is a member of the 2250 * struct or union specified by 'tn'. 2251 */ 2252 static sym_t * 2253 struct_or_union_member(tnode_t *tn, op_t op, sym_t *msym) 2254 { 2255 2256 /* Determine the tag type of which msym is expected to be a member. */ 2257 const type_t *tp = NULL; 2258 if (op == POINT && is_struct_or_union(tn->tn_type->t_tspec)) 2259 tp = tn->tn_type; 2260 if (op == ARROW && tn->tn_type->t_tspec == PTR 2261 && is_struct_or_union(tn->tn_type->t_subt->t_tspec)) 2262 tp = tn->tn_type->t_subt; 2263 struct_or_union *sou = tp != NULL ? tp->u.sou : NULL; 2264 2265 if (sou != NULL) { 2266 sym_t *nested_mem = find_member(sou, msym->s_name); 2267 if (nested_mem != NULL) 2268 return nested_mem; 2269 } 2270 2271 if (msym->s_scl == NO_SCL) { 2272 remove_unknown_member(tn, msym); 2273 return msym; 2274 } 2275 2276 bool eq = all_members_compatible(msym); 2277 2278 /* 2279 * Now handle the case in which the left operand refers really to a 2280 * struct/union, but the right operand is not member of it. 2281 */ 2282 if (sou != NULL) { 2283 if (eq && !allow_c90) 2284 /* illegal use of member '%s' */ 2285 warning(102, msym->s_name); 2286 else 2287 /* illegal use of member '%s' */ 2288 error(102, msym->s_name); 2289 return msym; 2290 } 2291 2292 if (eq) { 2293 if (op == POINT) { 2294 if (!allow_c90) 2295 /* left operand of '.' must be struct ... */ 2296 warning(103, type_name(tn->tn_type)); 2297 else 2298 /* left operand of '.' must be struct ... */ 2299 error(103, type_name(tn->tn_type)); 2300 } else { 2301 if (!allow_c90 && tn->tn_type->t_tspec == PTR) 2302 /* left operand of '->' must be pointer ... */ 2303 warning(104, type_name(tn->tn_type)); 2304 else 2305 /* left operand of '->' must be pointer ... */ 2306 error(104, type_name(tn->tn_type)); 2307 } 2308 } else { 2309 if (!allow_c90) 2310 /* non-unique member requires struct/union %s */ 2311 error(105, op == POINT ? "object" : "pointer"); 2312 else 2313 /* unacceptable operand of '%s' */ 2314 error(111, op_name(op)); 2315 } 2316 2317 return msym; 2318 } 2319 2320 tnode_t * 2321 build_member_access(tnode_t *ln, op_t op, bool sys, sbuf_t *member) 2322 { 2323 sym_t *msym; 2324 2325 if (ln == NULL) 2326 return NULL; 2327 2328 if (op == ARROW) 2329 /* must do this before struct_or_union_member is called */ 2330 ln = cconv(ln); 2331 msym = struct_or_union_member(ln, op, getsym(member)); 2332 return build_binary(ln, op, sys, build_name(msym, false)); 2333 } 2334 2335 /* 2336 * Perform class conversions. 2337 * 2338 * Arrays of type T are converted into pointers to type T. 2339 * Functions are converted to pointers to functions. 2340 * Lvalues are converted to rvalues. 2341 * 2342 * C99 6.3 "Conversions" 2343 * C99 6.3.2 "Other operands" 2344 * C99 6.3.2.1 "Lvalues, arrays, and function designators" 2345 */ 2346 tnode_t * 2347 cconv(tnode_t *tn) 2348 { 2349 if (tn->tn_type->t_tspec == ARRAY) { 2350 if (!tn->tn_lvalue) { 2351 /* XXX print correct operator */ 2352 /* %soperand of '%s' must be lvalue */ 2353 gnuism(114, "", op_name(ADDR)); 2354 } 2355 tn = build_op(ADDR, tn->tn_sys, 2356 expr_derive_type(tn->tn_type->t_subt, PTR), tn, NULL); 2357 } 2358 2359 if (tn->tn_type->t_tspec == FUNC) 2360 tn = build_address(tn->tn_sys, tn, true); 2361 2362 if (tn->tn_lvalue) { 2363 type_t *tp = expr_dup_type(tn->tn_type); 2364 /* C99 6.3.2.1p2 sentence 2 says to remove the qualifiers. */ 2365 tp->t_const = tp->t_volatile = false; 2366 tn = build_op(LOAD, tn->tn_sys, tp, tn, NULL); 2367 } 2368 2369 return tn; 2370 } 2371 2372 const tnode_t * 2373 before_conversion(const tnode_t *tn) 2374 { 2375 while (tn->tn_op == CVT && !tn->tn_cast) 2376 tn = tn->u.ops.left; 2377 return tn; 2378 } 2379 2380 /* 2381 * Most errors required by C90 are reported in struct_or_union_member(). 2382 * Here we only check for totally wrong things. 2383 */ 2384 static bool 2385 typeok_point(const tnode_t *ln, const type_t *ltp, tspec_t lt) 2386 { 2387 if (is_struct_or_union(lt)) 2388 return true; 2389 2390 if (lt == FUNC || lt == VOID || ltp->t_bitfield) 2391 goto wrong; 2392 2393 /* 2394 * Some C dialects from before C90 tolerated any lvalue on the 2395 * left-hand side of the '.' operator, allowing things like 'char 2396 * st[100]; st.st_mtime', assuming that the member 'st_mtime' only 2397 * occurred in a single struct; see typeok_arrow. 2398 */ 2399 if (ln->tn_lvalue) 2400 return true; 2401 2402 wrong: 2403 /* With allow_c90 we already got an error */ 2404 if (!allow_c90) 2405 /* unacceptable operand of '%s' */ 2406 error(111, op_name(POINT)); 2407 2408 return false; 2409 } 2410 2411 static bool 2412 typeok_arrow(tspec_t lt) 2413 { 2414 /* 2415 * C1978 Appendix A 14.1 says: <quote>In fact, any lvalue is allowed 2416 * before '.', and that lvalue is then assumed to have the form of the 2417 * structure of which the name of the right is a member. [...] Such 2418 * constructions are non-portable.</quote> 2419 */ 2420 if (lt == PTR || (!allow_c90 && is_integer(lt))) 2421 return true; 2422 2423 /* With allow_c90 we already got an error */ 2424 if (!allow_c90) 2425 /* unacceptable operand of '%s' */ 2426 error(111, op_name(ARROW)); 2427 return false; 2428 } 2429 2430 static bool 2431 typeok_incdec(op_t op, const tnode_t *tn, const type_t *tp) 2432 { 2433 /* operand has scalar type (checked in typeok) */ 2434 if (!tn->tn_lvalue) { 2435 if (tn->tn_op == CVT && tn->tn_cast && 2436 tn->u.ops.left->tn_op == LOAD) 2437 /* a cast does not yield an lvalue */ 2438 error(163); 2439 /* %soperand of '%s' must be lvalue */ 2440 error(114, "", op_name(op)); 2441 return false; 2442 } 2443 if (tp->t_const && allow_c90) 2444 /* %soperand of '%s' must be modifiable lvalue */ 2445 warning(115, "", op_name(op)); 2446 return true; 2447 } 2448 2449 static bool 2450 typeok_address(op_t op, const tnode_t *tn, const type_t *tp, tspec_t t) 2451 { 2452 if (t == ARRAY || t == FUNC) { 2453 /* ok, a warning comes later (in build_address()) */ 2454 } else if (!tn->tn_lvalue) { 2455 if (tn->tn_op == CVT && tn->tn_cast && 2456 tn->u.ops.left->tn_op == LOAD) 2457 /* a cast does not yield an lvalue */ 2458 error(163); 2459 /* %soperand of '%s' must be lvalue */ 2460 error(114, "", op_name(op)); 2461 return false; 2462 } else if (is_scalar(t)) { 2463 if (tp->t_bitfield) { 2464 /* cannot take address of bit-field */ 2465 error(112); 2466 return false; 2467 } 2468 } else if (t != STRUCT && t != UNION) { 2469 /* unacceptable operand of '%s' */ 2470 error(111, op_name(op)); 2471 return false; 2472 } 2473 if (tn->tn_op == NAME && tn->u.sym->s_register) { 2474 /* cannot take address of register '%s' */ 2475 error(113, tn->u.sym->s_name); 2476 return false; 2477 } 2478 return true; 2479 } 2480 2481 static bool 2482 typeok_indir(const type_t *tp, tspec_t t) 2483 { 2484 2485 if (t != PTR) { 2486 /* cannot dereference non-pointer type '%s' */ 2487 error(96, type_name(tp)); 2488 return false; 2489 } 2490 return true; 2491 } 2492 2493 static void 2494 warn_incompatible_types(op_t op, 2495 const type_t *ltp, tspec_t lt, 2496 const type_t *rtp, tspec_t rt) 2497 { 2498 bool binary = modtab[op].m_binary; 2499 2500 if (lt == VOID || (binary && rt == VOID)) { 2501 /* void type illegal in expression */ 2502 error(109); 2503 } else if (op == ASSIGN) 2504 /* cannot assign to '%s' from '%s' */ 2505 error(171, type_name(ltp), type_name(rtp)); 2506 else if (binary) 2507 /* operands of '%s' have incompatible types '%s' and '%s' */ 2508 error(107, op_name(op), type_name(ltp), type_name(rtp)); 2509 else { 2510 lint_assert(rt == NO_TSPEC); 2511 /* operand of '%s' has invalid type '%s' */ 2512 error(108, op_name(op), type_name(ltp)); 2513 } 2514 } 2515 2516 static bool 2517 typeok_plus(op_t op, 2518 const type_t *ltp, tspec_t lt, 2519 const type_t *rtp, tspec_t rt) 2520 { 2521 /* operands have scalar types (checked in typeok) */ 2522 if ((lt == PTR && !is_integer(rt)) || (rt == PTR && !is_integer(lt))) { 2523 warn_incompatible_types(op, ltp, lt, rtp, rt); 2524 return false; 2525 } 2526 return true; 2527 } 2528 2529 static bool 2530 typeok_minus(op_t op, 2531 const type_t *ltp, tspec_t lt, 2532 const type_t *rtp, tspec_t rt) 2533 { 2534 /* operands have scalar types (checked in typeok) */ 2535 if ((lt == PTR && rt != PTR && !is_integer(rt)) || 2536 (lt != PTR && rt == PTR)) { 2537 warn_incompatible_types(op, ltp, lt, rtp, rt); 2538 return false; 2539 } 2540 if (lt == PTR && rt == PTR && 2541 !types_compatible(ltp->t_subt, rtp->t_subt, true, false, NULL)) { 2542 /* illegal pointer subtraction */ 2543 error(116); 2544 } 2545 return true; 2546 } 2547 2548 static void 2549 typeok_shr(op_t op, 2550 const tnode_t *ln, tspec_t lt, 2551 const tnode_t *rn, tspec_t rt) 2552 { 2553 tspec_t olt = before_conversion(ln)->tn_type->t_tspec; 2554 tspec_t ort = before_conversion(rn)->tn_type->t_tspec; 2555 2556 /* operands have integer types (checked in typeok) */ 2557 if (pflag && !is_uinteger(olt)) { 2558 integer_constraints lc = ic_expr(ln); 2559 if (lc.bclr >> 63 != 0) 2560 return; 2561 2562 if (ln->tn_op != CON) 2563 /* bitwise '%s' on signed value possibly nonportable */ 2564 warning(117, op_name(op)); 2565 else if (ln->u.value.u.integer < 0) 2566 /* bitwise '%s' on signed value nonportable */ 2567 warning(120, op_name(op)); 2568 } else if (allow_trad && allow_c90 && 2569 !is_uinteger(olt) && is_uinteger(ort)) { 2570 /* The left operand would become unsigned in traditional C. */ 2571 if (hflag && (ln->tn_op != CON || ln->u.value.u.integer < 0)) { 2572 /* semantics of '%s' change in C90; use ... */ 2573 warning(118, op_name(op)); 2574 } 2575 } else if (allow_trad && allow_c90 && 2576 !is_uinteger(olt) && !is_uinteger(ort) && 2577 portable_rank_cmp(lt, rt) < 0) { 2578 /* 2579 * In traditional C, the left operand would be extended 2580 * (possibly sign-extended) and then shifted. 2581 */ 2582 if (hflag && (ln->tn_op != CON || ln->u.value.u.integer < 0)) { 2583 /* semantics of '%s' change in C90; use ... */ 2584 warning(118, op_name(op)); 2585 } 2586 } 2587 } 2588 2589 static void 2590 typeok_shl(op_t op, tspec_t lt, tspec_t rt) 2591 { 2592 /* 2593 * C90 does not perform balancing for shift operations, but traditional 2594 * C does. If the width of the right operand is greater than the width 2595 * of the left operand, then in traditional C the left operand would be 2596 * extended to the width of the right operand. For SHL this may result 2597 * in different results. 