search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[PATCH] fix for switch(bad_type) {...} segfault
[smatch.git] / evaluate.c
blobbeba81071f1fd1a747870b56f3a64dfb4142b7a5
1 /*
2 * sparse/evaluate.c
3 *
4 * Copyright (C) 2003 Transmeta Corp.
5 * 2003-2004 Linus Torvalds
6 *
7 * Licensed under the Open Software License version 1.1
8 *
9 * Evaluate constant expressions.
10 */
11 #include <stdlib.h>
12 #include <stdarg.h>
13 #include <stddef.h>
14 #include <stdio.h>
15 #include <string.h>
16 #include <ctype.h>
17 #include <unistd.h>
18 #include <fcntl.h>
19 #include <limits.h>
20
21 #include "lib.h"
22 #include "allocate.h"
23 #include "parse.h"
24 #include "token.h"
25 #include "symbol.h"
26 #include "target.h"
27 #include "expression.h"
28
29 struct symbol *current_fn;
30
31 static struct symbol *degenerate(struct expression *expr);
32 static struct symbol *evaluate_symbol(struct symbol *sym);
33
34 static struct symbol *evaluate_symbol_expression(struct expression *expr)
35 {
36 struct expression *addr;
37 struct symbol *sym = expr->symbol;
38 struct symbol *base_type;
39
40 if (!sym) {
41 sparse_error(expr->pos, "undefined identifier '%s'", show_ident(expr->symbol_name));
42 return NULL;
43 }
44
45 examine_symbol_type(sym);
46
47 base_type = get_base_type(sym);
48 if (!base_type) {
49 sparse_error(expr->pos, "identifier '%s' has no type", show_ident(expr->symbol_name));
50 return NULL;
51 }
52
53 addr = alloc_expression(expr->pos, EXPR_SYMBOL);
54 addr->symbol = sym;
55 addr->symbol_name = expr->symbol_name;
56 addr->ctype = &lazy_ptr_ctype; /* Lazy evaluation: we need to do a proper job if somebody does &sym */
57 expr->type = EXPR_PREOP;
58 expr->op = '*';
59 expr->unop = addr;
60
61 /* The type of a symbol is the symbol itself! */
62 expr->ctype = sym;
63 return sym;
64 }
65
66 static struct symbol *evaluate_string(struct expression *expr)
67 {
68 struct symbol *sym = alloc_symbol(expr->pos, SYM_NODE);
69 struct symbol *array = alloc_symbol(expr->pos, SYM_ARRAY);
70 struct expression *addr = alloc_expression(expr->pos, EXPR_SYMBOL);
71 struct expression *initstr = alloc_expression(expr->pos, EXPR_STRING);
72 unsigned int length = expr->string->length;
73
74 sym->array_size = alloc_const_expression(expr->pos, length);
75 sym->bit_size = bits_in_char * length;
76 sym->ctype.alignment = 1;
77 sym->ctype.modifiers = MOD_STATIC;
78 sym->ctype.base_type = array;
79 sym->initializer = initstr;
80
81 initstr->ctype = sym;
82 initstr->string = expr->string;
83
84 array->array_size = sym->array_size;
85 array->bit_size = bits_in_char * length;
86 array->ctype.alignment = 1;
87 array->ctype.modifiers = MOD_STATIC;
88 array->ctype.base_type = &char_ctype;
89
90 addr->symbol = sym;
91 addr->ctype = &lazy_ptr_ctype;
92
93 expr->type = EXPR_PREOP;
94 expr->op = '*';
95 expr->unop = addr;
96 expr->ctype = sym;
97 return sym;
98 }
99
100 static inline struct symbol *integer_promotion(struct symbol *type)
101 {
102 struct symbol *orig_type = type;
103 unsigned long mod = type->ctype.modifiers;
104 int width;
105
106 if (type->type == SYM_NODE)
107 type = type->ctype.base_type;
108 if (type->type == SYM_ENUM)
109 type = type->ctype.base_type;
110 width = type->bit_size;
111
112 /*
113 * Bitfields always promote to the base type,
114 * even if the bitfield might be bigger than
115 * an "int".
