SemaChecking.cpp revision 26a31428f130b66f61834d1b4d1cf72f590f70b9
159907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner//===--- SemaChecking.cpp - Extra Semantic Checking -----------------------===// 259907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner// 359907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner// The LLVM Compiler Infrastructure 459907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner// 50bc735ffcfb223c0186419547abaa5c84482663eChris Lattner// This file is distributed under the University of Illinois Open Source 60bc735ffcfb223c0186419547abaa5c84482663eChris Lattner// License. See LICENSE.TXT for details. 759907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner// 859907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner//===----------------------------------------------------------------------===// 959907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner// 101eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump// This file implements extra semantic analysis beyond what is enforced 1159907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner// by the C type system. 1259907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner// 1359907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner//===----------------------------------------------------------------------===// 1459907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner 1559907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner#include "Sema.h" 16e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek#include "clang/Analysis/Analyses/PrintfFormatString.h" 1759907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner#include "clang/AST/ASTContext.h" 18199c3d6cd16aebbb9c7f0d42af9d922c9628bf70Ken Dyck#include "clang/AST/CharUnits.h" 19c4a1dea2dc56bd1357ec91b829a0b9e68229a13eDaniel Dunbar#include "clang/AST/DeclObjC.h" 202324512285caac0332bbbc6e4cab6245d2a370a1Ted Kremenek#include "clang/AST/ExprCXX.h" 217ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek#include "clang/AST/ExprObjC.h" 22f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump#include "clang/AST/DeclObjC.h" 23f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump#include "clang/AST/StmtCXX.h" 24f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump#include "clang/AST/StmtObjC.h" 25719e61573f27c11057ecfe0dd8f141621602c571Chris Lattner#include "clang/Lex/LiteralSupport.h" 2659907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner#include "clang/Lex/Preprocessor.h" 27f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump#include "llvm/ADT/BitVector.h" 28f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump#include "llvm/ADT/STLExtras.h" 29691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher#include "clang/Basic/TargetBuiltins.h" 3026a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman#include "clang/Basic/TargetInfo.h" 31a1f3dba77b7418575c1ff539ffa74ebaa068280cZhongxing Xu#include <limits> 3259907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattnerusing namespace clang; 3359907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner 3460800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner/// getLocationOfStringLiteralByte - Return a source location that points to the 3560800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner/// specified byte of the specified string literal. 3660800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner/// 3760800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner/// Strings are amazingly complex. They can be formed from multiple tokens and 3860800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner/// can have escape sequences in them in addition to the usual trigraph and 3960800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner/// escaped newline business. This routine handles this complexity. 4060800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner/// 4160800081361b0ffc114877b8abbc81cb57b4edf6Chris LattnerSourceLocation Sema::getLocationOfStringLiteralByte(const StringLiteral *SL, 4260800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner unsigned ByteNo) const { 4360800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner assert(!SL->isWide() && "This doesn't work for wide strings yet"); 441eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4560800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // Loop over all of the tokens in this string until we find the one that 4660800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // contains the byte we're looking for. 4760800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner unsigned TokNo = 0; 4860800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner while (1) { 4960800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner assert(TokNo < SL->getNumConcatenated() && "Invalid byte number!"); 5060800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner SourceLocation StrTokLoc = SL->getStrTokenLoc(TokNo); 511eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 5260800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // Get the spelling of the string so that we can get the data that makes up 5360800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // the string literal, not the identifier for the macro it is potentially 5460800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // expanded through. 5560800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner SourceLocation StrTokSpellingLoc = SourceMgr.getSpellingLoc(StrTokLoc); 5660800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner 5760800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // Re-lex the token to get its length and original spelling. 5860800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner std::pair<FileID, unsigned> LocInfo = 5960800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner SourceMgr.getDecomposedLoc(StrTokSpellingLoc); 60f715ca12bfc9fddfde75f98a197424434428b821Douglas Gregor bool Invalid = false; 61f6ac97b101c8840efa92bf29166077ce4049e293Benjamin Kramer llvm::StringRef Buffer = SourceMgr.getBufferData(LocInfo.first, &Invalid); 62f715ca12bfc9fddfde75f98a197424434428b821Douglas Gregor if (Invalid) 63aea67dbd653a2dd6dd5cc2159279e81e855b2482Douglas Gregor return StrTokSpellingLoc; 64aea67dbd653a2dd6dd5cc2159279e81e855b2482Douglas Gregor 65f6ac97b101c8840efa92bf29166077ce4049e293Benjamin Kramer const char *StrData = Buffer.data()+LocInfo.second; 661eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 6760800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // Create a langops struct and enable trigraphs. This is sufficient for 6860800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // relexing tokens. 6960800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner LangOptions LangOpts; 7060800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner LangOpts.Trigraphs = true; 711eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 7260800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // Create a lexer starting at the beginning of this token. 73f6ac97b101c8840efa92bf29166077ce4049e293Benjamin Kramer Lexer TheLexer(StrTokSpellingLoc, LangOpts, Buffer.begin(), StrData, 74f6ac97b101c8840efa92bf29166077ce4049e293Benjamin Kramer Buffer.end()); 7560800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner Token TheTok; 7660800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner TheLexer.LexFromRawLexer(TheTok); 771eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 78443e53c7845f01c8ed693ccd137abb0bd76564f6Chris Lattner // Use the StringLiteralParser to compute the length of the string in bytes. 79b90f4b3fb94056609da9cca5eef7358d95a363b2Douglas Gregor StringLiteralParser SLP(&TheTok, 1, PP, /*Complain=*/false); 80443e53c7845f01c8ed693ccd137abb0bd76564f6Chris Lattner unsigned TokNumBytes = SLP.GetStringLength(); 811eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 822197c963543397777919cec22b65feb31a9ddf79Chris Lattner // If the byte is in this token, return the location of the byte. 8360800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner if (ByteNo < TokNumBytes || 8460800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner (ByteNo == TokNumBytes && TokNo == SL->getNumConcatenated())) { 851eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump unsigned Offset = 86b90f4b3fb94056609da9cca5eef7358d95a363b2Douglas Gregor StringLiteralParser::getOffsetOfStringByte(TheTok, ByteNo, PP, 87b90f4b3fb94056609da9cca5eef7358d95a363b2Douglas Gregor /*Complain=*/false); 881eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 89719e61573f27c11057ecfe0dd8f141621602c571Chris Lattner // Now that we know the offset of the token in the spelling, use the 90719e61573f27c11057ecfe0dd8f141621602c571Chris Lattner // preprocessor to get the offset in the original source. 91719e61573f27c11057ecfe0dd8f141621602c571Chris Lattner return PP.AdvanceToTokenCharacter(StrTokLoc, Offset); 9260800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner } 931eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 9460800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // Move to the next string token. 9560800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner ++TokNo; 9660800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner ByteNo -= TokNumBytes; 9760800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner } 9860800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner} 9960800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner 1004403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn/// CheckablePrintfAttr - does a function call have a "printf" attribute 1014403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn/// and arguments that merit checking? 1024403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynnbool Sema::CheckablePrintfAttr(const FormatAttr *Format, CallExpr *TheCall) { 1034403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn if (Format->getType() == "printf") return true; 1044403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn if (Format->getType() == "printf0") { 1054403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn // printf0 allows null "format" string; if so don't check format/args 1064403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn unsigned format_idx = Format->getFormatIdx() - 1; 1074a2614e94672c47395abcde60518776fbebec589Sebastian Redl // Does the index refer to the implicit object argument? 1084a2614e94672c47395abcde60518776fbebec589Sebastian Redl if (isa<CXXMemberCallExpr>(TheCall)) { 1094a2614e94672c47395abcde60518776fbebec589Sebastian Redl if (format_idx == 0) 1104a2614e94672c47395abcde60518776fbebec589Sebastian Redl return false; 1114a2614e94672c47395abcde60518776fbebec589Sebastian Redl --format_idx; 1124a2614e94672c47395abcde60518776fbebec589Sebastian Redl } 1134403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn if (format_idx < TheCall->getNumArgs()) { 1144403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn Expr *Format = TheCall->getArg(format_idx)->IgnoreParenCasts(); 115efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek if (!Format->isNullPointerConstant(Context, 116efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek Expr::NPC_ValueDependentIsNull)) 1174403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn return true; 1184403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn } 1194403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn } 1204403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn return false; 1214403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn} 12260800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner 1230eb23307222bda7ad95d968eac4e1ab30864b213Sebastian RedlAction::OwningExprResult 124d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders CarlssonSema::CheckBuiltinFunctionCall(unsigned BuiltinID, CallExpr *TheCall) { 1250eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl OwningExprResult TheCallResult(Owned(TheCall)); 1262def48394f6d48bde0dec2b514193c2b533265b5Douglas Gregor 127d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson switch (BuiltinID) { 12830ce344307f8a8b00054021307015571f83c7364Chris Lattner case Builtin::BI__builtin___CFStringMakeConstantString: 129925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner assert(TheCall->getNumArgs() == 1 && 1301b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner "Wrong # arguments to builtin CFStringMakeConstantString"); 131690398188ea5b428f06aa13c7d4ce6eb741ad4f9Chris Lattner if (CheckObjCString(TheCall->getArg(0))) 1320eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(); 133d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 13449ff7a1c8c67d56e62d3b4627463b705c0d5008cTed Kremenek case Builtin::BI__builtin_stdarg_start: 13530ce344307f8a8b00054021307015571f83c7364Chris Lattner case Builtin::BI__builtin_va_start: 1360eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl if (SemaBuiltinVAStart(TheCall)) 1370eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(); 138d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 1391b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner case Builtin::BI__builtin_isgreater: 1401b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner case Builtin::BI__builtin_isgreaterequal: 1411b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner case Builtin::BI__builtin_isless: 1421b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner case Builtin::BI__builtin_islessequal: 1431b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner case Builtin::BI__builtin_islessgreater: 1441b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner case Builtin::BI__builtin_isunordered: 1450eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl if (SemaBuiltinUnorderedCompare(TheCall)) 1460eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(); 147d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 148e771a7ac11fb27f0e734e5de4d858f2c268895e5Benjamin Kramer case Builtin::BI__builtin_fpclassify: 149e771a7ac11fb27f0e734e5de4d858f2c268895e5Benjamin Kramer if (SemaBuiltinFPClassification(TheCall, 6)) 150e771a7ac11fb27f0e734e5de4d858f2c268895e5Benjamin Kramer return ExprError(); 151e771a7ac11fb27f0e734e5de4d858f2c268895e5Benjamin Kramer break; 1529ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman case Builtin::BI__builtin_isfinite: 1539ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman case Builtin::BI__builtin_isinf: 1549ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman case Builtin::BI__builtin_isinf_sign: 1559ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman case Builtin::BI__builtin_isnan: 1569ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman case Builtin::BI__builtin_isnormal: 1573b1e26b708e8d00d4ba10ff857201bae2aff6baeBenjamin Kramer if (SemaBuiltinFPClassification(TheCall, 1)) 1589ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman return ExprError(); 1599ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman break; 1606cfda23b3768f93a6eb0b2a9135c8334a20125bbEli Friedman case Builtin::BI__builtin_return_address: 161691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher case Builtin::BI__builtin_frame_address: { 162691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher llvm::APSInt Result; 163691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher if (SemaBuiltinConstantArg(TheCall, 0, Result)) 1640eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(); 165d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 166691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher } 167691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher case Builtin::BI__builtin_eh_return_data_regno: { 168691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher llvm::APSInt Result; 169691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher if (SemaBuiltinConstantArg(TheCall, 0, Result)) 17021fb98ee003e992b0c4e204d98a19e0ef544cae3Chris Lattner return ExprError(); 17121fb98ee003e992b0c4e204d98a19e0ef544cae3Chris Lattner break; 172691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher } 173d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman case Builtin::BI__builtin_shufflevector: 1740eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return SemaBuiltinShuffleVector(TheCall); 1750eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl // TheCall will be freed by the smart pointer here, but that's fine, since 1760eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl // SemaBuiltinShuffleVector guts it, but then doesn't release it. 1774493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar case Builtin::BI__builtin_prefetch: 1780eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl if (SemaBuiltinPrefetch(TheCall)) 1790eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(); 180d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 181d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar case Builtin::BI__builtin_object_size: 1820eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl if (SemaBuiltinObjectSize(TheCall)) 1830eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(); 184d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 185d875fed28578835de89cd407e9db4be788596d7cEli Friedman case Builtin::BI__builtin_longjmp: 186d875fed28578835de89cd407e9db4be788596d7cEli Friedman if (SemaBuiltinLongjmp(TheCall)) 187d875fed28578835de89cd407e9db4be788596d7cEli Friedman return ExprError(); 188d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 1895caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_add: 1905caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_sub: 1915caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_or: 1925caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_and: 1935caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_xor: 1945caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_add_and_fetch: 1955caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_sub_and_fetch: 1965caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_and_and_fetch: 1975caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_or_and_fetch: 1985caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_xor_and_fetch: 1995caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_val_compare_and_swap: 2005caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_bool_compare_and_swap: 2015caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_lock_test_and_set: 2025caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_lock_release: 2035caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner if (SemaBuiltinAtomicOverloaded(TheCall)) 2045caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner return ExprError(); 205d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 20626a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman } 20726a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman 20826a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman // Since the target specific builtins for each arch overlap, only check those 20926a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman // of the arch we are compiling for. 21026a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman if (BuiltinID >= Builtin::FirstTSBuiltin) { 21126a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman switch (Context.Target.getTriple().getArch()) { 21226a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman case llvm::Triple::arm: 21326a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman case llvm::Triple::thumb: 21426a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman if (CheckARMBuiltinFunctionCall(BuiltinID, TheCall)) 21526a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman return ExprError(); 21626a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman break; 21726a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman case llvm::Triple::x86: 21826a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman case llvm::Triple::x86_64: 21926a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman if (CheckX86BuiltinFunctionCall(BuiltinID, TheCall)) 22026a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman return ExprError(); 22126a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman break; 22226a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman default: 22326a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman break; 22426a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman } 22526a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman } 22626a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman 22726a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman return move(TheCallResult); 22826a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman} 22926a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman 23026a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begemanbool Sema::CheckX86BuiltinFunctionCall(unsigned BuiltinID, CallExpr *TheCall) { 23126a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman switch (BuiltinID) { 232691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher case X86::BI__builtin_ia32_palignr128: 233691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher case X86::BI__builtin_ia32_palignr: { 234691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher llvm::APSInt Result; 235691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher if (SemaBuiltinConstantArg(TheCall, 2, Result)) 23626a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman return true; 237691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher break; 238691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher } 23971993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson } 24026a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman return false; 24126a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman} 2421eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 24326a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begemanbool Sema::CheckARMBuiltinFunctionCall(unsigned BuiltinID, CallExpr *TheCall) { 24426a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman // TODO: verify NEON intrinsic constant args. 24526a31428f130b66f61834d1b4d1cf72f590f70b9Nate Begeman return false; 246d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson} 247d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson 248d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson/// CheckFunctionCall - Check a direct function call for various correctness 249d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson/// and safety properties not strictly enforced by the C type system. 250d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlssonbool Sema::CheckFunctionCall(FunctionDecl *FDecl, CallExpr *TheCall) { 251d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson // Get the IdentifierInfo* for the called function. 252d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson IdentifierInfo *FnInfo = FDecl->getIdentifier(); 253de45428f923b38d80407dbb9ede0df504256f9f6Daniel Dunbar 254d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson // None of the checks below are needed for functions that don't have 255d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson // simple names (e.g., C++ conversion functions). 256d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson if (!FnInfo) 257d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson return false; 2581eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 259de45428f923b38d80407dbb9ede0df504256f9f6Daniel Dunbar // FIXME: This mechanism should be abstracted to be less fragile and 260de45428f923b38d80407dbb9ede0df504256f9f6Daniel Dunbar // more efficient. For example, just map function ids to custom 261de45428f923b38d80407dbb9ede0df504256f9f6Daniel Dunbar // handlers. 262de45428f923b38d80407dbb9ede0df504256f9f6Daniel Dunbar 26359907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner // Printf checking. 26440b598eea1310ec9ed554d56ce3e25b34c585458Argyrios Kyrtzidis if (const FormatAttr *Format = FDecl->getAttr<FormatAttr>()) { 2654403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn if (CheckablePrintfAttr(Format, TheCall)) { 2663d692df4b9c58895f9843b03543ec57447c93679Ted Kremenek bool HasVAListArg = Format->getFirstArg() == 0; 2673c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor CheckPrintfArguments(TheCall, HasVAListArg, Format->getFormatIdx() - 1, 2683d692df4b9c58895f9843b03543ec57447c93679Ted Kremenek HasVAListArg ? 0 : Format->getFirstArg() - 1); 2693c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor } 27059907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner } 2711eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 2721eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump for (const NonNullAttr *NonNull = FDecl->getAttr<NonNullAttr>(); NonNull; 273d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson NonNull = NonNull->getNext<NonNullAttr>()) 274d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson CheckNonNullArguments(NonNull, TheCall); 2750eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl 276d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson return false; 27771993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson} 27871993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson 279d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlssonbool Sema::CheckBlockCall(NamedDecl *NDecl, CallExpr *TheCall) { 280725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian // Printf checking. 28140b598eea1310ec9ed554d56ce3e25b34c585458Argyrios Kyrtzidis const FormatAttr *Format = NDecl->getAttr<FormatAttr>(); 282725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian if (!Format) 283d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson return false; 2841eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 285725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian const VarDecl *V = dyn_cast<VarDecl>(NDecl); 286725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian if (!V) 287d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson return false; 2881eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 289725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian QualType Ty = V->getType(); 290725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian if (!Ty->isBlockPointerType()) 291d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson return false; 2921eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 293d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson if (!CheckablePrintfAttr(Format, TheCall)) 294d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson return false; 2951eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 296d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson bool HasVAListArg = Format->getFirstArg() == 0; 297d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson CheckPrintfArguments(TheCall, HasVAListArg, Format->getFormatIdx() - 1, 298d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson HasVAListArg ? 0 : Format->getFirstArg() - 1); 299d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson 300d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson return false; 301725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian} 302725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian 3035caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// SemaBuiltinAtomicOverloaded - We have a call to a function like 3045caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// __sync_fetch_and_add, which is an overloaded function based on the pointer 3055caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// type of its first argument. The main ActOnCallExpr routines have already 3065caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// promoted the types of arguments because all of these calls are prototyped as 3075caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// void(...). 