2598 */ 2599 if (portable_rank_cmp(lt, rt) < 0) { 2600 /* 2601 * XXX If both operands are constant, make sure that there is 2602 * really a difference between C90 and traditional C. 2603 */ 2604 if (hflag && allow_trad && allow_c90) 2605 /* semantics of '%s' change in C90; use ... */ 2606 warning(118, op_name(op)); 2607 } 2608 } 2609 2610 static void 2611 typeok_shift(const type_t *ltp, tspec_t lt, const tnode_t *rn, tspec_t rt) 2612 { 2613 if (rn->tn_op != CON) 2614 return; 2615 2616 if (!is_uinteger(rt) && rn->u.value.u.integer < 0) 2617 /* negative shift */ 2618 warning(121); 2619 else if ((uint64_t)rn->u.value.u.integer == size_in_bits(lt)) 2620 /* shift amount %u equals bit-size of '%s' */ 2621 warning(267, (unsigned)rn->u.value.u.integer, type_name(ltp)); 2622 else if ((uint64_t)rn->u.value.u.integer > size_in_bits(lt)) { 2623 /* shift amount %llu is greater than bit-size %llu of '%s' */ 2624 warning(122, (unsigned long long)rn->u.value.u.integer, 2625 (unsigned long long)size_in_bits(lt), 2626 tspec_name(lt)); 2627 } 2628 } 2629 2630 static bool 2631 is_typeok_eq(const tnode_t *ln, tspec_t lt, const tnode_t *rn, tspec_t rt) 2632 { 2633 if (lt == PTR && is_null_pointer(rn)) 2634 return true; 2635 if (rt == PTR && is_null_pointer(ln)) 2636 return true; 2637 return false; 2638 } 2639 2640 static void 2641 warn_incompatible_pointers(op_t op, const type_t *ltp, const type_t *rtp) 2642 { 2643 lint_assert(ltp->t_tspec == PTR); 2644 lint_assert(rtp->t_tspec == PTR); 2645 2646 tspec_t lt = ltp->t_subt->t_tspec; 2647 tspec_t rt = rtp->t_subt->t_tspec; 2648 2649 if (is_struct_or_union(lt) && is_struct_or_union(rt)) { 2650 if (op == RETURN) 2651 /* illegal structure pointer combination */ 2652 warning(244); 2653 else { 2654 /* incompatible structure pointers: '%s' '%s' '%s' */ 2655 warning(245, type_name(ltp), 2656 op_name(op), type_name(rtp)); 2657 } 2658 } else { 2659 if (op == RETURN) 2660 /* illegal combination of '%s' and '%s' */ 2661 warning(184, type_name(ltp), type_name(rtp)); 2662 else { 2663 /* illegal combination of '%s' and '%s', op '%s' */ 2664 warning(124, 2665 type_name(ltp), type_name(rtp), op_name(op)); 2666 } 2667 } 2668 } 2669 2670 static void 2671 check_pointer_comparison(op_t op, const tnode_t *ln, const tnode_t *rn) 2672 { 2673 type_t *ltp = ln->tn_type, *rtp = rn->tn_type; 2674 tspec_t lst = ltp->t_subt->t_tspec, rst = rtp->t_subt->t_tspec; 2675 2676 if (lst == VOID || rst == VOID) { 2677 /* TODO: C99 behaves like C90 here. */ 2678 if (!allow_trad && !allow_c99 && 2679 (lst == FUNC || rst == FUNC)) { 2680 /* (void *)0 is already handled in typeok() */ 2681 const char *lsts, *rsts; 2682 *(lst == FUNC ? &lsts : &rsts) = "function pointer"; 2683 *(lst == VOID ? &lsts : &rsts) = "'void *'"; 2684 /* C90 or later forbid comparison of %s with %s */ 2685 warning(274, lsts, rsts); 2686 } 2687 return; 2688 } 2689 2690 if (!types_compatible(ltp->t_subt, rtp->t_subt, true, false, NULL)) { 2691 warn_incompatible_pointers(op, ltp, rtp); 2692 return; 2693 } 2694 2695 if (lst == FUNC && rst == FUNC) { 2696 /* TODO: C99 behaves like C90 here, see C99 6.5.8p2. */ 2697 if (!allow_trad && !allow_c99 && op != EQ && op != NE) 2698 /* pointers to functions can only be compared ... */ 2699 warning(125); 2700 } 2701 } 2702 2703 static bool 2704 typeok_compare(op_t op, 2705 const tnode_t *ln, const type_t *ltp, tspec_t lt, 2706 const tnode_t *rn, const type_t *rtp, tspec_t rt) 2707 { 2708 if (lt == PTR && rt == PTR) { 2709 check_pointer_comparison(op, ln, rn); 2710 return true; 2711 } 2712 2713 if (lt != PTR && rt != PTR) 2714 return true; 2715 2716 if (!is_integer(lt) && !is_integer(rt)) { 2717 warn_incompatible_types(op, ltp, lt, rtp, rt); 2718 return false; 2719 } 2720 2721 const char *lx = lt == PTR ? "pointer" : "integer"; 2722 const char *rx = rt == PTR ? "pointer" : "integer"; 2723 /* illegal combination of %s '%s' and %s '%s', op '%s' */ 2724 warning(123, lx, type_name(ltp), rx, type_name(rtp), op_name(op)); 2725 return true; 2726 } 2727 2728 static bool 2729 typeok_quest(tspec_t lt, const tnode_t *rn) 2730 { 2731 if (!is_scalar(lt)) { 2732 /* first operand of '?' must have scalar type */ 2733 error(170); 2734 return false; 2735 } 2736 lint_assert(before_conversion(rn)->tn_op == COLON); 2737 return true; 2738 } 2739 2740 static void 2741 typeok_colon_pointer(const type_t *ltp, const type_t *rtp) 2742 { 2743 type_t *lstp = ltp->t_subt; 2744 type_t *rstp = rtp->t_subt; 2745 tspec_t lst = lstp->t_tspec; 2746 tspec_t rst = rstp->t_tspec; 2747 2748 if ((lst == VOID && rst == FUNC) || (lst == FUNC && rst == VOID)) { 2749 /* (void *)0 is handled in typeok_colon */ 2750 /* TODO: C99 behaves like C90 here. */ 2751 if (!allow_trad && !allow_c99) 2752 /* conversion of %s to %s requires a cast, op %s */ 2753 warning(305, "function pointer", "'void *'", 2754 op_name(COLON)); 2755 return; 2756 } 2757 2758 if (pointer_types_are_compatible(lstp, rstp, true)) 2759 return; 2760 if (!types_compatible(lstp, rstp, true, false, NULL)) 2761 warn_incompatible_pointers(COLON, ltp, rtp); 2762 } 2763 2764 static bool 2765 typeok_colon(const tnode_t *ln, const type_t *ltp, tspec_t lt, 2766 const tnode_t *rn, const type_t *rtp, tspec_t rt) 2767 { 2768 2769 if (is_arithmetic(lt) && is_arithmetic(rt)) 2770 return true; 2771 if (lt == BOOL && rt == BOOL) 2772 return true; 2773 2774 if (lt == STRUCT && rt == STRUCT && ltp->u.sou == rtp->u.sou) 2775 return true; 2776 if (lt == UNION && rt == UNION && ltp->u.sou == rtp->u.sou) 2777 return true; 2778 2779 if (lt == PTR && is_null_pointer(rn)) 2780 return true; 2781 if (rt == PTR && is_null_pointer(ln)) 2782 return true; 2783 2784 if ((lt == PTR && is_integer(rt)) || (is_integer(lt) && rt == PTR)) { 2785 const char *lx = lt == PTR ? "pointer" : "integer"; 2786 const char *rx = rt == PTR ? "pointer" : "integer"; 2787 /* illegal combination of %s '%s' and %s '%s', op '%s' */ 2788 warning(123, lx, type_name(ltp), 2789 rx, type_name(rtp), op_name(COLON)); 2790 return true; 2791 } 2792 2793 if (lt == VOID || rt == VOID) { 2794 if (lt != VOID || rt != VOID) 2795 /* incompatible types '%s' and '%s' in conditional */ 2796 warning(126, type_name(ltp), type_name(rtp)); 2797 return true; 2798 } 2799 2800 if (lt == PTR && rt == PTR) { 2801 typeok_colon_pointer(ltp, rtp); 2802 return true; 2803 } 2804 2805 /* incompatible types '%s' and '%s' in conditional */ 2806 error(126, type_name(ltp), type_name(rtp)); 2807 return false; 2808 } 2809 2810 static bool 2811 has_constant_member(const type_t *tp) 2812 { 2813 lint_assert(is_struct_or_union(tp->t_tspec)); 2814 2815 for (sym_t *m = tp->u.sou->sou_first_member; 2816 m != NULL; m = m->s_next) { 2817 const type_t *mtp = m->s_type; 2818 if (mtp->t_const) 2819 return true; 2820 if (is_struct_or_union(mtp->t_tspec) && 2821 has_constant_member(mtp)) 2822 return true; 2823 } 2824 return false; 2825 } 2826 2827 static bool 2828 typeok_assign(op_t op, const tnode_t *ln, const type_t *ltp, tspec_t lt) 2829 { 2830 if (op == RETURN || op == INIT || op == FARG) 2831 return true; 2832 2833 if (!ln->tn_lvalue) { 2834 if (ln->tn_op == CVT && ln->tn_cast && 2835 ln->u.ops.left->tn_op == LOAD) 2836 /* a cast does not yield an lvalue */ 2837 error(163); 2838 /* %soperand of '%s' must be lvalue */ 2839 error(114, "left ", op_name(op)); 2840 return false; 2841 } else if (ltp->t_const 2842 || (is_struct_or_union(lt) && has_constant_member(ltp))) { 2843 if (allow_c90) 2844 /* %soperand of '%s' must be modifiable lvalue */ 2845 warning(115, "left ", op_name(op)); 2846 } 2847 return true; 2848 } 2849 2850 static bool 2851 typeok_scalar(op_t op, const mod_t *mp, 2852 const type_t *ltp, tspec_t lt, 2853 const type_t *rtp, tspec_t rt) 2854 { 2855 if (mp->m_takes_bool && lt == BOOL && rt == BOOL) 2856 return true; 2857 if (mp->m_requires_integer) { 2858 if (!is_integer(lt) || (mp->m_binary && !is_integer(rt))) { 2859 warn_incompatible_types(op, ltp, lt, rtp, rt); 2860 return false; 2861 } 2862 } else if (mp->m_requires_integer_or_complex) { 2863 if ((!is_integer(lt) && !is_complex(lt)) || 2864 (mp->m_binary && (!is_integer(rt) && !is_complex(rt)))) { 2865 warn_incompatible_types(op, ltp, lt, rtp, rt); 2866 return false; 2867 } 2868 } else if (mp->m_requires_scalar) { 2869 if (!is_scalar(lt) || (mp->m_binary && !is_scalar(rt))) { 2870 warn_incompatible_types(op, ltp, lt, rtp, rt); 2871 return false; 2872 } 2873 } else if (mp->m_requires_arith) { 2874 if (!is_arithmetic(lt) || 2875 (mp->m_binary && !is_arithmetic(rt))) { 2876 warn_incompatible_types(op, ltp, lt, rtp, rt); 2877 return false; 2878 } 2879 } 2880 return true; 2881 } 2882 2883 static void 2884 check_assign_void_pointer(op_t op, int arg, 2885 tspec_t lt, tspec_t lst, 2886 tspec_t rt, tspec_t rst) 2887 { 2888 2889 if (!(lt == PTR && rt == PTR && (lst == VOID || rst == VOID))) 2890 return; 2891 /* two pointers, at least one pointer to void */ 2892 2893 /* TODO: C99 behaves like C90 here. */ 2894 if (!(!allow_trad && !allow_c99 && (lst == FUNC || rst == FUNC))) 2895 return; 2896 /* comb. of ptr to func and ptr to void */ 2897 2898 const char *lts, *rts; 2899 *(lst == FUNC ? <s : &rts) = "function pointer"; 2900 *(lst == VOID ? <s : &rts) = "'void *'"; 2901 2902 switch (op) { 2903 case INIT: 2904 case RETURN: 2905 /* conversion of %s to %s requires a cast */ 2906 warning(303, rts, lts); 2907 break; 2908 case FARG: 2909 /* conversion of %s to %s requires a cast, arg #%d */ 2910 warning(304, rts, lts, arg); 2911 break; 2912 default: 2913 /* conversion of %s to %s requires a cast, op %s */ 2914 warning(305, rts, lts, op_name(op)); 2915 break; 2916 } 2917 } 2918 2919 static bool 2920 is_direct_function_call(const tnode_t *tn, const char **out_name) 2921 { 2922 2923 if (tn->tn_op == CALL 2924 && tn->u.call->func->tn_op == ADDR 2925 && tn->u.call->func->u.ops.left->tn_op == NAME) { 2926 *out_name = tn->u.call->func->u.ops.left->u.sym->s_name; 2927 return true; 2928 } 2929 return false; 2930 } 2931 2932 static bool 2933 is_unconst_function(const char *name) 2934 { 2935 2936 return strcmp(name, "memchr") == 0 || 2937 strcmp(name, "strchr") == 0 || 2938 strcmp(name, "strpbrk") == 0 || 2939 strcmp(name, "strrchr") == 0 || 2940 strcmp(name, "strstr") == 0; 2941 } 2942 2943 static bool 2944 is_const_char_pointer(const tnode_t *tn) 2945 { 2946 /* 2947 * For traditional reasons, C99 6.4.5p5 defines that string literals 2948 * have type 'char[]'. They are often implicitly converted to 'char 2949 * *', for example when they are passed as function arguments. 2950 * 2951 * C99 6.4.5p6 further defines that modifying a string that is 2952 * constructed from a string literal invokes undefined behavior. 