SemaChecking.cpp revision 7814e6d6645d587891293d59ecf6576defcfac92
159907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner//===--- SemaChecking.cpp - Extra Semantic Checking -----------------------===// 259907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner// 359907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner// The LLVM Compiler Infrastructure 459907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner// 50bc735ffcfb223c0186419547abaa5c84482663eChris Lattner// This file is distributed under the University of Illinois Open Source 60bc735ffcfb223c0186419547abaa5c84482663eChris Lattner// License. See LICENSE.TXT for details. 759907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner// 859907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner//===----------------------------------------------------------------------===// 959907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner// 101eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump// This file implements extra semantic analysis beyond what is enforced 1159907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner// by the C type system. 1259907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner// 1359907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner//===----------------------------------------------------------------------===// 1459907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner 1559907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner#include "Sema.h" 1659907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner#include "clang/AST/ASTContext.h" 17c4a1dea2dc56bd1357ec91b829a0b9e68229a13eDaniel Dunbar#include "clang/AST/DeclObjC.h" 182324512285caac0332bbbc6e4cab6245d2a370a1Ted Kremenek#include "clang/AST/ExprCXX.h" 197ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek#include "clang/AST/ExprObjC.h" 20719e61573f27c11057ecfe0dd8f141621602c571Chris Lattner#include "clang/Lex/LiteralSupport.h" 2159907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner#include "clang/Lex/Preprocessor.h" 22a1f3dba77b7418575c1ff539ffa74ebaa068280cZhongxing Xu#include <limits> 2359907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattnerusing namespace clang; 2459907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner 2560800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner/// getLocationOfStringLiteralByte - Return a source location that points to the 2660800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner/// specified byte of the specified string literal. 2760800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner/// 2860800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner/// Strings are amazingly complex. They can be formed from multiple tokens and 2960800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner/// can have escape sequences in them in addition to the usual trigraph and 3060800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner/// escaped newline business. This routine handles this complexity. 3160800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner/// 3260800081361b0ffc114877b8abbc81cb57b4edf6Chris LattnerSourceLocation Sema::getLocationOfStringLiteralByte(const StringLiteral *SL, 3360800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner unsigned ByteNo) const { 3460800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner assert(!SL->isWide() && "This doesn't work for wide strings yet"); 351eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3660800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // Loop over all of the tokens in this string until we find the one that 3760800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // contains the byte we're looking for. 3860800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner unsigned TokNo = 0; 3960800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner while (1) { 4060800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner assert(TokNo < SL->getNumConcatenated() && "Invalid byte number!"); 4160800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner SourceLocation StrTokLoc = SL->getStrTokenLoc(TokNo); 421eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4360800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // Get the spelling of the string so that we can get the data that makes up 4460800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // the string literal, not the identifier for the macro it is potentially 4560800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // expanded through. 4660800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner SourceLocation StrTokSpellingLoc = SourceMgr.getSpellingLoc(StrTokLoc); 4760800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner 4860800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // Re-lex the token to get its length and original spelling. 4960800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner std::pair<FileID, unsigned> LocInfo = 5060800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner SourceMgr.getDecomposedLoc(StrTokSpellingLoc); 5160800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner std::pair<const char *,const char *> Buffer = 5260800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner SourceMgr.getBufferData(LocInfo.first); 5360800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner const char *StrData = Buffer.first+LocInfo.second; 541eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 5560800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // Create a langops struct and enable trigraphs. This is sufficient for 5660800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // relexing tokens. 5760800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner LangOptions LangOpts; 5860800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner LangOpts.Trigraphs = true; 591eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 6060800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // Create a lexer starting at the beginning of this token. 6160800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner Lexer TheLexer(StrTokSpellingLoc, LangOpts, Buffer.first, StrData, 6260800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner Buffer.second); 6360800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner Token TheTok; 6460800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner TheLexer.LexFromRawLexer(TheTok); 651eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 66443e53c7845f01c8ed693ccd137abb0bd76564f6Chris Lattner // Use the StringLiteralParser to compute the length of the string in bytes. 67443e53c7845f01c8ed693ccd137abb0bd76564f6Chris Lattner StringLiteralParser SLP(&TheTok, 1, PP); 68443e53c7845f01c8ed693ccd137abb0bd76564f6Chris Lattner unsigned TokNumBytes = SLP.GetStringLength(); 691eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 702197c963543397777919cec22b65feb31a9ddf79Chris Lattner // If the byte is in this token, return the location of the byte. 7160800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner if (ByteNo < TokNumBytes || 7260800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner (ByteNo == TokNumBytes && TokNo == SL->getNumConcatenated())) { 731eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump unsigned Offset = 74719e61573f27c11057ecfe0dd8f141621602c571Chris Lattner StringLiteralParser::getOffsetOfStringByte(TheTok, ByteNo, PP); 751eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 76719e61573f27c11057ecfe0dd8f141621602c571Chris Lattner // Now that we know the offset of the token in the spelling, use the 77719e61573f27c11057ecfe0dd8f141621602c571Chris Lattner // preprocessor to get the offset in the original source. 78719e61573f27c11057ecfe0dd8f141621602c571Chris Lattner return PP.AdvanceToTokenCharacter(StrTokLoc, Offset); 7960800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner } 801eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 8160800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner // Move to the next string token. 8260800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner ++TokNo; 8360800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner ByteNo -= TokNumBytes; 8460800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner } 8560800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner} 8660800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner 874403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn/// CheckablePrintfAttr - does a function call have a "printf" attribute 884403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn/// and arguments that merit checking? 894403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynnbool Sema::CheckablePrintfAttr(const FormatAttr *Format, CallExpr *TheCall) { 904403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn if (Format->getType() == "printf") return true; 914403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn if (Format->getType() == "printf0") { 924403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn // printf0 allows null "format" string; if so don't check format/args 934403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn unsigned format_idx = Format->getFormatIdx() - 1; 944403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn if (format_idx < TheCall->getNumArgs()) { 954403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn Expr *Format = TheCall->getArg(format_idx)->IgnoreParenCasts(); 964403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn if (!Format->isNullPointerConstant(Context)) 974403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn return true; 984403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn } 994403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn } 1004403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn return false; 1014403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn} 10260800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner 1030eb23307222bda7ad95d968eac4e1ab30864b213Sebastian RedlAction::OwningExprResult 104d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders CarlssonSema::CheckBuiltinFunctionCall(unsigned BuiltinID, CallExpr *TheCall) { 1050eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl OwningExprResult TheCallResult(Owned(TheCall)); 1062def48394f6d48bde0dec2b514193c2b533265b5Douglas Gregor 107d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson switch (BuiltinID) { 10830ce344307f8a8b00054021307015571f83c7364Chris Lattner case Builtin::BI__builtin___CFStringMakeConstantString: 109925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner assert(TheCall->getNumArgs() == 1 && 1101b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner "Wrong # arguments to builtin CFStringMakeConstantString"); 111690398188ea5b428f06aa13c7d4ce6eb741ad4f9Chris Lattner if (CheckObjCString(TheCall->getArg(0))) 1120eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(); 113d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 11449ff7a1c8c67d56e62d3b4627463b705c0d5008cTed Kremenek case Builtin::BI__builtin_stdarg_start: 11530ce344307f8a8b00054021307015571f83c7364Chris Lattner case Builtin::BI__builtin_va_start: 1160eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl if (SemaBuiltinVAStart(TheCall)) 1170eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(); 118d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 1191b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner case Builtin::BI__builtin_isgreater: 1201b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner case Builtin::BI__builtin_isgreaterequal: 1211b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner case Builtin::BI__builtin_isless: 1221b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner case Builtin::BI__builtin_islessequal: 1231b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner case Builtin::BI__builtin_islessgreater: 1241b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner case Builtin::BI__builtin_isunordered: 1250eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl if (SemaBuiltinUnorderedCompare(TheCall)) 1260eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(); 127d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 1289ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman case Builtin::BI__builtin_isfinite: 1299ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman case Builtin::BI__builtin_isinf: 1309ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman case Builtin::BI__builtin_isinf_sign: 1319ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman case Builtin::BI__builtin_isnan: 1329ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman case Builtin::BI__builtin_isnormal: 1339ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman if (SemaBuiltinUnaryFP(TheCall)) 1349ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman return ExprError(); 1359ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman break; 1366cfda23b3768f93a6eb0b2a9135c8334a20125bbEli Friedman case Builtin::BI__builtin_return_address: 1376cfda23b3768f93a6eb0b2a9135c8334a20125bbEli Friedman case Builtin::BI__builtin_frame_address: 1380eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl if (SemaBuiltinStackAddress(TheCall)) 1390eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(); 140d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 141d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman case Builtin::BI__builtin_shufflevector: 1420eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return SemaBuiltinShuffleVector(TheCall); 1430eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl // TheCall will be freed by the smart pointer here, but that's fine, since 1440eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl // SemaBuiltinShuffleVector guts it, but then doesn't release it. 1454493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar case Builtin::BI__builtin_prefetch: 1460eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl if (SemaBuiltinPrefetch(TheCall)) 1470eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(); 148d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 149d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar case Builtin::BI__builtin_object_size: 1500eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl if (SemaBuiltinObjectSize(TheCall)) 1510eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(); 152d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 153d875fed28578835de89cd407e9db4be788596d7cEli Friedman case Builtin::BI__builtin_longjmp: 154d875fed28578835de89cd407e9db4be788596d7cEli Friedman if (SemaBuiltinLongjmp(TheCall)) 155d875fed28578835de89cd407e9db4be788596d7cEli Friedman return ExprError(); 156d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 1575caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_add: 1585caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_sub: 1595caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_or: 1605caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_and: 1615caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_xor: 162eebd9d2165a705ce6a8a6b6a7327864189d02785Chris Lattner case Builtin::BI__sync_fetch_and_nand: 1635caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_add_and_fetch: 1645caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_sub_and_fetch: 1655caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_and_and_fetch: 1665caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_or_and_fetch: 1675caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_xor_and_fetch: 168eebd9d2165a705ce6a8a6b6a7327864189d02785Chris Lattner case Builtin::BI__sync_nand_and_fetch: 1695caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_val_compare_and_swap: 1705caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_bool_compare_and_swap: 1715caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_lock_test_and_set: 1725caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_lock_release: 1735caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner if (SemaBuiltinAtomicOverloaded(TheCall)) 1745caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner return ExprError(); 175d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson break; 17671993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson } 1771eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 178d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson return move(TheCallResult); 179d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson} 180d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson 181d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson/// CheckFunctionCall - Check a direct function call for various correctness 182d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson/// and safety properties not strictly enforced by the C type system. 183d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlssonbool Sema::CheckFunctionCall(FunctionDecl *FDecl, CallExpr *TheCall) { 184d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson // Get the IdentifierInfo* for the called function. 185d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson IdentifierInfo *FnInfo = FDecl->getIdentifier(); 186de45428f923b38d80407dbb9ede0df504256f9f6Daniel Dunbar 187d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson // None of the checks below are needed for functions that don't have 188d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson // simple names (e.g., C++ conversion functions). 