3085caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// 3095caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// This function goes through and does final semantic checking for these 3105caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// builtins, 3115caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattnerbool Sema::SemaBuiltinAtomicOverloaded(CallExpr *TheCall) { 3125caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner DeclRefExpr *DRE =cast<DeclRefExpr>(TheCall->getCallee()->IgnoreParenCasts()); 3135caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner FunctionDecl *FDecl = cast<FunctionDecl>(DRE->getDecl()); 3145caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner 3155caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Ensure that we have at least one argument to do type inference from. 3165caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner if (TheCall->getNumArgs() < 1) 317d77b9a29651d748f0e30a8dad8969635fc04f725Eric Christopher return Diag(TheCall->getLocEnd(), 318d77b9a29651d748f0e30a8dad8969635fc04f725Eric Christopher diag::err_typecheck_call_too_few_args_at_least) 319d77b9a29651d748f0e30a8dad8969635fc04f725Eric Christopher << 0 << 1 << TheCall->getNumArgs() 320d77b9a29651d748f0e30a8dad8969635fc04f725Eric Christopher << TheCall->getCallee()->getSourceRange(); 3211eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3225caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Inspect the first argument of the atomic builtin. This should always be 3235caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // a pointer type, whose element is an integral scalar or pointer type. 3245caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Because it is a pointer type, we don't have to worry about any implicit 3255caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // casts here. 3265caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner Expr *FirstArg = TheCall->getArg(0); 3275caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner if (!FirstArg->getType()->isPointerType()) 3285caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner return Diag(DRE->getLocStart(), diag::err_atomic_builtin_must_be_pointer) 3295caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner << FirstArg->getType() << FirstArg->getSourceRange(); 3301eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3316217b80b7a1379b74cced1c076338262c3c980b3Ted Kremenek QualType ValType = FirstArg->getType()->getAs<PointerType>()->getPointeeType(); 3321eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump if (!ValType->isIntegerType() && !ValType->isPointerType() && 3335caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner !ValType->isBlockPointerType()) 3345caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner return Diag(DRE->getLocStart(), 3355caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner diag::err_atomic_builtin_must_be_pointer_intptr) 3365caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner << FirstArg->getType() << FirstArg->getSourceRange(); 3375caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner 3385caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // We need to figure out which concrete builtin this maps onto. For example, 3395caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // __sync_fetch_and_add with a 2 byte object turns into 3405caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // __sync_fetch_and_add_2. 3415caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner#define BUILTIN_ROW(x) \ 3425caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner { Builtin::BI##x##_1, Builtin::BI##x##_2, Builtin::BI##x##_4, \ 3435caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner Builtin::BI##x##_8, Builtin::BI##x##_16 } 3441eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3455caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner static const unsigned BuiltinIndices[][5] = { 3465caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_fetch_and_add), 3475caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_fetch_and_sub), 3485caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_fetch_and_or), 3495caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_fetch_and_and), 3505caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_fetch_and_xor), 3511eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3525caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_add_and_fetch), 3535caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_sub_and_fetch), 3545caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_and_and_fetch), 3555caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_or_and_fetch), 3565caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_xor_and_fetch), 3571eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3585caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_val_compare_and_swap), 3595caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_bool_compare_and_swap), 3605caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_lock_test_and_set), 3615caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_lock_release) 3625caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner }; 3631eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump#undef BUILTIN_ROW 3641eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3655caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Determine the index of the size. 3665caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner unsigned SizeIndex; 367199c3d6cd16aebbb9c7f0d42af9d922c9628bf70Ken Dyck switch (Context.getTypeSizeInChars(ValType).getQuantity()) { 3685caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case 1: SizeIndex = 0; break; 3695caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case 2: SizeIndex = 1; break; 3705caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case 4: SizeIndex = 2; break; 3715caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case 8: SizeIndex = 3; break; 3725caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case 16: SizeIndex = 4; break; 3735caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner default: 3745caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner return Diag(DRE->getLocStart(), diag::err_atomic_builtin_pointer_size) 3755caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner << FirstArg->getType() << FirstArg->getSourceRange(); 3765caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner } 3771eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3785caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Each of these builtins has one pointer argument, followed by some number of 3795caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // values (0, 1 or 2) followed by a potentially empty varags list of stuff 3805caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // that we ignore. Find out which row of BuiltinIndices to read from as well 3815caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // as the number of fixed args. 3827814e6d6645d587891293d59ecf6576defcfac92Douglas Gregor unsigned BuiltinID = FDecl->getBuiltinID(); 3835caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner unsigned BuiltinIndex, NumFixed = 1; 3845caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner switch (BuiltinID) { 3855caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner default: assert(0 && "Unknown overloaded atomic builtin!"); 3865caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_add: BuiltinIndex = 0; break; 3875caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_sub: BuiltinIndex = 1; break; 3885caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_or: BuiltinIndex = 2; break; 3895caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_and: BuiltinIndex = 3; break; 3905caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_xor: BuiltinIndex = 4; break; 3911eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3927eff7c4153faf45b19b5919ef409ee5f6794eb25Daniel Dunbar case Builtin::BI__sync_add_and_fetch: BuiltinIndex = 5; break; 3937eff7c4153faf45b19b5919ef409ee5f6794eb25Daniel Dunbar case Builtin::BI__sync_sub_and_fetch: BuiltinIndex = 6; break; 3947eff7c4153faf45b19b5919ef409ee5f6794eb25Daniel Dunbar case Builtin::BI__sync_and_and_fetch: BuiltinIndex = 7; break; 3957eff7c4153faf45b19b5919ef409ee5f6794eb25Daniel Dunbar case Builtin::BI__sync_or_and_fetch: BuiltinIndex = 8; break; 3967eff7c4153faf45b19b5919ef409ee5f6794eb25Daniel Dunbar case Builtin::BI__sync_xor_and_fetch: BuiltinIndex = 9; break; 3971eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3985caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_val_compare_and_swap: 3997eff7c4153faf45b19b5919ef409ee5f6794eb25Daniel Dunbar BuiltinIndex = 10; 4005caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner NumFixed = 2; 4015caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner break; 4025caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_bool_compare_and_swap: 4037eff7c4153faf45b19b5919ef409ee5f6794eb25Daniel Dunbar BuiltinIndex = 11; 4045caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner NumFixed = 2; 4055caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner break; 4067eff7c4153faf45b19b5919ef409ee5f6794eb25Daniel Dunbar case Builtin::BI__sync_lock_test_and_set: BuiltinIndex = 12; break; 4075caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_lock_release: 4087eff7c4153faf45b19b5919ef409ee5f6794eb25Daniel Dunbar BuiltinIndex = 13; 4095caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner NumFixed = 0; 4105caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner break; 4115caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner } 4121eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4135caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Now that we know how many fixed arguments we expect, first check that we 4145caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // have at least that many. 4155caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner if (TheCall->getNumArgs() < 1+NumFixed) 416d77b9a29651d748f0e30a8dad8969635fc04f725Eric Christopher return Diag(TheCall->getLocEnd(), 417d77b9a29651d748f0e30a8dad8969635fc04f725Eric Christopher diag::err_typecheck_call_too_few_args_at_least) 418d77b9a29651d748f0e30a8dad8969635fc04f725Eric Christopher << 0 << 1+NumFixed << TheCall->getNumArgs() 419d77b9a29651d748f0e30a8dad8969635fc04f725Eric Christopher << TheCall->getCallee()->getSourceRange(); 4201eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4211eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 422e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner // Get the decl for the concrete builtin from this, we can tell what the 423e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner // concrete integer type we should convert to is. 424e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner unsigned NewBuiltinID = BuiltinIndices[BuiltinIndex][SizeIndex]; 425e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner const char *NewBuiltinName = Context.BuiltinInfo.GetName(NewBuiltinID); 426e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner IdentifierInfo *NewBuiltinII = PP.getIdentifierInfo(NewBuiltinName); 4271eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump FunctionDecl *NewBuiltinDecl = 428e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner cast<FunctionDecl>(LazilyCreateBuiltin(NewBuiltinII, NewBuiltinID, 429e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner TUScope, false, DRE->getLocStart())); 430e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner const FunctionProtoType *BuiltinFT = 431183700f494ec9b6701b6efe82bcb25f4c79ba561John McCall NewBuiltinDecl->getType()->getAs<FunctionProtoType>(); 4326217b80b7a1379b74cced1c076338262c3c980b3Ted Kremenek ValType = BuiltinFT->getArgType(0)->getAs<PointerType>()->getPointeeType(); 4331eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 434e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner // If the first type needs to be converted (e.g. void** -> int*), do it now. 435e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner if (BuiltinFT->getArgType(0) != FirstArg->getType()) { 43673c39abdbb79927605d740c93dd9629e3e4f9bfeEli Friedman ImpCastExprToType(FirstArg, BuiltinFT->getArgType(0), CastExpr::CK_BitCast); 437e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner TheCall->setArg(0, FirstArg); 438e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner } 4391eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4405caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Next, walk the valid ones promoting to the right type. 4415caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner for (unsigned i = 0; i != NumFixed; ++i) { 4425caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner Expr *Arg = TheCall->getArg(i+1); 4431eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4445caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // If the argument is an implicit cast, then there was a promotion due to 4455caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // "...", just remove it now. 4465caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner if (ImplicitCastExpr *ICE = dyn_cast<ImplicitCastExpr>(Arg)) { 4475caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner Arg = ICE->getSubExpr(); 4485caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner ICE->setSubExpr(0); 4495caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner ICE->Destroy(Context); 4505caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner TheCall->setArg(i+1, Arg); 4515caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner } 4521eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4535caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // GCC does an implicit conversion to the pointer or integer ValType. This 4545caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // can fail in some cases (1i -> int**), check for this error case now. 455cdb61979755c1c0699c1ee25eede9a50bf94d29bAnders Carlsson CastExpr::CastKind Kind = CastExpr::CK_Unknown; 4565cf86ba6b5a724bf91cb52feade1158f1fbeb605Anders Carlsson CXXBaseSpecifierArray BasePath; 4575cf86ba6b5a724bf91cb52feade1158f1fbeb605Anders Carlsson if (CheckCastTypes(Arg->getSourceRange(), ValType, Arg, Kind, BasePath)) 4585caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner return true; 4591eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4605caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Okay, we have something that *can* be converted to the right type. Check 4615caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // to see if there is a potentially weird extension going on here. This can 4625caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // happen when you do an atomic operation on something like an char* and 4635caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // pass in 42. The 42 gets converted to char. This is even more strange 4645caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // for things like 45.123 -> char, etc. 4651eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump // FIXME: Do this check. 46680971bdba20b5b280a00b7b9829026b33d3206f9Anders Carlsson ImpCastExprToType(Arg, ValType, Kind); 4675caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner TheCall->setArg(i+1, Arg); 4685caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner } 4691eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4705caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Switch the DeclRefExpr to refer to the new decl. 4715caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner DRE->setDecl(NewBuiltinDecl); 4725caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner DRE->setType(NewBuiltinDecl->getType()); 4731eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4745caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Set the callee in the CallExpr. 4755caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // FIXME: This leaks the original parens and implicit casts. 4765caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner Expr *PromotedCall = DRE; 4775caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner UsualUnaryConversions(PromotedCall); 4785caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner TheCall->setCallee(PromotedCall); 4791eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4805caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner 4815caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Change the result type of the call to match the result type of the decl. 4825caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner TheCall->setType(NewBuiltinDecl->getResultType()); 4835caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner return false; 4845caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner} 4855caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner 4865caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner 487690398188ea5b428f06aa13c7d4ce6eb741ad4f9Chris Lattner/// CheckObjCString - Checks that the argument to the builtin 48871993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson/// CFString constructor is correct 489fd942628abfe30e30427875db953222ae99b4325Steve Naroff/// FIXME: GCC currently emits the following warning: 4901eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump/// "warning: input conversion stopped due to an input byte that does not 491fd942628abfe30e30427875db953222ae99b4325Steve Naroff/// belong to the input codeset UTF-8" 492fd942628abfe30e30427875db953222ae99b4325Steve Naroff/// Note: It might also make sense to do the UTF-16 conversion here (would 493fd942628abfe30e30427875db953222ae99b4325Steve Naroff/// simplify the backend). 494690398188ea5b428f06aa13c7d4ce6eb741ad4f9Chris Lattnerbool Sema::CheckObjCString(Expr *Arg) { 49556f349400c5932a196509c0480ff6f99a9a0b48fChris Lattner Arg = Arg->IgnoreParenCasts(); 49671993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson StringLiteral *Literal = dyn_cast<StringLiteral>(Arg); 49771993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson 49871993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson if (!Literal || Literal->isWide()) { 499fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner Diag(Arg->getLocStart(), diag::err_cfstring_literal_not_string_constant) 500fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner << Arg->getSourceRange(); 5019cdc4d3834f203dcde3ff274b8928e4620a914d5Anders Carlsson return true; 50271993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson } 5031eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 504f015b034159d40e7033309e50036804eb1971787Daniel Dunbar const char *Data = Literal->getStrData(); 505f015b034159d40e7033309e50036804eb1971787Daniel Dunbar unsigned Length = Literal->getByteLength(); 506f015b034159d40e7033309e50036804eb1971787Daniel Dunbar 507f015b034159d40e7033309e50036804eb1971787Daniel Dunbar for (unsigned i = 0; i < Length; ++i) { 508f015b034159d40e7033309e50036804eb1971787Daniel Dunbar if (!Data[i]) { 509f015b034159d40e7033309e50036804eb1971787Daniel Dunbar Diag(getLocationOfStringLiteralByte(Literal, i), 510f015b034159d40e7033309e50036804eb1971787Daniel Dunbar diag::warn_cfstring_literal_contains_nul_character) 511f015b034159d40e7033309e50036804eb1971787Daniel Dunbar << Arg->getSourceRange(); 512f015b034159d40e7033309e50036804eb1971787Daniel Dunbar break; 513f015b034159d40e7033309e50036804eb1971787Daniel Dunbar } 514f015b034159d40e7033309e50036804eb1971787Daniel Dunbar } 5151eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 5169cdc4d3834f203dcde3ff274b8928e4620a914d5Anders Carlsson return false; 51759907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner} 51859907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner 519c27c665c88b49dfb212aedc7bab8b9bf67658b9eChris Lattner/// SemaBuiltinVAStart - Check the arguments to __builtin_va_start for validity. 520c27c665c88b49dfb212aedc7bab8b9bf67658b9eChris Lattner/// Emit an error and return true on failure, return false on success. 521925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattnerbool Sema::SemaBuiltinVAStart(CallExpr *TheCall) { 522925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner Expr *Fn = TheCall->getCallee(); 523925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner if (TheCall->getNumArgs() > 2) { 5242c21a073525cdfa68e4439b7af551385dc2796abChris Lattner Diag(TheCall->getArg(2)->getLocStart(), 525fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner diag::err_typecheck_call_too_many_args) 526ccfa9639f8d09733bcf1c2572c5bd3daba5bd632Eric Christopher << 0 /*function call*/ << 2 << TheCall->getNumArgs() 527ccfa9639f8d09733bcf1c2572c5bd3daba5bd632Eric Christopher << Fn->getSourceRange() 5281eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump << SourceRange(TheCall->getArg(2)->getLocStart(), 529fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner (*(TheCall->arg_end()-1))->getLocEnd()); 53030ce344307f8a8b00054021307015571f83c7364Chris Lattner return true; 53130ce344307f8a8b00054021307015571f83c7364Chris Lattner } 53256f20ae1010aa71defd7572f660b41288c56cdd1Eli Friedman 53356f20ae1010aa71defd7572f660b41288c56cdd1Eli Friedman if (TheCall->getNumArgs() < 2) { 534d77b9a29651d748f0e30a8dad8969635fc04f725Eric Christopher return Diag(TheCall->getLocEnd(), 535d77b9a29651d748f0e30a8dad8969635fc04f725Eric Christopher diag::err_typecheck_call_too_few_args_at_least) 536d77b9a29651d748f0e30a8dad8969635fc04f725Eric Christopher << 0 /*function call*/ << 2 << TheCall->getNumArgs(); 53756f20ae1010aa71defd7572f660b41288c56cdd1Eli Friedman } 53856f20ae1010aa71defd7572f660b41288c56cdd1Eli Friedman 539c27c665c88b49dfb212aedc7bab8b9bf67658b9eChris Lattner // Determine whether the current function is variadic or not. 5409ea9bdbc14374f7bacdb50d3e52c664ff12150ffDouglas Gregor BlockScopeInfo *CurBlock = getCurBlock(); 541c27c665c88b49dfb212aedc7bab8b9bf67658b9eChris Lattner bool isVariadic; 542cd9c51433c06705645d1ee5a13da3c9a72d7d025Steve Naroff if (CurBlock) 543c71a4915ca216847599d03cab4ed1c5086b0eb43John McCall isVariadic = CurBlock->TheDecl->isVariadic(); 5449498d388810d284d3970aef0d69fa4d069fd6cafTed Kremenek else if (FunctionDecl *FD = getCurFunctionDecl()) 5459498d388810d284d3970aef0d69fa4d069fd6cafTed Kremenek isVariadic = FD->isVariadic(); 5469498d388810d284d3970aef0d69fa4d069fd6cafTed Kremenek else 54753d0ea5f5bfa647ec23418bf3a3b7c183b51e4bdArgyrios Kyrtzidis isVariadic = getCurMethodDecl()->isVariadic(); 5481eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 549c27c665c88b49dfb212aedc7bab8b9bf67658b9eChris Lattner if (!isVariadic) { 55030ce344307f8a8b00054021307015571f83c7364Chris Lattner Diag(Fn->getLocStart(), diag::err_va_start_used_in_non_variadic_function); 55130ce344307f8a8b00054021307015571f83c7364Chris Lattner return true; 55230ce344307f8a8b00054021307015571f83c7364Chris Lattner } 5531eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 55430ce344307f8a8b00054021307015571f83c7364Chris Lattner // Verify that the second argument to the builtin is the last argument of the 55530ce344307f8a8b00054021307015571f83c7364Chris Lattner // current function or method. 55630ce344307f8a8b00054021307015571f83c7364Chris Lattner bool SecondArgIsLastNamedArgument = false; 557e2c14103dec39cbd24dac9d7b3e91277b109c14fAnders Carlsson const Expr *Arg = TheCall->getArg(1)->IgnoreParenCasts(); 5581eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 55988cf226caee50956ef47edd4d44cf7b80703a26cAnders Carlsson if (const DeclRefExpr *DR = dyn_cast<DeclRefExpr>(Arg)) { 56088cf226caee50956ef47edd4d44cf7b80703a26cAnders Carlsson if (const ParmVarDecl *PV = dyn_cast<ParmVarDecl>(DR->getDecl())) { 56130ce344307f8a8b00054021307015571f83c7364Chris Lattner // FIXME: This isn't correct for methods (results in bogus warning). 56230ce344307f8a8b00054021307015571f83c7364Chris Lattner // Get the last formal in the current function. 56388cf226caee50956ef47edd4d44cf7b80703a26cAnders Carlsson const ParmVarDecl *LastArg; 564cd9c51433c06705645d1ee5a13da3c9a72d7d025Steve Naroff if (CurBlock) 565cd9c51433c06705645d1ee5a13da3c9a72d7d025Steve Naroff LastArg = *(CurBlock->TheDecl->param_end()-1); 566cd9c51433c06705645d1ee5a13da3c9a72d7d025Steve Naroff else if (FunctionDecl *FD = getCurFunctionDecl()) 567371f258e61e1365b951b17931a3c5ac1530fd1a0Chris Lattner LastArg = *(FD->param_end()-1); 56830ce344307f8a8b00054021307015571f83c7364Chris Lattner else 56953d0ea5f5bfa647ec23418bf3a3b7c183b51e4bdArgyrios Kyrtzidis LastArg = *(getCurMethodDecl()->param_end()-1); 57030ce344307f8a8b00054021307015571f83c7364Chris Lattner SecondArgIsLastNamedArgument = PV == LastArg; 57130ce344307f8a8b00054021307015571f83c7364Chris Lattner } 57230ce344307f8a8b00054021307015571f83c7364Chris Lattner } 5731eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 57430ce344307f8a8b00054021307015571f83c7364Chris Lattner if (!SecondArgIsLastNamedArgument) 5751eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump Diag(TheCall->getArg(1)->getLocStart(), 57630ce344307f8a8b00054021307015571f83c7364Chris Lattner diag::warn_second_parameter_of_va_start_not_last_named_argument); 57730ce344307f8a8b00054021307015571f83c7364Chris Lattner return false; 5786cfda23b3768f93a6eb0b2a9135c8334a20125bbEli Friedman} 57930ce344307f8a8b00054021307015571f83c7364Chris Lattner 5801b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner/// SemaBuiltinUnorderedCompare - Handle functions like __builtin_isgreater and 5811b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner/// friends. This is declared to take (...), so we have to check everything. 582925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattnerbool Sema::SemaBuiltinUnorderedCompare(CallExpr *TheCall) { 583925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner if (TheCall->getNumArgs() < 2) 5842c21a073525cdfa68e4439b7af551385dc2796abChris Lattner return Diag(TheCall->getLocEnd(), diag::err_typecheck_call_too_few_args) 585d77b9a29651d748f0e30a8dad8969635fc04f725Eric Christopher << 0 << 2 << TheCall->getNumArgs()/*function call*/; 586925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner if (TheCall->getNumArgs() > 2) 5871eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump return Diag(TheCall->getArg(2)->getLocStart(), 588fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner diag::err_typecheck_call_too_many_args) 589ccfa9639f8d09733bcf1c2572c5bd3daba5bd632Eric Christopher << 0 /*function call*/ << 2 << TheCall->getNumArgs() 590fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner << SourceRange(TheCall->getArg(2)->getLocStart(), 591fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner (*(TheCall->arg_end()-1))->getLocEnd()); 5921eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 593925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner Expr *OrigArg0 = TheCall->getArg(0); 594925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner Expr *OrigArg1 = TheCall->getArg(1); 595cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor 5961b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner // Do standard promotions between the two arguments, returning their common 5971b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner // type. 598925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner QualType Res = UsualArithmeticConversions(OrigArg0, OrigArg1, false); 599403bc2bd9edffe51d73776643fa87696c9417678Daniel Dunbar 600403bc2bd9edffe51d73776643fa87696c9417678Daniel Dunbar // Make sure any conversions are pushed back into the call; this is 601403bc2bd9edffe51d73776643fa87696c9417678Daniel Dunbar // type safe since unordered compare builtins are declared as "_Bool 602403bc2bd9edffe51d73776643fa87696c9417678Daniel Dunbar // foo(...)". 603403bc2bd9edffe51d73776643fa87696c9417678Daniel Dunbar TheCall->setArg(0, OrigArg0); 604403bc2bd9edffe51d73776643fa87696c9417678Daniel Dunbar TheCall->setArg(1, OrigArg1); 6051eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 606cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (OrigArg0->isTypeDependent() || OrigArg1->isTypeDependent()) 607cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor return false; 608cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor 6091b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner // If the common type isn't a real floating type, then the arguments were 6101b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner // invalid for this operation. 