2953 * 2954 * Out of these reasons, string literals are treated as 'effectively 2955 * const' here. 2956 */ 2957 if (tn->tn_op == CVT && 2958 tn->u.ops.left->tn_op == ADDR && 2959 tn->u.ops.left->u.ops.left->tn_op == STRING) 2960 return true; 2961 2962 const type_t *tp = before_conversion(tn)->tn_type; 2963 return tp->t_tspec == PTR && 2964 tp->t_subt->t_tspec == CHAR && 2965 tp->t_subt->t_const; 2966 } 2967 2968 static bool 2969 is_const_pointer(const tnode_t *tn) 2970 { 2971 const type_t *tp = before_conversion(tn)->tn_type; 2972 return tp->t_tspec == PTR && tp->t_subt->t_const; 2973 } 2974 2975 static void 2976 check_unconst_function(const type_t *lstp, const tnode_t *rn) 2977 { 2978 const char *function_name; 2979 2980 if (lstp->t_tspec == CHAR && !lstp->t_const && 2981 is_direct_function_call(rn, &function_name) && 2982 is_unconst_function(function_name) && 2983 rn->u.call->args_len >= 1 && 2984 is_const_char_pointer(rn->u.call->args[0])) { 2985 /* call to '%s' effectively discards 'const' from argument */ 2986 warning(346, function_name); 2987 } 2988 2989 if (!lstp->t_const && 2990 is_direct_function_call(rn, &function_name) && 2991 strcmp(function_name, "bsearch") == 0 && 2992 rn->u.call->args_len >= 2 && 2993 is_const_pointer(rn->u.call->args[1])) { 2994 /* call to '%s' effectively discards 'const' from argument */ 2995 warning(346, function_name); 2996 } 2997 } 2998 2999 static bool 3000 check_assign_void_pointer_compat(op_t op, int arg, 3001 tspec_t lt, 3002 const type_t *lstp, tspec_t lst, 3003 const tnode_t *rn, 3004 const type_t *rtp, tspec_t rt, 3005 const type_t *rstp, tspec_t rst) 3006 { 3007 if (!(lt == PTR && rt == PTR && (lst == VOID || rst == VOID || 3008 types_compatible(lstp, rstp, 3009 true, false, NULL)))) 3010 return false; 3011 3012 /* compatible pointer types (qualifiers ignored) */ 3013 char qualifiers[32]; 3014 snprintf(qualifiers, sizeof(qualifiers), "%s%s", 3015 !lstp->t_const && rstp->t_const ? " const" : "", 3016 !lstp->t_volatile && rstp->t_volatile ? " volatile" : ""); 3017 if (allow_c90 && qualifiers[0] != '\0') { 3018 switch (op) { 3019 case INIT: 3020 case RETURN: 3021 /* '%s' discards '%s' from '%s' */ 3022 warning(182, op_name(op), 3023 qualifiers + 1, type_name(rtp)); 3024 break; 3025 case FARG: 3026 /* passing '%s' to argument %d discards '%s' */ 3027 warning(383, type_name(rtp), arg, qualifiers + 1); 3028 break; 3029 default: 3030 /* operator '%s' discards '%s' from '%s' */ 3031 warning(128, op_name(op), 3032 qualifiers + 1, type_name(rtp)); 3033 break; 3034 } 3035 } 3036 3037 if (allow_c90) 3038 check_unconst_function(lstp, rn); 3039 3040 return true; 3041 } 3042 3043 static bool 3044 check_assign_pointer_integer(op_t op, int arg, 3045 const type_t *ltp, tspec_t lt, 3046 const type_t *rtp, tspec_t rt) 3047 { 3048 3049 if (!((lt == PTR && is_integer(rt)) || (is_integer(lt) && rt == PTR))) 3050 return false; 3051 3052 const char *lx = lt == PTR ? "pointer" : "integer"; 3053 const char *rx = rt == PTR ? "pointer" : "integer"; 3054 3055 switch (op) { 3056 case INIT: 3057 case RETURN: 3058 /* illegal combination of %s '%s' and %s '%s' */ 3059 warning(183, lx, type_name(ltp), rx, type_name(rtp)); 3060 break; 3061 case FARG: 3062 /* illegal combination of %s '%s' and %s '%s', arg #%d */ 3063 warning(154, 3064 lx, type_name(ltp), rx, type_name(rtp), arg); 3065 break; 3066 default: 3067 /* illegal combination of %s '%s' and %s '%s', op '%s' */ 3068 warning(123, 3069 lx, type_name(ltp), rx, type_name(rtp), op_name(op)); 3070 break; 3071 } 3072 return true; 3073 } 3074 3075 static bool 3076 check_assign_pointer(op_t op, int arg, 3077 const type_t *ltp, tspec_t lt, 3078 const type_t *rtp, tspec_t rt) 3079 { 3080 if (!(lt == PTR && rt == PTR)) 3081 return false; 3082 3083 if (op == FARG) 3084 /* converting '%s' to incompatible '%s' for ... */ 3085 warning(153, type_name(rtp), type_name(ltp), arg); 3086 else 3087 warn_incompatible_pointers(op, ltp, rtp); 3088 return true; 3089 } 3090 3091 static void 3092 warn_assign(op_t op, int arg, 3093 const type_t *ltp, tspec_t lt, 3094 const type_t *rtp, tspec_t rt) 3095 { 3096 switch (op) { 3097 case INIT: 3098 /* cannot initialize '%s' from '%s' */ 3099 error(185, type_name(ltp), type_name(rtp)); 3100 break; 3101 case RETURN: 3102 /* function has return type '%s' but returns '%s' */ 3103 error(211, type_name(ltp), type_name(rtp)); 3104 break; 3105 case FARG: 3106 /* passing '%s' to incompatible '%s', arg #%d */ 3107 warning(155, type_name(rtp), type_name(ltp), arg); 3108 break; 3109 default: 3110 warn_incompatible_types(op, ltp, lt, rtp, rt); 3111 break; 3112 } 3113 } 3114 3115 /* 3116 * Checks type compatibility for ASSIGN, INIT, FARG and RETURN 3117 * and prints warnings/errors if necessary. 3118 * Returns whether the types are (almost) compatible. 3119 */ 3120 static bool 3121 check_assign_types_compatible(op_t op, int arg, 3122 const tnode_t *ln, const tnode_t *rn) 3123 { 3124 tspec_t lt, rt, lst = NO_TSPEC, rst = NO_TSPEC; 3125 type_t *ltp, *rtp, *lstp = NULL, *rstp = NULL; 3126 3127 if ((lt = (ltp = ln->tn_type)->t_tspec) == PTR) 3128 lst = (lstp = ltp->t_subt)->t_tspec; 3129 if ((rt = (rtp = rn->tn_type)->t_tspec) == PTR) 3130 rst = (rstp = rtp->t_subt)->t_tspec; 3131 3132 if (lt == BOOL && is_scalar(rt)) /* C99 6.3.1.2 */ 3133 return true; 3134 3135 if (is_arithmetic(lt) && (is_arithmetic(rt) || rt == BOOL)) 3136 return true; 3137 3138 if (is_struct_or_union(lt) && is_struct_or_union(rt)) 3139 return ltp->u.sou == rtp->u.sou; 3140 3141 if (lt == PTR && is_null_pointer(rn)) { 3142 if (is_integer(rn->tn_type->t_tspec)) 3143 /* implicit conversion from integer 0 to pointer ... */ 3144 query_message(15, type_name(ltp)); 3145 return true; 3146 } 3147 3148 check_assign_void_pointer(op, arg, lt, lst, rt, rst); 3149 3150 if (check_assign_void_pointer_compat(op, arg, 3151 lt, lstp, lst, rn, rtp, rt, rstp, rst)) 3152 return true; 3153 3154 if (check_assign_pointer_integer(op, arg, ltp, lt, rtp, rt)) 3155 return true; 3156 3157 if (check_assign_pointer(op, arg, ltp, lt, rtp, rt)) 3158 return true; 3159 3160 warn_assign(op, arg, ltp, lt, rtp, rt); 3161 return false; 3162 } 3163 3164 static bool 3165 has_side_effect(const tnode_t *tn) /* NOLINT(misc-no-recursion) */ 3166 { 3167 op_t op = tn->tn_op; 3168 3169 if (modtab[op].m_has_side_effect) 3170 return true; 3171 3172 if (op == CVT && tn->tn_type->t_tspec == VOID) 3173 return has_side_effect(tn->u.ops.left); 3174 3175 /* XXX: Why not has_side_effect(tn->u.ops.left) as well? */ 3176 if (op == LOGAND || op == LOGOR) 3177 return has_side_effect(tn->u.ops.right); 3178 3179 /* XXX: Why not has_side_effect(tn->u.ops.left) as well? */ 3180 if (op == QUEST) 3181 return has_side_effect(tn->u.ops.right); 3182 3183 if (op == COLON || op == COMMA) { 3184 return has_side_effect(tn->u.ops.left) || 3185 has_side_effect(tn->u.ops.right); 3186 } 3187 3188 return false; 3189 } 3190 3191 static bool 3192 is_void_cast(const tnode_t *tn) 3193 { 3194 3195 return tn->tn_op == CVT && tn->tn_cast && 3196 tn->tn_type->t_tspec == VOID; 3197 } 3198 3199 static bool 3200 is_local_symbol(const tnode_t *tn) 3201 { 3202 3203 return tn->tn_op == LOAD && 3204 tn->u.ops.left->tn_op == NAME && 3205 tn->u.ops.left->u.sym->s_scl == AUTO; 3206 } 3207 3208 static bool 3209 is_int_constant_zero(const tnode_t *tn) 3210 { 3211 3212 return tn->tn_op == CON && 3213 tn->tn_type->t_tspec == INT && 3214 tn->u.value.u.integer == 0; 3215 } 3216 3217 static void 3218 check_null_effect(const tnode_t *tn) 3219 { 3220 3221 if (hflag && 3222 !has_side_effect(tn) && 3223 !(is_void_cast(tn) && is_local_symbol(tn->u.ops.left)) && 3224 !(is_void_cast(tn) && is_int_constant_zero(tn->u.ops.left))) { 3225 /* expression has null effect */ 3226 warning(129); 3227 } 3228 } 3229 3230 /* 3231 * Check the types for specific operators and type combinations. 3232 * 3233 * At this point, the operands already conform to the type requirements of 3234 * the operator, such as being integer, floating or scalar. 3235 */ 3236 static bool 3237 typeok_op(op_t op, int arg, 3238 const tnode_t *ln, const type_t *ltp, tspec_t lt, 3239 const tnode_t *rn, const type_t *rtp, tspec_t rt) 3240 { 3241 switch (op) { 3242 case ARROW: 3243 return typeok_arrow(lt); 3244 case POINT: 3245 return typeok_point(ln, ltp, lt); 3246 case INCBEF: 3247 case DECBEF: 3248 case INCAFT: 3249 case DECAFT: 3250 return typeok_incdec(op, ln, ltp); 3251 case INDIR: 3252 return typeok_indir(ltp, lt); 3253 case ADDR: 3254 return typeok_address(op, ln, ltp, lt); 3255 case PLUS: 3256 return typeok_plus(op, ltp, lt, rtp, rt); 3257 case MINUS: 3258 return typeok_minus(op, ltp, lt, rtp, rt); 3259 case SHL: 3260 typeok_shl(op, lt, rt); 3261 goto shift; 3262 case SHR: 3263 typeok_shr(op, ln, lt, rn, rt); 3264 shift: 3265 typeok_shift(ltp, lt, rn, rt); 3266 break; 3267 case LT: 3268 case LE: 3269 case GT: 3270 case GE: 3271 compare: 3272 return typeok_compare(op, ln, ltp, lt, rn, rtp, rt); 3273 case EQ: 3274 case NE: 3275 if (is_typeok_eq(ln, lt, rn, rt)) 3276 break; 3277 goto compare; 3278 case QUEST: 3279 return typeok_quest(lt, rn); 3280 case COLON: 3281 return typeok_colon(ln, ltp, lt, rn, rtp, rt); 3282 case ASSIGN: 3283 case INIT: 3284 case FARG: 3285 case RETURN: 3286 if (!check_assign_types_compatible(op, arg, ln, rn)) 3287 return false; 3288 goto assign; 3289 case MULASS: 3290 case DIVASS: 3291 case MODASS: 3292 goto assign; 3293 case ADDASS: 3294 case SUBASS: 3295 if ((lt == PTR && !is_integer(rt)) || rt == PTR) { 3296 warn_incompatible_types(op, ltp, lt, rtp, rt); 3297 return false; 3298 } 3299 goto assign; 3300 case SHLASS: 3301 goto assign; 3302 case SHRASS: 3303 if (pflag && !is_uinteger(lt) && 3304 !