189d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson if (!FnInfo) 190d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson return false; 1911eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 192de45428f923b38d80407dbb9ede0df504256f9f6Daniel Dunbar // FIXME: This mechanism should be abstracted to be less fragile and 193de45428f923b38d80407dbb9ede0df504256f9f6Daniel Dunbar // more efficient. For example, just map function ids to custom 194de45428f923b38d80407dbb9ede0df504256f9f6Daniel Dunbar // handlers. 195de45428f923b38d80407dbb9ede0df504256f9f6Daniel Dunbar 19659907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner // Printf checking. 19740b598eea1310ec9ed554d56ce3e25b34c585458Argyrios Kyrtzidis if (const FormatAttr *Format = FDecl->getAttr<FormatAttr>()) { 1984403a5e1f956fa86d515492dbe7c7a2817d8780dRyan Flynn if (CheckablePrintfAttr(Format, TheCall)) { 1993d692df4b9c58895f9843b03543ec57447c93679Ted Kremenek bool HasVAListArg = Format->getFirstArg() == 0; 2003d692df4b9c58895f9843b03543ec57447c93679Ted Kremenek if (!HasVAListArg) { 2011eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump if (const FunctionProtoType *Proto 2023d692df4b9c58895f9843b03543ec57447c93679Ted Kremenek = FDecl->getType()->getAsFunctionProtoType()) 2033c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor HasVAListArg = !Proto->isVariadic(); 2043d692df4b9c58895f9843b03543ec57447c93679Ted Kremenek } 2053c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor CheckPrintfArguments(TheCall, HasVAListArg, Format->getFormatIdx() - 1, 2063d692df4b9c58895f9843b03543ec57447c93679Ted Kremenek HasVAListArg ? 0 : Format->getFirstArg() - 1); 2073c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor } 20859907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner } 2091eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 2101eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump for (const NonNullAttr *NonNull = FDecl->getAttr<NonNullAttr>(); NonNull; 211d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson NonNull = NonNull->getNext<NonNullAttr>()) 212d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson CheckNonNullArguments(NonNull, TheCall); 2130eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl 214d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson return false; 21571993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson} 21671993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson 217d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlssonbool Sema::CheckBlockCall(NamedDecl *NDecl, CallExpr *TheCall) { 218725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian // Printf checking. 21940b598eea1310ec9ed554d56ce3e25b34c585458Argyrios Kyrtzidis const FormatAttr *Format = NDecl->getAttr<FormatAttr>(); 220725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian if (!Format) 221d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson return false; 2221eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 223725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian const VarDecl *V = dyn_cast<VarDecl>(NDecl); 224725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian if (!V) 225d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson return false; 2261eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 227725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian QualType Ty = V->getType(); 228725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian if (!Ty->isBlockPointerType()) 229d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson return false; 2301eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 231d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson if (!CheckablePrintfAttr(Format, TheCall)) 232d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson return false; 2331eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 234d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson bool HasVAListArg = Format->getFirstArg() == 0; 235d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson if (!HasVAListArg) { 2361eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump const FunctionType *FT = 237d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson Ty->getAs<BlockPointerType>()->getPointeeType()->getAsFunctionType(); 238d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson if (const FunctionProtoType *Proto = dyn_cast<FunctionProtoType>(FT)) 239d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson HasVAListArg = !Proto->isVariadic(); 240725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian } 241d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson CheckPrintfArguments(TheCall, HasVAListArg, Format->getFormatIdx() - 1, 242d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson HasVAListArg ? 0 : Format->getFirstArg() - 1); 243d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson 244d406bf0e8c17012110a8476d03c6f9a97b56ecf7Anders Carlsson return false; 245725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian} 246725165f2846bd37d3aaf863747fa30126992085eFariborz Jahanian 2475caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// SemaBuiltinAtomicOverloaded - We have a call to a function like 2485caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// __sync_fetch_and_add, which is an overloaded function based on the pointer 2495caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// type of its first argument. The main ActOnCallExpr routines have already 2505caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// promoted the types of arguments because all of these calls are prototyped as 2515caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// void(...). 2525caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// 2535caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// This function goes through and does final semantic checking for these 2545caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner/// builtins, 2555caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattnerbool Sema::SemaBuiltinAtomicOverloaded(CallExpr *TheCall) { 2565caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner DeclRefExpr *DRE =cast<DeclRefExpr>(TheCall->getCallee()->IgnoreParenCasts()); 2575caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner FunctionDecl *FDecl = cast<FunctionDecl>(DRE->getDecl()); 2585caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner 2595caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Ensure that we have at least one argument to do type inference from. 2605caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner if (TheCall->getNumArgs() < 1) 2615caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner return Diag(TheCall->getLocEnd(), diag::err_typecheck_call_too_few_args) 2625caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner << 0 << TheCall->getCallee()->getSourceRange(); 2631eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 2645caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Inspect the first argument of the atomic builtin. This should always be 2655caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // a pointer type, whose element is an integral scalar or pointer type. 2665caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Because it is a pointer type, we don't have to worry about any implicit 2675caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // casts here. 2685caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner Expr *FirstArg = TheCall->getArg(0); 2695caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner if (!FirstArg->getType()->isPointerType()) 2705caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner return Diag(DRE->getLocStart(), diag::err_atomic_builtin_must_be_pointer) 2715caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner << FirstArg->getType() << FirstArg->getSourceRange(); 2721eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 2736217b80b7a1379b74cced1c076338262c3c980b3Ted Kremenek QualType ValType = FirstArg->getType()->getAs<PointerType>()->getPointeeType(); 2741eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump if (!ValType->isIntegerType() && !ValType->isPointerType() && 2755caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner !ValType->isBlockPointerType()) 2765caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner return Diag(DRE->getLocStart(), 2775caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner diag::err_atomic_builtin_must_be_pointer_intptr) 2785caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner << FirstArg->getType() << FirstArg->getSourceRange(); 2795caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner 2805caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // We need to figure out which concrete builtin this maps onto. For example, 2815caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // __sync_fetch_and_add with a 2 byte object turns into 2825caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // __sync_fetch_and_add_2. 2835caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner#define BUILTIN_ROW(x) \ 2845caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner { Builtin::BI##x##_1, Builtin::BI##x##_2, Builtin::BI##x##_4, \ 2855caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner Builtin::BI##x##_8, Builtin::BI##x##_16 } 2861eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 2875caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner static const unsigned BuiltinIndices[][5] = { 2885caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_fetch_and_add), 2895caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_fetch_and_sub), 2905caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_fetch_and_or), 2915caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_fetch_and_and), 2925caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_fetch_and_xor), 293eebd9d2165a705ce6a8a6b6a7327864189d02785Chris Lattner BUILTIN_ROW(__sync_fetch_and_nand), 2941eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 2955caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_add_and_fetch), 2965caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_sub_and_fetch), 2975caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_and_and_fetch), 2985caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_or_and_fetch), 2995caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_xor_and_fetch), 300eebd9d2165a705ce6a8a6b6a7327864189d02785Chris Lattner BUILTIN_ROW(__sync_nand_and_fetch), 3011eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3025caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_val_compare_and_swap), 3035caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_bool_compare_and_swap), 3045caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_lock_test_and_set), 3055caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner BUILTIN_ROW(__sync_lock_release) 3065caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner }; 3071eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump#undef BUILTIN_ROW 3081eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3095caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Determine the index of the size. 3105caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner unsigned SizeIndex; 3115caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner switch (Context.getTypeSize(ValType)/8) { 3125caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case 1: SizeIndex = 0; break; 3135caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case 2: SizeIndex = 1; break; 3145caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case 4: SizeIndex = 2; break; 3155caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case 8: SizeIndex = 3; break; 3165caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case 16: SizeIndex = 4; break; 3175caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner default: 3185caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner return Diag(DRE->getLocStart(), diag::err_atomic_builtin_pointer_size) 3195caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner << FirstArg->getType() << FirstArg->getSourceRange(); 3205caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner } 3211eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3225caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Each of these builtins has one pointer argument, followed by some number of 3235caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // values (0, 1 or 2) followed by a potentially empty varags list of stuff 3245caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // that we ignore. Find out which row of BuiltinIndices to read from as well 3255caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // as the number of fixed args. 3267814e6d6645d587891293d59ecf6576defcfac92Douglas Gregor unsigned BuiltinID = FDecl->getBuiltinID(); 3275caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner unsigned BuiltinIndex, NumFixed = 1; 3285caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner switch (BuiltinID) { 3295caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner default: assert(0 && "Unknown overloaded atomic builtin!"); 3305caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_add: BuiltinIndex = 0; break; 3315caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_sub: BuiltinIndex = 1; break; 3325caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_or: BuiltinIndex = 2; break; 3335caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_and: BuiltinIndex = 3; break; 3345caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_fetch_and_xor: BuiltinIndex = 4; break; 335eebd9d2165a705ce6a8a6b6a7327864189d02785Chris Lattner case Builtin::BI__sync_fetch_and_nand:BuiltinIndex = 5; break; 3361eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 337eebd9d2165a705ce6a8a6b6a7327864189d02785Chris Lattner case Builtin::BI__sync_add_and_fetch: BuiltinIndex = 6; break; 338eebd9d2165a705ce6a8a6b6a7327864189d02785Chris Lattner case Builtin::BI__sync_sub_and_fetch: BuiltinIndex = 7; break; 339eebd9d2165a705ce6a8a6b6a7327864189d02785Chris Lattner case Builtin::BI__sync_and_and_fetch: BuiltinIndex = 8; break; 340eebd9d2165a705ce6a8a6b6a7327864189d02785Chris Lattner case Builtin::BI__sync_or_and_fetch: BuiltinIndex = 9; break; 341eebd9d2165a705ce6a8a6b6a7327864189d02785Chris Lattner case Builtin::BI__sync_xor_and_fetch: BuiltinIndex =10; break; 342eebd9d2165a705ce6a8a6b6a7327864189d02785Chris Lattner case Builtin::BI__sync_nand_and_fetch:BuiltinIndex =11; break; 3431eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3445caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_val_compare_and_swap: 345eebd9d2165a705ce6a8a6b6a7327864189d02785Chris Lattner BuiltinIndex = 12; 3465caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner NumFixed = 2; 3475caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner break; 3485caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_bool_compare_and_swap: 349eebd9d2165a705ce6a8a6b6a7327864189d02785Chris Lattner BuiltinIndex = 13; 3505caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner NumFixed = 2; 3515caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner break; 352eebd9d2165a705ce6a8a6b6a7327864189d02785Chris Lattner case Builtin::BI__sync_lock_test_and_set: BuiltinIndex = 14; break; 3535caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner case Builtin::BI__sync_lock_release: 354eebd9d2165a705ce6a8a6b6a7327864189d02785Chris Lattner BuiltinIndex = 15; 3555caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner NumFixed = 0; 3565caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner break; 3575caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner } 3581eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3595caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Now that we know how many fixed arguments we expect, first check that we 3605caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // have at least that many. 3615caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner if (TheCall->getNumArgs() < 1+NumFixed) 3625caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner return Diag(TheCall->getLocEnd(), diag::err_typecheck_call_too_few_args) 3635caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner << 0 << TheCall->getCallee()->getSourceRange(); 3641eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3651eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 366e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner // Get the decl for the concrete builtin from this, we can tell what the 367e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner // concrete integer type we should convert to is. 368e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner unsigned NewBuiltinID = BuiltinIndices[BuiltinIndex][SizeIndex]; 369e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner const char *NewBuiltinName = Context.BuiltinInfo.GetName(NewBuiltinID); 370e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner IdentifierInfo *NewBuiltinII = PP.getIdentifierInfo(NewBuiltinName); 3711eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump FunctionDecl *NewBuiltinDecl = 372e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner cast<FunctionDecl>(LazilyCreateBuiltin(NewBuiltinII, NewBuiltinID, 373e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner TUScope, false, DRE->getLocStart())); 374e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner const FunctionProtoType *BuiltinFT = 375e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner NewBuiltinDecl->getType()->getAsFunctionProtoType(); 