116 */
117 if (type->type == SYM_BITFIELD) {
118 type = type->ctype.base_type;
119 orig_type = type;
120 }
121 mod = type->ctype.modifiers;
122 if (width < bits_in_int)
123 return &int_ctype;
124
125 /* If char/short has as many bits as int, it still gets "promoted" */
126 if (mod & (MOD_CHAR | MOD_SHORT)) {
127 if (mod & MOD_UNSIGNED)
128 return &uint_ctype;
129 return &int_ctype;
130 }
131 return orig_type;
132 }
133
134 /*
135 * integer part of usual arithmetic conversions:
136 * integer promotions are applied
137 * if left and right are identical, we are done
138 * if signedness is the same, convert one with lower rank
139 * unless unsigned argument has rank lower than signed one, convert the
140 * signed one.
141 * if signed argument is bigger than unsigned one, convert the unsigned.
142 * otherwise, convert signed.
143 *
144 * Leaving aside the integer promotions, that is equivalent to
145 * if identical, don't convert
146 * if left is bigger than right, convert right
147 * if right is bigger than left, convert right
148 * otherwise, if signedness is the same, convert one with lower rank
149 * otherwise convert the signed one.
150 */
151 static struct symbol *bigger_int_type(struct symbol *left, struct symbol *right)
152 {
153 unsigned long lmod, rmod;
154
155 left = integer_promotion(left);
156 right = integer_promotion(right);
157
158 if (left == right)
159 goto left;
160
161 if (left->bit_size > right->bit_size)
162 goto left;
163
164 if (right->bit_size > left->bit_size)
165 goto right;
166
167 lmod = left->ctype.modifiers;
168 rmod = right->ctype.modifiers;
169 if ((lmod ^ rmod) & MOD_UNSIGNED) {
170 if (lmod & MOD_UNSIGNED)
171 goto left;
172 } else if ((lmod & ~rmod) & (MOD_LONG | MOD_LONGLONG))
173 goto left;
174 right:
175 left = right;
176 left:
177 return left;
178 }
179
180 static int same_cast_type(struct symbol *orig, struct symbol *new)
181 {
182 return orig->bit_size == new->bit_size && orig->bit_offset == orig->bit_offset;
183 }
184
185 static struct symbol *base_type(struct symbol *node, unsigned long *modp, unsigned long *asp)
186 {
187 unsigned long mod, as;
188
189 mod = 0; as = 0;
190 while (node) {
191 mod |= node->ctype.modifiers;
192 as |= node->ctype.as;
193 if (node->type == SYM_NODE) {
194 node = node->ctype.base_type;
195 continue;
196 }
197 break;
198 }
199 *modp = mod & ~MOD_IGNORE;
200 *asp = as;
201 return node;
202 }
203
204 static int is_same_type(struct expression *expr, struct symbol *new)
205 {
206 struct symbol *old = expr->ctype;
207 unsigned long oldmod, newmod, oldas, newas;
208
209 old = base_type(old, &oldmod, &oldas);
210 new = base_type(new, &newmod, &newas);
211
212 /* Same base type, same address space? */
213 if (old == new && oldas == newas) {
214 unsigned long difmod;
215
216 /* Check the modifier bits. */
217 difmod = (oldmod ^ newmod) & ~MOD_NOCAST;
218
219 /* Exact same type? */
220 if (!difmod)
221 return 1;
222
223 /*
224 * Not the same type, but differs only in "const".
225 * Don't warn about MOD_NOCAST.
226 */
227 if (difmod == MOD_CONST)
228 return 0;
229 }
230 if ((oldmod | newmod) & MOD_NOCAST) {
231 const char *tofrom = "to/from";
232 if (!(newmod & MOD_NOCAST))
233 tofrom = "from";
234 if (!(oldmod & MOD_NOCAST))
235 tofrom = "to";
236 warning(expr->pos, "implicit cast %s nocast type", tofrom);
237 }
238 return 0;
239 }
240
241 static void
242 warn_for_different_enum_types (struct position pos,
243 struct symbol *typea,
244 struct symbol *typeb)
245 {
246 if (!Wenum_mismatch)
247 return;
248 if (typea->type == SYM_NODE)
249 typea = typea->ctype.base_type;
250 if (typeb->type == SYM_NODE)
251 typeb = typeb->ctype.base_type;
252
253 if (typea == typeb)
254 return;
255
256 if (typea->type == SYM_ENUM && typeb->type == SYM_ENUM)
257 warning(pos, "mixing different enum types");
258 }
259
260 /*
261 * This gets called for implicit casts in assignments and
262 * integer promotion. We often want to try to move the
263 * cast down, because the ops involved may have been
264 * implicitly cast up, and we can get rid of the casts
265 * early.