(!allow_c90 && is_uinteger(rt))) { 3305 /* bitwise '%s' on signed value possibly nonportable */ 3306 warning(117, op_name(op)); 3307 } 3308 goto assign; 3309 case ANDASS: 3310 case XORASS: 3311 case ORASS: 3312 assign: 3313 return typeok_assign(op, ln, ltp, lt); 3314 case COMMA: 3315 if (!modtab[ln->tn_op].m_has_side_effect) 3316 check_null_effect(ln); 3317 break; 3318 default: 3319 break; 3320 } 3321 return true; 3322 } 3323 3324 static void 3325 check_bad_enum_operation(op_t op, const tnode_t *ln, const tnode_t *rn) 3326 { 3327 3328 if (!eflag) 3329 return; 3330 3331 /* Allow enum in array indices. */ 3332 if (op == PLUS && 3333 ((ln->tn_type->t_is_enum && rn->tn_type->t_tspec == PTR) || 3334 (rn->tn_type->t_is_enum && ln->tn_type->t_tspec == PTR))) { 3335 return; 3336 } 3337 3338 /* dubious operation '%s' on enum */ 3339 warning(241, op_name(op)); 3340 } 3341 3342 static void 3343 check_enum_type_mismatch(op_t op, int arg, const tnode_t *ln, const tnode_t *rn) 3344 { 3345 const mod_t *mp = &modtab[op]; 3346 3347 if (ln->tn_type->u.enumer != rn->tn_type->u.enumer) { 3348 switch (op) { 3349 case INIT: 3350 /* enum type mismatch between '%s' and '%s' in ... */ 3351 warning(210, 3352 type_name(ln->tn_type), type_name(rn->tn_type)); 3353 break; 3354 case FARG: 3355 /* function expects '%s', passing '%s' for arg #%d */ 3356 warning(156, 3357 type_name(ln->tn_type), type_name(rn->tn_type), 3358 arg); 3359 break; 3360 case RETURN: 3361 /* function has return type '%s' but returns '%s' */ 3362 warning(211, 3363 type_name(ln->tn_type), type_name(rn->tn_type)); 3364 break; 3365 default: 3366 /* enum type mismatch: '%s' '%s' '%s' */ 3367 warning(130, type_name(ln->tn_type), op_name(op), 3368 type_name(rn->tn_type)); 3369 break; 3370 } 3371 } else if (Pflag && eflag && mp->m_comparison && op != EQ && op != NE) 3372 /* operator '%s' assumes that '%s' is ordered */ 3373 warning(243, op_name(op), type_name(ln->tn_type)); 3374 } 3375 3376 static void 3377 check_enum_int_mismatch(op_t op, int arg, const tnode_t *ln, const tnode_t *rn) 3378 { 3379 3380 if (!eflag) 3381 return; 3382 3383 switch (op) { 3384 case INIT: 3385 /* 3386 * Initialization with 0 is allowed. Otherwise, all implicit 3387 * initializations would need to be warned upon as well. 3388 */ 3389 if (!rn->tn_type->t_is_enum && rn->tn_op == CON && 3390 is_integer(rn->tn_type->t_tspec) && 3391 rn->u.value.u.integer == 0) { 3392 return; 3393 } 3394 /* initialization of '%s' with '%s' */ 3395 warning(277, type_name(ln->tn_type), type_name(rn->tn_type)); 3396 break; 3397 case FARG: 3398 /* combination of '%s' and '%s', arg #%d */ 3399 warning(278, 3400 type_name(ln->tn_type), type_name(rn->tn_type), arg); 3401 break; 3402 case RETURN: 3403 /* combination of '%s' and '%s' in return */ 3404 warning(279, type_name(ln->tn_type), type_name(rn->tn_type)); 3405 break; 3406 default: 3407 /* combination of '%s' and '%s', op '%s' */ 3408 warning(242, type_name(ln->tn_type), type_name(rn->tn_type), 3409 op_name(op)); 3410 break; 3411 } 3412 } 3413 3414 static void 3415 typeok_enum(op_t op, const mod_t *mp, int arg, 3416 const tnode_t *ln, const type_t *ltp, 3417 const tnode_t *rn, const type_t *rtp) 3418 { 3419 if (mp->m_bad_on_enum && 3420 (ltp->t_is_enum || (mp->m_binary && rtp->t_is_enum))) { 3421 check_bad_enum_operation(op, ln, rn); 3422 } else if (mp->m_valid_on_enum && 3423 (ltp->t_is_enum && rtp != NULL && rtp->t_is_enum)) { 3424 check_enum_type_mismatch(op, arg, ln, rn); 3425 } else if (mp->m_valid_on_enum && 3426 (ltp->t_is_enum || (rtp != NULL && rtp->t_is_enum))) { 3427 check_enum_int_mismatch(op, arg, ln, rn); 3428 } 3429 } 3430 3431 /* Perform most type checks. Return whether the types are ok. */ 3432 bool 3433 typeok(op_t op, int arg, const tnode_t *ln, const tnode_t *rn) 3434 { 3435 3436 const mod_t *mp = &modtab[op]; 3437 3438 type_t *ltp = ln->tn_type; 3439 tspec_t lt = ltp->t_tspec; 3440 3441 type_t *rtp = mp->m_binary ? rn->tn_type : NULL; 3442 tspec_t rt = mp->m_binary ? rtp->t_tspec : NO_TSPEC; 3443 3444 if (Tflag && !typeok_scalar_strict_bool(op, mp, arg, ln, rn)) 3445 return false; 3446 if (!typeok_scalar(op, mp, ltp, lt, rtp, rt)) 3447 return false; 3448 3449 if (!typeok_op(op, arg, ln, ltp, lt, rn, rtp, rt)) 3450 return false; 3451 3452 typeok_enum(op, mp, arg, ln, ltp, rn, rtp); 3453 return true; 3454 } 3455 3456 /* In traditional C, keep unsigned and promote FLOAT to DOUBLE. */ 3457 static tspec_t 3458 promote_trad(tspec_t t) 3459 { 3460 3461 if (t == UCHAR || t == USHORT) 3462 return UINT; 3463 if (t == CHAR || t == SCHAR || t == SHORT) 3464 return INT; 3465 if (t == FLOAT) 3466 return DOUBLE; 3467 if (t == ENUM) 3468 return INT; 3469 return t; 3470 } 3471 3472 /* 3473 * C99 6.3.1.1p2 requires for types with lower rank than int that "If an int 3474 * can represent all the values of the original type, the value is converted 3475 * to an int; otherwise it is converted to an unsigned int", and that "All 3476 * other types are unchanged by the integer promotions". 3477 */ 3478 static tspec_t 3479 promote_c90(const tnode_t *tn, tspec_t t, bool farg) 3480 { 3481 if (tn->tn_type->t_bitfield) { 3482 unsigned int width = tn->tn_type->t_bit_field_width; 3483 unsigned int int_width = size_in_bits(INT); 3484 // XXX: What about _Bool bit-fields, since C99? 3485 if (width < int_width) 3486 return INT; 3487 if (width == int_width) 3488 return is_uinteger(t) ? UINT : INT; 3489 return t; 3490 } 3491 3492 if (t == CHAR || t == SCHAR) 3493 return INT; 3494 if (t == UCHAR) 3495 return size_in_bits(CHAR) < size_in_bits(INT) ? INT : UINT; 3496 if (t == SHORT) 3497 return INT; 3498 if (t == USHORT) 3499 return size_in_bits(SHORT) < size_in_bits(INT) ? INT : UINT; 3500 if (t == ENUM) 3501 return INT; 3502 if (farg && t == FLOAT) 3503 return DOUBLE; 3504 return t; 3505 } 3506 3507 /* 3508 * Performs the "integer promotions" (C99 6.3.1.1p2), which convert small 3509 * integer types to either int or unsigned int. 3510 * 3511 * If allow_c90 is unset or the operand is a function argument with no type 3512 * information (no prototype or variable # of args), converts float to double. 3513 */ 3514 tnode_t * 3515 promote(op_t op, bool farg, tnode_t *tn) 3516 { 3517 3518 const type_t *otp = tn->tn_type; 3519 tspec_t ot = otp->t_tspec; 3520 if (!is_arithmetic(ot)) 3521 return tn; 3522 3523 tspec_t nt = allow_c90 ? promote_c90(tn, ot, farg) : promote_trad(ot); 3524 if (nt == ot) 3525 return tn; 3526 3527 type_t *ntp = expr_dup_type(gettyp(nt)); 3528 ntp->t_tspec = nt; 3529 ntp->t_is_enum = otp->t_is_enum; 3530 if (ntp->t_is_enum) 3531 ntp->u.enumer = otp->u.enumer; 3532 ntp->t_bitfield = otp->t_bitfield; 3533 if (ntp->t_bitfield) { 3534 ntp->t_bit_field_width = otp->t_bit_field_width; 3535 ntp->t_bit_field_offset = otp->t_bit_field_offset; 3536 } 3537 if (ntp->t_bitfield && is_uinteger(ot) && !is_uinteger(nt)) 3538 ntp->t_bit_field_width++; 3539 return convert(op, 0, ntp, tn); 3540 } 3541 3542 static void 3543 check_lossy_floating_to_integer_conversion( 3544 op_t op, int arg, const type_t *tp, const tnode_t *tn) 3545 { 3546 long double x = tn->u.value.u.floating; 3547 integer_constraints ic = ic_any(tp); 3548 if (is_uinteger(tp->t_tspec) 3549 ? x >= ic.umin && x <= ic.umax && x == (uint64_t)x 3550 : x >= ic.smin && x <= ic.smax && x == (int64_t)x) 3551 return; 3552 if (op == FARG) 3553 /* lossy conversion of %Lg to '%s', arg #%d */ 3554 warning(380, x, type_name(tp), arg); 3555 else 3556 /* lossy conversion of %Lg to '%s' */ 3557 warning(381, x, type_name(tp)); 3558 } 3559 3560 static void 3561 convert_integer_from_floating( 3562 op_t op, int arg, const type_t *tp, const tnode_t *tn) 3563 { 3564 3565 if (op == CVT) 3566 /* cast from floating point '%s' to integer '%s' */ 3567 query_message(2, type_name(tn->tn_type), type_name(tp)); 3568 else 3569 /* implicit conversion from floating point '%s' to ... */ 3570 query_message(1, type_name(tn->tn_type), type_name(tp)); 3571 if (tn->tn_op == CON) 3572 check_lossy_floating_to_integer_conversion(op, arg, tp, tn); 3573 } 3574 3575 static bool 3576 should_warn_about_prototype_conversion(tspec_t nt, 3577 tspec_t ot, const tnode_t *ptn) 3578 { 3579 3580 if (nt == ot) 3581 return false; 3582 3583 if (nt == ENUM && ot == INT) 3584 return false; 3585 3586 if (is_floating(nt) != is_floating(ot) || 3587 portable_rank_cmp(nt, ot) != 0) { 3588 /* representation and/or width change */ 3589 if (!is_integer(ot)) 3590 return true; 3591 /* 3592 * XXX: Investigate whether this rule makes sense; see 3593 * tests/usr.bin/xlint/lint1/platform_long.c. 3594 */ 3595 return portable_rank_cmp(ot, INT) > 0; 3596 } 3597 3598 if (!hflag) 3599 return false; 3600 3601 /* 3602 * If the types differ only in sign and the argument has the same 3603 * representation in both types, print no warning. 3604 */ 3605 if (ptn->tn_op == CON && is_integer(nt) && 3606 signed_type(nt) == signed_type(ot) && 3607 !msb(ptn->u.value.u.integer, ot)) 3608 return false; 3609 3610 return true; 3611 } 3612 3613 /* 3614 * Warn if a prototype causes a type conversion that is different from what 3615 * would happen to the same argument in the absence of a prototype. This 3616 * check is intended for code that needs to stay compatible with pre-C90 C. 3617 * 3618 * Errors/warnings about illegal type combinations are already printed 3619 * in check_assign_types_compatible(). 3620 */ 3621 static void 3622 check_prototype_conversion(int arg, tspec_t nt, tspec_t ot, type_t *tp, 3623 tnode_t *tn) 3624 { 3625 3626 if (!is_arithmetic(nt) || !is_arithmetic(ot)) 3627 return; 3628 3629 /* 3630 * If the type of the formal parameter is char/short, a warning would 3631 * be useless, because functions declared the old style can't expect 3632 * char/short arguments. 3633 */ 3634 if (nt == CHAR || nt == SCHAR || nt == UCHAR || 3635 nt == SHORT || nt == USHORT) 3636 return; 3637 3638 tnode_t *ptn = promote(NOOP, true, tn); 3639 ot = ptn->tn_type->t_tspec; 3640 3641 if (should_warn_about_prototype_conversion(nt, ot, ptn)) { 3642 /* argument %d is converted from '%s' to '%s' ... */ 3643 warning(259, arg, type_name(tn->tn_type), type_name(tp)); 3644 } 3645 } 3646 3647 /* 3648 * When converting a large integer type to a small integer type, in some 3649 * cases the value of the actual expression is further restricted than the 3650 * type bounds, such as in (expr & 0xFF) or (expr % 100) or (expr >> 24). 3651 */ 3652 static bool 3653 can_represent(const type_t *tp, const tnode_t *tn) 3654 { 3655 uint64_t nmask = value_bits(width_in_bits(tp)); 3656 if (!is_uinteger(tp->t_tspec)) 3657 nmask >>= 1; 3658 3659 integer_constraints c = ic_expr(tn); 3660 if ((~c.bclr & ~nmask) == 0) 3661 return true; 3662 3663 integer_constraints tpc = ic_any(tp); 3664 if (is_uinteger(tp->t_tspec) 3665 ? tpc.umin <= c.umin && tpc.umax >= c.umax 3666 : tpc.smin <= c.smin && tpc.smax >= c.smax) 3667 return true; 3668 3669 debug_enter(); 3670 debug_step("type '%s' cannot represent:", type_name(tp)); 3671 debug_node(tn); 3672 debug_leave(); 3673 return false; 3674 } 3675 3676 static bool 3677 should_warn_about_integer_conversion(const type_t *ntp, tspec_t nt, 3678 const tnode_t *otn, tspec_t ot) 3679 { 3680 3681 // XXX: The portable_rank_cmp aims at portable mode, independent of the 3682 // current platform, while can_represent acts on the actual type sizes 3683 // from the current platform. This mix is inconsistent, but anything 3684 // else would make the exact conditions too complicated to grasp. 