6111b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner if (!Res->isRealFloatingType()) 6121eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump return Diag(OrigArg0->getLocStart(), 613fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner diag::err_typecheck_call_invalid_ordered_compare) 614d162584991885ab004a02573a73ce06422b921fcChris Lattner << OrigArg0->getType() << OrigArg1->getType() 615fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner << SourceRange(OrigArg0->getLocStart(), OrigArg1->getLocEnd()); 6161eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 6171b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner return false; 6181b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner} 6191b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner 620e771a7ac11fb27f0e734e5de4d858f2c268895e5Benjamin Kramer/// SemaBuiltinSemaBuiltinFPClassification - Handle functions like 621e771a7ac11fb27f0e734e5de4d858f2c268895e5Benjamin Kramer/// __builtin_isnan and friends. This is declared to take (...), so we have 6223b1e26b708e8d00d4ba10ff857201bae2aff6baeBenjamin Kramer/// to check everything. We expect the last argument to be a floating point 6233b1e26b708e8d00d4ba10ff857201bae2aff6baeBenjamin Kramer/// value. 6243b1e26b708e8d00d4ba10ff857201bae2aff6baeBenjamin Kramerbool Sema::SemaBuiltinFPClassification(CallExpr *TheCall, unsigned NumArgs) { 6253b1e26b708e8d00d4ba10ff857201bae2aff6baeBenjamin Kramer if (TheCall->getNumArgs() < NumArgs) 6269ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman return Diag(TheCall->getLocEnd(), diag::err_typecheck_call_too_few_args) 627d77b9a29651d748f0e30a8dad8969635fc04f725Eric Christopher << 0 << NumArgs << TheCall->getNumArgs()/*function call*/; 6283b1e26b708e8d00d4ba10ff857201bae2aff6baeBenjamin Kramer if (TheCall->getNumArgs() > NumArgs) 6293b1e26b708e8d00d4ba10ff857201bae2aff6baeBenjamin Kramer return Diag(TheCall->getArg(NumArgs)->getLocStart(), 6309ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman diag::err_typecheck_call_too_many_args) 631ccfa9639f8d09733bcf1c2572c5bd3daba5bd632Eric Christopher << 0 /*function call*/ << NumArgs << TheCall->getNumArgs() 6323b1e26b708e8d00d4ba10ff857201bae2aff6baeBenjamin Kramer << SourceRange(TheCall->getArg(NumArgs)->getLocStart(), 6339ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman (*(TheCall->arg_end()-1))->getLocEnd()); 6349ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman 6353b1e26b708e8d00d4ba10ff857201bae2aff6baeBenjamin Kramer Expr *OrigArg = TheCall->getArg(NumArgs-1); 6361eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 6379ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman if (OrigArg->isTypeDependent()) 6389ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman return false; 6399ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman 64081368fbfd6d57150f66c993dc9041d62a7a32c4fChris Lattner // This operation requires a non-_Complex floating-point number. 6419ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman if (!OrigArg->getType()->isRealFloatingType()) 6421eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump return Diag(OrigArg->getLocStart(), 6439ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman diag::err_typecheck_call_invalid_unary_fp) 6449ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman << OrigArg->getType() << OrigArg->getSourceRange(); 6451eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 64681368fbfd6d57150f66c993dc9041d62a7a32c4fChris Lattner // If this is an implicit conversion from float -> double, remove it. 64781368fbfd6d57150f66c993dc9041d62a7a32c4fChris Lattner if (ImplicitCastExpr *Cast = dyn_cast<ImplicitCastExpr>(OrigArg)) { 64881368fbfd6d57150f66c993dc9041d62a7a32c4fChris Lattner Expr *CastArg = Cast->getSubExpr(); 64981368fbfd6d57150f66c993dc9041d62a7a32c4fChris Lattner if (CastArg->getType()->isSpecificBuiltinType(BuiltinType::Float)) { 65081368fbfd6d57150f66c993dc9041d62a7a32c4fChris Lattner assert(Cast->getType()->isSpecificBuiltinType(BuiltinType::Double) && 65181368fbfd6d57150f66c993dc9041d62a7a32c4fChris Lattner "promotion from float to double is the only expected cast here"); 65281368fbfd6d57150f66c993dc9041d62a7a32c4fChris Lattner Cast->setSubExpr(0); 65381368fbfd6d57150f66c993dc9041d62a7a32c4fChris Lattner Cast->Destroy(Context); 65481368fbfd6d57150f66c993dc9041d62a7a32c4fChris Lattner TheCall->setArg(NumArgs-1, CastArg); 65581368fbfd6d57150f66c993dc9041d62a7a32c4fChris Lattner OrigArg = CastArg; 65681368fbfd6d57150f66c993dc9041d62a7a32c4fChris Lattner } 65781368fbfd6d57150f66c993dc9041d62a7a32c4fChris Lattner } 65881368fbfd6d57150f66c993dc9041d62a7a32c4fChris Lattner 6599ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman return false; 6609ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman} 6619ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman 662d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman/// SemaBuiltinShuffleVector - Handle __builtin_shufflevector. 663d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman// This is declared to take (...), so we have to check everything. 6640eb23307222bda7ad95d968eac4e1ab30864b213Sebastian RedlAction::OwningExprResult Sema::SemaBuiltinShuffleVector(CallExpr *TheCall) { 66537b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman if (TheCall->getNumArgs() < 2) 6660eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(Diag(TheCall->getLocEnd(), 667d77b9a29651d748f0e30a8dad8969635fc04f725Eric Christopher diag::err_typecheck_call_too_few_args_at_least) 66837b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman << 0 /*function call*/ << 2 << TheCall->getNumArgs() 669d77b9a29651d748f0e30a8dad8969635fc04f725Eric Christopher << TheCall->getSourceRange()); 670d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman 67137b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman // Determine which of the following types of shufflevector we're checking: 67237b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman // 1) unary, vector mask: (lhs, mask) 67337b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman // 2) binary, vector mask: (lhs, rhs, mask) 67437b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman // 3) binary, scalar mask: (lhs, rhs, index, ..., index) 67537b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman QualType resType = TheCall->getArg(0)->getType(); 67637b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman unsigned numElements = 0; 67737b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman 678cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (!TheCall->getArg(0)->isTypeDependent() && 679cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor !TheCall->getArg(1)->isTypeDependent()) { 68037b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman QualType LHSType = TheCall->getArg(0)->getType(); 68137b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman QualType RHSType = TheCall->getArg(1)->getType(); 68237b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman 68337b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman if (!LHSType->isVectorType() || !RHSType->isVectorType()) { 684cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor Diag(TheCall->getLocStart(), diag::err_shufflevector_non_vector) 6851eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump << SourceRange(TheCall->getArg(0)->getLocStart(), 686cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor TheCall->getArg(1)->getLocEnd()); 687cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor return ExprError(); 688cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor } 68937b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman 69037b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman numElements = LHSType->getAs<VectorType>()->getNumElements(); 69137b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman unsigned numResElements = TheCall->getNumArgs() - 2; 69237b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman 69337b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman // Check to see if we have a call with 2 vector arguments, the unary shuffle 69437b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman // with mask. If so, verify that RHS is an integer vector type with the 69537b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman // same number of elts as lhs. 69637b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman if (TheCall->getNumArgs() == 2) { 69737b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman if (!RHSType->isIntegerType() || 69837b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman RHSType->getAs<VectorType>()->getNumElements() != numElements) 69937b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman Diag(TheCall->getLocStart(), diag::err_shufflevector_incompatible_vector) 70037b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman << SourceRange(TheCall->getArg(1)->getLocStart(), 70137b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman TheCall->getArg(1)->getLocEnd()); 70237b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman numResElements = numElements; 70337b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman } 70437b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman else if (!Context.hasSameUnqualifiedType(LHSType, RHSType)) { 705cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor Diag(TheCall->getLocStart(), diag::err_shufflevector_incompatible_vector) 7061eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump << SourceRange(TheCall->getArg(0)->getLocStart(), 707cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor TheCall->getArg(1)->getLocEnd()); 708cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor return ExprError(); 70937b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman } else if (numElements != numResElements) { 71037b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman QualType eltType = LHSType->getAs<VectorType>()->getElementType(); 71137b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman resType = Context.getVectorType(eltType, numResElements, false, false); 712cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor } 713d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman } 714d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman 715d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman for (unsigned i = 2; i < TheCall->getNumArgs(); i++) { 716cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (TheCall->getArg(i)->isTypeDependent() || 717cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor TheCall->getArg(i)->isValueDependent()) 718cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor continue; 719cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor 72037b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman llvm::APSInt Result(32); 72137b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman if (!TheCall->getArg(i)->isIntegerConstantExpr(Result, Context)) 72237b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman return ExprError(Diag(TheCall->getLocStart(), 72337b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman diag::err_shufflevector_nonconstant_argument) 72437b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman << TheCall->getArg(i)->getSourceRange()); 7250eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl 726d1a0b6d3dfb208f638d3d750b588d9c0daa49289Chris Lattner if (Result.getActiveBits() > 64 || Result.getZExtValue() >= numElements*2) 7270eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(Diag(TheCall->getLocStart(), 728fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner diag::err_shufflevector_argument_too_large) 7290eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl << TheCall->getArg(i)->getSourceRange()); 730d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman } 731d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman 732d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman llvm::SmallVector<Expr*, 32> exprs; 733d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman 734d1a0b6d3dfb208f638d3d750b588d9c0daa49289Chris Lattner for (unsigned i = 0, e = TheCall->getNumArgs(); i != e; i++) { 735d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman exprs.push_back(TheCall->getArg(i)); 736d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman TheCall->setArg(i, 0); 737d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman } 738d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman 739a88dc3079bedf70a5cfc39791727e43a10383006Nate Begeman return Owned(new (Context) ShuffleVectorExpr(Context, exprs.begin(), 74037b6a5731a47f811d754f0d48aa93edf30e30513Nate Begeman exprs.size(), resType, 7418189cde56b4f6f938cd65f53c932fe1860d0204cTed Kremenek TheCall->getCallee()->getLocStart(), 7428189cde56b4f6f938cd65f53c932fe1860d0204cTed Kremenek TheCall->getRParenLoc())); 743d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman} 74430ce344307f8a8b00054021307015571f83c7364Chris Lattner 7454493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar/// SemaBuiltinPrefetch - Handle __builtin_prefetch. 7464493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar// This is declared to take (const void*, ...) and can take two 7474493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar// optional constant int args. 7484493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbarbool Sema::SemaBuiltinPrefetch(CallExpr *TheCall) { 749fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner unsigned NumArgs = TheCall->getNumArgs(); 7504493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar 751fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner if (NumArgs > 3) 752ccfa9639f8d09733bcf1c2572c5bd3daba5bd632Eric Christopher return Diag(TheCall->getLocEnd(), 753ccfa9639f8d09733bcf1c2572c5bd3daba5bd632Eric Christopher diag::err_typecheck_call_too_many_args_at_most) 754ccfa9639f8d09733bcf1c2572c5bd3daba5bd632Eric Christopher << 0 /*function call*/ << 3 << NumArgs 755ccfa9639f8d09733bcf1c2572c5bd3daba5bd632Eric Christopher << TheCall->getSourceRange(); 7564493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar 7574493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar // Argument 0 is checked for us and the remaining arguments must be 7584493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar // constant integers. 759fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner for (unsigned i = 1; i != NumArgs; ++i) { 7604493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar Expr *Arg = TheCall->getArg(i); 761691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher 7629aef7263d84d9224575e113878cfbb06b8343cbfEli Friedman llvm::APSInt Result; 763691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher if (SemaBuiltinConstantArg(TheCall, i, Result)) 764691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher return true; 7651eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 7664493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar // FIXME: gcc issues a warning and rewrites these to 0. These 7674493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar // seems especially odd for the third argument since the default 7684493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar // is 3. 769fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner if (i == 1) { 7709aef7263d84d9224575e113878cfbb06b8343cbfEli Friedman if (Result.getLimitedValue() > 1) 771fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner return Diag(TheCall->getLocStart(), diag::err_argument_invalid_range) 77221fb98ee003e992b0c4e204d98a19e0ef544cae3Chris Lattner << "0" << "1" << Arg->getSourceRange(); 7734493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar } else { 7749aef7263d84d9224575e113878cfbb06b8343cbfEli Friedman if (Result.getLimitedValue() > 3) 775fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner return Diag(TheCall->getLocStart(), diag::err_argument_invalid_range) 77621fb98ee003e992b0c4e204d98a19e0ef544cae3Chris Lattner << "0" << "3" << Arg->getSourceRange(); 7774493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar } 7784493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar } 7794493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar 780fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner return false; 7814493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar} 7824493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar 783691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher/// SemaBuiltinConstantArg - Handle a check if argument ArgNum of CallExpr 784691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher/// TheCall is a constant expression. 785691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopherbool Sema::SemaBuiltinConstantArg(CallExpr *TheCall, int ArgNum, 786691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher llvm::APSInt &Result) { 787691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher Expr *Arg = TheCall->getArg(ArgNum); 788691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher DeclRefExpr *DRE =cast<DeclRefExpr>(TheCall->getCallee()->IgnoreParenCasts()); 789691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher FunctionDecl *FDecl = cast<FunctionDecl>(DRE->getDecl()); 790691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher 791691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher if (Arg->isTypeDependent() || Arg->isValueDependent()) return false; 792691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher 793691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher if (!Arg->isIntegerConstantExpr(Result, Context)) 794691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher return Diag(TheCall->getLocStart(), diag::err_constant_integer_arg_type) 7955e8965525282a48fd34af05183b8c3705a5b00d5Eric Christopher << FDecl->getDeclName() << Arg->getSourceRange(); 796691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher 79721fb98ee003e992b0c4e204d98a19e0ef544cae3Chris Lattner return false; 79821fb98ee003e992b0c4e204d98a19e0ef544cae3Chris Lattner} 79921fb98ee003e992b0c4e204d98a19e0ef544cae3Chris Lattner 800d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar/// SemaBuiltinObjectSize - Handle __builtin_object_size(void *ptr, 801d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar/// int type). This simply type checks that type is one of the defined 802d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar/// constants (0-3). 803fee667f35e64751baa7fefe70b4e7bab06c8cd86Eric Christopher// For compatability check 0-3, llvm only handles 0 and 2. 804d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbarbool Sema::SemaBuiltinObjectSize(CallExpr *TheCall) { 805691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher llvm::APSInt Result; 806691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher 807691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher // Check constant-ness first. 808691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher if (SemaBuiltinConstantArg(TheCall, 1, Result)) 809691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher return true; 810d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar 811691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher Expr *Arg = TheCall->getArg(1); 812d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar if (Result.getSExtValue() < 0 || Result.getSExtValue() > 3) { 813fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner return Diag(TheCall->getLocStart(), diag::err_argument_invalid_range) 814fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner << "0" << "3" << SourceRange(Arg->getLocStart(), Arg->getLocEnd()); 815d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar } 816d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar 817d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar return false; 818d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar} 819d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar 820586d6a81428da2d1ce70bcb98df29d749361cbf3Eli Friedman/// SemaBuiltinLongjmp - Handle __builtin_longjmp(void *env[5], int val). 821d875fed28578835de89cd407e9db4be788596d7cEli Friedman/// This checks that val is a constant 1. 822d875fed28578835de89cd407e9db4be788596d7cEli Friedmanbool Sema::SemaBuiltinLongjmp(CallExpr *TheCall) { 823d875fed28578835de89cd407e9db4be788596d7cEli Friedman Expr *Arg = TheCall->getArg(1); 824691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher llvm::APSInt Result; 825cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor 826691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher // TODO: This is less than ideal. Overload this to take a value. 827691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher if (SemaBuiltinConstantArg(TheCall, 1, Result)) 828691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher return true; 829691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher 830691ebc3f3225542e5abd85e107ebdbec907cf510Eric Christopher if (Result != 1) 831d875fed28578835de89cd407e9db4be788596d7cEli Friedman return Diag(TheCall->getLocStart(), diag::err_builtin_longjmp_invalid_val) 832d875fed28578835de89cd407e9db4be788596d7cEli Friedman << SourceRange(Arg->getLocStart(), Arg->getLocEnd()); 833d875fed28578835de89cd407e9db4be788596d7cEli Friedman 834d875fed28578835de89cd407e9db4be788596d7cEli Friedman return false; 835d875fed28578835de89cd407e9db4be788596d7cEli Friedman} 836d875fed28578835de89cd407e9db4be788596d7cEli Friedman 837d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek// Handle i > 1 ? "x" : "y", recursivelly 838082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenekbool Sema::SemaCheckStringLiteral(const Expr *E, const CallExpr *TheCall, 839082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek bool HasVAListArg, 8403c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor unsigned format_idx, unsigned firstDataArg) { 841cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (E->isTypeDependent() || E->isValueDependent()) 842cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor return false; 843d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek 844d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek switch (E->getStmtClass()) { 845d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek case Stmt::ConditionalOperatorClass: { 846082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const ConditionalOperator *C = cast<ConditionalOperator>(E); 847813b70d6db54dbf149cfaa14ec7502142121d86fChris Lattner return SemaCheckStringLiteral(C->getTrueExpr(), TheCall, 8483c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor HasVAListArg, format_idx, firstDataArg) 849d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek && SemaCheckStringLiteral(C->getRHS(), TheCall, 8503c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor HasVAListArg, format_idx, firstDataArg); 851d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek } 852d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek 853d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek case Stmt::ImplicitCastExprClass: { 854082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const ImplicitCastExpr *Expr = cast<ImplicitCastExpr>(E); 855d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek return SemaCheckStringLiteral(Expr->getSubExpr(), TheCall, HasVAListArg, 8563c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor format_idx, firstDataArg); 857d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek } 858d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek 859d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek case Stmt::ParenExprClass: { 860082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const ParenExpr *Expr = cast<ParenExpr>(E); 861d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek return SemaCheckStringLiteral(Expr->getSubExpr(), TheCall, HasVAListArg, 8623c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor format_idx, firstDataArg); 863d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek } 8641eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 865082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek case Stmt::DeclRefExprClass: { 866082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const DeclRefExpr *DR = cast<DeclRefExpr>(E); 8671eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 868082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek // As an exception, do not flag errors for variables binding to 869082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek // const string literals. 870082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek if (const VarDecl *VD = dyn_cast<VarDecl>(DR->getDecl())) { 871082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek bool isConstant = false; 872082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek QualType T = DR->getType(); 873082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek 874082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek if (const ArrayType *AT = Context.getAsArrayType(T)) { 875082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek isConstant = AT->getElementType().isConstant(Context); 876ac5fc7c6bcb494b60fee7ce615ac931c5db6135eMike Stump } else if (const PointerType *PT = T->getAs<PointerType>()) { 8771eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump isConstant = T.isConstant(Context) && 878082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek PT->getPointeeType().isConstant(Context); 879082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek } 8801eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 881082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek if (isConstant) { 88231310a21fb2a9f13950f864f681c86080b05d5b2Sebastian Redl if (const Expr *Init = VD->getAnyInitializer()) 883082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek return SemaCheckStringLiteral(Init, TheCall, 884082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek HasVAListArg, format_idx, firstDataArg); 885082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek } 8861eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 887d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // For vprintf* functions (i.e., HasVAListArg==true), we add a 888d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // special check to see if the format string is a function parameter 889d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // of the function calling the printf function. If the function 890d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // has an attribute indicating it is a printf-like function, then we 891d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // should suppress warnings concerning non-literals being used in a call 892d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // to a vprintf function. For example: 893d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // 894d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // void 895d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // logmessage(char const *fmt __attribute__ (format (printf, 1, 2)), ...){ 896d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // va_list ap; 897d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // va_start(ap, fmt); 898d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // vprintf(fmt, ap); // Do NOT emit a warning about "fmt". 899d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // ... 900d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // 901d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // 902d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // FIXME: We don't have full attribute support yet, so just check to see 903d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // if the argument is a DeclRefExpr that references a parameter. We'll 904d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // add proper support for checking the attribute later. 