3766217b80b7a1379b74cced1c076338262c3c980b3Ted Kremenek ValType = BuiltinFT->getArgType(0)->getAs<PointerType>()->getPointeeType(); 3771eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 378e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner // If the first type needs to be converted (e.g. void** -> int*), do it now. 379e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner if (BuiltinFT->getArgType(0) != FirstArg->getType()) { 3803503d041ca8a3535a1c1a30005a6b18ae7aed5dbAnders Carlsson ImpCastExprToType(FirstArg, BuiltinFT->getArgType(0), CastExpr::CK_Unknown, 3813503d041ca8a3535a1c1a30005a6b18ae7aed5dbAnders Carlsson /*isLvalue=*/false); 382e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner TheCall->setArg(0, FirstArg); 383e7ac0a94f1dee3fae9292eb8372962b6d70b3e0dChris Lattner } 3841eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3855caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Next, walk the valid ones promoting to the right type. 3865caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner for (unsigned i = 0; i != NumFixed; ++i) { 3875caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner Expr *Arg = TheCall->getArg(i+1); 3881eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3895caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // If the argument is an implicit cast, then there was a promotion due to 3905caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // "...", just remove it now. 3915caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner if (ImplicitCastExpr *ICE = dyn_cast<ImplicitCastExpr>(Arg)) { 3925caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner Arg = ICE->getSubExpr(); 3935caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner ICE->setSubExpr(0); 3945caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner ICE->Destroy(Context); 3955caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner TheCall->setArg(i+1, Arg); 3965caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner } 3971eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3985caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // GCC does an implicit conversion to the pointer or integer ValType. This 3995caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // can fail in some cases (1i -> int**), check for this error case now. 400cdb61979755c1c0699c1ee25eede9a50bf94d29bAnders Carlsson CastExpr::CastKind Kind = CastExpr::CK_Unknown; 401e9f42087aabfdb6b2afc35c7e38ac65da063b409Fariborz Jahanian CXXMethodDecl *ConversionDecl = 0; 402e9f42087aabfdb6b2afc35c7e38ac65da063b409Fariborz Jahanian if (CheckCastTypes(Arg->getSourceRange(), ValType, Arg, Kind, 403e9f42087aabfdb6b2afc35c7e38ac65da063b409Fariborz Jahanian ConversionDecl)) 4045caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner return true; 4051eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4065caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Okay, we have something that *can* be converted to the right type. Check 4075caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // to see if there is a potentially weird extension going on here. This can 4085caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // happen when you do an atomic operation on something like an char* and 4095caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // pass in 42. The 42 gets converted to char. This is even more strange 4105caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // for things like 45.123 -> char, etc. 4111eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump // FIXME: Do this check. 412cdb61979755c1c0699c1ee25eede9a50bf94d29bAnders Carlsson ImpCastExprToType(Arg, ValType, Kind, /*isLvalue=*/false); 4135caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner TheCall->setArg(i+1, Arg); 4145caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner } 4151eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4165caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Switch the DeclRefExpr to refer to the new decl. 4175caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner DRE->setDecl(NewBuiltinDecl); 4185caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner DRE->setType(NewBuiltinDecl->getType()); 4191eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4205caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Set the callee in the CallExpr. 4215caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // FIXME: This leaks the original parens and implicit casts. 4225caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner Expr *PromotedCall = DRE; 4235caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner UsualUnaryConversions(PromotedCall); 4245caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner TheCall->setCallee(PromotedCall); 4251eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4265caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner 4275caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner // Change the result type of the call to match the result type of the decl. 4285caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner TheCall->setType(NewBuiltinDecl->getResultType()); 4295caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner return false; 4305caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner} 4315caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner 4325caa370ea6f70bd3e7e4a9cc3b69ac1a849c8534Chris Lattner 433690398188ea5b428f06aa13c7d4ce6eb741ad4f9Chris Lattner/// CheckObjCString - Checks that the argument to the builtin 43471993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson/// CFString constructor is correct 435fd942628abfe30e30427875db953222ae99b4325Steve Naroff/// FIXME: GCC currently emits the following warning: 4361eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump/// "warning: input conversion stopped due to an input byte that does not 437fd942628abfe30e30427875db953222ae99b4325Steve Naroff/// belong to the input codeset UTF-8" 438fd942628abfe30e30427875db953222ae99b4325Steve Naroff/// Note: It might also make sense to do the UTF-16 conversion here (would 439fd942628abfe30e30427875db953222ae99b4325Steve Naroff/// simplify the backend). 440690398188ea5b428f06aa13c7d4ce6eb741ad4f9Chris Lattnerbool Sema::CheckObjCString(Expr *Arg) { 44156f349400c5932a196509c0480ff6f99a9a0b48fChris Lattner Arg = Arg->IgnoreParenCasts(); 44271993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson StringLiteral *Literal = dyn_cast<StringLiteral>(Arg); 44371993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson 44471993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson if (!Literal || Literal->isWide()) { 445fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner Diag(Arg->getLocStart(), diag::err_cfstring_literal_not_string_constant) 446fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner << Arg->getSourceRange(); 4479cdc4d3834f203dcde3ff274b8928e4620a914d5Anders Carlsson return true; 44871993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson } 4491eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 45071993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson const char *Data = Literal->getStrData(); 45171993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson unsigned Length = Literal->getByteLength(); 4521eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 45371993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson for (unsigned i = 0; i < Length; ++i) { 45471993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson if (!Data[i]) { 45560800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner Diag(getLocationOfStringLiteralByte(Literal, i), 456fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner diag::warn_cfstring_literal_contains_nul_character) 457fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner << Arg->getSourceRange(); 45871993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson break; 45971993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson } 46071993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson } 4611eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4629cdc4d3834f203dcde3ff274b8928e4620a914d5Anders Carlsson return false; 46359907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner} 46459907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner 465c27c665c88b49dfb212aedc7bab8b9bf67658b9eChris Lattner/// SemaBuiltinVAStart - Check the arguments to __builtin_va_start for validity. 466c27c665c88b49dfb212aedc7bab8b9bf67658b9eChris Lattner/// Emit an error and return true on failure, return false on success. 467925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattnerbool Sema::SemaBuiltinVAStart(CallExpr *TheCall) { 468925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner Expr *Fn = TheCall->getCallee(); 469925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner if (TheCall->getNumArgs() > 2) { 4702c21a073525cdfa68e4439b7af551385dc2796abChris Lattner Diag(TheCall->getArg(2)->getLocStart(), 471fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner diag::err_typecheck_call_too_many_args) 4722c21a073525cdfa68e4439b7af551385dc2796abChris Lattner << 0 /*function call*/ << Fn->getSourceRange() 4731eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump << SourceRange(TheCall->getArg(2)->getLocStart(), 474fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner (*(TheCall->arg_end()-1))->getLocEnd()); 47530ce344307f8a8b00054021307015571f83c7364Chris Lattner return true; 47630ce344307f8a8b00054021307015571f83c7364Chris Lattner } 47756f20ae1010aa71defd7572f660b41288c56cdd1Eli Friedman 47856f20ae1010aa71defd7572f660b41288c56cdd1Eli Friedman if (TheCall->getNumArgs() < 2) { 47956f20ae1010aa71defd7572f660b41288c56cdd1Eli Friedman return Diag(TheCall->getLocEnd(), diag::err_typecheck_call_too_few_args) 48056f20ae1010aa71defd7572f660b41288c56cdd1Eli Friedman << 0 /*function call*/; 48156f20ae1010aa71defd7572f660b41288c56cdd1Eli Friedman } 48256f20ae1010aa71defd7572f660b41288c56cdd1Eli Friedman 483c27c665c88b49dfb212aedc7bab8b9bf67658b9eChris Lattner // Determine whether the current function is variadic or not. 484c27c665c88b49dfb212aedc7bab8b9bf67658b9eChris Lattner bool isVariadic; 485cd9c51433c06705645d1ee5a13da3c9a72d7d025Steve Naroff if (CurBlock) 486cd9c51433c06705645d1ee5a13da3c9a72d7d025Steve Naroff isVariadic = CurBlock->isVariadic; 487cd9c51433c06705645d1ee5a13da3c9a72d7d025Steve Naroff else if (getCurFunctionDecl()) { 48872564e73277e29f6db3305d1f27ba408abb7ed88Douglas Gregor if (FunctionProtoType* FTP = 48972564e73277e29f6db3305d1f27ba408abb7ed88Douglas Gregor dyn_cast<FunctionProtoType>(getCurFunctionDecl()->getType())) 49056f20ae1010aa71defd7572f660b41288c56cdd1Eli Friedman isVariadic = FTP->isVariadic(); 49156f20ae1010aa71defd7572f660b41288c56cdd1Eli Friedman else 49256f20ae1010aa71defd7572f660b41288c56cdd1Eli Friedman isVariadic = false; 49356f20ae1010aa71defd7572f660b41288c56cdd1Eli Friedman } else { 49453d0ea5f5bfa647ec23418bf3a3b7c183b51e4bdArgyrios Kyrtzidis isVariadic = getCurMethodDecl()->isVariadic(); 49556f20ae1010aa71defd7572f660b41288c56cdd1Eli Friedman } 4961eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 497c27c665c88b49dfb212aedc7bab8b9bf67658b9eChris Lattner if (!isVariadic) { 49830ce344307f8a8b00054021307015571f83c7364Chris Lattner Diag(Fn->getLocStart(), diag::err_va_start_used_in_non_variadic_function); 49930ce344307f8a8b00054021307015571f83c7364Chris Lattner return true; 50030ce344307f8a8b00054021307015571f83c7364Chris Lattner } 5011eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 50230ce344307f8a8b00054021307015571f83c7364Chris Lattner // Verify that the second argument to the builtin is the last argument of the 50330ce344307f8a8b00054021307015571f83c7364Chris Lattner // current function or method. 50430ce344307f8a8b00054021307015571f83c7364Chris Lattner bool SecondArgIsLastNamedArgument = false; 505e2c14103dec39cbd24dac9d7b3e91277b109c14fAnders Carlsson const Expr *Arg = TheCall->getArg(1)->IgnoreParenCasts(); 5061eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 50788cf226caee50956ef47edd4d44cf7b80703a26cAnders Carlsson if (const DeclRefExpr *DR = dyn_cast<DeclRefExpr>(Arg)) { 50888cf226caee50956ef47edd4d44cf7b80703a26cAnders Carlsson if (const ParmVarDecl *PV = dyn_cast<ParmVarDecl>(DR->getDecl())) { 50930ce344307f8a8b00054021307015571f83c7364Chris Lattner // FIXME: This isn't correct for methods (results in bogus warning). 51030ce344307f8a8b00054021307015571f83c7364Chris Lattner // Get the last formal in the current function. 51188cf226caee50956ef47edd4d44cf7b80703a26cAnders Carlsson const ParmVarDecl *LastArg; 512cd9c51433c06705645d1ee5a13da3c9a72d7d025Steve Naroff if (CurBlock) 513cd9c51433c06705645d1ee5a13da3c9a72d7d025Steve Naroff LastArg = *(CurBlock->TheDecl->param_end()-1); 514cd9c51433c06705645d1ee5a13da3c9a72d7d025Steve Naroff else if (FunctionDecl *FD = getCurFunctionDecl()) 515371f258e61e1365b951b17931a3c5ac1530fd1a0Chris Lattner LastArg = *(FD->param_end()-1); 51630ce344307f8a8b00054021307015571f83c7364Chris Lattner else 51753d0ea5f5bfa647ec23418bf3a3b7c183b51e4bdArgyrios Kyrtzidis LastArg = *(getCurMethodDecl()->param_end()-1); 51830ce344307f8a8b00054021307015571f83c7364Chris Lattner SecondArgIsLastNamedArgument = PV == LastArg; 51930ce344307f8a8b00054021307015571f83c7364Chris Lattner } 52030ce344307f8a8b00054021307015571f83c7364Chris Lattner } 5211eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 52230ce344307f8a8b00054021307015571f83c7364Chris Lattner if (!SecondArgIsLastNamedArgument) 5231eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump Diag(TheCall->getArg(1)->getLocStart(), 52430ce344307f8a8b00054021307015571f83c7364Chris Lattner diag::warn_second_parameter_of_va_start_not_last_named_argument); 52530ce344307f8a8b00054021307015571f83c7364Chris Lattner return false; 5266cfda23b3768f93a6eb0b2a9135c8334a20125bbEli Friedman} 52730ce344307f8a8b00054021307015571f83c7364Chris Lattner 5281b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner/// SemaBuiltinUnorderedCompare - Handle functions like __builtin_isgreater and 5291b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner/// friends. This is declared to take (...), so we have to check everything. 530925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattnerbool Sema::SemaBuiltinUnorderedCompare(CallExpr *TheCall) { 531925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner if (TheCall->getNumArgs() < 2) 5322c21a073525cdfa68e4439b7af551385dc2796abChris Lattner return Diag(TheCall->getLocEnd(), diag::err_typecheck_call_too_few_args) 5332c21a073525cdfa68e4439b7af551385dc2796abChris Lattner << 0 /*function call*/; 534925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner if (TheCall->getNumArgs() > 2) 5351eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump return Diag(TheCall->getArg(2)->getLocStart(), 536fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner diag::err_typecheck_call_too_many_args) 5372c21a073525cdfa68e4439b7af551385dc2796abChris Lattner << 0 /*function call*/ 538fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner << SourceRange(TheCall->getArg(2)->getLocStart(), 539fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner (*(TheCall->arg_end()-1))->getLocEnd()); 5401eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 541925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner Expr *OrigArg0 = TheCall->getArg(0); 542925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner Expr *OrigArg1 = TheCall->getArg(1); 543cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor 5441b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner // Do standard promotions between the two arguments, returning their common 5451b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner // type. 546925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner QualType Res = UsualArithmeticConversions(OrigArg0, OrigArg1, false); 547403bc2bd9edffe51d73776643fa87696c9417678Daniel Dunbar 548403bc2bd9edffe51d73776643fa87696c9417678Daniel Dunbar // Make sure any conversions are pushed back into the call; this is 549403bc2bd9edffe51d73776643fa87696c9417678Daniel Dunbar // type safe since unordered compare builtins are declared as "_Bool 550403bc2bd9edffe51d73776643fa87696c9417678Daniel Dunbar // foo(...)". 551403bc2bd9edffe51d73776643fa87696c9417678Daniel Dunbar TheCall->setArg(0, OrigArg0); 552403bc2bd9edffe51d73776643fa87696c9417678Daniel Dunbar TheCall->setArg(1, OrigArg1); 5531eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 554cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (OrigArg0->isTypeDependent() || OrigArg1->isTypeDependent()) 555cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor return false; 556cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor 5571b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner // If the common type isn't a real floating type, then the arguments were 5581b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner // invalid for this operation. 