266 */
267 static struct expression * cast_to(struct expression *old, struct symbol *type)
268 {
269 struct expression *expr;
270
271 warn_for_different_enum_types (old->pos, old->ctype, type);
272
273 if (is_same_type(old, type))
274 return old;
275
276 /*
277 * See if we can simplify the op. Move the cast down.
278 */
279 switch (old->type) {
280 case EXPR_PREOP:
281 if (old->ctype->bit_size < type->bit_size)
282 break;
283 if (old->op == '~') {
284 old->ctype = type;
285 old->unop = cast_to(old->unop, type);
286 return old;
287 }
288 break;
289
290 case EXPR_IMPLIED_CAST:
291 warn_for_different_enum_types(old->pos, old->ctype, type);
292
293 if (old->ctype->bit_size >= type->bit_size) {
294 struct expression *orig = old->cast_expression;
295 if (same_cast_type(orig->ctype, type))
296 return orig;
297 if (old->ctype->bit_offset == type->bit_offset) {
298 old->ctype = type;
299 old->cast_type = type;
300 return old;
301 }
302 }
303 break;
304
305 default:
306 /* nothing */;
307 }
308
309 expr = alloc_expression(old->pos, EXPR_IMPLIED_CAST);
310 expr->ctype = type;
311 expr->cast_type = type;
312 expr->cast_expression = old;
313 return expr;
314 }
315
316 static int is_type_type(struct symbol *type)
317 {
318 return (type->ctype.modifiers & MOD_TYPE) != 0;
319 }
320
321 int is_ptr_type(struct symbol *type)
322 {
323 if (type->type == SYM_NODE)
324 type = type->ctype.base_type;
325 return type->type == SYM_PTR || type->type == SYM_ARRAY || type->type == SYM_FN;
326 }
327
328 static inline int is_float_type(struct symbol *type)
329 {
330 if (type->type == SYM_NODE)
331 type = type->ctype.base_type;
332 return type->ctype.base_type == &fp_type;
333 }
334
335 static inline int is_byte_type(struct symbol *type)
336 {
337 return type->bit_size == bits_in_char && type->type != SYM_BITFIELD;
338 }
339
340 static inline int is_string_type(struct symbol *type)
341 {
342 if (type->type == SYM_NODE)
343 type = type->ctype.base_type;
344 return type->type == SYM_ARRAY && is_byte_type(type->ctype.base_type);
345 }
346
347 static struct symbol *bad_expr_type(struct expression *expr)
348 {
349 sparse_error(expr->pos, "incompatible types for operation (%s)", show_special(expr->op));
350 switch (expr->type) {
351 case EXPR_BINOP:
352 case EXPR_COMPARE:
353 info(expr->pos, " left side has type %s", show_typename(expr->left->ctype));
354 info(expr->pos, " right side has type %s", show_typename(expr->right->ctype));
355 break;
356 case EXPR_PREOP:
357 case EXPR_POSTOP:
358 info(expr->pos, " argument has type %s", show_typename(expr->unop->ctype));
359 break;
360 default:
361 break;
362 }
363
364 return expr->ctype = &bad_ctype;
365 }
366
367 static struct symbol *compatible_float_binop(struct expression **lp, struct expression **rp)
368 {
369 struct expression *left = *lp, *right = *rp;
370 struct symbol *ltype = left->ctype, *rtype = right->ctype;
371
372 if (ltype->type == SYM_NODE)
373 ltype = ltype->ctype.base_type;
374 if (rtype->type == SYM_NODE)