3685 if (aflag > 0 && portable_rank_cmp(nt, ot) < 0) { 3686 if (ot == LONG || ot == ULONG 3687 || ot == LLONG || ot == ULLONG 3688 #ifdef INT128_SIZE 3689 || ot == INT128 || ot == UINT128 3690 #endif 3691 || aflag > 1) 3692 return !can_represent(ntp, otn); 3693 } 3694 return false; 3695 } 3696 3697 static void 3698 convert_integer_from_integer(op_t op, int arg, tspec_t nt, tspec_t ot, 3699 type_t *tp, tnode_t *tn) 3700 { 3701 3702 if (tn->tn_op == CON) 3703 return; 3704 3705 if (op == CVT) 3706 return; 3707 3708 if (Pflag && pflag && aflag > 0 && 3709 portable_rank_cmp(nt, ot) > 0 && 3710 is_uinteger(nt) != is_uinteger(ot)) { 3711 if (op == FARG) 3712 /* conversion to '%s' may sign-extend ... */ 3713 warning(297, type_name(tp), arg); 3714 else 3715 /* conversion to '%s' may sign-extend ... */ 3716 warning(131, type_name(tp)); 3717 } 3718 3719 if (Pflag && portable_rank_cmp(nt, ot) > 0 && 3720 (tn->tn_op == PLUS || tn->tn_op == MINUS || tn->tn_op == MULT || 3721 tn->tn_op == SHL)) { 3722 /* suggest cast from '%s' to '%s' on op '%s' to ... */ 3723 warning(324, type_name(gettyp(ot)), type_name(tp), 3724 op_name(tn->tn_op)); 3725 } 3726 3727 if (should_warn_about_integer_conversion(tp, nt, tn, ot)) { 3728 if (op == FARG) { 3729 /* conversion from '%s' to '%s' may lose ... */ 3730 warning(298, 3731 type_name(tn->tn_type), type_name(tp), arg); 3732 } else { 3733 /* conversion from '%s' to '%s' may lose accuracy */ 3734 warning(132, 3735 type_name(tn->tn_type), type_name(tp)); 3736 } 3737 } 3738 3739 if (is_uinteger(nt) != is_uinteger(ot)) 3740 /* implicit conversion changes sign from '%s' to '%s' */ 3741 query_message(3, type_name(tn->tn_type), type_name(tp)); 3742 } 3743 3744 static void 3745 convert_integer_from_pointer(op_t op, tspec_t nt, type_t *tp, tnode_t *tn) 3746 { 3747 3748 if (tn->tn_op == CON) 3749 return; 3750 if (op != CVT) 3751 return; /* We already got an error. */ 3752 if (portable_rank_cmp(nt, PTR) >= 0) 3753 return; 3754 3755 if (pflag && size_in_bits(nt) >= size_in_bits(PTR)) { 3756 /* conversion of pointer to '%s' may lose bits */ 3757 warning(134, type_name(tp)); 3758 } else { 3759 /* conversion of pointer to '%s' loses bits */ 3760 warning(133, type_name(tp)); 3761 } 3762 } 3763 3764 static bool 3765 struct_starts_with(const type_t *struct_tp, const type_t *member_tp) 3766 { 3767 3768 return struct_tp->u.sou->sou_first_member != NULL && 3769 types_compatible(struct_tp->u.sou->sou_first_member->s_type, 3770 member_tp, true, false, NULL); 3771 } 3772 3773 static bool 3774 is_byte_array(const type_t *tp) 3775 { 3776 3777 return tp->t_tspec == ARRAY && 3778 (tp->t_subt->t_tspec == CHAR || tp->t_subt->t_tspec == UCHAR); 3779 } 3780 3781 static bool 3782 union_contains(const type_t *utp, const type_t *mtp) 3783 { 3784 for (const sym_t *mem = utp->u.sou->sou_first_member; 3785 mem != NULL; mem = mem->s_next) { 3786 if (types_compatible(mem->s_type, mtp, true, false, NULL)) 3787 return true; 3788 } 3789 return false; 3790 } 3791 3792 static bool 3793 should_warn_about_pointer_cast(const type_t *nstp, tspec_t nst, 3794 const type_t *ostp, tspec_t ost) 3795 { 3796 3797 while (nst == ARRAY) 3798 nstp = nstp->t_subt, nst = nstp->t_tspec; 3799 while (ost == ARRAY) 3800 ostp = ostp->t_subt, ost = ostp->t_tspec; 3801 3802 if (nst == STRUCT && ost == STRUCT && 3803 (struct_starts_with(nstp, ostp) || 3804 struct_starts_with(ostp, nstp))) 3805 return false; 3806 3807 if (is_incomplete(nstp) || is_incomplete(ostp)) 3808 return false; 3809 3810 if (nst == CHAR || nst == UCHAR) 3811 return false; /* for the sake of traditional C code */ 3812 if (ost == CHAR || ost == UCHAR) 3813 return false; /* for the sake of traditional C code */ 3814 3815 /* Allow cast between pointers to sockaddr variants. */ 3816 if (nst == STRUCT && ost == STRUCT) { 3817 const sym_t *nmem = nstp->u.sou->sou_first_member; 3818 const sym_t *omem = ostp->u.sou->sou_first_member; 3819 while (nmem != NULL && omem != NULL && 3820 types_compatible(nmem->s_type, omem->s_type, 3821 true, false, NULL)) 3822 nmem = nmem->s_next, omem = omem->s_next; 3823 if (nmem != NULL && is_byte_array(nmem->s_type)) 3824 return false; 3825 if (omem != NULL && is_byte_array(omem->s_type)) 3826 return false; 3827 if (nmem == NULL && omem == NULL) 3828 return false; 3829 } 3830 3831 if (nst == UNION || ost == UNION) { 3832 const type_t *union_tp = nst == UNION ? nstp : ostp; 3833 const type_t *other_tp = nst == UNION ? ostp : nstp; 3834 if (union_contains(union_tp, other_tp)) 3835 return false; 3836 } 3837 3838 if (is_struct_or_union(nst) && is_struct_or_union(ost)) 3839 return nstp->u.sou != ostp->u.sou; 3840 3841 enum rank_kind rk1 = type_properties(nst)->tt_rank_kind; 3842 enum rank_kind rk2 = type_properties(ost)->tt_rank_kind; 3843 if (rk1 != rk2 || rk1 == RK_NONE) 3844 return true; 3845 3846 return portable_rank_cmp(nst, ost) != 0; 3847 } 3848 3849 static void 3850 convert_pointer_from_pointer(type_t *ntp, tnode_t *tn) 3851 { 3852 const type_t *nstp = ntp->t_subt; 3853 const type_t *otp = tn->tn_type; 3854 const type_t *ostp = otp->t_subt; 3855 tspec_t nst = nstp->t_tspec; 3856 tspec_t ost = ostp->t_tspec; 3857 3858 if (nst == VOID || ost == VOID) { 3859 /* TODO: C99 behaves like C90 here. */ 3860 if (!allow_trad && !allow_c99 && (nst == FUNC || ost == FUNC)) { 3861 const char *nts, *ots; 3862 /* null pointers are already handled in convert() */ 3863 *(nst == FUNC ? &nts : &ots) = "function pointer"; 3864 *(nst == VOID ? &nts : &ots) = "'void *'"; 3865 /* conversion of %s to %s requires a cast */ 3866 warning(303, ots, nts); 3867 } 3868 return; 3869 } 3870 if (nst == FUNC && ost == FUNC) 3871 return; 3872 if (nst == FUNC || ost == FUNC) { 3873 /* converting '%s' to '%s' is questionable */ 3874 warning(229, type_name(otp), type_name(ntp)); 3875 return; 3876 } 3877 3878 if (hflag && alignment(nstp) > alignment(ostp) && 3879 ost != CHAR && ost != UCHAR && 3880 !is_incomplete(ostp) && 3881 !(nst == UNION && union_contains(nstp, ostp))) { 3882 /* converting '%s' to '%s' increases alignment ... */ 3883 warning(135, type_name(otp), type_name(ntp), 3884 alignment(ostp), alignment(nstp)); 3885 } 3886 3887 if (cflag && should_warn_about_pointer_cast(nstp, nst, ostp, ost)) { 3888 /* pointer cast from '%s' to unrelated '%s' */ 3889 warning(247, type_name(ostp), type_name(nstp)); 3890 } 3891 } 3892 3893 /* 3894 * Insert a conversion operator, which converts the type of the node 3895 * to another given type. 3896 * 3897 * Possible values for 'op': 3898 * CVT a cast-expression 3899 * binary integer promotion for one of the operands, or a usual 3900 * arithmetic conversion 3901 * binary plain or compound assignments to bit-fields 3902 * FARG 'arg' is the number of the parameter (used for warnings) 3903 * NOOP several other implicit conversions 3904 * ... 3905 */ 3906 tnode_t * 3907 convert(op_t op, int arg, type_t *tp, tnode_t *tn) 3908 { 3909 tspec_t nt = tp->t_tspec; 3910 tspec_t ot = tn->tn_type->t_tspec; 3911 3912 if (allow_trad && allow_c90 && op == FARG) 3913 check_prototype_conversion(arg, nt, ot, tp, tn); 3914 3915 if (nt == BOOL) { 3916 /* No further checks. */ 3917 3918 } else if (is_integer(nt)) { 3919 if (ot == BOOL) { 3920 /* No further checks. */ 3921 } else if (is_integer(ot)) 3922 convert_integer_from_integer(op, arg, nt, ot, tp, tn); 3923 else if (is_floating(ot)) 3924 convert_integer_from_floating(op, arg, tp, tn); 3925 else if (ot == PTR) 3926 convert_integer_from_pointer(op, nt, tp, tn); 3927 3928 } else if (is_floating(nt)) { 3929 if (is_integer(ot) && op != CVT) { 3930 /* implicit conversion from integer '%s' to ... */ 3931 query_message(19, 3932 type_name(tn->tn_type), type_name(tp)); 3933 } 3934 3935 } else if (nt == PTR) { 3936 if (is_null_pointer(tn)) { 3937 /* a null pointer may be assigned to any pointer. */ 3938 } else if (ot == PTR && op == CVT) 3939 convert_pointer_from_pointer(tp, tn); 3940 } 3941 3942 tnode_t *ntn = expr_alloc_tnode(); 3943 ntn->tn_op = CVT; 3944 ntn->tn_type = tp; 3945 ntn->tn_cast = op == CVT; 3946 ntn->tn_sys |= tn->tn_sys; 3947 ntn->u.ops.right = NULL; 3948 if (tn->tn_op != CON || nt == VOID) { 3949 ntn->u.ops.left = tn; 3950 } else { 3951 ntn->tn_op = CON; 3952 convert_constant(op, arg, ntn->tn_type, &ntn->u.value, 3953 &tn->u.value); 3954 } 3955 3956 return ntn; 3957 } 3958 3959 static void 3960 convert_constant_from_floating(op_t op, int arg, const type_t *ntp, 3961 tspec_t nt, val_t *nv, val_t *ov) 3962 { 3963 long double max = 0.0, min = 0.0; 3964 3965 switch (nt) { 3966 case CHAR: 3967 max = TARG_CHAR_MAX; min = TARG_CHAR_MIN; break; 3968 case UCHAR: 3969 max = TARG_UCHAR_MAX; min = 0; break; 3970 case SCHAR: 3971 max = TARG_SCHAR_MAX; min = TARG_SCHAR_MIN; break; 3972 case SHORT: 3973 max = TARG_SHRT_MAX; min = TARG_SHRT_MIN; break; 3974 case USHORT: 3975 max = TARG_USHRT_MAX; min = 0; break; 3976 case ENUM: 3977 case INT: 3978 max = TARG_INT_MAX; min = TARG_INT_MIN; break; 3979 case UINT: 3980 max = TARG_UINT_MAX; min = 0; break; 3981 case LONG: 3982 max = TARG_LONG_MAX; min = TARG_LONG_MIN; break; 3983 case ULONG: 3984 max = TARG_ULONG_MAX; min = 0; break; 3985 case LLONG: 3986 max = LLONG_MAX; min = LLONG_MIN; break; 3987 case ULLONG: 3988 max = ULLONG_MAX; min = 0; break; 3989 case FLOAT: 3990 case FCOMPLEX: 3991 max = FLT_MAX; min = -FLT_MAX; break; 3992 case DOUBLE: 3993 case DCOMPLEX: 3994 max = DBL_MAX; min = -DBL_MAX; break; 3995 case LDOUBLE: 3996 case LCOMPLEX: 3997 /* LINTED 248; see floating_error_value. */ 3998 max = LDBL_MAX; min = -max; break; 3999 default: 4000 lint_assert(/*CONSTCOND*/false); 4001 } 4002 if (ov->u.floating > max || ov->u.floating < min) { 4003 lint_assert(nt != LDOUBLE); 4004 const char *ot_name = type_name(gettyp(ov->v_tspec)); 4005 const char *nt_name = type_name(ntp); 4006 if (is_integer(nt)) 4007 goto after_warning; 4008 if (op == FARG) 4009 /* conversion of '%s' to '%s' is out of range, ... */ 4010 warning(295, ot_name, nt_name, arg); 4011 else 4012 /* conversion of '%s' to '%s' is out of range */ 4013 warning(119, ot_name, nt_name); 4014 after_warning: 4015 ov->u.floating = ov->u.floating > 0 ? max : min; 4016 } 4017 4018 if (nt == FLOAT || nt == FCOMPLEX) 4019 nv->u.floating = (float)ov->u.floating; 4020 else if (nt == DOUBLE || nt == DCOMPLEX) 4021 nv->u.floating = (double)ov->u.floating; 4022 else if (nt == LDOUBLE || nt == LCOMPLEX) 4023 nv->u.floating = ov->u.floating; 4024 else 4025 nv->u.integer = (int64_t)ov->u.floating; 4026 } 4027 4028 static bool 4029 convert_constant_to_floating(tspec_t nt, val_t *nv, 4030 tspec_t ot, const val_t *v) 4031 { 4032 if (nt == FLOAT) { 4033 nv->u.floating = (ot == PTR || is_uinteger(ot)) ? 4034 (float)(uint64_t)v->u.integer : (float)v->u.integer; 4035 } else if (nt == DOUBLE) { 4036 nv->u.floating = (ot == PTR || is_uinteger(ot)) ? 4037 (double)(uint64_t)v->u.integer : (double)v->u.integer; 4038 } else if (nt == LDOUBLE) { 4039 nv->u.floating = (ot == PTR || is_uinteger(ot)) 4040 ? (long double)(uint64_t)v->u.integer 4041 : (long double)v->u.integer; 4042 } else 4043 return false; 4044 return true; 4045 } 4046 4047 /* 4048 * Print a warning if bits which were set are lost due to the conversion. 