905d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson if (HasVAListArg) 906d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson if (isa<ParmVarDecl>(VD)) 907d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson return true; 908082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek } 9091eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 910082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek return false; 911082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek } 912d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek 9138f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson case Stmt::CallExprClass: { 9148f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson const CallExpr *CE = cast<CallExpr>(E); 9151eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump if (const ImplicitCastExpr *ICE 9168f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson = dyn_cast<ImplicitCastExpr>(CE->getCallee())) { 9178f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson if (const DeclRefExpr *DRE = dyn_cast<DeclRefExpr>(ICE->getSubExpr())) { 9188f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson if (const FunctionDecl *FD = dyn_cast<FunctionDecl>(DRE->getDecl())) { 91940b598eea1310ec9ed554d56ce3e25b34c585458Argyrios Kyrtzidis if (const FormatArgAttr *FA = FD->getAttr<FormatArgAttr>()) { 9208f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson unsigned ArgIndex = FA->getFormatIdx(); 9218f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson const Expr *Arg = CE->getArg(ArgIndex - 1); 9221eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 9231eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump return SemaCheckStringLiteral(Arg, TheCall, HasVAListArg, 9248f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson format_idx, firstDataArg); 9258f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson } 9268f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson } 9278f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson } 9288f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson } 9291eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 9308f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson return false; 9318f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson } 932082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek case Stmt::ObjCStringLiteralClass: 933082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek case Stmt::StringLiteralClass: { 934082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const StringLiteral *StrE = NULL; 9351eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 936082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek if (const ObjCStringLiteral *ObjCFExpr = dyn_cast<ObjCStringLiteral>(E)) 937d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek StrE = ObjCFExpr->getString(); 938d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek else 939082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek StrE = cast<StringLiteral>(E); 9401eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 941d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek if (StrE) { 9421eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump CheckPrintfString(StrE, E, TheCall, HasVAListArg, format_idx, 9433c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor firstDataArg); 944d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek return true; 945d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek } 9461eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 947d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek return false; 948d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek } 9491eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 950082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek default: 951082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek return false; 952d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek } 953d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek} 954d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek 955e898f8a94947c6074d76ff83943b47d5bbdf210dFariborz Jahanianvoid 9561eb4433ac451dc16f4133a88af2d002ac26c58efMike StumpSema::CheckNonNullArguments(const NonNullAttr *NonNull, 9571eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump const CallExpr *TheCall) { 958e898f8a94947c6074d76ff83943b47d5bbdf210dFariborz Jahanian for (NonNullAttr::iterator i = NonNull->begin(), e = NonNull->end(); 959e898f8a94947c6074d76ff83943b47d5bbdf210dFariborz Jahanian i != e; ++i) { 96012b97ff9ce1412e388444f03049bfa6ad1bb5eb9Chris Lattner const Expr *ArgExpr = TheCall->getArg(*i); 9614e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek if (ArgExpr->isNullPointerConstant(Context, 962ce94049b69f75b44c18584fe79cd238978b6b0d5Douglas Gregor Expr::NPC_ValueDependentIsNotNull)) 96312b97ff9ce1412e388444f03049bfa6ad1bb5eb9Chris Lattner Diag(TheCall->getCallee()->getLocStart(), diag::warn_null_arg) 96412b97ff9ce1412e388444f03049bfa6ad1bb5eb9Chris Lattner << ArgExpr->getSourceRange(); 965e898f8a94947c6074d76ff83943b47d5bbdf210dFariborz Jahanian } 966e898f8a94947c6074d76ff83943b47d5bbdf210dFariborz Jahanian} 967d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek 96859907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner/// CheckPrintfArguments - Check calls to printf (and similar functions) for 9691eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump/// correct use of format strings. 97071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 97171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// HasVAListArg - A predicate indicating whether the printf-like 97271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// function is passed an explicit va_arg argument (e.g., vprintf) 97371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 97471895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// format_idx - The index into Args for the format string. 97571895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 97671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// Improper format strings to functions in the printf family can be 97771895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// the source of bizarre bugs and very serious security holes. A 97871895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// good source of information is available in the following paper 97971895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (which includes additional references): 98059907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner/// 98159907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner/// FormatGuard: Automatic Protection From printf Format String 98259907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner/// Vulnerabilities, Proceedings of the 10th USENIX Security Symposium, 2001. 98371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 9847f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek/// TODO: 98571895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// Functionality implemented: 98671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 98771895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// We can statically check the following properties for string 98871895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// literal format strings for non v.*printf functions (where the 98971895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// arguments are passed directly): 99071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek// 99171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (1) Are the number of format conversions equal to the number of 99271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// data arguments? 99371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 99471895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (2) Does each format conversion correctly match the type of the 9957f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek/// corresponding data argument? 99671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 99771895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// Moreover, for all printf functions we can: 99871895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 99971895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (3) Check for a missing format string (when not caught by type checking). 100071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 100171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (4) Check for no-operation flags; e.g. using "#" with format 100271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// conversion 'c' (TODO) 100371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 100471895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (5) Check the use of '%n', a major source of security holes. 100571895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 100671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (6) Check for malformed format conversions that don't specify anything. 100771895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 100871895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (7) Check for empty format strings. e.g: printf(""); 100971895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 101071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (8) Check that the format string is a wide literal. 101171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 101271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// All of these checks can be done by parsing the format string. 101371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 101459907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattnervoid 10151eb4433ac451dc16f4133a88af2d002ac26c58efMike StumpSema::CheckPrintfArguments(const CallExpr *TheCall, bool HasVAListArg, 10163c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor unsigned format_idx, unsigned firstDataArg) { 1017082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const Expr *Fn = TheCall->getCallee(); 1018925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner 10194a2614e94672c47395abcde60518776fbebec589Sebastian Redl // The way the format attribute works in GCC, the implicit this argument 10204a2614e94672c47395abcde60518776fbebec589Sebastian Redl // of member functions is counted. However, it doesn't appear in our own 10214a2614e94672c47395abcde60518776fbebec589Sebastian Redl // lists, so decrement format_idx in that case. 10224a2614e94672c47395abcde60518776fbebec589Sebastian Redl if (isa<CXXMemberCallExpr>(TheCall)) { 10234a2614e94672c47395abcde60518776fbebec589Sebastian Redl // Catch a format attribute mistakenly referring to the object argument. 10244a2614e94672c47395abcde60518776fbebec589Sebastian Redl if (format_idx == 0) 10254a2614e94672c47395abcde60518776fbebec589Sebastian Redl return; 10264a2614e94672c47395abcde60518776fbebec589Sebastian Redl --format_idx; 10274a2614e94672c47395abcde60518776fbebec589Sebastian Redl if(firstDataArg != 0) 10284a2614e94672c47395abcde60518776fbebec589Sebastian Redl --firstDataArg; 10294a2614e94672c47395abcde60518776fbebec589Sebastian Redl } 10304a2614e94672c47395abcde60518776fbebec589Sebastian Redl 10311eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump // CHECK: printf-like function is called with no format string. 1032925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner if (format_idx >= TheCall->getNumArgs()) { 1033dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner Diag(TheCall->getRParenLoc(), diag::warn_printf_missing_format_string) 1034dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner << Fn->getSourceRange(); 103571895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek return; 103671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek } 10371eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1038082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const Expr *OrigFormatExpr = TheCall->getArg(format_idx)->IgnoreParenCasts(); 10391eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 104059907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner // CHECK: format string is not a string literal. 10411eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump // 104271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // Dynamically generated format strings are difficult to 104371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // automatically vet at compile time. Requiring that format strings 104471895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // are string literals: (1) permits the checking of format strings by 104571895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // the compiler and thereby (2) can practically remove the source of 104671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // many format string exploits. 10477ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek 10481eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump // Format string can be either ObjC string (e.g. @"%d") or 10497ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek // C string (e.g. "%d") 10501eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump // ObjC string uses the same format specifiers as C string, so we can use 10517ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek // the same format string checking logic for both ObjC and C strings. 10521cd3e1f72c3a1c256fb6a5c3d4512bca1f1b751dChris Lattner if (SemaCheckStringLiteral(OrigFormatExpr, TheCall, HasVAListArg, format_idx, 10531cd3e1f72c3a1c256fb6a5c3d4512bca1f1b751dChris Lattner firstDataArg)) 10541cd3e1f72c3a1c256fb6a5c3d4512bca1f1b751dChris Lattner return; // Literal format string found, check done! 10551cd3e1f72c3a1c256fb6a5c3d4512bca1f1b751dChris Lattner 1056655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner // If there are no arguments specified, warn with -Wformat-security, otherwise 1057655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner // warn only with -Wformat-nonliteral. 1058655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner if (TheCall->getNumArgs() == format_idx+1) 10591eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump Diag(TheCall->getArg(format_idx)->getLocStart(), 1060655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner diag::warn_printf_nonliteral_noargs) 1061655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner << OrigFormatExpr->getSourceRange(); 1062655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner else 10631eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump Diag(TheCall->getArg(format_idx)->getLocStart(), 1064655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner diag::warn_printf_nonliteral) 1065655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner << OrigFormatExpr->getSourceRange(); 1066d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek} 1067d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek 1068e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremeneknamespace { 106974d56a168966ff015824279a24aaf566180ed97dTed Kremenekclass CheckPrintfHandler : public analyze_printf::FormatStringHandler { 1070e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek Sema &S; 1071e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek const StringLiteral *FExpr; 1072e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek const Expr *OrigFormatExpr; 10736ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek const unsigned FirstDataArg; 1074e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek const unsigned NumDataArgs; 1075e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek const bool IsObjCLiteral; 1076e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek const char *Beg; // Start of format string. 10770d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek const bool HasVAListArg; 10780d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek const CallExpr *TheCall; 10790d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek unsigned FormatIdx; 10807f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek llvm::BitVector CoveredArgs; 1081efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek bool usesPositionalArgs; 1082efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek bool atFirstArg; 10834e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenekpublic: 1084e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek CheckPrintfHandler(Sema &s, const StringLiteral *fexpr, 10856ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek const Expr *origFormatExpr, unsigned firstDataArg, 1086e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek unsigned numDataArgs, bool isObjCLiteral, 10870d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek const char *beg, bool hasVAListArg, 10880d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek const CallExpr *theCall, unsigned formatIdx) 1089e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek : S(s), FExpr(fexpr), OrigFormatExpr(origFormatExpr), 10906ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek FirstDataArg(firstDataArg), 10917f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek NumDataArgs(numDataArgs), 10920d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek IsObjCLiteral(isObjCLiteral), Beg(beg), 10930d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek HasVAListArg(hasVAListArg), 1094efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek TheCall(theCall), FormatIdx(formatIdx), 1095efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek usesPositionalArgs(false), atFirstArg(true) { 10967f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek CoveredArgs.resize(numDataArgs); 10977f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek CoveredArgs.reset(); 10987f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek } 10994e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 110007d161f38e708a91486bf1c031d525faebbb249dTed Kremenek void DoneProcessing(); 11014e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 1102808015a18bd97781ce437831a95a92fdfc8d5136Ted Kremenek void HandleIncompleteFormatSpecifier(const char *startSpecifier, 1103808015a18bd97781ce437831a95a92fdfc8d5136Ted Kremenek unsigned specifierLen); 11044e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 11057f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek bool 110674d56a168966ff015824279a24aaf566180ed97dTed Kremenek HandleInvalidConversionSpecifier(const analyze_printf::FormatSpecifier &FS, 110774d56a168966ff015824279a24aaf566180ed97dTed Kremenek const char *startSpecifier, 110874d56a168966ff015824279a24aaf566180ed97dTed Kremenek unsigned specifierLen); 11094e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 1110efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek virtual void HandleInvalidPosition(const char *startSpecifier, 1111efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek unsigned specifierLen, 1112efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek analyze_printf::PositionContext p); 1113efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek 1114efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek virtual void HandleZeroPosition(const char *startPos, unsigned posLen); 1115efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek 1116e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek void HandleNullChar(const char *nullCharacter); 11174e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 1118e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek bool HandleFormatSpecifier(const analyze_printf::FormatSpecifier &FS, 1119e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek const char *startSpecifier, 1120e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek unsigned specifierLen); 1121e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenekprivate: 1122f88c8e02da48afea6a04091f675af5c4facd99f1Ted Kremenek SourceRange getFormatStringRange(); 1123f88c8e02da48afea6a04091f675af5c4facd99f1Ted Kremenek SourceRange getFormatSpecifierRange(const char *startSpecifier, 11240e5675de2b67eeca754754ae8d3dacba425a38e8Ted Kremenek unsigned specifierLen); 1125e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek SourceLocation getLocationOfByte(const char *x); 11264e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 1127efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek bool HandleAmount(const analyze_printf::OptionalAmount &Amt, unsigned k, 1128efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek const char *startSpecifier, unsigned specifierLen); 11295c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek void HandleFlags(const analyze_printf::FormatSpecifier &FS, 11305c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek llvm::StringRef flag, llvm::StringRef cspec, 11315c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek const char *startSpecifier, unsigned specifierLen); 11324e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 11330d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek const Expr *getDataArg(unsigned i) const; 1134e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek}; 1135e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek} 1136e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek 1137f88c8e02da48afea6a04091f675af5c4facd99f1Ted KremenekSourceRange CheckPrintfHandler::getFormatStringRange() { 1138e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek return OrigFormatExpr->getSourceRange(); 1139e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek} 1140e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek 1141f88c8e02da48afea6a04091f675af5c4facd99f1Ted KremenekSourceRange CheckPrintfHandler:: 1142f88c8e02da48afea6a04091f675af5c4facd99f1Ted KremenekgetFormatSpecifierRange(const char *startSpecifier, unsigned specifierLen) { 1143f88c8e02da48afea6a04091f675af5c4facd99f1Ted Kremenek return SourceRange(getLocationOfByte(startSpecifier), 11440e5675de2b67eeca754754ae8d3dacba425a38e8Ted Kremenek getLocationOfByte(startSpecifier+specifierLen-1)); 1145f88c8e02da48afea6a04091f675af5c4facd99f1Ted Kremenek} 1146f88c8e02da48afea6a04091f675af5c4facd99f1Ted Kremenek 1147e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted KremenekSourceLocation CheckPrintfHandler::getLocationOfByte(const char *x) { 11484e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek return S.getLocationOfStringLiteralByte(FExpr, x - Beg); 1149e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek} 1150e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek 115126ac2e07b46bfb4d4f00752c96481c0a98c79c69Ted Kremenekvoid CheckPrintfHandler:: 1152808015a18bd97781ce437831a95a92fdfc8d5136Ted KremenekHandleIncompleteFormatSpecifier(const char *startSpecifier, 11534e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek unsigned specifierLen) { 1154808015a18bd97781ce437831a95a92fdfc8d5136Ted Kremenek SourceLocation Loc = getLocationOfByte(startSpecifier); 1155808015a18bd97781ce437831a95a92fdfc8d5136Ted Kremenek S.Diag(Loc, diag::warn_printf_incomplete_specifier) 1156f88c8e02da48afea6a04091f675af5c4facd99f1Ted Kremenek << getFormatSpecifierRange(startSpecifier, specifierLen); 1157808015a18bd97781ce437831a95a92fdfc8d5136Ted Kremenek} 1158808015a18bd97781ce437831a95a92fdfc8d5136Ted Kremenek 1159efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenekvoid 1160efaff195ba1fa55b6fe0b0b2435b81451387d241Ted KremenekCheckPrintfHandler::HandleInvalidPosition(const char *startPos, unsigned posLen, 1161efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek analyze_printf::PositionContext p) { 1162efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek SourceLocation Loc = getLocationOfByte(startPos); 1163efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek S.Diag(Loc, diag::warn_printf_invalid_positional_specifier) 1164efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek << (unsigned) p << getFormatSpecifierRange(startPos, posLen); 1165efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek} 1166efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek 1167efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenekvoid CheckPrintfHandler::HandleZeroPosition(const char *startPos, 1168efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek unsigned posLen) { 1169efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek SourceLocation Loc = getLocationOfByte(startPos); 1170efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek S.Diag(Loc, diag::warn_printf_zero_positional_specifier) 1171efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek << getFormatSpecifierRange(startPos, posLen); 1172efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek} 1173efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek 11747f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenekbool CheckPrintfHandler:: 117526ac2e07b46bfb4d4f00752c96481c0a98c79c69Ted KremenekHandleInvalidConversionSpecifier(const analyze_printf::FormatSpecifier &FS, 117626ac2e07b46bfb4d4f00752c96481c0a98c79c69Ted Kremenek const char *startSpecifier, 117726ac2e07b46bfb4d4f00752c96481c0a98c79c69Ted Kremenek unsigned specifierLen) { 11784e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 11797f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek unsigned argIndex = FS.getArgIndex(); 11807f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek bool keepGoing = true; 11817f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek if (argIndex < NumDataArgs) { 11827f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek // Consider the argument coverered, even though the specifier doesn't 11837f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek // make sense. 11847f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek CoveredArgs.set(argIndex); 11857f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek } 11867f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek else { 11877f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek // If argIndex exceeds the number of data arguments we 11887f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek // don't issue a warning because that is just a cascade of warnings (and 11897f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek // they may have intended '%%' anyway). We don't want to continue processing 11907f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek // the format string after this point, however, as we will like just get 11917f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek // gibberish when trying to match arguments. 11927f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek keepGoing = false; 11937f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek } 11947f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek 1195808015a18bd97781ce437831a95a92fdfc8d5136Ted Kremenek const analyze_printf::ConversionSpecifier &CS = 11964e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek FS.getConversionSpecifier(); 1197808015a18bd97781ce437831a95a92fdfc8d5136Ted Kremenek SourceLocation Loc = getLocationOfByte(CS.getStart()); 119826ac2e07b46bfb4d4f00752c96481c0a98c79c69Ted Kremenek S.Diag(Loc, diag::warn_printf_invalid_conversion) 1199808015a18bd97781ce437831a95a92fdfc8d5136Ted Kremenek << llvm::StringRef(CS.getStart(), CS.getLength()) 12004e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek << getFormatSpecifierRange(startSpecifier, specifierLen); 12017f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek 12027f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek return keepGoing; 120326ac2e07b46bfb4d4f00752c96481c0a98c79c69Ted Kremenek} 120426ac2e07b46bfb4d4f00752c96481c0a98c79c69Ted Kremenek 1205e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenekvoid CheckPrintfHandler::HandleNullChar(const char *nullCharacter) { 1206e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek // The presence of a null character is likely an error. 