375 rtype = rtype->ctype.base_type;
376 if (is_float_type(ltype)) {
377 if (is_int_type(rtype))
378 goto Left;
379 if (is_float_type(rtype)) {
380 unsigned long lmod = ltype->ctype.modifiers;
381 unsigned long rmod = rtype->ctype.modifiers;
382 lmod &= MOD_LONG | MOD_LONGLONG;
383 rmod &= MOD_LONG | MOD_LONGLONG;
384 if (lmod == rmod)
385 return ltype;
386 if (lmod & ~rmod)
387 goto Left;
388 else
389 goto Right;
390 }
391 return NULL;
392 }
393 if (!is_float_type(rtype) || !is_int_type(ltype))
394 return NULL;
395 Right:
396 *lp = cast_to(left, rtype);
397 return rtype;
398 Left:
399 *rp = cast_to(right, ltype);
400 return ltype;
401 }
402
403 static struct symbol *compatible_integer_binop(struct expression **lp, struct expression **rp)
404 {
405 struct expression *left = *lp, *right = *rp;
406 struct symbol *ltype = left->ctype, *rtype = right->ctype;
407
408 if (ltype->type == SYM_NODE)
409 ltype = ltype->ctype.base_type;
410 if (rtype->type == SYM_NODE)
411 rtype = rtype->ctype.base_type;
412 if (is_int_type(ltype) && is_int_type(rtype)) {
413 struct symbol *ctype = bigger_int_type(ltype, rtype);
414
415 *lp = cast_to(left, ctype);
416 *rp = cast_to(right, ctype);
417 return ctype;
418 }
419 return NULL;
420 }
421
422 static int restricted_value(struct expression *v, struct symbol *type)
423 {
424 if (v->type != EXPR_VALUE)
425 return 1;
426 if (v->value != 0)
427 return 1;
428 return 0;
429 }
430
431 static int restricted_binop(int op, struct symbol *type)
432 {
433 switch (op) {
434 case '&':
435 case '|':
436 case '^':
437 case '?':
438 case '=':
439 case SPECIAL_EQUAL:
440 case SPECIAL_NOTEQUAL:
441 case SPECIAL_AND_ASSIGN:
442 case SPECIAL_OR_ASSIGN:
443 case SPECIAL_XOR_ASSIGN:
444 return 0;
445 default:
446 return 1;
447 }
448 }
449
450 static int restricted_unop(int op, struct symbol *type)
451 {
452 if (op == '~' && type->bit_size >= bits_in_int)
453 return 0;
454 if (op == '+')
455 return 0;
456 return 1;
457 }
458
459 static struct symbol *compatible_restricted_binop(int op, struct expression **lp, struct expression **rp)
460 {
461 struct expression *left = *lp, *right = *rp;
462 struct symbol *ltype = left->ctype, *rtype = right->ctype;
463 struct symbol *type = NULL;
464
465 if (ltype->type == SYM_NODE)
466 ltype = ltype->ctype.base_type;
467 if (rtype->type == SYM_NODE)
468 rtype = rtype->ctype.base_type;
469
470 warn_for_different_enum_types(right->pos, ltype, rtype);
471
472 if (ltype->type == SYM_ENUM)
473 ltype = ltype->ctype.base_type;
474 if (rtype->type == SYM_ENUM)
475 rtype = rtype->ctype.base_type;
476
477 if (is_restricted_type(ltype)) {
478 if (is_restricted_type(rtype)) {
479 if (ltype == rtype)
480 type = ltype;
481 } else {
482 if (!restricted_value(right, ltype))
483 type = ltype;
484 }
485 } else if (is_restricted_type(rtype)) {
486 if (!restricted_value(left, rtype))
487 type = rtype;
488 }
489 if (!type)
490 return NULL;
491 if (restricted_binop(op, type))
492 return NULL;
493 return type;
494 }
495