5591b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner if (!Res->isRealFloatingType()) 5601eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump return Diag(OrigArg0->getLocStart(), 561fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner diag::err_typecheck_call_invalid_ordered_compare) 562d162584991885ab004a02573a73ce06422b921fcChris Lattner << OrigArg0->getType() << OrigArg1->getType() 563fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner << SourceRange(OrigArg0->getLocStart(), OrigArg1->getLocEnd()); 5641eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 5651b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner return false; 5661b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner} 5671b9a0793955070738cac6f04b5abe9496be9b317Chris Lattner 5689ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman/// SemaBuiltinUnorderedCompare - Handle functions like __builtin_isnan and 5699ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman/// friends. This is declared to take (...), so we have to check everything. 5709ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedmanbool Sema::SemaBuiltinUnaryFP(CallExpr *TheCall) { 5719ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman if (TheCall->getNumArgs() < 1) 5729ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman return Diag(TheCall->getLocEnd(), diag::err_typecheck_call_too_few_args) 5739ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman << 0 /*function call*/; 5749ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman if (TheCall->getNumArgs() > 1) 5751eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump return Diag(TheCall->getArg(1)->getLocStart(), 5769ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman diag::err_typecheck_call_too_many_args) 5779ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman << 0 /*function call*/ 5789ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman << SourceRange(TheCall->getArg(1)->getLocStart(), 5799ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman (*(TheCall->arg_end()-1))->getLocEnd()); 5809ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman 5819ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman Expr *OrigArg = TheCall->getArg(0); 5821eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 5839ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman if (OrigArg->isTypeDependent()) 5849ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman return false; 5859ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman 5869ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman // This operation requires a floating-point number 5879ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman if (!OrigArg->getType()->isRealFloatingType()) 5881eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump return Diag(OrigArg->getLocStart(), 5899ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman diag::err_typecheck_call_invalid_unary_fp) 5909ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman << OrigArg->getType() << OrigArg->getSourceRange(); 5911eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 5929ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman return false; 5939ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman} 5949ac6f62a77be5b281a7ddc24a16669b457ac47c2Eli Friedman 5956cfda23b3768f93a6eb0b2a9135c8334a20125bbEli Friedmanbool Sema::SemaBuiltinStackAddress(CallExpr *TheCall) { 5966cfda23b3768f93a6eb0b2a9135c8334a20125bbEli Friedman // The signature for these builtins is exact; the only thing we need 5976cfda23b3768f93a6eb0b2a9135c8334a20125bbEli Friedman // to check is that the argument is a constant. 5986cfda23b3768f93a6eb0b2a9135c8334a20125bbEli Friedman SourceLocation Loc; 599cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (!TheCall->getArg(0)->isTypeDependent() && 600cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor !TheCall->getArg(0)->isValueDependent() && 601cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor !TheCall->getArg(0)->isIntegerConstantExpr(Context, &Loc)) 602fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner return Diag(Loc, diag::err_stack_const_level) << TheCall->getSourceRange(); 6031eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 6046cfda23b3768f93a6eb0b2a9135c8334a20125bbEli Friedman return false; 6056cfda23b3768f93a6eb0b2a9135c8334a20125bbEli Friedman} 6066cfda23b3768f93a6eb0b2a9135c8334a20125bbEli Friedman 607d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman/// SemaBuiltinShuffleVector - Handle __builtin_shufflevector. 608d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman// This is declared to take (...), so we have to check everything. 6090eb23307222bda7ad95d968eac4e1ab30864b213Sebastian RedlAction::OwningExprResult Sema::SemaBuiltinShuffleVector(CallExpr *TheCall) { 610d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman if (TheCall->getNumArgs() < 3) 6110eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(Diag(TheCall->getLocEnd(), 6120eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl diag::err_typecheck_call_too_few_args) 6130eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl << 0 /*function call*/ << TheCall->getSourceRange()); 614d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman 615cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor unsigned numElements = std::numeric_limits<unsigned>::max(); 616cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (!TheCall->getArg(0)->isTypeDependent() && 617cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor !TheCall->getArg(1)->isTypeDependent()) { 618cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor QualType FAType = TheCall->getArg(0)->getType(); 619cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor QualType SAType = TheCall->getArg(1)->getType(); 6201eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 621cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (!FAType->isVectorType() || !SAType->isVectorType()) { 622cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor Diag(TheCall->getLocStart(), diag::err_shufflevector_non_vector) 6231eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump << SourceRange(TheCall->getArg(0)->getLocStart(), 624cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor TheCall->getArg(1)->getLocEnd()); 625cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor return ExprError(); 626cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor } 6271eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 628cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (Context.getCanonicalType(FAType).getUnqualifiedType() != 629cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor Context.getCanonicalType(SAType).getUnqualifiedType()) { 630cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor Diag(TheCall->getLocStart(), diag::err_shufflevector_incompatible_vector) 6311eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump << SourceRange(TheCall->getArg(0)->getLocStart(), 632cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor TheCall->getArg(1)->getLocEnd()); 633cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor return ExprError(); 634cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor } 635d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman 636cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor numElements = FAType->getAsVectorType()->getNumElements(); 637cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (TheCall->getNumArgs() != numElements+2) { 638cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (TheCall->getNumArgs() < numElements+2) 639cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor return ExprError(Diag(TheCall->getLocEnd(), 640cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor diag::err_typecheck_call_too_few_args) 641cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor << 0 /*function call*/ << TheCall->getSourceRange()); 6420eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(Diag(TheCall->getLocEnd(), 643cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor diag::err_typecheck_call_too_many_args) 644cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor << 0 /*function call*/ << TheCall->getSourceRange()); 645cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor } 646d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman } 647d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman 648d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman for (unsigned i = 2; i < TheCall->getNumArgs(); i++) { 649cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (TheCall->getArg(i)->isTypeDependent() || 650cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor TheCall->getArg(i)->isValueDependent()) 651cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor continue; 652cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor 653d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman llvm::APSInt Result(32); 654d1a0b6d3dfb208f638d3d750b588d9c0daa49289Chris Lattner if (!TheCall->getArg(i)->isIntegerConstantExpr(Result, Context)) 6550eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(Diag(TheCall->getLocStart(), 656fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner diag::err_shufflevector_nonconstant_argument) 6570eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl << TheCall->getArg(i)->getSourceRange()); 6580eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl 659d1a0b6d3dfb208f638d3d750b588d9c0daa49289Chris Lattner if (Result.getActiveBits() > 64 || Result.getZExtValue() >= numElements*2) 6600eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl return ExprError(Diag(TheCall->getLocStart(), 661fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner diag::err_shufflevector_argument_too_large) 6620eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl << TheCall->getArg(i)->getSourceRange()); 663d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman } 664d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman 665d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman llvm::SmallVector<Expr*, 32> exprs; 666d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman 667d1a0b6d3dfb208f638d3d750b588d9c0daa49289Chris Lattner for (unsigned i = 0, e = TheCall->getNumArgs(); i != e; i++) { 668d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman exprs.push_back(TheCall->getArg(i)); 669d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman TheCall->setArg(i, 0); 670d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman } 671d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman 672a88dc3079bedf70a5cfc39791727e43a10383006Nate Begeman return Owned(new (Context) ShuffleVectorExpr(Context, exprs.begin(), 673a88dc3079bedf70a5cfc39791727e43a10383006Nate Begeman exprs.size(), exprs[0]->getType(), 6748189cde56b4f6f938cd65f53c932fe1860d0204cTed Kremenek TheCall->getCallee()->getLocStart(), 6758189cde56b4f6f938cd65f53c932fe1860d0204cTed Kremenek TheCall->getRParenLoc())); 676d38617c8a50f9729c254ab76cd359af797c6739bEli Friedman} 67730ce344307f8a8b00054021307015571f83c7364Chris Lattner 6784493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar/// SemaBuiltinPrefetch - Handle __builtin_prefetch. 6794493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar// This is declared to take (const void*, ...) and can take two 6804493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar// optional constant int args. 6814493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbarbool Sema::SemaBuiltinPrefetch(CallExpr *TheCall) { 682fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner unsigned NumArgs = TheCall->getNumArgs(); 6834493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar 684fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner if (NumArgs > 3) 685fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner return Diag(TheCall->getLocEnd(), diag::err_typecheck_call_too_many_args) 6862c21a073525cdfa68e4439b7af551385dc2796abChris Lattner << 0 /*function call*/ << TheCall->getSourceRange(); 6874493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar 6884493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar // Argument 0 is checked for us and the remaining arguments must be 6894493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar // constant integers. 690fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner for (unsigned i = 1; i != NumArgs; ++i) { 6914493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar Expr *Arg = TheCall->getArg(i); 692cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (Arg->isTypeDependent()) 693cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor continue; 694cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor 6954493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar QualType RWType = Arg->getType(); 6964493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar 6974493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar const BuiltinType *BT = RWType->getAsBuiltinType(); 698d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar llvm::APSInt Result; 699cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (!BT || BT->getKind() != BuiltinType::Int) 700fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner return Diag(TheCall->getLocStart(), diag::err_prefetch_invalid_argument) 701fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner << SourceRange(Arg->getLocStart(), Arg->getLocEnd()); 702cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor 703cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (Arg->isValueDependent()) 704cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor continue; 705cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor 706cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (!Arg->isIntegerConstantExpr(Result, Context)) 707cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor return Diag(TheCall->getLocStart(), diag::err_prefetch_invalid_argument) 708cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor << SourceRange(Arg->getLocStart(), Arg->getLocEnd()); 7091eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 7104493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar // FIXME: gcc issues a warning and rewrites these to 0. These 7114493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar // seems especially odd for the third argument since the default 7124493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar // is 3. 713fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner if (i == 1) { 7144493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar if (Result.getSExtValue() < 0 || Result.getSExtValue() > 1) 715fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner return Diag(TheCall->getLocStart(), diag::err_argument_invalid_range) 716fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner << "0" << "1" << SourceRange(Arg->getLocStart(), Arg->getLocEnd()); 7174493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar } else { 7184493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar if (Result.getSExtValue() < 0 || Result.getSExtValue() > 3) 719fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner return Diag(TheCall->getLocStart(), diag::err_argument_invalid_range) 720fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner << "0" << "3" << SourceRange(Arg->getLocStart(), Arg->getLocEnd()); 7214493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar } 7224493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar } 7234493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar 724fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner return false; 7254493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar} 7264493f79fce48cd9cbd9f55fa9d452cde736747a0Daniel Dunbar 727d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar/// SemaBuiltinObjectSize - Handle __builtin_object_size(void *ptr, 728d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar/// int type). This simply type checks that type is one of the defined 729d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar/// constants (0-3). 730d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbarbool Sema::SemaBuiltinObjectSize(CallExpr *TheCall) { 731d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar Expr *Arg = TheCall->getArg(1); 732cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (Arg->isTypeDependent()) 733cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor return false; 734cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor 7351eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump QualType ArgType = Arg->getType(); 7361eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump const BuiltinType *BT = ArgType->getAsBuiltinType(); 737d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar llvm::APSInt Result(32); 738cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (!BT || BT->getKind() != BuiltinType::Int) 739cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor return Diag(TheCall->getLocStart(), diag::err_object_size_invalid_argument) 740cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor << SourceRange(Arg->getLocStart(), Arg->getLocEnd()); 741cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor 742cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (Arg->isValueDependent()) 743cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor return false; 744cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor 745cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (!Arg->isIntegerConstantExpr(Result, Context)) { 746fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner return Diag(TheCall->getLocStart(), diag::err_object_size_invalid_argument) 747fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner << SourceRange(Arg->getLocStart(), Arg->getLocEnd()); 748d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar } 749d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar 750d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar if (Result.getSExtValue() < 0 || Result.getSExtValue() > 3) { 751fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner return Diag(TheCall->getLocStart(), diag::err_argument_invalid_range) 752fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner << "0" << "3" << SourceRange(Arg->getLocStart(), Arg->getLocEnd()); 753d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar } 754d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar 755d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar return false; 756d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar} 757d5f8a4fd4d6dfb0415b93bb7ab721bba5cab1332Daniel Dunbar 758586d6a81428da2d1ce70bcb98df29d749361cbf3Eli Friedman/// SemaBuiltinLongjmp - Handle __builtin_longjmp(void *env[5], int val). 