4049 * This can happen with operator ORASS only. 4050 */ 4051 static void 4052 convert_constant_check_range_bitor(size_t nsz, size_t osz, const val_t *v, 4053 uint64_t xmask, op_t op) 4054 { 4055 if (nsz < osz && (v->u.integer & xmask) != 0) 4056 /* constant truncated by conversion, op '%s' */ 4057 warning(306, op_name(op)); 4058 } 4059 4060 static void 4061 convert_constant_check_range_bitand(size_t nsz, size_t osz, 4062 uint64_t xmask, const val_t *nv, 4063 tspec_t ot, const val_t *v, 4064 const type_t *tp, op_t op) 4065 { 4066 if (nsz > osz && 4067 (nv->u.integer & bit((unsigned int)(osz - 1))) != 0 && 4068 (nv->u.integer & xmask) != xmask) { 4069 /* extra bits set to 0 in conversion of '%s' to '%s', ... */ 4070 warning(309, type_name(gettyp(ot)), 4071 type_name(tp), op_name(op)); 4072 } else if (nsz < osz && 4073 (v->u.integer & xmask) != xmask && 4074 (v->u.integer & xmask) != 0) 4075 /* constant truncated by conversion, op '%s' */ 4076 warning(306, op_name(op)); 4077 } 4078 4079 static void 4080 convert_constant_check_range_signed(op_t op, int arg, 4081 const type_t *ntp, int64_t ov) 4082 { 4083 if (op == ASSIGN) 4084 /* assignment of negative constant %lld to unsigned ... */ 4085 warning(164, (long long)ov, type_name(ntp)); 4086 else if (op == INIT) 4087 /* initialization of unsigned type '%s' with negative ... */ 4088 warning(221, type_name(ntp), (long long)ov); 4089 else if (op == FARG) 4090 /* conversion of negative constant %lld to unsigned ... */ 4091 warning(296, (long long)ov, type_name(ntp), arg); 4092 else if (modtab[op].m_comparison) { 4093 /* handled by check_integer_comparison() */ 4094 } else 4095 /* conversion of negative constant %lld to unsigned ... */ 4096 warning(222, (long long)ov, type_name(ntp)); 4097 } 4098 4099 /* 4100 * Loss of significant bit(s). All truncated bits of unsigned types or all 4101 * truncated bits plus the msb of the target for signed types are considered 4102 * to be significant bits. Loss of significant bits means that at least one 4103 * of the bits was set in an unsigned type or that at least one but not all 4104 * of the bits was set in a signed type. Loss of significant bits means that 4105 * it is not possible, also not with necessary casts, to convert back to the 4106 * original type. An example for a necessary cast is: 4107 * char c; int i; c = 128; 4108 * i = c; ** yields -128 ** 4109 * i = (unsigned char)c; ** yields 128 ** 4110 */ 4111 static void 4112 warn_constant_check_range_truncated(op_t op, int arg, const type_t *tp, 4113 tspec_t ot) 4114 { 4115 if (op == ASSIGN && tp->t_bitfield) 4116 /* precision lost in bit-field assignment */ 4117 warning(166); 4118 else if (op == ASSIGN) 4119 /* constant truncated by assignment */ 4120 warning(165); 4121 else if (op == INIT && tp->t_bitfield) 4122 /* bit-field initializer does not fit */ 4123 warning(180); 4124 else if (op == INIT) 4125 /* initializer does not fit */ 4126 warning(178); 4127 else if (op == CASE) 4128 /* case label affected by conversion */ 4129 warning(196); 4130 else if (op == FARG) 4131 /* conversion of '%s' to '%s' is out of range, arg #%d */ 4132 warning(295, type_name(gettyp(ot)), type_name(tp), arg); 4133 else 4134 /* conversion of '%s' to '%s' is out of range */ 4135 warning(119, type_name(gettyp(ot)), type_name(tp)); 4136 } 4137 4138 static void 4139 warn_constant_check_range_loss(op_t op, int arg, const type_t *tp, 4140 tspec_t ot) 4141 { 4142 if (op == ASSIGN && tp->t_bitfield) 4143 /* precision lost in bit-field assignment */ 4144 warning(166); 4145 else if (op == INIT && tp->t_bitfield) 4146 /* bit-field initializer out of range */ 4147 warning(11); 4148 else if (op == CASE) 4149 /* case label affected by conversion */ 4150 warning(196); 4151 else if (op == FARG) 4152 /* conversion of '%s' to '%s' is out of range, arg #%d */ 4153 warning(295, type_name(gettyp(ot)), type_name(tp), arg); 4154 else 4155 /* conversion of '%s' to '%s' is out of range */ 4156 warning(119, type_name(gettyp(ot)), type_name(tp)); 4157 } 4158 4159 static void 4160 convert_constant_check_range(tspec_t ot, const type_t *tp, tspec_t nt, 4161 op_t op, int arg, const val_t *v, val_t *nv) 4162 { 4163 unsigned int obitsz, nbitsz; 4164 uint64_t xmask, xmsk1; 4165 4166 obitsz = size_in_bits(ot); 4167 nbitsz = tp->t_bitfield ? tp->t_bit_field_width : size_in_bits(nt); 4168 xmask = value_bits(nbitsz) ^ value_bits(obitsz); 4169 xmsk1 = value_bits(nbitsz) ^ value_bits(obitsz - 1); 4170 if (op == ORASS || op == BITOR || op == BITXOR) { 4171 convert_constant_check_range_bitor( 4172 nbitsz, obitsz, v, xmask, op); 4173 } else if (op == ANDASS || op == BITAND) { 4174 convert_constant_check_range_bitand( 4175 nbitsz, obitsz, xmask, nv, ot, v, tp, op); 4176 } else if (nt != PTR && is_uinteger(nt) && 4177 ot != PTR && !is_uinteger(ot) && 4178 v->u.integer < 0) 4179 convert_constant_check_range_signed(op, arg, 4180 tp, v->u.integer); 4181 else if (nv->u.integer != v->u.integer && nbitsz <= obitsz && 4182 (v->u.integer & xmask) != 0 && 4183 (is_uinteger(ot) || (v->u.integer & xmsk1) != xmsk1)) 4184 warn_constant_check_range_truncated(op, arg, tp, ot); 4185 else if (nv->u.integer != v->u.integer) 4186 warn_constant_check_range_loss(op, arg, tp, ot); 4187 } 4188 4189 /* Converts a typed constant to a constant of another type. */ 4190 void 4191 convert_constant(op_t op, int arg, const type_t *ntp, val_t *nv, val_t *ov) 4192 { 4193 /* 4194 * TODO: make 'ov' const; the name of this function does not suggest 4195 * that it modifies 'ov'. 4196 */ 4197 tspec_t ot = ov->v_tspec; 4198 tspec_t nt = nv->v_tspec = ntp->t_tspec; 4199 bool range_check = false; 4200 4201 if (nt == BOOL) { /* C99 6.3.1.2 */ 4202 nv->v_unsigned_since_c90 = false; 4203 nv->u.integer = is_nonzero_val(ov) ? 1 : 0; 4204 return; 4205 } 4206 4207 if (ot == FLOAT || ot == DOUBLE || ot == LDOUBLE) 4208 convert_constant_from_floating(op, arg, ntp, nt, nv, ov); 4209 else if (!convert_constant_to_floating(nt, nv, ot, ov)) { 4210 range_check = true; /* Check for lost precision. */ 4211 nv->u.integer = ov->u.integer; 4212 } 4213 4214 if (allow_trad && allow_c90 && ov->v_unsigned_since_c90 && 4215 (is_floating(nt) || ( 4216 (is_integer(nt) && !is_uinteger(nt) && 4217 portable_rank_cmp(nt, ot) > 0)))) { 4218 /* C90 treats constant as unsigned */ 4219 warning(157); 4220 ov->v_unsigned_since_c90 = false; 4221 } 4222 4223 if (is_integer(nt)) { 4224 unsigned int size = ntp->t_bitfield 4225 ? ntp->t_bit_field_width : size_in_bits(nt); 4226 nv->u.integer = convert_integer(nv->u.integer, nt, size); 4227 } 4228 4229 if (range_check && op != CVT) 4230 convert_constant_check_range(ot, ntp, nt, op, arg, ov, nv); 4231 } 4232 4233 tnode_t * 4234 build_sizeof(const type_t *tp) 4235 { 4236 unsigned int size_in_bytes = type_size_in_bits(tp) / CHAR_SIZE; 4237 tnode_t *tn = build_integer_constant(SIZEOF_TSPEC, size_in_bytes); 4238 tn->tn_system_dependent = true; 4239 debug_step("build_sizeof '%s' = %u", type_name(tp), size_in_bytes); 4240 return tn; 4241 } 4242 4243 tnode_t * 4244 build_offsetof(const type_t *tp, designation dn) 4245 { 4246 unsigned int offset_in_bits = 0; 4247 4248 if (!is_struct_or_union(tp->t_tspec)) { 4249 /* unacceptable operand of '%s' */ 4250 error(111, "offsetof"); 4251 goto proceed; 4252 } 4253 for (size_t i = 0; i < dn.dn_len; i++) { 4254 const designator *dr = dn.dn_items + i; 4255 if (dr->dr_kind == DK_SUBSCRIPT) { 4256 if (tp->t_tspec != ARRAY) 4257 goto proceed; /* silent error */ 4258 tp = tp->t_subt; 4259 offset_in_bits += (unsigned)dr->dr_subscript 4260 * type_size_in_bits(tp); 4261 } else { 4262 if (!is_struct_or_union(tp->t_tspec)) 4263 goto proceed; /* silent error */ 4264 const char *name = dr->dr_member->s_name; 4265 sym_t *mem = find_member(tp->u.sou, name); 4266 if (mem == NULL) { 4267 /* type '%s' does not have member '%s' */ 4268 error(101, name, type_name(tp)); 4269 goto proceed; 4270 } 4271 tp = mem->s_type; 4272 offset_in_bits += mem->u.s_member.sm_offset_in_bits; 4273 } 4274 } 4275 free(dn.dn_items); 4276 4277 proceed:; 4278 unsigned int offset_in_bytes = offset_in_bits / CHAR_SIZE; 4279 tnode_t *tn = build_integer_constant(SIZEOF_TSPEC, offset_in_bytes); 4280 tn->tn_system_dependent = true; 4281 return tn; 4282 } 4283 4284 unsigned int 4285 type_size_in_bits(const type_t *tp) 4286 { 4287 4288 unsigned int elem = 1; 4289 bool flex = false; 4290 lint_assert(tp != NULL); 4291 while (tp->t_tspec == ARRAY) { 4292 flex = true; /* allow c99 flex arrays [] [0] */ 4293 elem *= tp->u.dimension; 4294 tp = tp->t_subt; 4295 } 4296 if (elem == 0 && !flex) { 4297 /* cannot take size/alignment of incomplete type */ 4298 error(143); 4299 elem = 1; 4300 } 4301 4302 unsigned int elsz; 4303 switch (tp->t_tspec) { 4304 case VOID: 4305 /* cannot take size/alignment of void */ 4306 error(146); 4307 elsz = 1; 4308 break; 4309 case FUNC: 4310 /* cannot take size/alignment of function type '%s' */ 4311 error(144, type_name(tp)); 4312 elsz = 1; 4313 break; 4314 case STRUCT: 4315 case UNION: 4316 if (is_incomplete(tp)) { 4317 /* cannot take size/alignment of incomplete type */ 4318 error(143); 4319 elsz = 1; 4320 } else 4321 elsz = tp->u.sou->sou_size_in_bits; 4322 break; 4323 case ENUM: 4324 if (is_incomplete(tp)) { 4325 /* cannot take size/alignment of incomplete type */ 4326 warning(143); 4327 } 4328 /* FALLTHROUGH */ 4329 default: 4330 if (tp->t_bitfield) 4331 /* cannot take size/alignment of bit-field */ 4332 error(145); 4333 elsz = size_in_bits(tp->t_tspec); 4334 lint_assert(elsz > 0); 4335 break; 4336 } 4337 4338 return elem * elsz; 4339 } 4340 4341 /* C11 6.5.3.4, GCC */ 4342 tnode_t * 4343 build_alignof(const type_t *tp) 4344 { 4345 if (tp->t_tspec == FUNC) { 4346 /* cannot take size/alignment of function type '%s' */ 4347 error(144, type_name(tp)); 4348 return NULL; 4349 } 4350 if (tp->t_tspec == VOID) { 4351 /* cannot take size/alignment of void */ 4352 error(146); 4353 return NULL; 4354 } 4355 if (is_incomplete(tp)) { 4356 /* cannot take size/alignment of incomplete type */ 4357 error(143); 4358 return NULL; 4359 } 4360 if (tp->t_bitfield) { 4361 /* cannot take size/alignment of bit-field */ 4362 error(145); 4363 return NULL; 4364 } 4365 return build_integer_constant(SIZEOF_TSPEC, (int64_t)alignment(tp)); 4366 } 4367 4368 static tnode_t * 4369 cast_to_union(tnode_t *otn, bool sys, type_t *ntp) 4370 { 4371 4372 if (!allow_gcc) { 4373 /* union cast is a GCC extension */ 4374 error(328); 4375 return NULL; 4376 } 4377 4378 for (const sym_t *m = ntp->u.sou->sou_first_member; 4379 m != NULL; m = m->s_next) { 4380 if (types_compatible(m->s_type, otn->tn_type, 4381 false, false, NULL)) { 4382 tnode_t *ntn = build_op(CVT, sys, ntp, otn, NULL); 4383 ntn->tn_cast = true; 4384 return ntn; 4385 } 4386 } 4387 4388 /* type '%s' is not a member of '%s' */ 4389 error(329, type_name(otn->tn_type), type_name(ntp)); 4390 return NULL; 4391 } 4392 4393 // In GCC mode, allow 'nullptr + offset' as a constant expression. 