1207e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek S.Diag(getLocationOfByte(nullCharacter), 1208e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek diag::warn_printf_format_string_contains_null_char) 1209f88c8e02da48afea6a04091f675af5c4facd99f1Ted Kremenek << getFormatStringRange(); 1210e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek} 1211e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek 12120d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenekconst Expr *CheckPrintfHandler::getDataArg(unsigned i) const { 12136ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek return TheCall->getArg(FirstDataArg + i); 12140d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek} 12150d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek 12165c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenekvoid CheckPrintfHandler::HandleFlags(const analyze_printf::FormatSpecifier &FS, 12175c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek llvm::StringRef flag, 12185c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek llvm::StringRef cspec, 12195c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek const char *startSpecifier, 12205c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek unsigned specifierLen) { 12215c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek const analyze_printf::ConversionSpecifier &CS = FS.getConversionSpecifier(); 12225c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek S.Diag(getLocationOfByte(CS.getStart()), diag::warn_printf_nonsensical_flag) 12235c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek << flag << cspec << getFormatSpecifierRange(startSpecifier, specifierLen); 12245c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek} 12255c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek 12260d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenekbool 12270d27735c51f5bd392e673cf39a675e14e9442387Ted KremenekCheckPrintfHandler::HandleAmount(const analyze_printf::OptionalAmount &Amt, 1228efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek unsigned k, const char *startSpecifier, 12290e5675de2b67eeca754754ae8d3dacba425a38e8Ted Kremenek unsigned specifierLen) { 12300d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek 12310d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek if (Amt.hasDataArgument()) { 12320d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek if (!HasVAListArg) { 12337f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek unsigned argIndex = Amt.getArgIndex(); 12347f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek if (argIndex >= NumDataArgs) { 1235efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek S.Diag(getLocationOfByte(Amt.getStart()), 1236efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek diag::warn_printf_asterisk_missing_arg) 1237efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek << k << getFormatSpecifierRange(startSpecifier, specifierLen); 12380d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek // Don't do any more checking. We will just emit 12390d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek // spurious errors. 12400d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek return false; 12410d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek } 12424e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 12430d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek // Type check the data argument. It should be an 'int'. 124431f8e32788adb299acad455363eb7fd244642c82Ted Kremenek // Although not in conformance with C99, we also allow the argument to be 124531f8e32788adb299acad455363eb7fd244642c82Ted Kremenek // an 'unsigned int' as that is a reasonably safe case. GCC also 124631f8e32788adb299acad455363eb7fd244642c82Ted Kremenek // doesn't emit a warning for that case. 12477f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek CoveredArgs.set(argIndex); 12487f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek const Expr *Arg = getDataArg(argIndex); 12490d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek QualType T = Arg->getType(); 12504e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 12514e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek const analyze_printf::ArgTypeResult &ATR = Amt.getArgType(S.Context); 12524e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek assert(ATR.isValid()); 12534e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 12544e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek if (!ATR.matchesType(S.Context, T)) { 1255efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek S.Diag(getLocationOfByte(Amt.getStart()), 1256efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek diag::warn_printf_asterisk_wrong_type) 1257efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek << k 12584e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek << ATR.getRepresentativeType(S.Context) << T 1259d635c5fcc45c952b75743dd2f4c86d6950e4954eTed Kremenek << getFormatSpecifierRange(startSpecifier, specifierLen) 1260d635c5fcc45c952b75743dd2f4c86d6950e4954eTed Kremenek << Arg->getSourceRange(); 12610d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek // Don't do any more checking. We will just emit 12620d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek // spurious errors. 12630d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek return false; 12640d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek } 12650d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek } 12660d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek } 12670d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek return true; 12680d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek} 12690d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek 1270e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenekbool 12715c41ee8c49995fb4fd76d686b239c15cbab261eaTed KremenekCheckPrintfHandler::HandleFormatSpecifier(const analyze_printf::FormatSpecifier 12725c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek &FS, 1273e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek const char *startSpecifier, 1274e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek unsigned specifierLen) { 1275e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek 1276efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek using namespace analyze_printf; 1277e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek const ConversionSpecifier &CS = FS.getConversionSpecifier(); 1278e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek 1279efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek if (atFirstArg) { 1280efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek atFirstArg = false; 1281efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek usesPositionalArgs = FS.usesPositionalArg(); 1282efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek } 1283efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek else if (usesPositionalArgs != FS.usesPositionalArg()) { 1284efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek // Cannot mix-and-match positional and non-positional arguments. 1285efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek S.Diag(getLocationOfByte(CS.getStart()), 1286efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek diag::warn_printf_mix_positional_nonpositional_args) 1287efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek << getFormatSpecifierRange(startSpecifier, specifierLen); 1288efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek return false; 1289efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek } 1290efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek 12910d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek // First check if the field width, precision, and conversion specifier 12920d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek // have matching data arguments. 1293efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek if (!HandleAmount(FS.getFieldWidth(), /* field width */ 0, 1294efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek startSpecifier, specifierLen)) { 12950d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek return false; 12960d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek } 12974e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 1298efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek if (!HandleAmount(FS.getPrecision(), /* precision */ 1, 1299efaff195ba1fa55b6fe0b0b2435b81451387d241Ted Kremenek startSpecifier, specifierLen)) { 13000d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek return false; 13010d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek } 13020d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek 1303f88c8e02da48afea6a04091f675af5c4facd99f1Ted Kremenek if (!CS.consumesDataArgument()) { 1304f88c8e02da48afea6a04091f675af5c4facd99f1Ted Kremenek // FIXME: Technically specifying a precision or field width here 1305f88c8e02da48afea6a04091f675af5c4facd99f1Ted Kremenek // makes no sense. Worth issuing a warning at some point. 13060e5675de2b67eeca754754ae8d3dacba425a38e8Ted Kremenek return true; 1307f88c8e02da48afea6a04091f675af5c4facd99f1Ted Kremenek } 13084e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 13097f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek // Consume the argument. 13107f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek unsigned argIndex = FS.getArgIndex(); 1311e3fc54790250076e33ad25b14e5be293514fe5eaTed Kremenek if (argIndex < NumDataArgs) { 1312e3fc54790250076e33ad25b14e5be293514fe5eaTed Kremenek // The check to see if the argIndex is valid will come later. 1313e3fc54790250076e33ad25b14e5be293514fe5eaTed Kremenek // We set the bit here because we may exit early from this 1314e3fc54790250076e33ad25b14e5be293514fe5eaTed Kremenek // function if we encounter some other error. 1315e3fc54790250076e33ad25b14e5be293514fe5eaTed Kremenek CoveredArgs.set(argIndex); 1316e3fc54790250076e33ad25b14e5be293514fe5eaTed Kremenek } 13177f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek 13187f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek // Check for using an Objective-C specific conversion specifier 13197f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek // in a non-ObjC literal. 13207f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek if (!IsObjCLiteral && CS.isObjCArg()) { 13217f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek return HandleInvalidConversionSpecifier(FS, startSpecifier, specifierLen); 13227f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek } 13234e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 1324e82d804ee761006250543d6fe6e98ee7896cd756Ted Kremenek // Are we using '%n'? Issue a warning about this being 1325e82d804ee761006250543d6fe6e98ee7896cd756Ted Kremenek // a possible security issue. 1326e82d804ee761006250543d6fe6e98ee7896cd756Ted Kremenek if (CS.getKind() == ConversionSpecifier::OutIntPtrArg) { 1327e82d804ee761006250543d6fe6e98ee7896cd756Ted Kremenek S.Diag(getLocationOfByte(CS.getStart()), diag::warn_printf_write_back) 13284e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek << getFormatSpecifierRange(startSpecifier, specifierLen); 1329e82d804ee761006250543d6fe6e98ee7896cd756Ted Kremenek // Continue checking the other format specifiers. 1330e82d804ee761006250543d6fe6e98ee7896cd756Ted Kremenek return true; 1331e82d804ee761006250543d6fe6e98ee7896cd756Ted Kremenek } 13325c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek 13335c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek if (CS.getKind() == ConversionSpecifier::VoidPtrArg) { 13345c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek if (FS.getPrecision().getHowSpecified() != OptionalAmount::NotSpecified) 13354e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek S.Diag(getLocationOfByte(CS.getStart()), 13365c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek diag::warn_printf_nonsensical_precision) 13375c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek << CS.getCharacters() 13385c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek << getFormatSpecifierRange(startSpecifier, specifierLen); 13395c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek } 13404e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek if (CS.getKind() == ConversionSpecifier::VoidPtrArg || 13414e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek CS.getKind() == ConversionSpecifier::CStrArg) { 13425c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek // FIXME: Instead of using "0", "+", etc., eventually get them from 13435c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek // the FormatSpecifier. 13445c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek if (FS.hasLeadingZeros()) 13455c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek HandleFlags(FS, "0", CS.getCharacters(), startSpecifier, specifierLen); 13465c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek if (FS.hasPlusPrefix()) 13475c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek HandleFlags(FS, "+", CS.getCharacters(), startSpecifier, specifierLen); 13485c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek if (FS.hasSpacePrefix()) 13495c41ee8c49995fb4fd76d686b239c15cbab261eaTed Kremenek HandleFlags(FS, " ", CS.getCharacters(), startSpecifier, specifierLen); 13504e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek } 13514e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 1352da51f0d136df131a0137c0ec1069fb586d8a296aTed Kremenek // The remaining checks depend on the data arguments. 1353da51f0d136df131a0137c0ec1069fb586d8a296aTed Kremenek if (HasVAListArg) 1354da51f0d136df131a0137c0ec1069fb586d8a296aTed Kremenek return true; 13554e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 13567f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek if (argIndex >= NumDataArgs) { 13576ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek if (FS.usesPositionalArg()) { 13586ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek S.Diag(getLocationOfByte(CS.getStart()), 13596ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek diag::warn_printf_positional_arg_exceeds_data_args) 13606ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek << (argIndex+1) << NumDataArgs 13616ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek << getFormatSpecifierRange(startSpecifier, specifierLen); 13626ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek } 13636ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek else { 13646ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek S.Diag(getLocationOfByte(CS.getStart()), 13656ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek diag::warn_printf_insufficient_data_args) 13666ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek << getFormatSpecifierRange(startSpecifier, specifierLen); 13676ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek } 13686ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek 1369da51f0d136df131a0137c0ec1069fb586d8a296aTed Kremenek // Don't do any more checking. 1370da51f0d136df131a0137c0ec1069fb586d8a296aTed Kremenek return false; 1371da51f0d136df131a0137c0ec1069fb586d8a296aTed Kremenek } 13724e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 1373d635c5fcc45c952b75743dd2f4c86d6950e4954eTed Kremenek // Now type check the data expression that matches the 1374d635c5fcc45c952b75743dd2f4c86d6950e4954eTed Kremenek // format specifier. 13757f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek const Expr *Ex = getDataArg(argIndex); 1376d635c5fcc45c952b75743dd2f4c86d6950e4954eTed Kremenek const analyze_printf::ArgTypeResult &ATR = FS.getArgType(S.Context); 13774e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek if (ATR.isValid() && !ATR.matchesType(S.Context, Ex->getType())) { 13784e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek // Check if we didn't match because of an implicit cast from a 'char' 13794e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek // or 'short' to an 'int'. This is done because printf is a varargs 13804e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek // function. 13814e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek if (const ImplicitCastExpr *ICE = dyn_cast<ImplicitCastExpr>(Ex)) 13824e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek if (ICE->getType() == S.Context.IntTy) 13834e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek if (ATR.matchesType(S.Context, ICE->getSubExpr()->getType())) 13844e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek return true; 1385105d41c0a4bf4dc4b210647ac704e245749a981dTed Kremenek 13864e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek S.Diag(getLocationOfByte(CS.getStart()), 13874e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek diag::warn_printf_conversion_argument_type_mismatch) 13884e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek << ATR.getRepresentativeType(S.Context) << Ex->getType() 13891497bffe829d082dd1d1927dc80ea08dcf1fcb49Ted Kremenek << getFormatSpecifierRange(startSpecifier, specifierLen) 13901497bffe829d082dd1d1927dc80ea08dcf1fcb49Ted Kremenek << Ex->getSourceRange(); 1391d635c5fcc45c952b75743dd2f4c86d6950e4954eTed Kremenek } 1392e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek 1393e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek return true; 1394e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek} 1395e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek 139607d161f38e708a91486bf1c031d525faebbb249dTed Kremenekvoid CheckPrintfHandler::DoneProcessing() { 139707d161f38e708a91486bf1c031d525faebbb249dTed Kremenek // Does the number of data arguments exceed the number of 139807d161f38e708a91486bf1c031d525faebbb249dTed Kremenek // format conversions in the format string? 13997f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek if (!HasVAListArg) { 14007f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek // Find any arguments that weren't covered. 14017f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek CoveredArgs.flip(); 14027f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek signed notCoveredArg = CoveredArgs.find_first(); 14037f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek if (notCoveredArg >= 0) { 14047f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek assert((unsigned)notCoveredArg < NumDataArgs); 14057f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek S.Diag(getDataArg((unsigned) notCoveredArg)->getLocStart(), 14067f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek diag::warn_printf_data_arg_not_used) 14077f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek << getFormatStringRange(); 14087f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek } 14097f70dc85d5055c19c8003f43a59135de211ad1b9Ted Kremenek } 141007d161f38e708a91486bf1c031d525faebbb249dTed Kremenek} 1411e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek 1412f88c8e02da48afea6a04091f675af5c4facd99f1Ted Kremenekvoid Sema::CheckPrintfString(const StringLiteral *FExpr, 14130e5675de2b67eeca754754ae8d3dacba425a38e8Ted Kremenek const Expr *OrigFormatExpr, 14140e5675de2b67eeca754754ae8d3dacba425a38e8Ted Kremenek const CallExpr *TheCall, bool HasVAListArg, 14150e5675de2b67eeca754754ae8d3dacba425a38e8Ted Kremenek unsigned format_idx, unsigned firstDataArg) { 14160e5675de2b67eeca754754ae8d3dacba425a38e8Ted Kremenek 1417e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek // CHECK: is the format string a wide literal? 1418e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek if (FExpr->isWide()) { 1419e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek Diag(FExpr->getLocStart(), 1420e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek diag::warn_printf_format_string_is_wide_literal) 1421e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek << OrigFormatExpr->getSourceRange(); 1422e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek return; 1423e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek } 14244e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 1425e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek // Str - The format string. NOTE: this is NOT null-terminated! 1426e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek const char *Str = FExpr->getStrData(); 14274e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 1428e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek // CHECK: empty format string? 1429e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek unsigned StrLen = FExpr->getByteLength(); 14304e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 1431e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek if (StrLen == 0) { 1432e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek Diag(FExpr->getLocStart(), diag::warn_printf_empty_format_string) 1433e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek << OrigFormatExpr->getSourceRange(); 1434e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek return; 1435e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek } 14364e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 14376ee765348b2855c702fa593fb030ef6abe0d01f6Ted Kremenek CheckPrintfHandler H(*this, FExpr, OrigFormatExpr, firstDataArg, 1438e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek TheCall->getNumArgs() - firstDataArg, 14390d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek isa<ObjCStringLiteral>(OrigFormatExpr), Str, 14400d27735c51f5bd392e673cf39a675e14e9442387Ted Kremenek HasVAListArg, TheCall, format_idx); 1441e0e5313c25f3870d0d18fc67e1b3a3a0e1ef8e07Ted Kremenek 144274d56a168966ff015824279a24aaf566180ed97dTed Kremenek if (!analyze_printf::ParseFormatString(H, Str, Str + StrLen)) 1443808015a18bd97781ce437831a95a92fdfc8d5136Ted Kremenek H.DoneProcessing(); 1444ce7024e8a3793b05861a4904ecdb1272924ada14Ted Kremenek} 1445ce7024e8a3793b05861a4904ecdb1272924ada14Ted Kremenek 144606de276fff91264437fa75111ed76de43097e089Ted Kremenek//===--- CHECK: Return Address of Stack Variable --------------------------===// 144706de276fff91264437fa75111ed76de43097e089Ted Kremenek 144806de276fff91264437fa75111ed76de43097e089Ted Kremenekstatic DeclRefExpr* EvalVal(Expr *E); 144906de276fff91264437fa75111ed76de43097e089Ted Kremenekstatic DeclRefExpr* EvalAddr(Expr* E); 145006de276fff91264437fa75111ed76de43097e089Ted Kremenek 145106de276fff91264437fa75111ed76de43097e089Ted Kremenek/// CheckReturnStackAddr - Check if a return statement returns the address 145206de276fff91264437fa75111ed76de43097e089Ted Kremenek/// of a stack variable. 145306de276fff91264437fa75111ed76de43097e089Ted Kremenekvoid 145406de276fff91264437fa75111ed76de43097e089Ted KremenekSema::CheckReturnStackAddr(Expr *RetValExp, QualType lhsType, 145506de276fff91264437fa75111ed76de43097e089Ted Kremenek SourceLocation ReturnLoc) { 14561eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 145706de276fff91264437fa75111ed76de43097e089Ted Kremenek // Perform checking for returned stack addresses. 1458dd972f20dc2bd3609d833893e5c6544ac09b59a9Steve Naroff if (lhsType->isPointerType() || lhsType->isBlockPointerType()) { 145906de276fff91264437fa75111ed76de43097e089Ted Kremenek if (DeclRefExpr *DR = EvalAddr(RetValExp)) 14603c73c41cefcfe76f36b7bed72c9f1ec195490951Chris Lattner Diag(DR->getLocStart(), diag::warn_ret_stack_addr) 146108631c5fa053867146b5ee8be658c229f6bf127cChris Lattner << DR->getDecl()->getDeclName() << RetValExp->getSourceRange(); 14621eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1463c50a4a5f2eac14ac4c631d50b0a55cadc87700ceSteve Naroff // Skip over implicit cast expressions when checking for block expressions. 14644ca606e898293ae58f1793f988500e2218c7a9beChris Lattner RetValExp = RetValExp->IgnoreParenCasts(); 1465c50a4a5f2eac14ac4c631d50b0a55cadc87700ceSteve Naroff 14669e6b37a9f1d499e7ca0950edacd0b6569e491d7fChris Lattner if (BlockExpr *C = dyn_cast<BlockExpr>(RetValExp)) 1467397195bf3077fb42789b326f69f7d417227a0588Mike Stump if (C->hasBlockDeclRefExprs()) 1468397195bf3077fb42789b326f69f7d417227a0588Mike Stump Diag(C->getLocStart(), diag::err_ret_local_block) 1469397195bf3077fb42789b326f69f7d417227a0588Mike Stump << C->getSourceRange(); 14704e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 14719e6b37a9f1d499e7ca0950edacd0b6569e491d7fChris Lattner if (AddrLabelExpr *ALE = dyn_cast<AddrLabelExpr>(RetValExp)) 14729e6b37a9f1d499e7ca0950edacd0b6569e491d7fChris Lattner Diag(ALE->getLocStart(), diag::warn_ret_addr_label) 14739e6b37a9f1d499e7ca0950edacd0b6569e491d7fChris Lattner << ALE->getSourceRange(); 14744e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 1475ac5fc7c6bcb494b60fee7ce615ac931c5db6135eMike Stump } else if (lhsType->isReferenceType()) { 1476ac5fc7c6bcb494b60fee7ce615ac931c5db6135eMike Stump // Perform checking for stack values returned by reference. 147749badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor // Check for a reference to the stack 147849badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor if (DeclRefExpr *DR = EvalVal(RetValExp)) 1479dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner Diag(DR->getLocStart(), diag::warn_ret_stack_ref) 148008631c5fa053867146b5ee8be658c229f6bf127cChris Lattner << DR->getDecl()->getDeclName() << RetValExp->getSourceRange(); 148106de276fff91264437fa75111ed76de43097e089Ted Kremenek } 148206de276fff91264437fa75111ed76de43097e089Ted Kremenek} 148306de276fff91264437fa75111ed76de43097e089Ted Kremenek 148406de276fff91264437fa75111ed76de43097e089Ted Kremenek/// EvalAddr - EvalAddr and EvalVal are mutually recursive functions that 148506de276fff91264437fa75111ed76de43097e089Ted Kremenek/// check if the expression in a return statement evaluates to an address 148606de276fff91264437fa75111ed76de43097e089Ted Kremenek/// to a location on the stack. The recursion is used to traverse the 148706de276fff91264437fa75111ed76de43097e089Ted Kremenek/// AST of the return expression, with recursion backtracking when we 148806de276fff91264437fa75111ed76de43097e089Ted Kremenek/// encounter a subexpression that (1) clearly does not lead to the address 148906de276fff91264437fa75111ed76de43097e089Ted Kremenek/// of a stack variable or (2) is something we cannot determine leads to 149006de276fff91264437fa75111ed76de43097e089Ted Kremenek/// the address of a stack variable based on such local checking. 149106de276fff91264437fa75111ed76de43097e089Ted Kremenek/// 1492e8c600f9fedf2cfd69cdd2cb4bde4a9b39ce2873Ted Kremenek/// EvalAddr processes expressions that are pointers that are used as 1493e8c600f9fedf2cfd69cdd2cb4bde4a9b39ce2873Ted Kremenek/// references (and not L-values). EvalVal handles all other values. 14941eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump/// At the base case of the recursion is a check for a DeclRefExpr* in 149506de276fff91264437fa75111ed76de43097e089Ted Kremenek/// the refers to a stack variable. 149606de276fff91264437fa75111ed76de43097e089Ted Kremenek/// 149706de276fff91264437fa75111ed76de43097e089Ted Kremenek/// This implementation handles: 149806de276fff91264437fa75111ed76de43097e089Ted Kremenek/// 149906de276fff91264437fa75111ed76de43097e089Ted Kremenek/// * pointer-to-pointer casts 150006de276fff91264437fa75111ed76de43097e089Ted Kremenek/// * implicit conversions from array references to pointers 150106de276fff91264437fa75111ed76de43097e089Ted Kremenek/// * taking the address of fields 150206de276fff91264437fa75111ed76de43097e089Ted Kremenek/// * arbitrary interplay between "&" and "*" operators 150306de276fff91264437fa75111ed76de43097e089Ted Kremenek/// * pointer arithmetic from an address of a stack variable 150406de276fff91264437fa75111ed76de43097e089Ted Kremenek/// * taking the address of an array element where the array is on the stack 150506de276fff91264437fa75111ed76de43097e089Ted Kremenekstatic DeclRefExpr* EvalAddr(Expr *E) { 150606de276fff91264437fa75111ed76de43097e089Ted Kremenek // We should only be called for evaluating pointer expressions. 15070f436560640a1cff5b6d96f80f540770f139453fDavid Chisnall assert((E->getType()->isAnyPointerType() || 1508dd972f20dc2bd3609d833893e5c6544ac09b59a9Steve Naroff E->getType()->isBlockPointerType() || 1509a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek E->getType()->isObjCQualifiedIdType()) && 1510fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner "EvalAddr only works on pointers"); 15111eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 151206de276fff91264437fa75111ed76de43097e089Ted Kremenek // Our "symbolic interpreter" is just a dispatch off the currently 151306de276fff91264437fa75111ed76de43097e089Ted Kremenek // viewed AST node. We then recursively traverse the AST by calling 151406de276fff91264437fa75111ed76de43097e089Ted Kremenek // EvalAddr and EvalVal appropriately. 