759d875fed28578835de89cd407e9db4be788596d7cEli Friedman/// This checks that val is a constant 1. 760d875fed28578835de89cd407e9db4be788596d7cEli Friedmanbool Sema::SemaBuiltinLongjmp(CallExpr *TheCall) { 761d875fed28578835de89cd407e9db4be788596d7cEli Friedman Expr *Arg = TheCall->getArg(1); 762cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (Arg->isTypeDependent() || Arg->isValueDependent()) 763cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor return false; 764cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor 765d875fed28578835de89cd407e9db4be788596d7cEli Friedman llvm::APSInt Result(32); 766d875fed28578835de89cd407e9db4be788596d7cEli Friedman if (!Arg->isIntegerConstantExpr(Result, Context) || Result != 1) 767d875fed28578835de89cd407e9db4be788596d7cEli Friedman return Diag(TheCall->getLocStart(), diag::err_builtin_longjmp_invalid_val) 768d875fed28578835de89cd407e9db4be788596d7cEli Friedman << SourceRange(Arg->getLocStart(), Arg->getLocEnd()); 769d875fed28578835de89cd407e9db4be788596d7cEli Friedman 770d875fed28578835de89cd407e9db4be788596d7cEli Friedman return false; 771d875fed28578835de89cd407e9db4be788596d7cEli Friedman} 772d875fed28578835de89cd407e9db4be788596d7cEli Friedman 773d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek// Handle i > 1 ? "x" : "y", recursivelly 774082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenekbool Sema::SemaCheckStringLiteral(const Expr *E, const CallExpr *TheCall, 775082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek bool HasVAListArg, 7763c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor unsigned format_idx, unsigned firstDataArg) { 777cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor if (E->isTypeDependent() || E->isValueDependent()) 778cde01739dffe574c53a6ba1def1a57a2cc7b4a8bDouglas Gregor return false; 779d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek 780d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek switch (E->getStmtClass()) { 781d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek case Stmt::ConditionalOperatorClass: { 782082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const ConditionalOperator *C = cast<ConditionalOperator>(E); 783d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek return SemaCheckStringLiteral(C->getLHS(), TheCall, 7843c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor HasVAListArg, format_idx, firstDataArg) 785d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek && SemaCheckStringLiteral(C->getRHS(), TheCall, 7863c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor HasVAListArg, format_idx, firstDataArg); 787d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek } 788d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek 789d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek case Stmt::ImplicitCastExprClass: { 790082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const ImplicitCastExpr *Expr = cast<ImplicitCastExpr>(E); 791d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek return SemaCheckStringLiteral(Expr->getSubExpr(), TheCall, HasVAListArg, 7923c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor format_idx, firstDataArg); 793d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek } 794d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek 795d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek case Stmt::ParenExprClass: { 796082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const ParenExpr *Expr = cast<ParenExpr>(E); 797d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek return SemaCheckStringLiteral(Expr->getSubExpr(), TheCall, HasVAListArg, 7983c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor format_idx, firstDataArg); 799d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek } 8001eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 801082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek case Stmt::DeclRefExprClass: { 802082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const DeclRefExpr *DR = cast<DeclRefExpr>(E); 8031eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 804082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek // As an exception, do not flag errors for variables binding to 805082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek // const string literals. 806082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek if (const VarDecl *VD = dyn_cast<VarDecl>(DR->getDecl())) { 807082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek bool isConstant = false; 808082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek QualType T = DR->getType(); 809082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek 810082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek if (const ArrayType *AT = Context.getAsArrayType(T)) { 811082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek isConstant = AT->getElementType().isConstant(Context); 812ac5fc7c6bcb494b60fee7ce615ac931c5db6135eMike Stump } else if (const PointerType *PT = T->getAs<PointerType>()) { 8131eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump isConstant = T.isConstant(Context) && 814082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek PT->getPointeeType().isConstant(Context); 815082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek } 8161eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 817082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek if (isConstant) { 818082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const VarDecl *Def = 0; 819082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek if (const Expr *Init = VD->getDefinition(Def)) 820082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek return SemaCheckStringLiteral(Init, TheCall, 821082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek HasVAListArg, format_idx, firstDataArg); 822082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek } 8231eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 824d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // For vprintf* functions (i.e., HasVAListArg==true), we add a 825d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // special check to see if the format string is a function parameter 826d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // of the function calling the printf function. If the function 827d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // has an attribute indicating it is a printf-like function, then we 828d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // should suppress warnings concerning non-literals being used in a call 829d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // to a vprintf function. For example: 830d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // 831d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // void 832d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // logmessage(char const *fmt __attribute__ (format (printf, 1, 2)), ...){ 833d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // va_list ap; 834d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // va_start(ap, fmt); 835d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // vprintf(fmt, ap); // Do NOT emit a warning about "fmt". 836d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // ... 837d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // 838d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // 839d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // FIXME: We don't have full attribute support yet, so just check to see 840d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // if the argument is a DeclRefExpr that references a parameter. We'll 841d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson // add proper support for checking the attribute later. 842d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson if (HasVAListArg) 843d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson if (isa<ParmVarDecl>(VD)) 844d966a55bccae13f34d18958877c5e71dd643a125Anders Carlsson return true; 845082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek } 8461eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 847082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek return false; 848082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek } 849d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek 8508f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson case Stmt::CallExprClass: { 8518f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson const CallExpr *CE = cast<CallExpr>(E); 8521eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump if (const ImplicitCastExpr *ICE 8538f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson = dyn_cast<ImplicitCastExpr>(CE->getCallee())) { 8548f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson if (const DeclRefExpr *DRE = dyn_cast<DeclRefExpr>(ICE->getSubExpr())) { 8558f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson if (const FunctionDecl *FD = dyn_cast<FunctionDecl>(DRE->getDecl())) { 85640b598eea1310ec9ed554d56ce3e25b34c585458Argyrios Kyrtzidis if (const FormatArgAttr *FA = FD->getAttr<FormatArgAttr>()) { 8578f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson unsigned ArgIndex = FA->getFormatIdx(); 8588f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson const Expr *Arg = CE->getArg(ArgIndex - 1); 8591eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 8601eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump return SemaCheckStringLiteral(Arg, TheCall, HasVAListArg, 8618f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson format_idx, firstDataArg); 8628f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson } 8638f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson } 8648f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson } 8658f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson } 8661eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 8678f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson return false; 8688f031b3b14e726b093fb8693c2be4ab6d779e331Anders Carlsson } 869082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek case Stmt::ObjCStringLiteralClass: 870082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek case Stmt::StringLiteralClass: { 871082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const StringLiteral *StrE = NULL; 8721eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 873082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek if (const ObjCStringLiteral *ObjCFExpr = dyn_cast<ObjCStringLiteral>(E)) 874d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek StrE = ObjCFExpr->getString(); 875d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek else 876082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek StrE = cast<StringLiteral>(E); 8771eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 878d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek if (StrE) { 8791eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump CheckPrintfString(StrE, E, TheCall, HasVAListArg, format_idx, 8803c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor firstDataArg); 881d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek return true; 882d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek } 8831eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 884d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek return false; 885d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek } 8861eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 887082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek default: 888082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek return false; 889d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek } 890d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek} 891d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek 892e898f8a94947c6074d76ff83943b47d5bbdf210dFariborz Jahanianvoid 8931eb4433ac451dc16f4133a88af2d002ac26c58efMike StumpSema::CheckNonNullArguments(const NonNullAttr *NonNull, 8941eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump const CallExpr *TheCall) { 895e898f8a94947c6074d76ff83943b47d5bbdf210dFariborz Jahanian for (NonNullAttr::iterator i = NonNull->begin(), e = NonNull->end(); 896e898f8a94947c6074d76ff83943b47d5bbdf210dFariborz Jahanian i != e; ++i) { 89712b97ff9ce1412e388444f03049bfa6ad1bb5eb9Chris Lattner const Expr *ArgExpr = TheCall->getArg(*i); 898e898f8a94947c6074d76ff83943b47d5bbdf210dFariborz Jahanian if (ArgExpr->isNullPointerConstant(Context)) 89912b97ff9ce1412e388444f03049bfa6ad1bb5eb9Chris Lattner Diag(TheCall->getCallee()->getLocStart(), diag::warn_null_arg) 90012b97ff9ce1412e388444f03049bfa6ad1bb5eb9Chris Lattner << ArgExpr->getSourceRange(); 901e898f8a94947c6074d76ff83943b47d5bbdf210dFariborz Jahanian } 902e898f8a94947c6074d76ff83943b47d5bbdf210dFariborz Jahanian} 903d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek 90459907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner/// CheckPrintfArguments - Check calls to printf (and similar functions) for 9051eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump/// correct use of format strings. 90671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 90771895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// HasVAListArg - A predicate indicating whether the printf-like 90871895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// function is passed an explicit va_arg argument (e.g., vprintf) 90971895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 91071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// format_idx - The index into Args for the format string. 91171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 91271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// Improper format strings to functions in the printf family can be 91371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// the source of bizarre bugs and very serious security holes. A 91471895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// good source of information is available in the following paper 91571895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (which includes additional references): 91659907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner/// 91759907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner/// FormatGuard: Automatic Protection From printf Format String 91859907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner/// Vulnerabilities, Proceedings of the 10th USENIX Security Symposium, 2001. 91971895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 92071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// Functionality implemented: 92171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 92271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// We can statically check the following properties for string 92371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// literal format strings for non v.*printf functions (where the 92471895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// arguments are passed directly): 92571895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek// 92671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (1) Are the number of format conversions equal to the number of 92771895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// data arguments? 92871895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 92971895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (2) Does each format conversion correctly match the type of the 93071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// corresponding data argument? (TODO) 93171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 93271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// Moreover, for all printf functions we can: 93371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 93471895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (3) Check for a missing format string (when not caught by type checking). 93571895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 93671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (4) Check for no-operation flags; e.g. using "#" with format 93771895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// conversion 'c' (TODO) 93871895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 93971895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (5) Check the use of '%n', a major source of security holes. 94071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 94171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (6) Check for malformed format conversions that don't specify anything. 94271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 94371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (7) Check for empty format strings. e.g: printf(""); 94471895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 94571895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// (8) Check that the format string is a wide literal. 