4394 static tnode_t * 4395 null_pointer_offset(tnode_t *tn) 4396 { 4397 uint64_t off = 0; 4398 const tnode_t *n = tn; 4399 while ((n->tn_op == PLUS || n->tn_op == MINUS) 4400 && is_integer(n->u.ops.right->tn_type->t_tspec)) { 4401 off += (uint64_t)n->u.ops.right->u.value.u.integer; 4402 n = n->u.ops.left; 4403 } 4404 if (n->tn_type->t_tspec == PTR 4405 && n->tn_op == ADDR 4406 && n->u.ops.left->tn_op == INDIR 4407 && n->u.ops.left->u.ops.left->tn_op == CON 4408 && n->u.ops.left->u.ops.left->tn_type->t_tspec == PTR) { 4409 off += (uint64_t)n->u.ops.left->u.ops.left->u.value.u.integer; 4410 return build_integer_constant(SIZEOF_TSPEC, (int64_t)off); 4411 } 4412 return tn; 4413 } 4414 4415 tnode_t * 4416 cast(tnode_t *tn, bool sys, type_t *tp) 4417 { 4418 4419 if (tn == NULL) 4420 return NULL; 4421 4422 tn = cconv(tn); 4423 4424 lint_assert(tp != NULL); 4425 tspec_t nt = tp->t_tspec; 4426 tspec_t ot = tn->tn_type->t_tspec; 4427 4428 if (nt == VOID) { 4429 /* 4430 * C90 6.3.4, C99 6.5.4p2 and C11 6.5.4p2 allow any type to be 4431 * cast to void. The only other allowed casts are from a 4432 * scalar type to a scalar type. 4433 */ 4434 } else if (nt == UNION) 4435 return cast_to_union(tn, sys, tp); 4436 else if (nt == STRUCT || nt == ARRAY || nt == FUNC) { 4437 /* Casting to a struct is an undocumented GCC extension. */ 4438 if (!(allow_gcc && nt == STRUCT)) 4439 goto invalid_cast; 4440 } else if (is_struct_or_union(ot)) 4441 goto invalid_cast; 4442 else if (ot == VOID) { 4443 /* improper cast of void expression */ 4444 error(148); 4445 return NULL; 4446 } else if (is_integer(nt) && is_scalar(ot)) { 4447 tn = null_pointer_offset(tn); 4448 } else if (is_floating(nt) && is_arithmetic(ot)) { 4449 /* ok */ 4450 } else if (nt == PTR && is_integer(ot)) { 4451 /* ok */ 4452 } else if (nt == PTR && ot == PTR) { 4453 if (!tp->t_subt->t_const && tn->tn_type->t_subt->t_const) { 4454 if (hflag) 4455 /* cast discards 'const' from type '%s' */ 4456 warning(275, type_name(tn->tn_type)); 4457 } 4458 } else 4459 goto invalid_cast; 4460 4461 if (any_query_enabled 4462 && types_compatible(tp, tn->tn_type, false, false, NULL)) 4463 /* no-op cast from '%s' to '%s' */ 4464 query_message(6, type_name(tn->tn_type), type_name(tp)); 4465 4466 tn = convert(CVT, 0, tp, tn); 4467 tn->tn_cast = true; 4468 tn->tn_sys = sys; 4469 4470 return tn; 4471 4472 invalid_cast: 4473 /* invalid cast from '%s' to '%s' */ 4474 error(147, type_name(tn->tn_type), type_name(tp)); 4475 return NULL; 4476 } 4477 4478 void 4479 add_function_argument(function_call *call, tnode_t *arg) 4480 { 4481 /* 4482 * If there was a serious error in the expression for the argument, 4483 * create a dummy argument so the positions of the remaining arguments 4484 * will not change. 4485 */ 4486 if (arg == NULL) 4487 arg = build_integer_constant(INT, 0); 4488 4489 if (call->args_len >= call->args_cap) { 4490 call->args_cap += 8; 4491 tnode_t **new_args = expr_zero_alloc( 4492 call->args_cap * sizeof(*call->args), "tnode*[]"); 4493 if (call->args_len > 0) 4494 memcpy(new_args, call->args, 4495 call->args_len * sizeof(*call->args)); 4496 call->args = new_args; 4497 } 4498 call->args[call->args_len++] = arg; 4499 } 4500 4501 /* 4502 * Compare the type of an argument with the corresponding type of a 4503 * prototype parameter. If it is a valid combination, but both types 4504 * are not the same, insert a conversion to convert the argument into 4505 * the type of the parameter. 4506 */ 4507 static tnode_t * 4508 check_prototype_argument( 4509 int n, /* pos of arg */ 4510 type_t *tp, /* expected type (from prototype) */ 4511 tnode_t *tn) /* argument */ 4512 { 4513 tnode_t *ln = xcalloc(1, sizeof(*ln)); 4514 ln->tn_type = expr_unqualified_type(tp); 4515 ln->tn_lvalue = true; 4516 if (typeok(FARG, n, ln, tn)) { 4517 bool dowarn; 4518 if (!types_compatible(tp, tn->tn_type, 4519 true, false, (dowarn = false, &dowarn)) || dowarn) 4520 tn = convert(FARG, n, tp, tn); 4521 } 4522 free(ln); 4523 return tn; 4524 } 4525 4526 /* 4527 * Check types of all function arguments and insert conversions, 4528 * if necessary. 4529 */ 4530 static void 4531 check_function_arguments(const function_call *call) 4532 { 4533 type_t *ftp = call->func->tn_type->t_subt; 4534 4535 /* get # of parameters in the prototype */ 4536 int npar = 0; 4537 for (const sym_t *p = ftp->u.params; p != NULL; p = p->s_next) 4538 npar++; 4539 4540 int narg = (int)call->args_len; 4541 4542 const sym_t *param = ftp->u.params; 4543 if (ftp->t_proto && npar != narg && !(ftp->t_vararg && npar < narg)) { 4544 /* argument mismatch: %d %s passed, %d expected */ 4545 error(150, narg, narg != 1 ? "arguments" : "argument", npar); 4546 param = NULL; 4547 } 4548 4549 for (int i = 0; i < narg; i++) { 4550 tnode_t *arg = call->args[i]; 4551 4552 /* some things which are always not allowed */ 4553 tspec_t at = arg->tn_type->t_tspec; 4554 if (at == VOID) { 4555 /* void expressions may not be arguments, arg #%d */ 4556 error(151, i + 1); 4557 return; 4558 } 4559 if (is_struct_or_union(at) && is_incomplete(arg->tn_type)) { 4560 /* argument cannot have unknown size, arg #%d */ 4561 error(152, i + 1); 4562 return; 4563 } 4564 if (is_integer(at) && 4565 arg->tn_type->t_is_enum && 4566 is_incomplete(arg->tn_type)) { 4567 /* argument cannot have unknown size, arg #%d */ 4568 warning(152, i + 1); 4569 } 4570 4571 arg = cconv(arg); 4572 call->args[i] = arg; 4573 4574 arg = param != NULL 4575 ? check_prototype_argument(i + 1, param->s_type, arg) 4576 : promote(NOOP, true, arg); 4577 call->args[i] = arg; 4578 4579 if (param != NULL) 4580 param = param->s_next; 4581 } 4582 } 4583 4584 tnode_t * 4585 build_function_call(tnode_t *func, bool sys, function_call *call) 4586 { 4587 4588 if (func == NULL) 4589 return NULL; 4590 4591 call->func = func; 4592 check_ctype_function_call(call); 4593 4594 func = cconv(func); 4595 call->func = func; 4596 4597 if (func->tn_type->t_tspec != PTR || 4598 func->tn_type->t_subt->t_tspec != FUNC) { 4599 /* cannot call '%s', must be a function */ 4600 error(149, type_name(func->tn_type)); 4601 return NULL; 4602 } 4603 4604 check_function_arguments(call); 4605 4606 tnode_t *ntn = expr_alloc_tnode(); 4607 ntn->tn_op = CALL; 4608 ntn->tn_type = func->tn_type->t_subt->t_subt; 4609 ntn->tn_sys = sys; 4610 ntn->u.call = call; 4611 return ntn; 4612 } 4613 4614 /* 4615 * Return the value of an integral constant expression. 4616 * If the expression is not constant or its type is not an integer 4617 * type, an error message is printed. 4618 */ 4619 val_t * 4620 integer_constant(tnode_t *tn, bool required) 4621 { 4622 4623 if (tn != NULL) 4624 tn = cconv(tn); 4625 if (tn != NULL) 4626 tn = promote(NOOP, false, tn); 4627 4628 val_t *v = xcalloc(1, sizeof(*v)); 4629 4630 if (tn == NULL) { 4631 lint_assert(seen_error); 4632 debug_step("constant node is null; returning 1 instead"); 4633 v->v_tspec = INT; 4634 v->u.integer = 1; 4635 return v; 4636 } 4637 4638 v->v_tspec = tn->tn_type->t_tspec; 4639 4640 if (tn->tn_op == CON) { 4641 lint_assert(tn->tn_type->t_tspec == tn->u.value.v_tspec); 4642 if (is_integer(tn->u.value.v_tspec)) { 4643 v->v_unsigned_since_c90 = 4644 tn->u.value.v_unsigned_since_c90; 4645 v->u.integer = tn->u.value.u.integer; 4646 return v; 4647 } 4648 v->u.integer = (int64_t)tn->u.value.u.floating; 4649 } else 4650 v->u.integer = 1; 4651 4652 if (required) 4653 /* integral constant expression expected */ 4654 error(55); 4655 else 4656 /* variable array dimension is a C99/GCC extension */ 4657 c99ism(318); 4658 4659 if (!is_integer(v->v_tspec)) 4660 v->v_tspec = INT; 4661 4662 return v; 4663 } 4664 4665 static bool 4666 is_constcond_false(const tnode_t *tn, tspec_t t) 4667 { 4668 return (t == BOOL || t == INT) && 4669 tn->tn_op == CON && tn->u.value.u.integer == 0; 4670 } 4671 4672 /* 4673 * Perform some tests on expressions which can't be done in build_binary() 4674 * and functions called by build_binary(). These tests must be done here 4675 * because we need some information about the context in which the operations 4676 * are performed. 4677 * After all tests are performed and dofreeblk is true, expr() frees the 4678 * memory which is used for the expression. 4679 */ 4680 void 4681 expr(tnode_t *tn, bool vctx, bool cond, bool dofreeblk, bool is_do_while, 4682 const char *stmt_kind) 4683 { 4684 4685 if (tn == NULL) { /* in case of errors */ 4686 expr_free_all(); 4687 return; 4688 } 4689 4690 /* expr() is also called in global initializations */ 4691 if (dcs->d_kind != DLK_EXTERN && !is_do_while) 4692 check_statement_reachable(stmt_kind); 4693 4694 check_expr_misc(tn, vctx, cond, !cond, false, false, false); 4695 if (tn->tn_op == ASSIGN && !tn->tn_parenthesized) { 4696 if (hflag && cond) 4697 /* assignment in conditional context */ 4698 warning(159); 4699 } else if (tn->tn_op == CON) { 4700 if (hflag && cond && !suppress_constcond && 4701 !tn->tn_system_dependent && 4702 !(is_do_while && 4703 is_constcond_false(tn, tn->tn_type->t_tspec))) 4704 /* constant in conditional context */ 4705 warning(161); 4706 } 4707 if (!modtab[tn->tn_op].m_has_side_effect) { 4708 /* 4709 * for left operands of COMMA this warning is already printed 4710 */ 4711 if (tn->tn_op != COMMA && !vctx && !cond) 4712 check_null_effect(tn); 4713 } 4714 debug_node(tn); 4715 4716 if (dofreeblk) 4717 expr_free_all(); 4718 } 4719 4720 /* If the expression has the form '*(arr + idx)', check the array index. */ 4721 static void 4722 check_array_index(const tnode_t *indir, bool taking_address) 4723 { 4724 const tnode_t *plus, *arr, *idx; 4725 4726 if (indir->tn_op == INDIR 4727 && (plus = indir->u.ops.left, plus->tn_op == PLUS) 4728 && plus->u.ops.left->tn_op == ADDR 4729 && (arr = plus->u.ops.left->u.ops.left, true) 4730 && (arr->tn_op == STRING || arr->tn_op == NAME) 4731 && arr->tn_type->t_tspec == ARRAY 4732 && (idx = plus->u.ops.right, idx->tn_op == CON) 4733 && (!is_incomplete(arr->tn_type) || idx->u.value.u.integer < 0)) 4734 goto proceed; 4735 return; 4736 4737 proceed:; 4738 int elsz = length_in_bits(arr->tn_type->t_subt, NULL); 4739 if (elsz == 0) 4740 return; 4741 elsz /= CHAR_SIZE; 4742 4743 /* Change the unit of the index from bytes to element size. */ 4744 int64_t con = is_uinteger(idx->tn_type->t_tspec) 4745 ? (int64_t)((uint64_t)idx->u.value.u.integer / elsz) 4746 : idx->u.value.u.integer / elsz; 4747 4748 int dim = arr->tn_type->u.dimension + (taking_address ? 