151506de276fff91264437fa75111ed76de43097e089Ted Kremenek switch (E->getStmtClass()) { 1516fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case Stmt::ParenExprClass: 1517fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // Ignore parentheses. 1518fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return EvalAddr(cast<ParenExpr>(E)->getSubExpr()); 151906de276fff91264437fa75111ed76de43097e089Ted Kremenek 1520fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case Stmt::UnaryOperatorClass: { 1521fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // The only unary operator that make sense to handle here 1522fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // is AddrOf. All others don't make sense as pointers. 1523fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner UnaryOperator *U = cast<UnaryOperator>(E); 15241eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1525fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner if (U->getOpcode() == UnaryOperator::AddrOf) 1526fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return EvalVal(U->getSubExpr()); 1527fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner else 1528fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return NULL; 1529fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner } 15301eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1531fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case Stmt::BinaryOperatorClass: { 1532fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // Handle pointer arithmetic. All other binary operators are not valid 1533fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // in this context. 1534fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner BinaryOperator *B = cast<BinaryOperator>(E); 1535fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner BinaryOperator::Opcode op = B->getOpcode(); 15361eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1537fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner if (op != BinaryOperator::Add && op != BinaryOperator::Sub) 1538fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return NULL; 15391eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1540fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner Expr *Base = B->getLHS(); 15413907323dd6665c0c4e383435cb145233f4533406Anders Carlsson 1542fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // Determine which argument is the real pointer base. It could be 1543fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // the RHS argument instead of the LHS. 1544fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner if (!Base->getType()->isPointerType()) Base = B->getRHS(); 15451eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1546fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner assert (Base->getType()->isPointerType()); 1547fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return EvalAddr(Base); 1548fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner } 154961f40a2b67fc2046768e14f66b617e564cbcc3d8Steve Naroff 1550fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // For conditional operators we need to see if either the LHS or RHS are 1551fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // valid DeclRefExpr*s. If one of them is valid, we return it. 1552fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case Stmt::ConditionalOperatorClass: { 1553fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner ConditionalOperator *C = cast<ConditionalOperator>(E); 15541eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1555fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // Handle the GNU extension for missing LHS. 1556fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner if (Expr *lhsExpr = C->getLHS()) 1557fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner if (DeclRefExpr* LHS = EvalAddr(lhsExpr)) 1558fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return LHS; 155906de276fff91264437fa75111ed76de43097e089Ted Kremenek 1560fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return EvalAddr(C->getRHS()); 1561fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner } 15621eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 156354b5274f2c190331438375ad114dad12ae098b57Ted Kremenek // For casts, we need to handle conversions from arrays to 156454b5274f2c190331438375ad114dad12ae098b57Ted Kremenek // pointer values, and pointer-to-pointer conversions. 156549badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor case Stmt::ImplicitCastExprClass: 15666eec8e883de118b431e3ead5b1e604a6ac68ff6bDouglas Gregor case Stmt::CStyleCastExprClass: 156749badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor case Stmt::CXXFunctionalCastExprClass: { 15680835a3cdeefe714b4959d31127ea155e56393125Argyrios Kyrtzidis Expr* SubExpr = cast<CastExpr>(E)->getSubExpr(); 156954b5274f2c190331438375ad114dad12ae098b57Ted Kremenek QualType T = SubExpr->getType(); 15701eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1571dd972f20dc2bd3609d833893e5c6544ac09b59a9Steve Naroff if (SubExpr->getType()->isPointerType() || 1572dd972f20dc2bd3609d833893e5c6544ac09b59a9Steve Naroff SubExpr->getType()->isBlockPointerType() || 1573dd972f20dc2bd3609d833893e5c6544ac09b59a9Steve Naroff SubExpr->getType()->isObjCQualifiedIdType()) 1574fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return EvalAddr(SubExpr); 157554b5274f2c190331438375ad114dad12ae098b57Ted Kremenek else if (T->isArrayType()) 157654b5274f2c190331438375ad114dad12ae098b57Ted Kremenek return EvalVal(SubExpr); 1577fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner else 157854b5274f2c190331438375ad114dad12ae098b57Ted Kremenek return 0; 1579fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner } 15801eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1581fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // C++ casts. For dynamic casts, static casts, and const casts, we 1582fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // are always converting from a pointer-to-pointer, so we just blow 158349badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor // through the cast. In the case the dynamic cast doesn't fail (and 158449badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor // return NULL), we take the conservative route and report cases 1585fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // where we return the address of a stack variable. For Reinterpre 158649badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor // FIXME: The comment about is wrong; we're not always converting 158749badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor // from pointer to pointer. I'm guessing that this code should also 15881eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump // handle references to objects. 15891eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump case Stmt::CXXStaticCastExprClass: 15901eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump case Stmt::CXXDynamicCastExprClass: 159149badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor case Stmt::CXXConstCastExprClass: 159249badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor case Stmt::CXXReinterpretCastExprClass: { 159349badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor Expr *S = cast<CXXNamedCastExpr>(E)->getSubExpr(); 1594dd972f20dc2bd3609d833893e5c6544ac09b59a9Steve Naroff if (S->getType()->isPointerType() || S->getType()->isBlockPointerType()) 1595fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return EvalAddr(S); 159606de276fff91264437fa75111ed76de43097e089Ted Kremenek else 159706de276fff91264437fa75111ed76de43097e089Ted Kremenek return NULL; 1598fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner } 15991eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1600fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // Everything else: we simply don't reason about them. 1601fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner default: 1602fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return NULL; 160306de276fff91264437fa75111ed76de43097e089Ted Kremenek } 160406de276fff91264437fa75111ed76de43097e089Ted Kremenek} 16051eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 160606de276fff91264437fa75111ed76de43097e089Ted Kremenek 160706de276fff91264437fa75111ed76de43097e089Ted Kremenek/// EvalVal - This function is complements EvalAddr in the mutual recursion. 160806de276fff91264437fa75111ed76de43097e089Ted Kremenek/// See the comments for EvalAddr for more details. 160906de276fff91264437fa75111ed76de43097e089Ted Kremenekstatic DeclRefExpr* EvalVal(Expr *E) { 16101eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1611e8c600f9fedf2cfd69cdd2cb4bde4a9b39ce2873Ted Kremenek // We should only be called for evaluating non-pointer expressions, or 1612e8c600f9fedf2cfd69cdd2cb4bde4a9b39ce2873Ted Kremenek // expressions with a pointer type that are not used as references but instead 1613e8c600f9fedf2cfd69cdd2cb4bde4a9b39ce2873Ted Kremenek // are l-values (e.g., DeclRefExpr with a pointer type). 16141eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 161506de276fff91264437fa75111ed76de43097e089Ted Kremenek // Our "symbolic interpreter" is just a dispatch off the currently 161606de276fff91264437fa75111ed76de43097e089Ted Kremenek // viewed AST node. We then recursively traverse the AST by calling 161706de276fff91264437fa75111ed76de43097e089Ted Kremenek // EvalAddr and EvalVal appropriately. 161806de276fff91264437fa75111ed76de43097e089Ted Kremenek switch (E->getStmtClass()) { 1619a2813cec2605ce7878d1b13471d685f689b251afDouglas Gregor case Stmt::DeclRefExprClass: { 162006de276fff91264437fa75111ed76de43097e089Ted Kremenek // DeclRefExpr: the base case. When we hit a DeclRefExpr we are looking 162106de276fff91264437fa75111ed76de43097e089Ted Kremenek // at code that refers to a variable's name. We check if it has local 162206de276fff91264437fa75111ed76de43097e089Ted Kremenek // storage within the function, and if so, return the expression. 162306de276fff91264437fa75111ed76de43097e089Ted Kremenek DeclRefExpr *DR = cast<DeclRefExpr>(E); 16241eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 162506de276fff91264437fa75111ed76de43097e089Ted Kremenek if (VarDecl *V = dyn_cast<VarDecl>(DR->getDecl())) 16261eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump if (V->hasLocalStorage() && !V->getType()->isReferenceType()) return DR; 16271eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 162806de276fff91264437fa75111ed76de43097e089Ted Kremenek return NULL; 162906de276fff91264437fa75111ed76de43097e089Ted Kremenek } 16301eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 163106de276fff91264437fa75111ed76de43097e089Ted Kremenek case Stmt::ParenExprClass: 163206de276fff91264437fa75111ed76de43097e089Ted Kremenek // Ignore parentheses. 163306de276fff91264437fa75111ed76de43097e089Ted Kremenek return EvalVal(cast<ParenExpr>(E)->getSubExpr()); 16341eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 163506de276fff91264437fa75111ed76de43097e089Ted Kremenek case Stmt::UnaryOperatorClass: { 163606de276fff91264437fa75111ed76de43097e089Ted Kremenek // The only unary operator that make sense to handle here 163706de276fff91264437fa75111ed76de43097e089Ted Kremenek // is Deref. All others don't resolve to a "name." This includes 163806de276fff91264437fa75111ed76de43097e089Ted Kremenek // handling all sorts of rvalues passed to a unary operator. 163906de276fff91264437fa75111ed76de43097e089Ted Kremenek UnaryOperator *U = cast<UnaryOperator>(E); 16401eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 164106de276fff91264437fa75111ed76de43097e089Ted Kremenek if (U->getOpcode() == UnaryOperator::Deref) 164206de276fff91264437fa75111ed76de43097e089Ted Kremenek return EvalAddr(U->getSubExpr()); 164306de276fff91264437fa75111ed76de43097e089Ted Kremenek 164406de276fff91264437fa75111ed76de43097e089Ted Kremenek return NULL; 164506de276fff91264437fa75111ed76de43097e089Ted Kremenek } 16461eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 164706de276fff91264437fa75111ed76de43097e089Ted Kremenek case Stmt::ArraySubscriptExprClass: { 164806de276fff91264437fa75111ed76de43097e089Ted Kremenek // Array subscripts are potential references to data on the stack. We 164906de276fff91264437fa75111ed76de43097e089Ted Kremenek // retrieve the DeclRefExpr* for the array variable if it indeed 165006de276fff91264437fa75111ed76de43097e089Ted Kremenek // has local storage. 16512324512285caac0332bbbc6e4cab6245d2a370a1Ted Kremenek return EvalAddr(cast<ArraySubscriptExpr>(E)->getBase()); 165206de276fff91264437fa75111ed76de43097e089Ted Kremenek } 16531eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 165406de276fff91264437fa75111ed76de43097e089Ted Kremenek case Stmt::ConditionalOperatorClass: { 165506de276fff91264437fa75111ed76de43097e089Ted Kremenek // For conditional operators we need to see if either the LHS or RHS are 165606de276fff91264437fa75111ed76de43097e089Ted Kremenek // non-NULL DeclRefExpr's. If one is non-NULL, we return it. 165706de276fff91264437fa75111ed76de43097e089Ted Kremenek ConditionalOperator *C = cast<ConditionalOperator>(E); 165806de276fff91264437fa75111ed76de43097e089Ted Kremenek 16593907323dd6665c0c4e383435cb145233f4533406Anders Carlsson // Handle the GNU extension for missing LHS. 16603907323dd6665c0c4e383435cb145233f4533406Anders Carlsson if (Expr *lhsExpr = C->getLHS()) 16613907323dd6665c0c4e383435cb145233f4533406Anders Carlsson if (DeclRefExpr *LHS = EvalVal(lhsExpr)) 16623907323dd6665c0c4e383435cb145233f4533406Anders Carlsson return LHS; 16633907323dd6665c0c4e383435cb145233f4533406Anders Carlsson 16643907323dd6665c0c4e383435cb145233f4533406Anders Carlsson return EvalVal(C->getRHS()); 166506de276fff91264437fa75111ed76de43097e089Ted Kremenek } 16661eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 166706de276fff91264437fa75111ed76de43097e089Ted Kremenek // Accesses to members are potential references to data on the stack. 166883f6faf37d9bf58986bedc9bc0ea897a56b4dbadDouglas Gregor case Stmt::MemberExprClass: { 166906de276fff91264437fa75111ed76de43097e089Ted Kremenek MemberExpr *M = cast<MemberExpr>(E); 16701eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 167106de276fff91264437fa75111ed76de43097e089Ted Kremenek // Check for indirect access. We only want direct field accesses. 167206de276fff91264437fa75111ed76de43097e089Ted Kremenek if (!M->isArrow()) 167306de276fff91264437fa75111ed76de43097e089Ted Kremenek return EvalVal(M->getBase()); 167406de276fff91264437fa75111ed76de43097e089Ted Kremenek else 167506de276fff91264437fa75111ed76de43097e089Ted Kremenek return NULL; 167606de276fff91264437fa75111ed76de43097e089Ted Kremenek } 16771eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 167806de276fff91264437fa75111ed76de43097e089Ted Kremenek // Everything else: we simply don't reason about them. 167906de276fff91264437fa75111ed76de43097e089Ted Kremenek default: 168006de276fff91264437fa75111ed76de43097e089Ted Kremenek return NULL; 168106de276fff91264437fa75111ed76de43097e089Ted Kremenek } 168206de276fff91264437fa75111ed76de43097e089Ted Kremenek} 1683588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek 1684588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek//===--- CHECK: Floating-Point comparisons (-Wfloat-equal) ---------------===// 1685588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek 1686588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek/// Check for comparisons of floating point operands using != and ==. 1687588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek/// Issue a warning if these are no self-comparisons, as they are not likely 1688588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek/// to do what the programmer intended. 1689588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenekvoid Sema::CheckFloatComparison(SourceLocation loc, Expr* lex, Expr *rex) { 1690588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek bool EmitWarning = true; 16911eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 16924e99a5fc3b203397a91136c6e695e405fb8fc606Ted Kremenek Expr* LeftExprSansParen = lex->IgnoreParens(); 169332e97b66bbce16c9e81c877794fb7a0aeeb66ccbTed Kremenek Expr* RightExprSansParen = rex->IgnoreParens(); 1694588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek 1695588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek // Special case: check for x == x (which is OK). 1696588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek // Do not emit warnings for such cases. 1697588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek if (DeclRefExpr* DRL = dyn_cast<DeclRefExpr>(LeftExprSansParen)) 1698588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek if (DeclRefExpr* DRR = dyn_cast<DeclRefExpr>(RightExprSansParen)) 1699588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek if (DRL->getDecl() == DRR->getDecl()) 1700588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek EmitWarning = false; 17011eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 17021eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 17031b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek // Special case: check for comparisons against literals that can be exactly 17041b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek // represented by APFloat. In such cases, do not emit a warning. This 17051b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek // is a heuristic: often comparison against such literals are used to 17061b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek // detect if a value in a variable has not changed. This clearly can 17071b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek // lead to false negatives. 17081b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek if (EmitWarning) { 17091b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek if (FloatingLiteral* FLL = dyn_cast<FloatingLiteral>(LeftExprSansParen)) { 17101b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek if (FLL->isExact()) 17111b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek EmitWarning = false; 1712ac5fc7c6bcb494b60fee7ce615ac931c5db6135eMike Stump } else 17131b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek if (FloatingLiteral* FLR = dyn_cast<FloatingLiteral>(RightExprSansParen)){ 17141b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek if (FLR->isExact()) 17151b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek EmitWarning = false; 17161b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek } 17171b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek } 17181eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1719588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek // Check for comparisons with builtin types. 17200eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl if (EmitWarning) 1721588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek if (CallExpr* CL = dyn_cast<CallExpr>(LeftExprSansParen)) 17223c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor if (CL->isBuiltinCall(Context)) 1723588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek EmitWarning = false; 17241eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 17250eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl if (EmitWarning) 1726588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek if (CallExpr* CR = dyn_cast<CallExpr>(RightExprSansParen)) 17273c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor if (CR->isBuiltinCall(Context)) 1728588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek EmitWarning = false; 17291eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1730588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek // Emit the diagnostic. 1731588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek if (EmitWarning) 1732fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner Diag(loc, diag::warn_floatingpoint_eq) 1733fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner << lex->getSourceRange() << rex->getSourceRange(); 1734588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek} 1735ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall 1736f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall//===--- CHECK: Integer mixed-sign comparisons (-Wsign-compare) --------===// 1737f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall//===--- CHECK: Lossy implicit conversions (-Wconversion) --------------===// 1738ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall 1739f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCallnamespace { 1740ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall 1741f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall/// Structure recording the 'active' range of an integer-valued 1742f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall/// expression. 1743f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCallstruct IntRange { 1744f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall /// The number of bits active in the int. 1745f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall unsigned Width; 1746ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall 1747f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall /// True if the int is known not to have negative values. 1748f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall bool NonNegative; 174951313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1750f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall IntRange() {} 1751f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall IntRange(unsigned Width, bool NonNegative) 1752f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall : Width(Width), NonNegative(NonNegative) 1753f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall {} 175451313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1755f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // Returns the range of the bool type. 1756f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall static IntRange forBoolType() { 1757f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange(1, true); 1758f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall } 175951313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1760f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // Returns the range of an integral type. 1761f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall static IntRange forType(ASTContext &C, QualType T) { 1762f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return forCanonicalType(C, T->getCanonicalTypeInternal().getTypePtr()); 176351313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 176451313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1765f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // Returns the range of an integeral type based on its canonical 1766f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // representation. 1767f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall static IntRange forCanonicalType(ASTContext &C, const Type *T) { 1768f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall assert(T->isCanonicalUnqualified()); 176951313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1770f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (const VectorType *VT = dyn_cast<VectorType>(T)) 1771f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall T = VT->getElementType().getTypePtr(); 1772f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (const ComplexType *CT = dyn_cast<ComplexType>(T)) 1773f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall T = CT->getElementType().getTypePtr(); 1774323ed74658bc8375278eabf074b4777458376540John McCall 1775323ed74658bc8375278eabf074b4777458376540John McCall if (const EnumType *ET = dyn_cast<EnumType>(T)) { 1776323ed74658bc8375278eabf074b4777458376540John McCall EnumDecl *Enum = ET->getDecl(); 1777323ed74658bc8375278eabf074b4777458376540John McCall unsigned NumPositive = Enum->getNumPositiveBits(); 1778323ed74658bc8375278eabf074b4777458376540John McCall unsigned NumNegative = Enum->getNumNegativeBits(); 1779323ed74658bc8375278eabf074b4777458376540John McCall 1780323ed74658bc8375278eabf074b4777458376540John McCall return IntRange(std::max(NumPositive, NumNegative), NumNegative == 0); 1781323ed74658bc8375278eabf074b4777458376540John McCall } 178251313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1783f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall const BuiltinType *BT = cast<BuiltinType>(T); 1784f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall assert(BT->isInteger()); 178551313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1786f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange(C.getIntWidth(QualType(T, 0)), BT->isUnsignedInteger()); 178751313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 178851313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1789f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // Returns the supremum of two ranges: i.e. their conservative merge. 1790c0cd21d2a3301a7a88e0052aebdd09c2441f826dJohn McCall static IntRange join(IntRange L, IntRange R) { 1791f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange(std::max(L.Width, R.Width), 179260fad45739b764886f707bd204eae9ecce6db1f2John McCall L.NonNegative && R.NonNegative); 179360fad45739b764886f707bd204eae9ecce6db1f2John McCall } 179460fad45739b764886f707bd204eae9ecce6db1f2John McCall 179560fad45739b764886f707bd204eae9ecce6db1f2John McCall // Returns the infinum of two ranges: i.e. their aggressive merge. 1796c0cd21d2a3301a7a88e0052aebdd09c2441f826dJohn McCall static IntRange meet(IntRange L, IntRange R) { 179760fad45739b764886f707bd204eae9ecce6db1f2John McCall return IntRange(std::min(L.Width, R.Width), 179860fad45739b764886f707bd204eae9ecce6db1f2John McCall L.NonNegative || R.NonNegative); 179951313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 1800f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall}; 180151313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1802f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCallIntRange GetValueRange(ASTContext &C, llvm::APSInt &value, unsigned MaxWidth) { 1803f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (value.isSigned() && value.isNegative()) 1804f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange(value.getMinSignedBits(), false); 180551313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1806f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (value.getBitWidth() > MaxWidth) 1807f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall value.trunc(MaxWidth); 180851313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1809f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // isNonNegative() just checks the sign bit without considering 1810f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // signedness. 