94671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 9476d43959ad845a43f27e00d2720f6bc3d3219d632Ted Kremenek/// (9) Also check the arguments of functions with the __format__ attribute. 9486d43959ad845a43f27e00d2720f6bc3d3219d632Ted Kremenek/// (TODO). 9496d43959ad845a43f27e00d2720f6bc3d3219d632Ted Kremenek/// 95071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// All of these checks can be done by parsing the format string. 95171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// 95271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek/// For now, we ONLY do (1), (3), (5), (6), (7), and (8). 95359907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattnervoid 9541eb4433ac451dc16f4133a88af2d002ac26c58efMike StumpSema::CheckPrintfArguments(const CallExpr *TheCall, bool HasVAListArg, 9553c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor unsigned format_idx, unsigned firstDataArg) { 956082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const Expr *Fn = TheCall->getCallee(); 957925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner 9581eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump // CHECK: printf-like function is called with no format string. 959925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner if (format_idx >= TheCall->getNumArgs()) { 960dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner Diag(TheCall->getRParenLoc(), diag::warn_printf_missing_format_string) 961dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner << Fn->getSourceRange(); 96271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek return; 96371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek } 9641eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 965082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const Expr *OrigFormatExpr = TheCall->getArg(format_idx)->IgnoreParenCasts(); 9661eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 96759907c4d8f6fc8aacfdaa0273bd7a9c140fbb45fChris Lattner // CHECK: format string is not a string literal. 9681eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump // 96971895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // Dynamically generated format strings are difficult to 97071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // automatically vet at compile time. Requiring that format strings 97171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // are string literals: (1) permits the checking of format strings by 97271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // the compiler and thereby (2) can practically remove the source of 97371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // many format string exploits. 9747ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek 9751eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump // Format string can be either ObjC string (e.g. @"%d") or 9767ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek // C string (e.g. "%d") 9771eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump // ObjC string uses the same format specifiers as C string, so we can use 9787ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek // the same format string checking logic for both ObjC and C strings. 9791cd3e1f72c3a1c256fb6a5c3d4512bca1f1b751dChris Lattner if (SemaCheckStringLiteral(OrigFormatExpr, TheCall, HasVAListArg, format_idx, 9801cd3e1f72c3a1c256fb6a5c3d4512bca1f1b751dChris Lattner firstDataArg)) 9811cd3e1f72c3a1c256fb6a5c3d4512bca1f1b751dChris Lattner return; // Literal format string found, check done! 9821cd3e1f72c3a1c256fb6a5c3d4512bca1f1b751dChris Lattner 983655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner // If there are no arguments specified, warn with -Wformat-security, otherwise 984655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner // warn only with -Wformat-nonliteral. 985655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner if (TheCall->getNumArgs() == format_idx+1) 9861eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump Diag(TheCall->getArg(format_idx)->getLocStart(), 987655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner diag::warn_printf_nonliteral_noargs) 988655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner << OrigFormatExpr->getSourceRange(); 989655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner else 9901eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump Diag(TheCall->getArg(format_idx)->getLocStart(), 991655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner diag::warn_printf_nonliteral) 992655f141f4d4c92eeebcc880211313e84c0a8b2f2Chris Lattner << OrigFormatExpr->getSourceRange(); 993d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek} 994d30ef87f34015d18bde20b9632032d0063d761aaTed Kremenek 995082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenekvoid Sema::CheckPrintfString(const StringLiteral *FExpr, 996082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const Expr *OrigFormatExpr, 997082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const CallExpr *TheCall, bool HasVAListArg, 998082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek unsigned format_idx, unsigned firstDataArg) { 999082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek 1000082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek const ObjCStringLiteral *ObjCFExpr = 1001082d936a5b8323ac2c04558d8bca277a647831a3Ted Kremenek dyn_cast<ObjCStringLiteral>(OrigFormatExpr); 100271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek 100371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // CHECK: is the format string a wide literal? 100471895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek if (FExpr->isWide()) { 1005925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner Diag(FExpr->getLocStart(), 1006dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner diag::warn_printf_format_string_is_wide_literal) 1007dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner << OrigFormatExpr->getSourceRange(); 100871895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek return; 100971895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek } 101071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek 101171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // Str - The format string. NOTE: this is NOT null-terminated! 1012b9fc856696defc78750fdb4977c4dce34307a7f1Chris Lattner const char *Str = FExpr->getStrData(); 101371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek 101471895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // CHECK: empty format string? 1015b9fc856696defc78750fdb4977c4dce34307a7f1Chris Lattner unsigned StrLen = FExpr->getByteLength(); 10161eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 101771895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek if (StrLen == 0) { 1018dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner Diag(FExpr->getLocStart(), diag::warn_printf_empty_format_string) 1019dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner << OrigFormatExpr->getSourceRange(); 102071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek return; 102171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek } 102271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek 102371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // We process the format string using a binary state machine. The 102471895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // current state is stored in CurrentState. 102571895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek enum { 102671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek state_OrdChr, 102771895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek state_Conversion 102871895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek } CurrentState = state_OrdChr; 10291eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 103071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // numConversions - The number of conversions seen so far. This is 103171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // incremented as we traverse the format string. 103271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek unsigned numConversions = 0; 103371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek 103471895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // numDataArgs - The number of data arguments after the format 103571895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // string. This can only be determined for non vprintf-like 103671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // functions. For those functions, this value is 1 (the sole 103771895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // va_arg argument). 10383c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor unsigned numDataArgs = TheCall->getNumArgs()-firstDataArg; 103971895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek 104071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // Inspect the format string. 104171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek unsigned StrIdx = 0; 10421eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 104371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // LastConversionIdx - Index within the format string where we last saw 104471895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // a '%' character that starts a new format conversion. 104571895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek unsigned LastConversionIdx = 0; 10461eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1047925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner for (; StrIdx < StrLen; ++StrIdx) { 10481eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 104971895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // Is the number of detected conversion conversions greater than 105071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // the number of matching data arguments? If so, stop. 105171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek if (!HasVAListArg && numConversions > numDataArgs) break; 10521eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 105371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // Handle "\0" 1054925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner if (Str[StrIdx] == '\0') { 105571895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // The string returned by getStrData() is not null-terminated, 105671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // so the presence of a null character is likely an error. 105760800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner Diag(getLocationOfStringLiteralByte(FExpr, StrIdx), 1058dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner diag::warn_printf_format_string_contains_null_char) 1059dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner << OrigFormatExpr->getSourceRange(); 106071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek return; 106171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek } 10621eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 106371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // Ordinary characters (not processing a format conversion). 106471895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek if (CurrentState == state_OrdChr) { 106571895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek if (Str[StrIdx] == '%') { 106671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek CurrentState = state_Conversion; 106771895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek LastConversionIdx = StrIdx; 106871895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek } 106971895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek continue; 107071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek } 107171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek 107271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // Seen '%'. Now processing a format conversion. 107371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek switch (Str[StrIdx]) { 10741eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump // Handle dynamic precision or width specifier. 1075fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case '*': { 1076fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner ++numConversions; 10771eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 107842ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek if (!HasVAListArg) { 107942ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek if (numConversions > numDataArgs) { 108042ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek SourceLocation Loc = getLocationOfStringLiteralByte(FExpr, StrIdx); 108142ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek 108242ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek if (Str[StrIdx-1] == '.') 108342ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek Diag(Loc, diag::warn_printf_asterisk_precision_missing_arg) 108442ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek << OrigFormatExpr->getSourceRange(); 108542ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek else 108642ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek Diag(Loc, diag::warn_printf_asterisk_width_missing_arg) 108742ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek << OrigFormatExpr->getSourceRange(); 10881eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 108942ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek // Don't do any more checking. We'll just emit spurious errors. 109042ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek return; 109142ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek } 10921eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 109342ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek // Perform type checking on width/precision specifier. 109442ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek const Expr *E = TheCall->getArg(format_idx+numConversions); 109542ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek if (const BuiltinType *BT = E->getType()->getAsBuiltinType()) 109642ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek if (BT->getKind() == BuiltinType::Int) 109742ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek break; 10981eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 109960800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner SourceLocation Loc = getLocationOfStringLiteralByte(FExpr, StrIdx); 11001eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1101580b664e9c2acd3bffddfea79b1ce2863cfd9dd0Ted Kremenek if (Str[StrIdx-1] == '.') 110242ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek Diag(Loc, diag::warn_printf_asterisk_precision_wrong_type) 110342ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek << E->getType() << E->getSourceRange(); 1104580b664e9c2acd3bffddfea79b1ce2863cfd9dd0Ted Kremenek else 110542ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek Diag(Loc, diag::warn_printf_asterisk_width_wrong_type) 110642ae3e81a811362c0bf78deb71b72455aadff772Ted Kremenek << E->getType() << E->getSourceRange(); 11071eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 11081eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump break; 1109580b664e9c2acd3bffddfea79b1ce2863cfd9dd0Ted Kremenek } 1110fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner } 11111eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1112fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // Characters which can terminate a format conversion 1113fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // (e.g. "%d"). Characters that specify length modifiers or 1114fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // other flags are handled by the default case below. 1115fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // 11161eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump // FIXME: additional checks will go into the following cases. 1117fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'i': 1118fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'd': 11191eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump case 'o': 11201eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump case 'u': 1121fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'x': 1122fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'X': 1123fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'D': 1124fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'O': 1125fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'U': 1126fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'e': 1127fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'E': 1128fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'f': 1129fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'F': 1130fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'g': 1131fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'G': 1132fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'a': 1133fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'A': 1134fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'c': 1135fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'C': 1136fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'S': 1137fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 's': 11381eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump case 'p': 1139fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner ++numConversions; 1140fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner CurrentState = state_OrdChr; 1141fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner break; 114271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek 1143b92abb460be254fe577ccb95355ff7debf6a7719Eli Friedman case 'm': 1144b92abb460be254fe577ccb95355ff7debf6a7719Eli Friedman // FIXME: Warn in situations where this isn't supported! 