496 static struct symbol *evaluate_arith(struct expression *expr, int float_ok)
497 {
498 struct symbol *ctype = compatible_integer_binop(&expr->left, &expr->right);
499 if (!ctype && float_ok)
500 ctype = compatible_float_binop(&expr->left, &expr->right);
501 if (!ctype)
502 ctype = compatible_restricted_binop(expr->op, &expr->left, &expr->right);
503 if (ctype) {
504 expr->ctype = ctype;
505 return ctype;
506 }
507 return bad_expr_type(expr);
508 }
509
510 static inline int lvalue_expression(struct expression *expr)
511 {
512 return expr->type == EXPR_PREOP && expr->op == '*';
513 }
514
515 static int ptr_object_size(struct symbol *ptr_type)
516 {
517 if (ptr_type->type == SYM_NODE)
518 ptr_type = ptr_type->ctype.base_type;
519 if (ptr_type->type == SYM_PTR)
520 ptr_type = get_base_type(ptr_type);
521 return ptr_type->bit_size;
522 }
523
524 static struct symbol *evaluate_ptr_add(struct expression *expr, struct symbol *ctype, struct expression **ip)
525 {
526 struct expression *i = *ip;
527 struct symbol *ptr_type = ctype;
528 int bit_size;
529
530 if (ptr_type->type == SYM_NODE)
531 ptr_type = ptr_type->ctype.base_type;
532
533 if (!is_int_type(i->ctype))
534 return bad_expr_type(expr);
535
536 examine_symbol_type(ctype);
537
538 if (!ctype->ctype.base_type) {
539 sparse_error(expr->pos, "missing type information");
540 return NULL;
541 }
542
543 /* Get the size of whatever the pointer points to */
544 bit_size = ptr_object_size(ctype);
545
546 if (bit_size > bits_in_char) {
547 int multiply = bit_size >> 3;
548 struct expression *val = alloc_expression(expr->pos, EXPR_VALUE);
549
550 if (i->type == EXPR_VALUE) {
551 val->value = i->value * multiply;
552 val->ctype = size_t_ctype;
553 *ip = val;
554 } else {
555 struct expression *mul = alloc_expression(expr->pos, EXPR_BINOP);
556
557 val->ctype = size_t_ctype;
558 val->value = bit_size >> 3;
559
560 mul->op = '*';
561 mul->ctype = size_t_ctype;
562 mul->left = i;
563 mul->right = val;
564
565 *ip = mul;
566 }
567 }
568
569 expr->ctype = ctype;
570 return ctype;
571 }
572
573 static struct symbol *evaluate_add(struct expression *expr)
574 {
575 struct expression *left = expr->left, *right = expr->right;
576 struct symbol *ltype = left->ctype, *rtype = right->ctype;
577
578 if (is_ptr_type(ltype))
579 return evaluate_ptr_add(expr, degenerate(left), &expr->right);
580
581 if (is_ptr_type(rtype))
582 return evaluate_ptr_add(expr, degenerate(right), &expr->left);
583
584 return evaluate_arith(expr, 1);
585 }
586
587 const char * type_difference(struct symbol *target, struct symbol *source,
588 unsigned long target_mod_ignore, unsigned long source_mod_ignore)
589 {
590 for (;;) {
591 unsigned long mod1, mod2, diff;
592 unsigned long as1, as2;
593 int type1, type2;
594 struct symbol *base1, *base2;
595
596 if (target == source)
597 break;
598 if (!target || !source)
599 return "different types";
600 /*
601 * Peel of per-node information.
602 * FIXME! Check alignment and context too here!