1811f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange(value.getActiveBits(), true); 181251313c39c84407dd6a323be99a8c322bf8d052a9John McCall} 181351313c39c84407dd6a323be99a8c322bf8d052a9John McCall 18140acc311bf73c85fd34ce6f89a4e786b7ecd214aaJohn McCallIntRange GetValueRange(ASTContext &C, APValue &result, QualType Ty, 1815f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall unsigned MaxWidth) { 1816f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (result.isInt()) 1817f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return GetValueRange(C, result.getInt(), MaxWidth); 181851313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1819f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (result.isVector()) { 18200acc311bf73c85fd34ce6f89a4e786b7ecd214aaJohn McCall IntRange R = GetValueRange(C, result.getVectorElt(0), Ty, MaxWidth); 18210acc311bf73c85fd34ce6f89a4e786b7ecd214aaJohn McCall for (unsigned i = 1, e = result.getVectorLength(); i != e; ++i) { 18220acc311bf73c85fd34ce6f89a4e786b7ecd214aaJohn McCall IntRange El = GetValueRange(C, result.getVectorElt(i), Ty, MaxWidth); 18230acc311bf73c85fd34ce6f89a4e786b7ecd214aaJohn McCall R = IntRange::join(R, El); 18240acc311bf73c85fd34ce6f89a4e786b7ecd214aaJohn McCall } 1825f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return R; 182651313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 182751313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1828f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (result.isComplexInt()) { 1829f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall IntRange R = GetValueRange(C, result.getComplexIntReal(), MaxWidth); 1830f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall IntRange I = GetValueRange(C, result.getComplexIntImag(), MaxWidth); 1831f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange::join(R, I); 1832f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall } 1833f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall 1834f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // This can happen with lossless casts to intptr_t of "based" lvalues. 1835f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // Assume it might use arbitrary bits. 18360acc311bf73c85fd34ce6f89a4e786b7ecd214aaJohn McCall // FIXME: The only reason we need to pass the type in here is to get 18370acc311bf73c85fd34ce6f89a4e786b7ecd214aaJohn McCall // the sign right on this one case. It would be nice if APValue 18380acc311bf73c85fd34ce6f89a4e786b7ecd214aaJohn McCall // preserved this. 1839f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall assert(result.isLValue()); 18400acc311bf73c85fd34ce6f89a4e786b7ecd214aaJohn McCall return IntRange(MaxWidth, Ty->isUnsignedIntegerType()); 184151313c39c84407dd6a323be99a8c322bf8d052a9John McCall} 184251313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1843f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall/// Pseudo-evaluate the given integer expression, estimating the 1844f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall/// range of values it might take. 1845f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall/// 1846f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall/// \param MaxWidth - the width to which the value will be truncated 1847f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCallIntRange GetExprRange(ASTContext &C, Expr *E, unsigned MaxWidth) { 184851313c39c84407dd6a323be99a8c322bf8d052a9John McCall E = E->IgnoreParens(); 184951313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1850f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // Try a full evaluation first. 1851f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall Expr::EvalResult result; 1852f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (E->Evaluate(result, C)) 18530acc311bf73c85fd34ce6f89a4e786b7ecd214aaJohn McCall return GetValueRange(C, result.Val, E->getType(), MaxWidth); 185451313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1855f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // I think we only want to look through implicit casts here; if the 1856f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // user has an explicit widening cast, we should treat the value as 1857f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // being of the new, wider type. 1858f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (ImplicitCastExpr *CE = dyn_cast<ImplicitCastExpr>(E)) { 1859f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (CE->getCastKind() == CastExpr::CK_NoOp) 1860f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return GetExprRange(C, CE->getSubExpr(), MaxWidth); 186151313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1862f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall IntRange OutputTypeRange = IntRange::forType(C, CE->getType()); 186351313c39c84407dd6a323be99a8c322bf8d052a9John McCall 186460fad45739b764886f707bd204eae9ecce6db1f2John McCall bool isIntegerCast = (CE->getCastKind() == CastExpr::CK_IntegralCast); 186560fad45739b764886f707bd204eae9ecce6db1f2John McCall if (!isIntegerCast && CE->getCastKind() == CastExpr::CK_Unknown) 186660fad45739b764886f707bd204eae9ecce6db1f2John McCall isIntegerCast = CE->getSubExpr()->getType()->isIntegerType(); 186760fad45739b764886f707bd204eae9ecce6db1f2John McCall 1868f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // Assume that non-integer casts can span the full range of the type. 186960fad45739b764886f707bd204eae9ecce6db1f2John McCall if (!isIntegerCast) 1870f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return OutputTypeRange; 187151313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1872f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall IntRange SubRange 1873f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall = GetExprRange(C, CE->getSubExpr(), 1874f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall std::min(MaxWidth, OutputTypeRange.Width)); 187551313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1876f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // Bail out if the subexpr's range is as wide as the cast type. 1877f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (SubRange.Width >= OutputTypeRange.Width) 1878f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return OutputTypeRange; 187951313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1880f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // Otherwise, we take the smaller width, and we're non-negative if 1881f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // either the output type or the subexpr is. 1882f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange(SubRange.Width, 1883f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall SubRange.NonNegative || OutputTypeRange.NonNegative); 1884f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall } 1885f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall 1886f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (ConditionalOperator *CO = dyn_cast<ConditionalOperator>(E)) { 1887f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // If we can fold the condition, just take that operand. 1888f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall bool CondResult; 1889f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (CO->getCond()->EvaluateAsBooleanCondition(CondResult, C)) 1890f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return GetExprRange(C, CondResult ? CO->getTrueExpr() 1891f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall : CO->getFalseExpr(), 1892f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall MaxWidth); 1893f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall 1894f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // Otherwise, conservatively merge. 1895f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall IntRange L = GetExprRange(C, CO->getTrueExpr(), MaxWidth); 1896f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall IntRange R = GetExprRange(C, CO->getFalseExpr(), MaxWidth); 1897f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange::join(L, R); 189851313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 189951313c39c84407dd6a323be99a8c322bf8d052a9John McCall 190051313c39c84407dd6a323be99a8c322bf8d052a9John McCall if (BinaryOperator *BO = dyn_cast<BinaryOperator>(E)) { 190151313c39c84407dd6a323be99a8c322bf8d052a9John McCall switch (BO->getOpcode()) { 190251313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1903f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // Boolean-valued operations are single-bit and positive. 190451313c39c84407dd6a323be99a8c322bf8d052a9John McCall case BinaryOperator::LAnd: 190551313c39c84407dd6a323be99a8c322bf8d052a9John McCall case BinaryOperator::LOr: 190651313c39c84407dd6a323be99a8c322bf8d052a9John McCall case BinaryOperator::LT: 190751313c39c84407dd6a323be99a8c322bf8d052a9John McCall case BinaryOperator::GT: 190851313c39c84407dd6a323be99a8c322bf8d052a9John McCall case BinaryOperator::LE: 190951313c39c84407dd6a323be99a8c322bf8d052a9John McCall case BinaryOperator::GE: 191051313c39c84407dd6a323be99a8c322bf8d052a9John McCall case BinaryOperator::EQ: 191151313c39c84407dd6a323be99a8c322bf8d052a9John McCall case BinaryOperator::NE: 1912f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange::forBoolType(); 191351313c39c84407dd6a323be99a8c322bf8d052a9John McCall 1914c0cd21d2a3301a7a88e0052aebdd09c2441f826dJohn McCall // The type of these compound assignments is the type of the LHS, 1915c0cd21d2a3301a7a88e0052aebdd09c2441f826dJohn McCall // so the RHS is not necessarily an integer. 1916c0cd21d2a3301a7a88e0052aebdd09c2441f826dJohn McCall case BinaryOperator::MulAssign: 1917c0cd21d2a3301a7a88e0052aebdd09c2441f826dJohn McCall case BinaryOperator::DivAssign: 1918c0cd21d2a3301a7a88e0052aebdd09c2441f826dJohn McCall case BinaryOperator::RemAssign: 1919c0cd21d2a3301a7a88e0052aebdd09c2441f826dJohn McCall case BinaryOperator::AddAssign: 1920c0cd21d2a3301a7a88e0052aebdd09c2441f826dJohn McCall case BinaryOperator::SubAssign: 1921c0cd21d2a3301a7a88e0052aebdd09c2441f826dJohn McCall return IntRange::forType(C, E->getType()); 1922c0cd21d2a3301a7a88e0052aebdd09c2441f826dJohn McCall 192351313c39c84407dd6a323be99a8c322bf8d052a9John McCall // Operations with opaque sources are black-listed. 192451313c39c84407dd6a323be99a8c322bf8d052a9John McCall case BinaryOperator::PtrMemD: 192551313c39c84407dd6a323be99a8c322bf8d052a9John McCall case BinaryOperator::PtrMemI: 1926f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange::forType(C, E->getType()); 192751313c39c84407dd6a323be99a8c322bf8d052a9John McCall 192860fad45739b764886f707bd204eae9ecce6db1f2John McCall // Bitwise-and uses the *infinum* of the two source ranges. 192960fad45739b764886f707bd204eae9ecce6db1f2John McCall case BinaryOperator::And: 1930c0cd21d2a3301a7a88e0052aebdd09c2441f826dJohn McCall case BinaryOperator::AndAssign: 193160fad45739b764886f707bd204eae9ecce6db1f2John McCall return IntRange::meet(GetExprRange(C, BO->getLHS(), MaxWidth), 193260fad45739b764886f707bd204eae9ecce6db1f2John McCall GetExprRange(C, BO->getRHS(), MaxWidth)); 193360fad45739b764886f707bd204eae9ecce6db1f2John McCall 193451313c39c84407dd6a323be99a8c322bf8d052a9John McCall // Left shift gets black-listed based on a judgement call. 193551313c39c84407dd6a323be99a8c322bf8d052a9John McCall case BinaryOperator::Shl: 19363aae6093dd8f3aecb66d7ff1f4b44e6a86765db4John McCall // ...except that we want to treat '1 << (blah)' as logically 19373aae6093dd8f3aecb66d7ff1f4b44e6a86765db4John McCall // positive. It's an important idiom. 19383aae6093dd8f3aecb66d7ff1f4b44e6a86765db4John McCall if (IntegerLiteral *I 19393aae6093dd8f3aecb66d7ff1f4b44e6a86765db4John McCall = dyn_cast<IntegerLiteral>(BO->getLHS()->IgnoreParenCasts())) { 19403aae6093dd8f3aecb66d7ff1f4b44e6a86765db4John McCall if (I->getValue() == 1) { 19413aae6093dd8f3aecb66d7ff1f4b44e6a86765db4John McCall IntRange R = IntRange::forType(C, E->getType()); 19423aae6093dd8f3aecb66d7ff1f4b44e6a86765db4John McCall return IntRange(R.Width, /*NonNegative*/ true); 19433aae6093dd8f3aecb66d7ff1f4b44e6a86765db4John McCall } 19443aae6093dd8f3aecb66d7ff1f4b44e6a86765db4John McCall } 19453aae6093dd8f3aecb66d7ff1f4b44e6a86765db4John McCall // fallthrough 19463aae6093dd8f3aecb66d7ff1f4b44e6a86765db4John McCall 1947c0cd21d2a3301a7a88e0052aebdd09c2441f826dJohn McCall case BinaryOperator::ShlAssign: 1948f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange::forType(C, E->getType()); 194951313c39c84407dd6a323be99a8c322bf8d052a9John McCall 195060fad45739b764886f707bd204eae9ecce6db1f2John McCall // Right shift by a constant can narrow its left argument. 1951c0cd21d2a3301a7a88e0052aebdd09c2441f826dJohn McCall case BinaryOperator::Shr: 1952c0cd21d2a3301a7a88e0052aebdd09c2441f826dJohn McCall case BinaryOperator::ShrAssign: { 195360fad45739b764886f707bd204eae9ecce6db1f2John McCall IntRange L = GetExprRange(C, BO->getLHS(), MaxWidth); 195460fad45739b764886f707bd204eae9ecce6db1f2John McCall 195560fad45739b764886f707bd204eae9ecce6db1f2John McCall // If the shift amount is a positive constant, drop the width by 195660fad45739b764886f707bd204eae9ecce6db1f2John McCall // that much. 195760fad45739b764886f707bd204eae9ecce6db1f2John McCall llvm::APSInt shift; 195860fad45739b764886f707bd204eae9ecce6db1f2John McCall if (BO->getRHS()->isIntegerConstantExpr(shift, C) && 195960fad45739b764886f707bd204eae9ecce6db1f2John McCall shift.isNonNegative()) { 196060fad45739b764886f707bd204eae9ecce6db1f2John McCall unsigned zext = shift.getZExtValue(); 196160fad45739b764886f707bd204eae9ecce6db1f2John McCall if (zext >= L.Width) 196260fad45739b764886f707bd204eae9ecce6db1f2John McCall L.Width = (L.NonNegative ? 0 : 1); 196360fad45739b764886f707bd204eae9ecce6db1f2John McCall else 196460fad45739b764886f707bd204eae9ecce6db1f2John McCall L.Width -= zext; 196560fad45739b764886f707bd204eae9ecce6db1f2John McCall } 196660fad45739b764886f707bd204eae9ecce6db1f2John McCall 196760fad45739b764886f707bd204eae9ecce6db1f2John McCall return L; 196860fad45739b764886f707bd204eae9ecce6db1f2John McCall } 196960fad45739b764886f707bd204eae9ecce6db1f2John McCall 197060fad45739b764886f707bd204eae9ecce6db1f2John McCall // Comma acts as its right operand. 197151313c39c84407dd6a323be99a8c322bf8d052a9John McCall case BinaryOperator::Comma: 1972f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return GetExprRange(C, BO->getRHS(), MaxWidth); 1973f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall 197460fad45739b764886f707bd204eae9ecce6db1f2John McCall // Black-list pointer subtractions. 197551313c39c84407dd6a323be99a8c322bf8d052a9John McCall case BinaryOperator::Sub: 197651313c39c84407dd6a323be99a8c322bf8d052a9John McCall if (BO->getLHS()->getType()->isPointerType()) 1977f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange::forType(C, E->getType()); 197851313c39c84407dd6a323be99a8c322bf8d052a9John McCall // fallthrough 19794e4b30ec62d78b24e6556fea2624855c193d0e3eTed Kremenek 198051313c39c84407dd6a323be99a8c322bf8d052a9John McCall default: 1981f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall break; 198251313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 1983f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall 1984f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // Treat every other operator as if it were closed on the 1985f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall // narrowest type that encompasses both operands. 1986f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall IntRange L = GetExprRange(C, BO->getLHS(), MaxWidth); 1987f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall IntRange R = GetExprRange(C, BO->getRHS(), MaxWidth); 1988f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange::join(L, R); 198951313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 199051313c39c84407dd6a323be99a8c322bf8d052a9John McCall 199151313c39c84407dd6a323be99a8c322bf8d052a9John McCall if (UnaryOperator *UO = dyn_cast<UnaryOperator>(E)) { 199251313c39c84407dd6a323be99a8c322bf8d052a9John McCall switch (UO->getOpcode()) { 199351313c39c84407dd6a323be99a8c322bf8d052a9John McCall // Boolean-valued operations are white-listed. 199451313c39c84407dd6a323be99a8c322bf8d052a9John McCall case UnaryOperator::LNot: 1995f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange::forBoolType(); 199651313c39c84407dd6a323be99a8c322bf8d052a9John McCall 199751313c39c84407dd6a323be99a8c322bf8d052a9John McCall // Operations with opaque sources are black-listed. 199851313c39c84407dd6a323be99a8c322bf8d052a9John McCall case UnaryOperator::Deref: 199951313c39c84407dd6a323be99a8c322bf8d052a9John McCall case UnaryOperator::AddrOf: // should be impossible 200051313c39c84407dd6a323be99a8c322bf8d052a9John McCall case UnaryOperator::OffsetOf: 2001f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange::forType(C, E->getType()); 200251313c39c84407dd6a323be99a8c322bf8d052a9John McCall 200351313c39c84407dd6a323be99a8c322bf8d052a9John McCall default: 2004f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return GetExprRange(C, UO->getSubExpr(), MaxWidth); 200551313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 200651313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 20078ecdb65716cd7914ffb2eeee993fa9039fcd31e8Douglas Gregor 20088ecdb65716cd7914ffb2eeee993fa9039fcd31e8Douglas Gregor if (dyn_cast<OffsetOfExpr>(E)) { 20098ecdb65716cd7914ffb2eeee993fa9039fcd31e8Douglas Gregor IntRange::forType(C, E->getType()); 20108ecdb65716cd7914ffb2eeee993fa9039fcd31e8Douglas Gregor } 201151313c39c84407dd6a323be99a8c322bf8d052a9John McCall 2012f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall FieldDecl *BitField = E->getBitField(); 2013f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (BitField) { 2014f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall llvm::APSInt BitWidthAP = BitField->getBitWidth()->EvaluateAsInt(C); 2015f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall unsigned BitWidth = BitWidthAP.getZExtValue(); 201651313c39c84407dd6a323be99a8c322bf8d052a9John McCall 2017f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange(BitWidth, BitField->getType()->isUnsignedIntegerType()); 2018f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall } 2019f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall 2020f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IntRange::forType(C, E->getType()); 2021f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall} 2022f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall 2023323ed74658bc8375278eabf074b4777458376540John McCallIntRange GetExprRange(ASTContext &C, Expr *E) { 2024323ed74658bc8375278eabf074b4777458376540John McCall return GetExprRange(C, E, C.getIntWidth(E->getType())); 2025323ed74658bc8375278eabf074b4777458376540John McCall} 2026323ed74658bc8375278eabf074b4777458376540John McCall 2027f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall/// Checks whether the given value, which currently has the given 2028f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall/// source semantics, has the same value when coerced through the 2029f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall/// target semantics. 2030f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCallbool IsSameFloatAfterCast(const llvm::APFloat &value, 2031f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall const llvm::fltSemantics &Src, 2032f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall const llvm::fltSemantics &Tgt) { 2033f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall llvm::APFloat truncated = value; 2034f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall 2035f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall bool ignored; 2036f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall truncated.convert(Src, llvm::APFloat::rmNearestTiesToEven, &ignored); 2037f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall truncated.convert(Tgt, llvm::APFloat::rmNearestTiesToEven, &ignored); 2038f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall 2039f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return truncated.bitwiseIsEqual(value); 204051313c39c84407dd6a323be99a8c322bf8d052a9John McCall} 204151313c39c84407dd6a323be99a8c322bf8d052a9John McCall 2042f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall/// Checks whether the given value, which currently has the given 2043f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall/// source semantics, has the same value when coerced through the 2044f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall/// target semantics. 2045f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall/// 2046f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall/// The value might be a vector of floats (or a complex number). 2047f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCallbool IsSameFloatAfterCast(const APValue &value, 2048f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall const llvm::fltSemantics &Src, 2049f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall const llvm::fltSemantics &Tgt) { 2050f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (value.isFloat()) 2051f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return IsSameFloatAfterCast(value.getFloat(), Src, Tgt); 2052f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall 2053f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (value.isVector()) { 2054f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall for (unsigned i = 0, e = value.getVectorLength(); i != e; ++i) 2055f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (!IsSameFloatAfterCast(value.getVectorElt(i), Src, Tgt)) 2056f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return false; 2057f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return true; 2058f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall } 2059f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall 2060f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall assert(value.isComplexFloat()); 2061f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall return (IsSameFloatAfterCast(value.getComplexFloatReal(), Src, Tgt) && 2062f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall IsSameFloatAfterCast(value.getComplexFloatImag(), Src, Tgt)); 2063f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall} 2064f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall 2065323ed74658bc8375278eabf074b4777458376540John McCallvoid AnalyzeImplicitConversions(Sema &S, Expr *E); 2066323ed74658bc8375278eabf074b4777458376540John McCall 2067323ed74658bc8375278eabf074b4777458376540John McCallbool IsZero(Sema &S, Expr *E) { 2068323ed74658bc8375278eabf074b4777458376540John McCall llvm::APSInt Value; 2069323ed74658bc8375278eabf074b4777458376540John McCall return E->isIntegerConstantExpr(Value, S.Context) && Value == 0; 2070323ed74658bc8375278eabf074b4777458376540John McCall} 2071323ed74658bc8375278eabf074b4777458376540John McCall 2072323ed74658bc8375278eabf074b4777458376540John McCallvoid CheckTrivialUnsignedComparison(Sema &S, BinaryOperator *E) { 2073323ed74658bc8375278eabf074b4777458376540John McCall BinaryOperator::Opcode op = E->getOpcode(); 2074323ed74658bc8375278eabf074b4777458376540John McCall if (op == BinaryOperator::LT && IsZero(S, E->getRHS())) { 2075323ed74658bc8375278eabf074b4777458376540John McCall S.Diag(E->getOperatorLoc(), diag::warn_lunsigned_always_true_comparison) 2076323ed74658bc8375278eabf074b4777458376540John McCall << "< 0" << "false" 2077323ed74658bc8375278eabf074b4777458376540John McCall << E->getLHS()->getSourceRange() << E->getRHS()->getSourceRange(); 2078323ed74658bc8375278eabf074b4777458376540John McCall } else if (op == BinaryOperator::GE && IsZero(S, E->getRHS())) { 2079323ed74658bc8375278eabf074b4777458376540John McCall S.Diag(E->getOperatorLoc(), diag::warn_lunsigned_always_true_comparison) 2080323ed74658bc8375278eabf074b4777458376540John McCall << ">= 0" << "true" 2081323ed74658bc8375278eabf074b4777458376540John McCall << E->getLHS()->getSourceRange() << E->getRHS()->getSourceRange(); 2082323ed74658bc8375278eabf074b4777458376540John McCall } else if (op == BinaryOperator::GT && IsZero(S, E->getLHS())) { 2083323ed74658bc8375278eabf074b4777458376540John McCall S.Diag(E->getOperatorLoc(), diag::warn_runsigned_always_true_comparison) 2084323ed74658bc8375278eabf074b4777458376540John McCall << "0 >" << "false" 2085323ed74658bc8375278eabf074b4777458376540John McCall << E->getLHS()->getSourceRange() << E->getRHS()->getSourceRange(); 2086323ed74658bc8375278eabf074b4777458376540John McCall } else if (op == BinaryOperator::LE && IsZero(S, E->getLHS())) { 2087323ed74658bc8375278eabf074b4777458376540John McCall S.Diag(E->getOperatorLoc(), diag::warn_runsigned_always_true_comparison) 2088323ed74658bc8375278eabf074b4777458376540John McCall << "0 <=" << "true" 2089323ed74658bc8375278eabf074b4777458376540John McCall << E->getLHS()->getSourceRange() << E->getRHS()->getSourceRange(); 2090323ed74658bc8375278eabf074b4777458376540John McCall } 2091323ed74658bc8375278eabf074b4777458376540John McCall} 2092323ed74658bc8375278eabf074b4777458376540John McCall 2093323ed74658bc8375278eabf074b4777458376540John McCall/// Analyze the operands of the given comparison. Implements the 2094323ed74658bc8375278eabf074b4777458376540John McCall/// fallback case from AnalyzeComparison. 2095323ed74658bc8375278eabf074b4777458376540John McCallvoid AnalyzeImpConvsInComparison(Sema &S, BinaryOperator *E) { 2096323ed74658bc8375278eabf074b4777458376540John McCall AnalyzeImplicitConversions(S, E->getLHS()); 2097323ed74658bc8375278eabf074b4777458376540John McCall AnalyzeImplicitConversions(S, E->getRHS()); 2098323ed74658bc8375278eabf074b4777458376540John McCall} 2099f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall 2100ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall/// \brief Implements -Wsign-compare. 2101ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall/// 2102ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall/// \param lex the left-hand expression 2103ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall/// \param rex the right-hand expression 2104ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall/// \param OpLoc the location of the joining operator 2105d1b47bf17fde73fac67d8664bd65273742c00ecdJohn McCall/// \param BinOpc binary opcode or 0 2106323ed74658bc8375278eabf074b4777458376540John McCallvoid AnalyzeComparison(Sema &S, BinaryOperator *E) { 2107323ed74658bc8375278eabf074b4777458376540John McCall // The type the comparison is being performed in. 2108323ed74658bc8375278eabf074b4777458376540John McCall QualType T = E->getLHS()->getType(); 2109323ed74658bc8375278eabf074b4777458376540John McCall assert(S.Context.hasSameUnqualifiedType(T, E->getRHS()->getType()) 2110323ed74658bc8375278eabf074b4777458376540John McCall && "comparison with mismatched types"); 2111323ed74658bc8375278eabf074b4777458376540John McCall 2112323ed74658bc8375278eabf074b4777458376540John McCall // We don't do anything special if this isn't an unsigned integral 2113323ed74658bc8375278eabf074b4777458376540John McCall // comparison: we're only interested in integral comparisons, and 2114323ed74658bc8375278eabf074b4777458376540John McCall // signed comparisons only happen in cases we don't care to warn about. 2115323ed74658bc8375278eabf074b4777458376540John McCall if (!T->isUnsignedIntegerType()) 2116323ed74658bc8375278eabf074b4777458376540John McCall return AnalyzeImpConvsInComparison(S, E); 2117323ed74658bc8375278eabf074b4777458376540John McCall 2118323ed74658bc8375278eabf074b4777458376540John McCall Expr *lex = E->getLHS()->IgnoreParenImpCasts(); 2119323ed74658bc8375278eabf074b4777458376540John McCall Expr *rex = E->getRHS()->IgnoreParenImpCasts(); 2120323ed74658bc8375278eabf074b4777458376540John McCall 2121323ed74658bc8375278eabf074b4777458376540John McCall // Check to see if one of the (unmodified) operands is of different 2122323ed74658bc8375278eabf074b4777458376540John McCall // signedness. 2123323ed74658bc8375278eabf074b4777458376540John McCall Expr *signedOperand, *unsignedOperand; 2124323ed74658bc8375278eabf074b4777458376540John McCall if (lex->getType()->isSignedIntegerType()) { 2125323ed74658bc8375278eabf074b4777458376540John McCall assert(!rex->getType()->isSignedIntegerType() && 2126323ed74658bc8375278eabf074b4777458376540John McCall "unsigned comparison between two signed integer expressions?"); 2127323ed74658bc8375278eabf074b4777458376540John McCall signedOperand = lex; 2128323ed74658bc8375278eabf074b4777458376540John McCall unsignedOperand = rex; 2129323ed74658bc8375278eabf074b4777458376540John McCall } else if (rex->getType()->isSignedIntegerType()) { 2130323ed74658bc8375278eabf074b4777458376540John McCall signedOperand = rex; 2131323ed74658bc8375278eabf074b4777458376540John McCall unsignedOperand = lex; 2132ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall } else { 2133323ed74658bc8375278eabf074b4777458376540John McCall CheckTrivialUnsignedComparison(S, E); 2134323ed74658bc8375278eabf074b4777458376540John McCall return AnalyzeImpConvsInComparison(S, E); 2135ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall } 2136ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall 2137323ed74658bc8375278eabf074b4777458376540John McCall // Otherwise, calculate the effective range of the signed operand. 