1145b92abb460be254fe577ccb95355ff7debf6a7719Eli Friedman CurrentState = state_OrdChr; 1146b92abb460be254fe577ccb95355ff7debf6a7719Eli Friedman break; 1147b92abb460be254fe577ccb95355ff7debf6a7719Eli Friedman 1148fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // CHECK: Are we using "%n"? Issue a warning. 1149fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case 'n': { 1150fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner ++numConversions; 1151fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner CurrentState = state_OrdChr; 115260800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner SourceLocation Loc = getLocationOfStringLiteralByte(FExpr, 115360800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner LastConversionIdx); 11541eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1155dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner Diag(Loc, diag::warn_printf_write_back)<<OrigFormatExpr->getSourceRange(); 1156fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner break; 1157fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner } 11581eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 11597ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek // Handle "%@" 11607ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek case '@': 11617ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek // %@ is allowed in ObjC format strings only. 11621eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump if (ObjCFExpr != NULL) 11631eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump CurrentState = state_OrdChr; 11647ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek else { 11657ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek // Issue a warning: invalid format conversion. 11661eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump SourceLocation Loc = 116760800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner getLocationOfStringLiteralByte(FExpr, LastConversionIdx); 11681eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1169d3a94e24ddf3fb90de76b17bd176d9ed61e66f2cChris Lattner Diag(Loc, diag::warn_printf_invalid_conversion) 1170d3a94e24ddf3fb90de76b17bd176d9ed61e66f2cChris Lattner << std::string(Str+LastConversionIdx, 1171d3a94e24ddf3fb90de76b17bd176d9ed61e66f2cChris Lattner Str+std::min(LastConversionIdx+2, StrLen)) 1172d3a94e24ddf3fb90de76b17bd176d9ed61e66f2cChris Lattner << OrigFormatExpr->getSourceRange(); 11737ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek } 11747ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek ++numConversions; 11757ff22b259d4d4729f701679e3a7f0e242365e07fTed Kremenek break; 11761eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1177fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // Handle "%%" 1178fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case '%': 1179fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // Sanity check: Was the first "%" character the previous one? 1180fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // If not, we will assume that we have a malformed format 1181fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // conversion, and that the current "%" character is the start 1182fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // of a new conversion. 1183fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner if (StrIdx - LastConversionIdx == 1) 11841eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump CurrentState = state_OrdChr; 1185fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner else { 1186fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // Issue a warning: invalid format conversion. 118760800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner SourceLocation Loc = 118860800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner getLocationOfStringLiteralByte(FExpr, LastConversionIdx); 11891eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1190d3a94e24ddf3fb90de76b17bd176d9ed61e66f2cChris Lattner Diag(Loc, diag::warn_printf_invalid_conversion) 1191d3a94e24ddf3fb90de76b17bd176d9ed61e66f2cChris Lattner << std::string(Str+LastConversionIdx, Str+StrIdx) 1192d3a94e24ddf3fb90de76b17bd176d9ed61e66f2cChris Lattner << OrigFormatExpr->getSourceRange(); 11931eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1194fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // This conversion is broken. Advance to the next format 1195fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // conversion. 1196fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner LastConversionIdx = StrIdx; 1197fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner ++numConversions; 119871895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek } 1199fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner break; 12001eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1201fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner default: 1202fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // This case catches all other characters: flags, widths, etc. 1203fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // We should eventually process those as well. 1204fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner break; 120571895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek } 120671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek } 120771895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek 120871895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek if (CurrentState == state_Conversion) { 120971895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // Issue a warning: invalid format conversion. 121060800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner SourceLocation Loc = 121160800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner getLocationOfStringLiteralByte(FExpr, LastConversionIdx); 12121eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1213d3a94e24ddf3fb90de76b17bd176d9ed61e66f2cChris Lattner Diag(Loc, diag::warn_printf_invalid_conversion) 1214d3a94e24ddf3fb90de76b17bd176d9ed61e66f2cChris Lattner << std::string(Str+LastConversionIdx, 1215d3a94e24ddf3fb90de76b17bd176d9ed61e66f2cChris Lattner Str+std::min(LastConversionIdx+2, StrLen)) 1216d3a94e24ddf3fb90de76b17bd176d9ed61e66f2cChris Lattner << OrigFormatExpr->getSourceRange(); 121771895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek return; 121871895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek } 12191eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 122071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek if (!HasVAListArg) { 122171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // CHECK: Does the number of format conversions exceed the number 122271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // of data arguments? 122371895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek if (numConversions > numDataArgs) { 122460800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner SourceLocation Loc = 122560800081361b0ffc114877b8abbc81cb57b4edf6Chris Lattner getLocationOfStringLiteralByte(FExpr, LastConversionIdx); 12261eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1227dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner Diag(Loc, diag::warn_printf_insufficient_data_args) 1228dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner << OrigFormatExpr->getSourceRange(); 122971895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek } 123071895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // CHECK: Does the number of data arguments exceed the number of 123171895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek // format conversions in the format string? 123271895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek else if (numConversions < numDataArgs) 1233925e60d3fa706f31886027c876989af79eb0e0d2Chris Lattner Diag(TheCall->getArg(format_idx+numConversions+1)->getLocStart(), 1234dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner diag::warn_printf_too_many_data_args) 1235dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner << OrigFormatExpr->getSourceRange(); 123671895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek } 123771895b9aa3ad71957359497e136b50fcb6136bdfTed Kremenek} 123806de276fff91264437fa75111ed76de43097e089Ted Kremenek 123906de276fff91264437fa75111ed76de43097e089Ted Kremenek//===--- CHECK: Return Address of Stack Variable --------------------------===// 124006de276fff91264437fa75111ed76de43097e089Ted Kremenek 124106de276fff91264437fa75111ed76de43097e089Ted Kremenekstatic DeclRefExpr* EvalVal(Expr *E); 124206de276fff91264437fa75111ed76de43097e089Ted Kremenekstatic DeclRefExpr* EvalAddr(Expr* E); 124306de276fff91264437fa75111ed76de43097e089Ted Kremenek 124406de276fff91264437fa75111ed76de43097e089Ted Kremenek/// CheckReturnStackAddr - Check if a return statement returns the address 124506de276fff91264437fa75111ed76de43097e089Ted Kremenek/// of a stack variable. 124606de276fff91264437fa75111ed76de43097e089Ted Kremenekvoid 124706de276fff91264437fa75111ed76de43097e089Ted KremenekSema::CheckReturnStackAddr(Expr *RetValExp, QualType lhsType, 124806de276fff91264437fa75111ed76de43097e089Ted Kremenek SourceLocation ReturnLoc) { 12491eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 125006de276fff91264437fa75111ed76de43097e089Ted Kremenek // Perform checking for returned stack addresses. 1251dd972f20dc2bd3609d833893e5c6544ac09b59a9Steve Naroff if (lhsType->isPointerType() || lhsType->isBlockPointerType()) { 125206de276fff91264437fa75111ed76de43097e089Ted Kremenek if (DeclRefExpr *DR = EvalAddr(RetValExp)) 12533c73c41cefcfe76f36b7bed72c9f1ec195490951Chris Lattner Diag(DR->getLocStart(), diag::warn_ret_stack_addr) 125408631c5fa053867146b5ee8be658c229f6bf127cChris Lattner << DR->getDecl()->getDeclName() << RetValExp->getSourceRange(); 12551eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1256c50a4a5f2eac14ac4c631d50b0a55cadc87700ceSteve Naroff // Skip over implicit cast expressions when checking for block expressions. 12574ca606e898293ae58f1793f988500e2218c7a9beChris Lattner RetValExp = RetValExp->IgnoreParenCasts(); 1258c50a4a5f2eac14ac4c631d50b0a55cadc87700ceSteve Naroff 125961f40a2b67fc2046768e14f66b617e564cbcc3d8Steve Naroff if (BlockExpr *C = dyn_cast_or_null<BlockExpr>(RetValExp)) 1260397195bf3077fb42789b326f69f7d417227a0588Mike Stump if (C->hasBlockDeclRefExprs()) 1261397195bf3077fb42789b326f69f7d417227a0588Mike Stump Diag(C->getLocStart(), diag::err_ret_local_block) 1262397195bf3077fb42789b326f69f7d417227a0588Mike Stump << C->getSourceRange(); 1263ac5fc7c6bcb494b60fee7ce615ac931c5db6135eMike Stump } else if (lhsType->isReferenceType()) { 1264ac5fc7c6bcb494b60fee7ce615ac931c5db6135eMike Stump // Perform checking for stack values returned by reference. 126549badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor // Check for a reference to the stack 126649badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor if (DeclRefExpr *DR = EvalVal(RetValExp)) 1267dcd5ef12488e4c7ea844327835896ca86b609a97Chris Lattner Diag(DR->getLocStart(), diag::warn_ret_stack_ref) 126808631c5fa053867146b5ee8be658c229f6bf127cChris Lattner << DR->getDecl()->getDeclName() << RetValExp->getSourceRange(); 126906de276fff91264437fa75111ed76de43097e089Ted Kremenek } 127006de276fff91264437fa75111ed76de43097e089Ted Kremenek} 127106de276fff91264437fa75111ed76de43097e089Ted Kremenek 127206de276fff91264437fa75111ed76de43097e089Ted Kremenek/// EvalAddr - EvalAddr and EvalVal are mutually recursive functions that 127306de276fff91264437fa75111ed76de43097e089Ted Kremenek/// check if the expression in a return statement evaluates to an address 127406de276fff91264437fa75111ed76de43097e089Ted Kremenek/// to a location on the stack. The recursion is used to traverse the 127506de276fff91264437fa75111ed76de43097e089Ted Kremenek/// AST of the return expression, with recursion backtracking when we 127606de276fff91264437fa75111ed76de43097e089Ted Kremenek/// encounter a subexpression that (1) clearly does not lead to the address 127706de276fff91264437fa75111ed76de43097e089Ted Kremenek/// of a stack variable or (2) is something we cannot determine leads to 127806de276fff91264437fa75111ed76de43097e089Ted Kremenek/// the address of a stack variable based on such local checking. 127906de276fff91264437fa75111ed76de43097e089Ted Kremenek/// 1280e8c600f9fedf2cfd69cdd2cb4bde4a9b39ce2873Ted Kremenek/// EvalAddr processes expressions that are pointers that are used as 1281e8c600f9fedf2cfd69cdd2cb4bde4a9b39ce2873Ted Kremenek/// references (and not L-values). EvalVal handles all other values. 12821eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump/// At the base case of the recursion is a check for a DeclRefExpr* in 128306de276fff91264437fa75111ed76de43097e089Ted Kremenek/// the refers to a stack variable. 128406de276fff91264437fa75111ed76de43097e089Ted Kremenek/// 128506de276fff91264437fa75111ed76de43097e089Ted Kremenek/// This implementation handles: 128606de276fff91264437fa75111ed76de43097e089Ted Kremenek/// 128706de276fff91264437fa75111ed76de43097e089Ted Kremenek/// * pointer-to-pointer casts 128806de276fff91264437fa75111ed76de43097e089Ted Kremenek/// * implicit conversions from array references to pointers 128906de276fff91264437fa75111ed76de43097e089Ted Kremenek/// * taking the address of fields 129006de276fff91264437fa75111ed76de43097e089Ted Kremenek/// * arbitrary interplay between "&" and "*" operators 129106de276fff91264437fa75111ed76de43097e089Ted Kremenek/// * pointer arithmetic from an address of a stack variable 129206de276fff91264437fa75111ed76de43097e089Ted Kremenek/// * taking the address of an array element where the array is on the stack 129306de276fff91264437fa75111ed76de43097e089Ted Kremenekstatic DeclRefExpr* EvalAddr(Expr *E) { 129406de276fff91264437fa75111ed76de43097e089Ted Kremenek // We should only be called for evaluating pointer expressions. 12950f436560640a1cff5b6d96f80f540770f139453fDavid Chisnall assert((E->getType()->isAnyPointerType() || 1296dd972f20dc2bd3609d833893e5c6544ac09b59a9Steve Naroff E->getType()->isBlockPointerType() || 1297a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek E->getType()->isObjCQualifiedIdType()) && 1298fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner "EvalAddr only works on pointers"); 12991eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 130006de276fff91264437fa75111ed76de43097e089Ted Kremenek // Our "symbolic interpreter" is just a dispatch off the currently 130106de276fff91264437fa75111ed76de43097e089Ted Kremenek // viewed AST node. We then recursively traverse the AST by calling 130206de276fff91264437fa75111ed76de43097e089Ted Kremenek // EvalAddr and EvalVal appropriately. 130306de276fff91264437fa75111ed76de43097e089Ted Kremenek switch (E->getStmtClass()) { 1304fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case Stmt::ParenExprClass: 1305fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // Ignore parentheses. 1306fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return EvalAddr(cast<ParenExpr>(E)->getSubExpr()); 130706de276fff91264437fa75111ed76de43097e089Ted Kremenek 1308fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case Stmt::UnaryOperatorClass: { 1309fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // The only unary operator that make sense to handle here 1310fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // is AddrOf. All others don't make sense as pointers. 1311fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner UnaryOperator *U = cast<UnaryOperator>(E); 13121eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1313fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner if (U->getOpcode() == UnaryOperator::AddrOf) 1314fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return EvalVal(U->getSubExpr()); 1315fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner else 1316fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return NULL; 1317fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner } 13181eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1319fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case Stmt::BinaryOperatorClass: { 1320fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // Handle pointer arithmetic. All other binary operators are not valid 1321fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // in this context. 