603 */
604 mod1 = target->ctype.modifiers;
605 as1 = target->ctype.as;
606 mod2 = source->ctype.modifiers;
607 as2 = source->ctype.as;
608 if (target->type == SYM_NODE) {
609 target = target->ctype.base_type;
610 if (!target)
611 return "bad types";
612 if (target->type == SYM_PTR) {
613 mod1 = 0;
614 as1 = 0;
615 }
616 mod1 |= target->ctype.modifiers;
617 as1 |= target->ctype.as;
618 }
619 if (source->type == SYM_NODE) {
620 source = source->ctype.base_type;
621 if (!source)
622 return "bad types";
623 if (source->type == SYM_PTR) {
624 mod2 = 0;
625 as2 = 0;
626 }
627 mod2 |= source->ctype.modifiers;
628 as2 |= source->ctype.as;
629 }
630 if (target->type == SYM_ENUM) {
631 target = target->ctype.base_type;
632 if (!target)
633 return "bad types";
634 }
635 if (source->type == SYM_ENUM) {
636 source = source->ctype.base_type;
637 if (!source)
638 return "bad types";
639 }
640
641 if (target == source)
642 break;
643 if (!target || !source)
644 return "different types";
645
646 type1 = target->type;
647 base1 = target->ctype.base_type;
648
649 type2 = source->type;
650 base2 = source->ctype.base_type;
651
652 /*
653 * Pointers to functions compare as the function itself
654 */
655 if (type1 == SYM_PTR && base1) {
656 base1 = examine_symbol_type(base1);
657 switch (base1->type) {
658 case SYM_FN:
659 type1 = SYM_FN;
660 target = base1;
661 base1 = base1->ctype.base_type;
662 default:
663 /* nothing */;
664 }
665 }
666 if (type2 == SYM_PTR && base2) {
667 base2 = examine_symbol_type(base2);
668 switch (base2->type) {
669 case SYM_FN:
670 type2 = SYM_FN;
671 source = base2;
672 base2 = base2->ctype.base_type;
673 default:
674 /* nothing */;
675 }
676 }
677
678 /* Arrays degenerate to pointers for type comparisons */
679 type1 = (type1 == SYM_ARRAY) ? SYM_PTR : type1;
680 type2 = (type2 == SYM_ARRAY) ? SYM_PTR : type2;
681
682 if (type1 != type2 || type1 == SYM_RESTRICT)
683 return "different base types";
684
685 /* Must be same address space to be comparable */
686 if (Waddress_space && as1 != as2)
687 return "different address spaces";
688
689 /* Ignore differences in storage types or addressability */
690 diff = (mod1 ^ mod2) & ~MOD_IGNORE;
691 diff &= (mod1 & ~target_mod_ignore) | (mod2 & ~source_mod_ignore);
692 if (diff) {
693 if (diff & MOD_SIZE)
694 return "different type sizes";
695 if (diff & ~MOD_SIGNEDNESS)
696 return "different modifiers";
697
698 /* Differs in signedness only.. */
699 if (Wtypesign) {
700 /*
701 * Warn if both are explicitly signed ("unsigned" is obvously
702 * always explicit, and since we know one of them has to be
703 * unsigned, we check if the signed one was explicit).
704 */
705 if ((mod1 | mod2) & MOD_EXPLICITLY_SIGNED)
706 return "different explicit signedness";
707
708 /*
709 * "char" matches both "unsigned char" and "signed char",
710 * so if the explicit test didn't trigger, then we should
711 * not warn about a char.
712 */
713 if (!(mod1 & MOD_CHAR))
714 return "different signedness";
715 }
716 }
717
718 if (type1 == SYM_FN) {
719 int i;
720 struct symbol *arg1, *arg2;
721 if (base1->variadic != base2->variadic)
722 return "incompatible variadic arguments";
723 PREPARE_PTR_LIST(target->arguments, arg1);
724 PREPARE_PTR_LIST(source->arguments, arg2);
725 i = 1;
726 for (;;) {
727 const char *diff;
728 diff = type_difference(arg1, arg2, 0, 0);
729 if (diff) {
730 static char argdiff[80];
731 sprintf(argdiff, "incompatible argument %d (%s)", i, diff);
732 return argdiff;
733 }
734 if (!arg1)
735 break;
736 NEXT_PTR_LIST(arg1);
737 NEXT_PTR_LIST(arg2);
738 i++;
739 }
740 FINISH_PTR_LIST(arg2);
741 FINISH_PTR_LIST(arg1);
742 }
743
744 target = base1;
745 source = base2;
746 }
747 return NULL;
748 }
749
750 static int is_null_ptr(struct expression *expr)
751 {
752 if (expr->type != EXPR_VALUE || expr->value)
753 return 0;
754 if (!is_ptr_type(expr->ctype))
755 warning(expr->pos, "Using plain integer as NULL pointer");
756 return 1;
757 }
758
759 static struct symbol *common_ptr_type(struct expression *l, struct expression *r)
760 {
761 /* NULL expression? Just return the type of the "other side" */
762 if (is_null_ptr(r))
763 return l->ctype;
764 if (is_null_ptr(l))
765 return r->ctype;
766 return NULL;
767 }
768
769 /*
770 * Ignore differences in "volatile" and "const"ness when
771 * subtracting pointers
772 */
773 #define MOD_IGN (MOD_VOLATILE | MOD_CONST)
774
775 static struct symbol *evaluate_ptr_sub(struct expression *expr, struct expression *l, struct expression **rp)
776 {
777 const char *typediff;
778 struct symbol *ctype;
779 struct symbol *ltype, *rtype;
780 struct expression *r = *rp;
781
782 ltype = degenerate(l);
783 rtype = degenerate(r);
784
785 /*
786 * If it is an integer subtract: the ptr add case will do the
787 * right thing.