2138323ed74658bc8375278eabf074b4777458376540John McCall IntRange signedRange = GetExprRange(S.Context, signedOperand); 2139f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall 2140323ed74658bc8375278eabf074b4777458376540John McCall // Go ahead and analyze implicit conversions in the operands. Note 2141323ed74658bc8375278eabf074b4777458376540John McCall // that we skip the implicit conversions on both sides. 2142323ed74658bc8375278eabf074b4777458376540John McCall AnalyzeImplicitConversions(S, lex); 2143323ed74658bc8375278eabf074b4777458376540John McCall AnalyzeImplicitConversions(S, rex); 2144ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall 2145323ed74658bc8375278eabf074b4777458376540John McCall // If the signed range is non-negative, -Wsign-compare won't fire, 2146323ed74658bc8375278eabf074b4777458376540John McCall // but we should still check for comparisons which are always true 2147323ed74658bc8375278eabf074b4777458376540John McCall // or false. 2148323ed74658bc8375278eabf074b4777458376540John McCall if (signedRange.NonNegative) 2149323ed74658bc8375278eabf074b4777458376540John McCall return CheckTrivialUnsignedComparison(S, E); 2150ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall 2151ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall // For (in)equality comparisons, if the unsigned operand is a 2152ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall // constant which cannot collide with a overflowed signed operand, 2153ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall // then reinterpreting the signed operand as unsigned will not 2154ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall // change the result of the comparison. 2155323ed74658bc8375278eabf074b4777458376540John McCall if (E->isEqualityOp()) { 2156323ed74658bc8375278eabf074b4777458376540John McCall unsigned comparisonWidth = S.Context.getIntWidth(T); 2157323ed74658bc8375278eabf074b4777458376540John McCall IntRange unsignedRange = GetExprRange(S.Context, unsignedOperand); 2158323ed74658bc8375278eabf074b4777458376540John McCall 2159323ed74658bc8375278eabf074b4777458376540John McCall // We should never be unable to prove that the unsigned operand is 2160323ed74658bc8375278eabf074b4777458376540John McCall // non-negative. 2161323ed74658bc8375278eabf074b4777458376540John McCall assert(unsignedRange.NonNegative && "unsigned range includes negative?"); 2162ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall 2163323ed74658bc8375278eabf074b4777458376540John McCall if (unsignedRange.Width < comparisonWidth) 2164323ed74658bc8375278eabf074b4777458376540John McCall return; 2165323ed74658bc8375278eabf074b4777458376540John McCall } 2166323ed74658bc8375278eabf074b4777458376540John McCall 2167323ed74658bc8375278eabf074b4777458376540John McCall S.Diag(E->getOperatorLoc(), diag::warn_mixed_sign_comparison) 2168323ed74658bc8375278eabf074b4777458376540John McCall << lex->getType() << rex->getType() 2169323ed74658bc8375278eabf074b4777458376540John McCall << lex->getSourceRange() << rex->getSourceRange(); 2170ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall} 2171ba26e58c64b4f6233dfc4bcd3ef6ce83aab47ffcJohn McCall 217251313c39c84407dd6a323be99a8c322bf8d052a9John McCall/// Diagnose an implicit cast; purely a helper for CheckImplicitConversion. 2173323ed74658bc8375278eabf074b4777458376540John McCallvoid DiagnoseImpCast(Sema &S, Expr *E, QualType T, unsigned diag) { 217451313c39c84407dd6a323be99a8c322bf8d052a9John McCall S.Diag(E->getExprLoc(), diag) << E->getType() << T << E->getSourceRange(); 217551313c39c84407dd6a323be99a8c322bf8d052a9John McCall} 217651313c39c84407dd6a323be99a8c322bf8d052a9John McCall 2177323ed74658bc8375278eabf074b4777458376540John McCallvoid CheckImplicitConversion(Sema &S, Expr *E, QualType T, 2178323ed74658bc8375278eabf074b4777458376540John McCall bool *ICContext = 0) { 2179323ed74658bc8375278eabf074b4777458376540John McCall if (E->isTypeDependent() || E->isValueDependent()) return; 218051313c39c84407dd6a323be99a8c322bf8d052a9John McCall 2181323ed74658bc8375278eabf074b4777458376540John McCall const Type *Source = S.Context.getCanonicalType(E->getType()).getTypePtr(); 2182323ed74658bc8375278eabf074b4777458376540John McCall const Type *Target = S.Context.getCanonicalType(T).getTypePtr(); 2183323ed74658bc8375278eabf074b4777458376540John McCall if (Source == Target) return; 2184323ed74658bc8375278eabf074b4777458376540John McCall if (Target->isDependentType()) return; 218551313c39c84407dd6a323be99a8c322bf8d052a9John McCall 218651313c39c84407dd6a323be99a8c322bf8d052a9John McCall // Never diagnose implicit casts to bool. 218751313c39c84407dd6a323be99a8c322bf8d052a9John McCall if (Target->isSpecificBuiltinType(BuiltinType::Bool)) 218851313c39c84407dd6a323be99a8c322bf8d052a9John McCall return; 218951313c39c84407dd6a323be99a8c322bf8d052a9John McCall 219051313c39c84407dd6a323be99a8c322bf8d052a9John McCall // Strip vector types. 219151313c39c84407dd6a323be99a8c322bf8d052a9John McCall if (isa<VectorType>(Source)) { 219251313c39c84407dd6a323be99a8c322bf8d052a9John McCall if (!isa<VectorType>(Target)) 2193323ed74658bc8375278eabf074b4777458376540John McCall return DiagnoseImpCast(S, E, T, diag::warn_impcast_vector_scalar); 219451313c39c84407dd6a323be99a8c322bf8d052a9John McCall 219551313c39c84407dd6a323be99a8c322bf8d052a9John McCall Source = cast<VectorType>(Source)->getElementType().getTypePtr(); 219651313c39c84407dd6a323be99a8c322bf8d052a9John McCall Target = cast<VectorType>(Target)->getElementType().getTypePtr(); 219751313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 219851313c39c84407dd6a323be99a8c322bf8d052a9John McCall 219951313c39c84407dd6a323be99a8c322bf8d052a9John McCall // Strip complex types. 220051313c39c84407dd6a323be99a8c322bf8d052a9John McCall if (isa<ComplexType>(Source)) { 220151313c39c84407dd6a323be99a8c322bf8d052a9John McCall if (!isa<ComplexType>(Target)) 2202323ed74658bc8375278eabf074b4777458376540John McCall return DiagnoseImpCast(S, E, T, diag::warn_impcast_complex_scalar); 220351313c39c84407dd6a323be99a8c322bf8d052a9John McCall 220451313c39c84407dd6a323be99a8c322bf8d052a9John McCall Source = cast<ComplexType>(Source)->getElementType().getTypePtr(); 220551313c39c84407dd6a323be99a8c322bf8d052a9John McCall Target = cast<ComplexType>(Target)->getElementType().getTypePtr(); 220651313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 220751313c39c84407dd6a323be99a8c322bf8d052a9John McCall 220851313c39c84407dd6a323be99a8c322bf8d052a9John McCall const BuiltinType *SourceBT = dyn_cast<BuiltinType>(Source); 220951313c39c84407dd6a323be99a8c322bf8d052a9John McCall const BuiltinType *TargetBT = dyn_cast<BuiltinType>(Target); 221051313c39c84407dd6a323be99a8c322bf8d052a9John McCall 221151313c39c84407dd6a323be99a8c322bf8d052a9John McCall // If the source is floating point... 221251313c39c84407dd6a323be99a8c322bf8d052a9John McCall if (SourceBT && SourceBT->isFloatingPoint()) { 221351313c39c84407dd6a323be99a8c322bf8d052a9John McCall // ...and the target is floating point... 221451313c39c84407dd6a323be99a8c322bf8d052a9John McCall if (TargetBT && TargetBT->isFloatingPoint()) { 221551313c39c84407dd6a323be99a8c322bf8d052a9John McCall // ...then warn if we're dropping FP rank. 221651313c39c84407dd6a323be99a8c322bf8d052a9John McCall 221751313c39c84407dd6a323be99a8c322bf8d052a9John McCall // Builtin FP kinds are ordered by increasing FP rank. 221851313c39c84407dd6a323be99a8c322bf8d052a9John McCall if (SourceBT->getKind() > TargetBT->getKind()) { 221951313c39c84407dd6a323be99a8c322bf8d052a9John McCall // Don't warn about float constants that are precisely 222051313c39c84407dd6a323be99a8c322bf8d052a9John McCall // representable in the target type. 222151313c39c84407dd6a323be99a8c322bf8d052a9John McCall Expr::EvalResult result; 2222323ed74658bc8375278eabf074b4777458376540John McCall if (E->Evaluate(result, S.Context)) { 222351313c39c84407dd6a323be99a8c322bf8d052a9John McCall // Value might be a float, a float vector, or a float complex. 222451313c39c84407dd6a323be99a8c322bf8d052a9John McCall if (IsSameFloatAfterCast(result.Val, 2225323ed74658bc8375278eabf074b4777458376540John McCall S.Context.getFloatTypeSemantics(QualType(TargetBT, 0)), 2226323ed74658bc8375278eabf074b4777458376540John McCall S.Context.getFloatTypeSemantics(QualType(SourceBT, 0)))) 222751313c39c84407dd6a323be99a8c322bf8d052a9John McCall return; 222851313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 222951313c39c84407dd6a323be99a8c322bf8d052a9John McCall 2230323ed74658bc8375278eabf074b4777458376540John McCall DiagnoseImpCast(S, E, T, diag::warn_impcast_float_precision); 223151313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 223251313c39c84407dd6a323be99a8c322bf8d052a9John McCall return; 223351313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 223451313c39c84407dd6a323be99a8c322bf8d052a9John McCall 223551313c39c84407dd6a323be99a8c322bf8d052a9John McCall // If the target is integral, always warn. 223651313c39c84407dd6a323be99a8c322bf8d052a9John McCall if ((TargetBT && TargetBT->isInteger())) 223751313c39c84407dd6a323be99a8c322bf8d052a9John McCall // TODO: don't warn for integer values? 2238323ed74658bc8375278eabf074b4777458376540John McCall DiagnoseImpCast(S, E, T, diag::warn_impcast_float_integer); 223951313c39c84407dd6a323be99a8c322bf8d052a9John McCall 224051313c39c84407dd6a323be99a8c322bf8d052a9John McCall return; 224151313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 224251313c39c84407dd6a323be99a8c322bf8d052a9John McCall 2243f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (!Source->isIntegerType() || !Target->isIntegerType()) 224451313c39c84407dd6a323be99a8c322bf8d052a9John McCall return; 224551313c39c84407dd6a323be99a8c322bf8d052a9John McCall 2246323ed74658bc8375278eabf074b4777458376540John McCall IntRange SourceRange = GetExprRange(S.Context, E); 2247323ed74658bc8375278eabf074b4777458376540John McCall IntRange TargetRange = IntRange::forCanonicalType(S.Context, Target); 224851313c39c84407dd6a323be99a8c322bf8d052a9John McCall 2249f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (SourceRange.Width > TargetRange.Width) { 225051313c39c84407dd6a323be99a8c322bf8d052a9John McCall // People want to build with -Wshorten-64-to-32 and not -Wconversion 225151313c39c84407dd6a323be99a8c322bf8d052a9John McCall // and by god we'll let them. 2252f2370c9b4aade940e2253b5b33262ba507d1d71fJohn McCall if (SourceRange.Width == 64 && TargetRange.Width == 32) 2253323ed74658bc8375278eabf074b4777458376540John McCall return DiagnoseImpCast(S, E, T, diag::warn_impcast_integer_64_32); 2254323ed74658bc8375278eabf074b4777458376540John McCall return DiagnoseImpCast(S, E, T, diag::warn_impcast_integer_precision); 2255323ed74658bc8375278eabf074b4777458376540John McCall } 2256323ed74658bc8375278eabf074b4777458376540John McCall 2257323ed74658bc8375278eabf074b4777458376540John McCall if ((TargetRange.NonNegative && !SourceRange.NonNegative) || 2258323ed74658bc8375278eabf074b4777458376540John McCall (!TargetRange.NonNegative && SourceRange.NonNegative && 2259323ed74658bc8375278eabf074b4777458376540John McCall SourceRange.Width == TargetRange.Width)) { 2260323ed74658bc8375278eabf074b4777458376540John McCall unsigned DiagID = diag::warn_impcast_integer_sign; 2261323ed74658bc8375278eabf074b4777458376540John McCall 2262323ed74658bc8375278eabf074b4777458376540John McCall // Traditionally, gcc has warned about this under -Wsign-compare. 2263323ed74658bc8375278eabf074b4777458376540John McCall // We also want to warn about it in -Wconversion. 2264323ed74658bc8375278eabf074b4777458376540John McCall // So if -Wconversion is off, use a completely identical diagnostic 2265323ed74658bc8375278eabf074b4777458376540John McCall // in the sign-compare group. 2266323ed74658bc8375278eabf074b4777458376540John McCall // The conditional-checking code will 2267323ed74658bc8375278eabf074b4777458376540John McCall if (ICContext) { 2268323ed74658bc8375278eabf074b4777458376540John McCall DiagID = diag::warn_impcast_integer_sign_conditional; 2269323ed74658bc8375278eabf074b4777458376540John McCall *ICContext = true; 2270323ed74658bc8375278eabf074b4777458376540John McCall } 2271323ed74658bc8375278eabf074b4777458376540John McCall 2272323ed74658bc8375278eabf074b4777458376540John McCall return DiagnoseImpCast(S, E, T, DiagID); 227351313c39c84407dd6a323be99a8c322bf8d052a9John McCall } 227451313c39c84407dd6a323be99a8c322bf8d052a9John McCall 227551313c39c84407dd6a323be99a8c322bf8d052a9John McCall return; 227651313c39c84407dd6a323be99a8c322bf8d052a9John McCall} 227751313c39c84407dd6a323be99a8c322bf8d052a9John McCall 2278323ed74658bc8375278eabf074b4777458376540John McCallvoid CheckConditionalOperator(Sema &S, ConditionalOperator *E, QualType T); 2279323ed74658bc8375278eabf074b4777458376540John McCall 2280323ed74658bc8375278eabf074b4777458376540John McCallvoid CheckConditionalOperand(Sema &S, Expr *E, QualType T, 2281323ed74658bc8375278eabf074b4777458376540John McCall bool &ICContext) { 2282323ed74658bc8375278eabf074b4777458376540John McCall E = E->IgnoreParenImpCasts(); 2283323ed74658bc8375278eabf074b4777458376540John McCall 2284323ed74658bc8375278eabf074b4777458376540John McCall if (isa<ConditionalOperator>(E)) 2285323ed74658bc8375278eabf074b4777458376540John McCall return CheckConditionalOperator(S, cast<ConditionalOperator>(E), T); 2286323ed74658bc8375278eabf074b4777458376540John McCall 2287323ed74658bc8375278eabf074b4777458376540John McCall AnalyzeImplicitConversions(S, E); 2288323ed74658bc8375278eabf074b4777458376540John McCall if (E->getType() != T) 2289323ed74658bc8375278eabf074b4777458376540John McCall return CheckImplicitConversion(S, E, T, &ICContext); 2290323ed74658bc8375278eabf074b4777458376540John McCall return; 2291323ed74658bc8375278eabf074b4777458376540John McCall} 2292323ed74658bc8375278eabf074b4777458376540John McCall 2293323ed74658bc8375278eabf074b4777458376540John McCallvoid CheckConditionalOperator(Sema &S, ConditionalOperator *E, QualType T) { 2294323ed74658bc8375278eabf074b4777458376540John McCall AnalyzeImplicitConversions(S, E->getCond()); 2295323ed74658bc8375278eabf074b4777458376540John McCall 2296323ed74658bc8375278eabf074b4777458376540John McCall bool Suspicious = false; 2297323ed74658bc8375278eabf074b4777458376540John McCall CheckConditionalOperand(S, E->getTrueExpr(), T, Suspicious); 2298323ed74658bc8375278eabf074b4777458376540John McCall CheckConditionalOperand(S, E->getFalseExpr(), T, Suspicious); 2299323ed74658bc8375278eabf074b4777458376540John McCall 2300323ed74658bc8375278eabf074b4777458376540John McCall // If -Wconversion would have warned about either of the candidates 2301323ed74658bc8375278eabf074b4777458376540John McCall // for a signedness conversion to the context type... 2302323ed74658bc8375278eabf074b4777458376540John McCall if (!Suspicious) return; 2303323ed74658bc8375278eabf074b4777458376540John McCall 2304323ed74658bc8375278eabf074b4777458376540John McCall // ...but it's currently ignored... 2305323ed74658bc8375278eabf074b4777458376540John McCall if (S.Diags.getDiagnosticLevel(diag::warn_impcast_integer_sign_conditional)) 2306323ed74658bc8375278eabf074b4777458376540John McCall return; 2307323ed74658bc8375278eabf074b4777458376540John McCall 2308323ed74658bc8375278eabf074b4777458376540John McCall // ...and -Wsign-compare isn't... 2309323ed74658bc8375278eabf074b4777458376540John McCall if (!S.Diags.getDiagnosticLevel(diag::warn_mixed_sign_conditional)) 2310323ed74658bc8375278eabf074b4777458376540John McCall return; 2311323ed74658bc8375278eabf074b4777458376540John McCall 2312323ed74658bc8375278eabf074b4777458376540John McCall // ...then check whether it would have warned about either of the 2313323ed74658bc8375278eabf074b4777458376540John McCall // candidates for a signedness conversion to the condition type. 2314323ed74658bc8375278eabf074b4777458376540John McCall if (E->getType() != T) { 2315323ed74658bc8375278eabf074b4777458376540John McCall Suspicious = false; 2316323ed74658bc8375278eabf074b4777458376540John McCall CheckImplicitConversion(S, E->getTrueExpr()->IgnoreParenImpCasts(), 2317323ed74658bc8375278eabf074b4777458376540John McCall E->getType(), &Suspicious); 2318323ed74658bc8375278eabf074b4777458376540John McCall if (!Suspicious) 2319323ed74658bc8375278eabf074b4777458376540John McCall CheckImplicitConversion(S, E->getFalseExpr()->IgnoreParenImpCasts(), 2320323ed74658bc8375278eabf074b4777458376540John McCall E->getType(), &Suspicious); 2321323ed74658bc8375278eabf074b4777458376540John McCall if (!Suspicious) 2322323ed74658bc8375278eabf074b4777458376540John McCall return; 2323323ed74658bc8375278eabf074b4777458376540John McCall } 2324323ed74658bc8375278eabf074b4777458376540John McCall 2325323ed74658bc8375278eabf074b4777458376540John McCall // If so, emit a diagnostic under -Wsign-compare. 2326323ed74658bc8375278eabf074b4777458376540John McCall Expr *lex = E->getTrueExpr()->IgnoreParenImpCasts(); 2327323ed74658bc8375278eabf074b4777458376540John McCall Expr *rex = E->getFalseExpr()->IgnoreParenImpCasts(); 2328323ed74658bc8375278eabf074b4777458376540John McCall S.Diag(E->getQuestionLoc(), diag::warn_mixed_sign_conditional) 2329323ed74658bc8375278eabf074b4777458376540John McCall << lex->getType() << rex->getType() 2330323ed74658bc8375278eabf074b4777458376540John McCall << lex->getSourceRange() << rex->getSourceRange(); 2331323ed74658bc8375278eabf074b4777458376540John McCall} 2332323ed74658bc8375278eabf074b4777458376540John McCall 2333323ed74658bc8375278eabf074b4777458376540John McCall/// AnalyzeImplicitConversions - Find and report any interesting 2334323ed74658bc8375278eabf074b4777458376540John McCall/// implicit conversions in the given expression. There are a couple 2335323ed74658bc8375278eabf074b4777458376540John McCall/// of competing diagnostics here, -Wconversion and -Wsign-compare. 2336323ed74658bc8375278eabf074b4777458376540John McCallvoid AnalyzeImplicitConversions(Sema &S, Expr *OrigE) { 2337323ed74658bc8375278eabf074b4777458376540John McCall QualType T = OrigE->getType(); 2338323ed74658bc8375278eabf074b4777458376540John McCall Expr *E = OrigE->IgnoreParenImpCasts(); 2339323ed74658bc8375278eabf074b4777458376540John McCall 2340323ed74658bc8375278eabf074b4777458376540John McCall // For conditional operators, we analyze the arguments as if they 2341323ed74658bc8375278eabf074b4777458376540John McCall // were being fed directly into the output. 2342323ed74658bc8375278eabf074b4777458376540John McCall if (isa<ConditionalOperator>(E)) { 2343323ed74658bc8375278eabf074b4777458376540John McCall ConditionalOperator *CO = cast<ConditionalOperator>(E); 2344323ed74658bc8375278eabf074b4777458376540John McCall CheckConditionalOperator(S, CO, T); 2345323ed74658bc8375278eabf074b4777458376540John McCall return; 2346323ed74658bc8375278eabf074b4777458376540John McCall } 2347323ed74658bc8375278eabf074b4777458376540John McCall 2348323ed74658bc8375278eabf074b4777458376540John McCall // Go ahead and check any implicit conversions we might have skipped. 2349323ed74658bc8375278eabf074b4777458376540John McCall // The non-canonical typecheck is just an optimization; 2350323ed74658bc8375278eabf074b4777458376540John McCall // CheckImplicitConversion will filter out dead implicit conversions. 2351323ed74658bc8375278eabf074b4777458376540John McCall if (E->getType() != T) 2352323ed74658bc8375278eabf074b4777458376540John McCall CheckImplicitConversion(S, E, T); 2353323ed74658bc8375278eabf074b4777458376540John McCall 2354323ed74658bc8375278eabf074b4777458376540John McCall // Now continue drilling into this expression. 2355323ed74658bc8375278eabf074b4777458376540John McCall 2356323ed74658bc8375278eabf074b4777458376540John McCall // Skip past explicit casts. 2357323ed74658bc8375278eabf074b4777458376540John McCall if (isa<ExplicitCastExpr>(E)) { 2358323ed74658bc8375278eabf074b4777458376540John McCall E = cast<ExplicitCastExpr>(E)->getSubExpr()->IgnoreParenImpCasts(); 2359323ed74658bc8375278eabf074b4777458376540John McCall return AnalyzeImplicitConversions(S, E); 2360323ed74658bc8375278eabf074b4777458376540John McCall } 2361323ed74658bc8375278eabf074b4777458376540John McCall 2362323ed74658bc8375278eabf074b4777458376540John McCall // Do a somewhat different check with comparison operators. 2363323ed74658bc8375278eabf074b4777458376540John McCall if (isa<BinaryOperator>(E) && cast<BinaryOperator>(E)->isComparisonOp()) 2364323ed74658bc8375278eabf074b4777458376540John McCall return AnalyzeComparison(S, cast<BinaryOperator>(E)); 2365323ed74658bc8375278eabf074b4777458376540John McCall 2366323ed74658bc8375278eabf074b4777458376540John McCall // These break the otherwise-useful invariant below. Fortunately, 2367323ed74658bc8375278eabf074b4777458376540John McCall // we don't really need to recurse into them, because any internal 2368323ed74658bc8375278eabf074b4777458376540John McCall // expressions should have been analyzed already when they were 2369323ed74658bc8375278eabf074b4777458376540John McCall // built into statements. 2370323ed74658bc8375278eabf074b4777458376540John McCall if (isa<StmtExpr>(E)) return; 2371323ed74658bc8375278eabf074b4777458376540John McCall 2372323ed74658bc8375278eabf074b4777458376540John McCall // Don't descend into unevaluated contexts. 2373323ed74658bc8375278eabf074b4777458376540John McCall if (isa<SizeOfAlignOfExpr>(E)) return; 2374323ed74658bc8375278eabf074b4777458376540John McCall 2375323ed74658bc8375278eabf074b4777458376540John McCall // Now just recurse over the expression's children. 2376323ed74658bc8375278eabf074b4777458376540John McCall for (Stmt::child_iterator I = E->child_begin(), IE = E->child_end(); 2377323ed74658bc8375278eabf074b4777458376540John McCall I != IE; ++I) 2378323ed74658bc8375278eabf074b4777458376540John McCall AnalyzeImplicitConversions(S, cast<Expr>(*I)); 2379323ed74658bc8375278eabf074b4777458376540John McCall} 2380323ed74658bc8375278eabf074b4777458376540John McCall 2381323ed74658bc8375278eabf074b4777458376540John McCall} // end anonymous namespace 2382323ed74658bc8375278eabf074b4777458376540John McCall 2383323ed74658bc8375278eabf074b4777458376540John McCall/// Diagnoses "dangerous" implicit conversions within the given 2384323ed74658bc8375278eabf074b4777458376540John McCall/// expression (which is a full expression). Implements -Wconversion 2385323ed74658bc8375278eabf074b4777458376540John McCall/// and -Wsign-compare. 2386323ed74658bc8375278eabf074b4777458376540John McCallvoid Sema::CheckImplicitConversions(Expr *E) { 2387323ed74658bc8375278eabf074b4777458376540John McCall // Don't diagnose in unevaluated contexts. 2388323ed74658bc8375278eabf074b4777458376540John McCall if (ExprEvalContexts.back().Context == Sema::Unevaluated) 2389323ed74658bc8375278eabf074b4777458376540John McCall return; 2390323ed74658bc8375278eabf074b4777458376540John McCall 2391323ed74658bc8375278eabf074b4777458376540John McCall // Don't diagnose for value- or type-dependent expressions. 2392323ed74658bc8375278eabf074b4777458376540John McCall if (E->isTypeDependent() || E->isValueDependent()) 2393323ed74658bc8375278eabf074b4777458376540John McCall return; 2394323ed74658bc8375278eabf074b4777458376540John McCall 2395323ed74658bc8375278eabf074b4777458376540John McCall AnalyzeImplicitConversions(*this, E); 2396323ed74658bc8375278eabf074b4777458376540John McCall} 2397323ed74658bc8375278eabf074b4777458376540John McCall 2398f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump/// CheckParmsForFunctionDef - Check that the parameters of the given 2399f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump/// function are appropriate for the definition of a function. This 2400f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump/// takes care of any checks that cannot be performed on the 2401f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump/// declaration itself, e.g., that the types of each of the function 2402f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump/// parameters are complete. 2403f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stumpbool Sema::CheckParmsForFunctionDef(FunctionDecl *FD) { 2404f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump bool HasInvalidParm = false; 2405f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump for (unsigned p = 0, NumParams = FD->getNumParams(); p < NumParams; ++p) { 2406f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump ParmVarDecl *Param = FD->getParamDecl(p); 2407f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump 2408f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump // C99 6.7.5.3p4: the parameters in a parameter type list in a 2409f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump // function declarator that is part of a function definition of 2410f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump // that function shall not have incomplete type. 2411f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump // 2412f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump // This is also C++ [dcl.fct]p6. 2413f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump if (!Param->isInvalidDecl() && 2414f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump RequireCompleteType(Param->getLocation(), Param->getType(), 2415f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump diag::err_typecheck_decl_incomplete_type)) { 2416f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump Param->setInvalidDecl(); 2417f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump HasInvalidParm = true; 2418f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump } 2419f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump 2420f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump // C99 6.9.1p5: If the declarator includes a parameter type list, the 2421f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump // declaration of each parameter shall include an identifier. 2422f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump if (Param->getIdentifier() == 0 && 2423f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump !Param->isImplicit() && 2424f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump !getLangOptions().CPlusPlus) 2425f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump Diag(Param->getLocation(), diag::err_parameter_name_omitted); 2426d17e340e2d516139931768697bf080f60920ba9dSam Weinig 2427d17e340e2d516139931768697bf080f60920ba9dSam Weinig // C99 6.7.5.3p12: 2428d17e340e2d516139931768697bf080f60920ba9dSam Weinig // If the function declarator is not part of a definition of that 2429d17e340e2d516139931768697bf080f60920ba9dSam Weinig // function, parameters may have incomplete type and may use the [*] 2430d17e340e2d516139931768697bf080f60920ba9dSam Weinig // notation in their sequences of declarator specifiers to specify 2431d17e340e2d516139931768697bf080f60920ba9dSam Weinig // variable length array types. 2432d17e340e2d516139931768697bf080f60920ba9dSam Weinig QualType PType = Param->getOriginalType(); 2433d17e340e2d516139931768697bf080f60920ba9dSam Weinig if (const ArrayType *AT = Context.getAsArrayType(PType)) { 2434d17e340e2d516139931768697bf080f60920ba9dSam Weinig if (AT->getSizeModifier() == ArrayType::Star) { 2435d17e340e2d516139931768697bf080f60920ba9dSam Weinig // FIXME: This diagnosic should point the the '[*]' if source-location 2436d17e340e2d516139931768697bf080f60920ba9dSam Weinig // information is added for it. 2437d17e340e2d516139931768697bf080f60920ba9dSam Weinig Diag(Param->getLocation(), diag::err_array_star_in_function_definition); 2438d17e340e2d516139931768697bf080f60920ba9dSam Weinig } 2439d17e340e2d516139931768697bf080f60920ba9dSam Weinig } 2440f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump } 2441f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump 2442f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump return HasInvalidParm; 2443f8c4921c73d73123e2b79221ad4f1775ce984cfdMike Stump} 2444