1322fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner BinaryOperator *B = cast<BinaryOperator>(E); 1323fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner BinaryOperator::Opcode op = B->getOpcode(); 13241eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1325fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner if (op != BinaryOperator::Add && op != BinaryOperator::Sub) 1326fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return NULL; 13271eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1328fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner Expr *Base = B->getLHS(); 13293907323dd6665c0c4e383435cb145233f4533406Anders Carlsson 1330fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // Determine which argument is the real pointer base. It could be 1331fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // the RHS argument instead of the LHS. 1332fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner if (!Base->getType()->isPointerType()) Base = B->getRHS(); 13331eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1334fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner assert (Base->getType()->isPointerType()); 1335fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return EvalAddr(Base); 1336fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner } 133761f40a2b67fc2046768e14f66b617e564cbcc3d8Steve Naroff 1338fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // For conditional operators we need to see if either the LHS or RHS are 1339fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // valid DeclRefExpr*s. If one of them is valid, we return it. 1340fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner case Stmt::ConditionalOperatorClass: { 1341fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner ConditionalOperator *C = cast<ConditionalOperator>(E); 13421eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1343fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // Handle the GNU extension for missing LHS. 1344fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner if (Expr *lhsExpr = C->getLHS()) 1345fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner if (DeclRefExpr* LHS = EvalAddr(lhsExpr)) 1346fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return LHS; 134706de276fff91264437fa75111ed76de43097e089Ted Kremenek 1348fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return EvalAddr(C->getRHS()); 1349fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner } 13501eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 135154b5274f2c190331438375ad114dad12ae098b57Ted Kremenek // For casts, we need to handle conversions from arrays to 135254b5274f2c190331438375ad114dad12ae098b57Ted Kremenek // pointer values, and pointer-to-pointer conversions. 135349badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor case Stmt::ImplicitCastExprClass: 13546eec8e883de118b431e3ead5b1e604a6ac68ff6bDouglas Gregor case Stmt::CStyleCastExprClass: 135549badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor case Stmt::CXXFunctionalCastExprClass: { 13560835a3cdeefe714b4959d31127ea155e56393125Argyrios Kyrtzidis Expr* SubExpr = cast<CastExpr>(E)->getSubExpr(); 135754b5274f2c190331438375ad114dad12ae098b57Ted Kremenek QualType T = SubExpr->getType(); 13581eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1359dd972f20dc2bd3609d833893e5c6544ac09b59a9Steve Naroff if (SubExpr->getType()->isPointerType() || 1360dd972f20dc2bd3609d833893e5c6544ac09b59a9Steve Naroff SubExpr->getType()->isBlockPointerType() || 1361dd972f20dc2bd3609d833893e5c6544ac09b59a9Steve Naroff SubExpr->getType()->isObjCQualifiedIdType()) 1362fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return EvalAddr(SubExpr); 136354b5274f2c190331438375ad114dad12ae098b57Ted Kremenek else if (T->isArrayType()) 136454b5274f2c190331438375ad114dad12ae098b57Ted Kremenek return EvalVal(SubExpr); 1365fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner else 136654b5274f2c190331438375ad114dad12ae098b57Ted Kremenek return 0; 1367fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner } 13681eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1369fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // C++ casts. For dynamic casts, static casts, and const casts, we 1370fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // are always converting from a pointer-to-pointer, so we just blow 137149badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor // through the cast. In the case the dynamic cast doesn't fail (and 137249badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor // return NULL), we take the conservative route and report cases 1373fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // where we return the address of a stack variable. For Reinterpre 137449badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor // FIXME: The comment about is wrong; we're not always converting 137549badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor // from pointer to pointer. I'm guessing that this code should also 13761eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump // handle references to objects. 13771eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump case Stmt::CXXStaticCastExprClass: 13781eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump case Stmt::CXXDynamicCastExprClass: 137949badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor case Stmt::CXXConstCastExprClass: 138049badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor case Stmt::CXXReinterpretCastExprClass: { 138149badde06e066d058d6c7fcf4e628a72999b65a9Douglas Gregor Expr *S = cast<CXXNamedCastExpr>(E)->getSubExpr(); 1382dd972f20dc2bd3609d833893e5c6544ac09b59a9Steve Naroff if (S->getType()->isPointerType() || S->getType()->isBlockPointerType()) 1383fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return EvalAddr(S); 138406de276fff91264437fa75111ed76de43097e089Ted Kremenek else 138506de276fff91264437fa75111ed76de43097e089Ted Kremenek return NULL; 1386fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner } 13871eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1388fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner // Everything else: we simply don't reason about them. 1389fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner default: 1390fae3f1f6565c74d3238747b58357a6e56fbb0e9cChris Lattner return NULL; 139106de276fff91264437fa75111ed76de43097e089Ted Kremenek } 139206de276fff91264437fa75111ed76de43097e089Ted Kremenek} 13931eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 139406de276fff91264437fa75111ed76de43097e089Ted Kremenek 139506de276fff91264437fa75111ed76de43097e089Ted Kremenek/// EvalVal - This function is complements EvalAddr in the mutual recursion. 139606de276fff91264437fa75111ed76de43097e089Ted Kremenek/// See the comments for EvalAddr for more details. 139706de276fff91264437fa75111ed76de43097e089Ted Kremenekstatic DeclRefExpr* EvalVal(Expr *E) { 13981eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1399e8c600f9fedf2cfd69cdd2cb4bde4a9b39ce2873Ted Kremenek // We should only be called for evaluating non-pointer expressions, or 1400e8c600f9fedf2cfd69cdd2cb4bde4a9b39ce2873Ted Kremenek // expressions with a pointer type that are not used as references but instead 1401e8c600f9fedf2cfd69cdd2cb4bde4a9b39ce2873Ted Kremenek // are l-values (e.g., DeclRefExpr with a pointer type). 14021eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 140306de276fff91264437fa75111ed76de43097e089Ted Kremenek // Our "symbolic interpreter" is just a dispatch off the currently 140406de276fff91264437fa75111ed76de43097e089Ted Kremenek // viewed AST node. We then recursively traverse the AST by calling 140506de276fff91264437fa75111ed76de43097e089Ted Kremenek // EvalAddr and EvalVal appropriately. 140606de276fff91264437fa75111ed76de43097e089Ted Kremenek switch (E->getStmtClass()) { 14071eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump case Stmt::DeclRefExprClass: 14081a49af9681c350fef58e677f85ccb9a77e8e9d0aDouglas Gregor case Stmt::QualifiedDeclRefExprClass: { 140906de276fff91264437fa75111ed76de43097e089Ted Kremenek // DeclRefExpr: the base case. When we hit a DeclRefExpr we are looking 141006de276fff91264437fa75111ed76de43097e089Ted Kremenek // at code that refers to a variable's name. We check if it has local 141106de276fff91264437fa75111ed76de43097e089Ted Kremenek // storage within the function, and if so, return the expression. 141206de276fff91264437fa75111ed76de43097e089Ted Kremenek DeclRefExpr *DR = cast<DeclRefExpr>(E); 14131eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 141406de276fff91264437fa75111ed76de43097e089Ted Kremenek if (VarDecl *V = dyn_cast<VarDecl>(DR->getDecl())) 14151eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump if (V->hasLocalStorage() && !V->getType()->isReferenceType()) return DR; 14161eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 141706de276fff91264437fa75111ed76de43097e089Ted Kremenek return NULL; 141806de276fff91264437fa75111ed76de43097e089Ted Kremenek } 14191eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 142006de276fff91264437fa75111ed76de43097e089Ted Kremenek case Stmt::ParenExprClass: 142106de276fff91264437fa75111ed76de43097e089Ted Kremenek // Ignore parentheses. 142206de276fff91264437fa75111ed76de43097e089Ted Kremenek return EvalVal(cast<ParenExpr>(E)->getSubExpr()); 14231eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 142406de276fff91264437fa75111ed76de43097e089Ted Kremenek case Stmt::UnaryOperatorClass: { 142506de276fff91264437fa75111ed76de43097e089Ted Kremenek // The only unary operator that make sense to handle here 142606de276fff91264437fa75111ed76de43097e089Ted Kremenek // is Deref. All others don't resolve to a "name." This includes 142706de276fff91264437fa75111ed76de43097e089Ted Kremenek // handling all sorts of rvalues passed to a unary operator. 142806de276fff91264437fa75111ed76de43097e089Ted Kremenek UnaryOperator *U = cast<UnaryOperator>(E); 14291eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 143006de276fff91264437fa75111ed76de43097e089Ted Kremenek if (U->getOpcode() == UnaryOperator::Deref) 143106de276fff91264437fa75111ed76de43097e089Ted Kremenek return EvalAddr(U->getSubExpr()); 143206de276fff91264437fa75111ed76de43097e089Ted Kremenek 143306de276fff91264437fa75111ed76de43097e089Ted Kremenek return NULL; 143406de276fff91264437fa75111ed76de43097e089Ted Kremenek } 14351eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 143606de276fff91264437fa75111ed76de43097e089Ted Kremenek case Stmt::ArraySubscriptExprClass: { 143706de276fff91264437fa75111ed76de43097e089Ted Kremenek // Array subscripts are potential references to data on the stack. We 143806de276fff91264437fa75111ed76de43097e089Ted Kremenek // retrieve the DeclRefExpr* for the array variable if it indeed 143906de276fff91264437fa75111ed76de43097e089Ted Kremenek // has local storage. 14402324512285caac0332bbbc6e4cab6245d2a370a1Ted Kremenek return EvalAddr(cast<ArraySubscriptExpr>(E)->getBase()); 144106de276fff91264437fa75111ed76de43097e089Ted Kremenek } 14421eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 144306de276fff91264437fa75111ed76de43097e089Ted Kremenek case Stmt::ConditionalOperatorClass: { 144406de276fff91264437fa75111ed76de43097e089Ted Kremenek // For conditional operators we need to see if either the LHS or RHS are 144506de276fff91264437fa75111ed76de43097e089Ted Kremenek // non-NULL DeclRefExpr's. If one is non-NULL, we return it. 144606de276fff91264437fa75111ed76de43097e089Ted Kremenek ConditionalOperator *C = cast<ConditionalOperator>(E); 144706de276fff91264437fa75111ed76de43097e089Ted Kremenek 14483907323dd6665c0c4e383435cb145233f4533406Anders Carlsson // Handle the GNU extension for missing LHS. 14493907323dd6665c0c4e383435cb145233f4533406Anders Carlsson if (Expr *lhsExpr = C->getLHS()) 14503907323dd6665c0c4e383435cb145233f4533406Anders Carlsson if (DeclRefExpr *LHS = EvalVal(lhsExpr)) 14513907323dd6665c0c4e383435cb145233f4533406Anders Carlsson return LHS; 14523907323dd6665c0c4e383435cb145233f4533406Anders Carlsson 14533907323dd6665c0c4e383435cb145233f4533406Anders Carlsson return EvalVal(C->getRHS()); 145406de276fff91264437fa75111ed76de43097e089Ted Kremenek } 14551eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 145606de276fff91264437fa75111ed76de43097e089Ted Kremenek // Accesses to members are potential references to data on the stack. 145783f6faf37d9bf58986bedc9bc0ea897a56b4dbadDouglas Gregor case Stmt::MemberExprClass: { 145806de276fff91264437fa75111ed76de43097e089Ted Kremenek MemberExpr *M = cast<MemberExpr>(E); 14591eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 146006de276fff91264437fa75111ed76de43097e089Ted Kremenek // Check for indirect access. We only want direct field accesses. 146106de276fff91264437fa75111ed76de43097e089Ted Kremenek if (!M->isArrow()) 146206de276fff91264437fa75111ed76de43097e089Ted Kremenek return EvalVal(M->getBase()); 146306de276fff91264437fa75111ed76de43097e089Ted Kremenek else 146406de276fff91264437fa75111ed76de43097e089Ted Kremenek return NULL; 146506de276fff91264437fa75111ed76de43097e089Ted Kremenek } 14661eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 146706de276fff91264437fa75111ed76de43097e089Ted Kremenek // Everything else: we simply don't reason about them. 146806de276fff91264437fa75111ed76de43097e089Ted Kremenek default: 146906de276fff91264437fa75111ed76de43097e089Ted Kremenek return NULL; 147006de276fff91264437fa75111ed76de43097e089Ted Kremenek } 147106de276fff91264437fa75111ed76de43097e089Ted Kremenek} 1472588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek 1473588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek//===--- CHECK: Floating-Point comparisons (-Wfloat-equal) ---------------===// 1474588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek 1475588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek/// Check for comparisons of floating point operands using != and ==. 1476588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek/// Issue a warning if these are no self-comparisons, as they are not likely 1477588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek/// to do what the programmer intended. 1478588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenekvoid Sema::CheckFloatComparison(SourceLocation loc, Expr* lex, Expr *rex) { 1479588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek bool EmitWarning = true; 14801eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 14814e99a5fc3b203397a91136c6e695e405fb8fc606Ted Kremenek Expr* LeftExprSansParen = lex->IgnoreParens(); 148232e97b66bbce16c9e81c877794fb7a0aeeb66ccbTed Kremenek Expr* RightExprSansParen = rex->IgnoreParens(); 1483588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek 1484588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek // Special case: check for x == x (which is OK). 1485588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek // Do not emit warnings for such cases. 1486588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek if (DeclRefExpr* DRL = dyn_cast<DeclRefExpr>(LeftExprSansParen)) 1487588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek if (DeclRefExpr* DRR = dyn_cast<DeclRefExpr>(RightExprSansParen)) 1488588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek if (DRL->getDecl() == DRR->getDecl()) 1489588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek EmitWarning = false; 14901eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 14911eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 14921b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek // Special case: check for comparisons against literals that can be exactly 14931b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek // represented by APFloat. In such cases, do not emit a warning. This 14941b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek // is a heuristic: often comparison against such literals are used to 14951b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek // detect if a value in a variable has not changed. This clearly can 14961b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek // lead to false negatives. 14971b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek if (EmitWarning) { 14981b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek if (FloatingLiteral* FLL = dyn_cast<FloatingLiteral>(LeftExprSansParen)) { 14991b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek if (FLL->isExact()) 15001b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek EmitWarning = false; 1501ac5fc7c6bcb494b60fee7ce615ac931c5db6135eMike Stump } else 15021b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek if (FloatingLiteral* FLR = dyn_cast<FloatingLiteral>(RightExprSansParen)){ 15031b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek if (FLR->isExact()) 15041b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek EmitWarning = false; 15051b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek } 15061b500bb0d40aa3ebf1ace47340bb5f401a9ae99cTed Kremenek } 15071eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1508588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek // Check for comparisons with builtin types. 15090eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl if (EmitWarning) 1510588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek if (CallExpr* CL = dyn_cast<CallExpr>(LeftExprSansParen)) 15113c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor if (CL->isBuiltinCall(Context)) 1512588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek EmitWarning = false; 15131eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 15140eb23307222bda7ad95d968eac4e1ab30864b213Sebastian Redl if (EmitWarning) 1515588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek if (CallExpr* CR = dyn_cast<CallExpr>(RightExprSansParen)) 15163c385e5f8d9008fff18597ca302be19fa86e51f6Douglas Gregor if (CR->isBuiltinCall(Context)) 1517588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek EmitWarning = false; 15181eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1519588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek // Emit the diagnostic. 1520588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek if (EmitWarning) 1521fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner Diag(loc, diag::warn_floatingpoint_eq) 1522fa25bbb351f4fdd977f51254119cdfc2b525ce90Chris Lattner << lex->getSourceRange() << rex->getSourceRange(); 1523588e5ebee2db045c3611e0c8f601bc4495ebd0f3Ted Kremenek} 1524