1 : 0); 4749 4750 if (!is_uinteger(idx->tn_type->t_tspec) && con < 0) 4751 /* array subscript %jd cannot be negative */ 4752 warning(167, (intmax_t)con); 4753 else if (dim > 0 && (uint64_t)con >= (uint64_t)dim) 4754 /* array subscript %ju cannot be > %d */ 4755 warning(168, (uintmax_t)con, dim - 1); 4756 } 4757 4758 static void 4759 check_expr_addr(const tnode_t *ln, bool szof, bool fcall) 4760 { 4761 /* XXX: Taking warn_about_unreachable into account here feels wrong. */ 4762 if (ln->tn_op == NAME && (reached || !warn_about_unreachable)) { 4763 if (!szof) 4764 mark_as_set(ln->u.sym); 4765 mark_as_used(ln->u.sym, fcall, szof); 4766 } 4767 check_array_index(ln, true); 4768 } 4769 4770 /* 4771 * If there is an asm statement in one of the compound statements around, 4772 * there may be other side effects, so don't warn. 4773 */ 4774 static bool 4775 is_asm_around(void) 4776 { 4777 for (decl_level *dl = dcs; dl != NULL; dl = dl->d_enclosing) 4778 if (dl->d_asm) 4779 return true; 4780 return false; 4781 } 4782 4783 static void 4784 check_expr_side_effect(const tnode_t *ln, bool szof) 4785 { 4786 4787 /* XXX: Taking warn_about_unreachable into account here feels wrong. */ 4788 if (ln->tn_op == NAME && (reached || !warn_about_unreachable)) { 4789 scl_t sc = ln->u.sym->s_scl; 4790 if (sc != EXTERN && sc != STATIC && 4791 !ln->u.sym->s_set && !szof && !is_asm_around()) { 4792 /* '%s' may be used before set */ 4793 warning(158, ln->u.sym->s_name); 4794 mark_as_set(ln->u.sym); 4795 } 4796 mark_as_used(ln->u.sym, false, false); 4797 } 4798 } 4799 4800 static void 4801 check_expr_assign(const tnode_t *ln, bool szof) 4802 { 4803 /* XXX: Taking warn_about_unreachable into account here feels wrong. */ 4804 if (ln->tn_op == NAME && !szof && (reached || !warn_about_unreachable)) { 4805 mark_as_set(ln->u.sym); 4806 if (ln->u.sym->s_scl == EXTERN) 4807 outusg(ln->u.sym); 4808 } 4809 check_array_index(ln, false); 4810 } 4811 4812 static void 4813 check_expr_call(const tnode_t *tn, const tnode_t *ln, 4814 bool szof, bool vctx, bool cond, bool retval_discarded) 4815 { 4816 lint_assert(ln->tn_op == ADDR); 4817 lint_assert(ln->u.ops.left->tn_op == NAME); 4818 if (!szof && !is_compiler_builtin(ln->u.ops.left->u.sym->s_name)) 4819 outcall(tn, vctx || cond, retval_discarded); 4820 4821 const function_call *call = tn->u.call; 4822 if (call->args_len == 4 || call->args_len == 5) 4823 check_snprintb(call); 4824 } 4825 4826 static void 4827 check_expr_op(op_t op, const tnode_t *ln, bool szof, bool fcall, bool eqwarn) 4828 { 4829 switch (op) { 4830 case ADDR: 4831 check_expr_addr(ln, szof, fcall); 4832 break; 4833 case LOAD: 4834 check_array_index(ln, false); 4835 /* FALLTHROUGH */ 4836 case INCBEF: 4837 case DECBEF: 4838 case INCAFT: 4839 case DECAFT: 4840 case ADDASS: 4841 case SUBASS: 4842 case MULASS: 4843 case DIVASS: 4844 case MODASS: 4845 case ANDASS: 4846 case ORASS: 4847 case XORASS: 4848 case SHLASS: 4849 case SHRASS: 4850 case REAL: 4851 case IMAG: 4852 check_expr_side_effect(ln, szof); 4853 break; 4854 case ASSIGN: 4855 check_expr_assign(ln, szof); 4856 break; 4857 case EQ: 4858 if (hflag && eqwarn) 4859 /* operator '==' found where '=' was expected */ 4860 warning(160); 4861 break; 4862 default: 4863 break; 4864 } 4865 } 4866 4867 /* 4868 * vctx ??? 4869 * cond whether the expression is a condition that 4870 * will be compared with 0 4871 * eqwarn whether the operator '==' might be a 4872 * misspelled '=' 4873 * fcall whether the expression is a function call 4874 * retval_discarded whether the return value of a function call 4875 * is discarded; such calls will be analyzed by 4876 * lint2 in messages 4, 8 and 9 4877 * szof whether the expression is part of a sizeof 4878 * expression, which means that its value is 4879 * discarded since only the type is relevant 4880 */ 4881 void 4882 check_expr_misc(const tnode_t *tn, bool vctx, bool cond, 4883 bool eqwarn, bool fcall, bool retval_discarded, bool szof) 4884 { 4885 4886 if (tn == NULL) 4887 return; 4888 op_t op = tn->tn_op; 4889 if (op == NAME || op == CON || op == STRING) 4890 return; 4891 bool is_direct = op == CALL 4892 && tn->u.call->func->tn_op == ADDR 4893 && tn->u.call->func->u.ops.left->tn_op == NAME; 4894 if (op == CALL) { 4895 const function_call *call = tn->u.call; 4896 if (is_direct) 4897 check_expr_call(tn, call->func, 4898 szof, vctx, cond, retval_discarded); 4899 bool discard = op == CVT && tn->tn_type->t_tspec == VOID; 4900 check_expr_misc(call->func, false, false, false, is_direct, 4901 discard, szof); 4902 for (size_t i = 0, n = call->args_len; i < n; i++) 4903 check_expr_misc(call->args[i], 4904 true, false, false, false, false, szof); 4905 return; 4906 } 4907 4908 lint_assert(has_operands(tn)); 4909 tnode_t *ln = tn->u.ops.left; 4910 tnode_t *rn = tn->u.ops.right; 4911 check_expr_op(op, ln, szof, fcall, eqwarn); 4912 4913 const mod_t *mp = &modtab[op]; 4914 bool cvctx = mp->m_value_context; 4915 bool ccond = mp->m_compares_with_zero; 4916 bool eq = mp->m_warn_if_operand_eq && 4917 !ln->tn_parenthesized && 4918 rn != NULL && !rn->tn_parenthesized; 4919 4920 /* 4921 * Values of operands of ':' are not used if the type of at least 4922 * one of the operands (for GCC compatibility) is 'void'. 4923 * 4924 * XXX test/value context of QUEST should probably be used as 4925 * context for both operands of COLON. 4926 */ 4927 if (op == COLON && tn->tn_type->t_tspec == VOID) 4928 cvctx = ccond = false; 4929 bool discard = op == CVT && tn->tn_type->t_tspec == VOID; 4930 check_expr_misc(ln, cvctx, ccond, eq, is_direct, discard, szof); 4931 4932 switch (op) { 4933 case LOGAND: 4934 case LOGOR: 4935 check_expr_misc(rn, false, true, eq, false, false, szof); 4936 break; 4937 case COLON: 4938 check_expr_misc(rn, cvctx, ccond, eq, false, false, szof); 4939 break; 4940 case COMMA: 4941 check_expr_misc(rn, vctx, cond, false, false, false, szof); 4942 break; 4943 default: 4944 if (mp->m_binary) 4945 check_expr_misc(rn, true, false, eq, false, false, 4946 szof); 4947 break; 4948 } 4949 } 4950 4951 /* 4952 * Return whether the expression can be used for static initialization. 4953 * 4954 * Constant initialization expressions must be constant or an address 4955 * of a static object with an optional offset. In the first case, 4956 * the result is returned in *offsp. In the second case, the static 4957 * object is returned in *symp and the offset in *offsp. 4958 * 4959 * The expression can consist of PLUS, MINUS, ADDR, NAME, STRING and 4960 * CON. Type conversions are allowed if they do not change binary 4961 * representation (including width). 4962 * 4963 * C99 6.6 "Constant expressions" 4964 * C99 6.7.8p4 restricts initializers for static storage duration 4965 */ 4966 bool 4967 constant_addr(const tnode_t *tn, const sym_t **symp, ptrdiff_t *offsp) 4968 { 4969 const sym_t *sym; 4970 ptrdiff_t offs1, offs2; 4971 tspec_t t, ot; 4972 4973 switch (tn->tn_op) { 4974 case MINUS: 4975 if (tn->u.ops.right->tn_op == CVT) 4976 return constant_addr(tn->u.ops.right, symp, offsp); 4977 else if (tn->u.ops.right->tn_op != CON) 4978 return false; 4979 /* FALLTHROUGH */ 4980 case PLUS: 4981 offs1 = offs2 = 0; 4982 if (tn->u.ops.left->tn_op == CON) { 4983 offs1 = (ptrdiff_t)tn->u.ops.left->u.value.u.integer; 4984 if (!constant_addr(tn->u.ops.right, &sym, &offs2)) 4985 return false; 4986 } else if (tn->u.ops.right->tn_op == CON) { 4987 offs2 = (ptrdiff_t)tn->u.ops.right->u.value.u.integer; 4988 if (tn->tn_op == MINUS) 4989 offs2 = -offs2; 4990 if (!constant_addr(tn->u.ops.left, &sym, &offs1)) 4991 return false; 4992 } else { 4993 return false; 4994 } 4995 *symp = sym; 4996 *offsp = offs1 + offs2; 4997 return true; 4998 case ADDR: 4999 if (tn->u.ops.left->tn_op == NAME) { 5000 *symp = tn->u.ops.left->u.sym; 5001 *offsp = 0; 5002 return true; 5003 } else { 5004 /* 5005 * If this were the front end of a compiler, we would 5006 * return a label instead of 0, at least if 5007 * 'tn->u.ops.left->tn_op == STRING'. 5008 */ 5009 *symp = NULL; 5010 *offsp = 0; 5011 return true; 5012 } 5013 case CVT: 5014 t = tn->tn_type->t_tspec; 5015 ot = tn->u.ops.left->tn_type->t_tspec; 5016 if ((!is_integer(t) && t != PTR) || 5017 (!is_integer(ot) && ot != PTR)) { 5018 return false; 5019 } 5020 #if 0 5021 /*- 5022 * consider: 5023 * struct foo { 5024 * unsigned char a; 5025 * } f = { 5026 * (unsigned char)(unsigned long) 5027 * (&(((struct foo *)0)->a)) 5028 * }; 5029 * since psize(unsigned long) != psize(unsigned char), 5030 * this fails. 5031 */ 5032 else if (psize(t) != psize(ot)) 5033 return -1; 5034 #endif 5035 return constant_addr(tn->u.ops.left, symp, offsp); 5036 default: 5037 return false; 5038 } 5039 } 5040 5041 /* Append s2 to s1, then free s2. */ 5042 buffer * 5043 cat_strings(buffer *s1, buffer *s2) 5044 { 5045 5046 if ((s1->data != NULL) != (s2->data != NULL)) { 5047 /* cannot concatenate wide and regular string literals */ 5048 error(292); 5049 return s1; 5050 } 5051 5052 if (s1->data != NULL) { 5053 while (s1->len + s2->len + 1 > s1->cap) 5054 s1->cap *= 2; 5055 s1->data = xrealloc(s1->data, s1->cap); 5056 memcpy(s1->data + s1->len, s2->data, s2->len + 1); 5057 free(s2->data); 5058 } 5059 s1->len += s2->len; 5060 free(s2); 5061 5062 return s1; 5063 } 5064 5065 5066 typedef struct stmt_expr { 5067 memory_pool se_mem; 5068 sym_t *se_sym; 5069 struct stmt_expr *se_enclosing; 5070 } stmt_expr; 5071 5072 static stmt_expr *stmt_exprs; 5073 5074 void 5075 begin_statement_expr(void) 5076 { 5077 debug_enter(); 5078 5079 stmt_expr *se = xmalloc(sizeof(*se)); 5080 se->se_mem = expr_save_memory(); 5081 se->se_sym = NULL; 5082 se->se_enclosing = stmt_exprs; 5083 stmt_exprs = se; 5084 } 5085 5086 void 5087 do_statement_expr(tnode_t *tn) 5088 { 5089 block_level--; 5090 mem_block_level--; 5091 stmt_exprs->se_sym = tn != NULL 5092 ? mktempsym(block_dup_type(tn->tn_type)) 5093 : NULL; /* after a syntax error */ 5094 mem_block_level++; 5095 block_level++; 5096 /* '({ ... })' is a GCC extension */ 5097 gnuism(320); 5098 } 5099 5100 tnode_t * 5101 end_statement_expr(void) 5102 { 5103 tnode_t *tn; 5104 5105 stmt_expr *se = stmt_exprs; 5106 if (se->se_sym == NULL) { 5107 tn = NULL; /* after a syntax error */ 5108 goto end; 5109 } 5110 5111 tn = build_name(se->se_sym, false); 5112 (void)expr_save_memory(); /* leak */ 5113 expr_restore_memory(se->se_mem); 5114 stmt_exprs = se->se_enclosing; 5115 free(se); 5116 5117 end: 5118 debug_leave(); 5119 return tn; 5120 } 5121 5122 bool 5123 in_statement_expr(void) 5124 { 5125 return stmt_exprs != NULL; 5126 } 5127