788 */
789 if (!is_ptr_type(rtype))
790 return evaluate_ptr_add(expr, degenerate(l), rp);
791
792 ctype = ltype;
793 typediff = type_difference(ltype, rtype, ~MOD_SIZE, ~MOD_SIZE);
794 if (typediff) {
795 ctype = common_ptr_type(l, r);
796 if (!ctype) {
797 sparse_error(expr->pos, "subtraction of different types can't work (%s)", typediff);
798 return NULL;
799 }
800 }
801 examine_symbol_type(ctype);
802
803 /* Figure out the base type we point to */
804 if (ctype->type == SYM_NODE)
805 ctype = ctype->ctype.base_type;
806 if (ctype->type != SYM_PTR && ctype->type != SYM_ARRAY) {
807 sparse_error(expr->pos, "subtraction of functions? Share your drugs");
808 return NULL;
809 }
810 ctype = get_base_type(ctype);
811
812 expr->ctype = ssize_t_ctype;
813 if (ctype->bit_size > bits_in_char) {
814 struct expression *sub = alloc_expression(expr->pos, EXPR_BINOP);
815 struct expression *div = expr;
816 struct expression *val = alloc_expression(expr->pos, EXPR_VALUE);
817 unsigned long value = ctype->bit_size >> 3;
818
819 val->ctype = size_t_ctype;
820 val->value = value;
821
822 if (value & (value-1)) {
823 if (Wptr_subtraction_blows)
824 warning(expr->pos, "potentially expensive pointer subtraction");
825 }
826
827 sub->op = '-';
828 sub->ctype = ssize_t_ctype;
829 sub->left = l;
830 sub->right = r;
831
832 div->op = '/';
833 div->left = sub;
834 div->right = val;
835 }
836
837 return ssize_t_ctype;
838 }
839
840 static struct symbol *evaluate_sub(struct expression *expr)
841 {
842 struct expression *left = expr->left;
843 struct symbol *ltype = left->ctype;
844
845 if (is_ptr_type(ltype))
846 return evaluate_ptr_sub(expr, left, &expr->right);
847
848 return evaluate_arith(expr, 1);
849 }
850
851 #define is_safe_type(type) ((type)->ctype.modifiers & MOD_SAFE)
852
853 static struct symbol *evaluate_conditional(struct expression *expr, int iterator)
854 {
855 struct symbol *ctype;
856
857 if (!expr)
858 return NULL;
859
860 if (!iterator && expr->type == EXPR_ASSIGNMENT && expr->op == '=')
861 warning(expr->pos, "assignment expression in conditional");
862
863 ctype = evaluate_expression(expr);
864 if (ctype) {
865 if (is_safe_type(ctype))
866 warning(expr->pos, "testing a 'safe expression'");
867 }
868
869 return ctype;
870 }
871
872 static struct symbol *evaluate_logical(struct expression *expr)
873 {
874 if (!evaluate_conditional(expr->left, 0))
875 return NULL;
876 if (!evaluate_conditional(expr->right, 0))
877 return NULL;
878
879 expr->ctype = &bool_ctype;
880 return &bool_ctype;
881 }
882
883 static struct symbol *evaluate_shift(struct expression *expr)
884 {
885 struct expression *left = expr->left, *right = expr->right;
886 struct symbol *ltype = left->ctype, *rtype = right->ctype;
887
888 if (ltype->type == SYM_NODE)
889 ltype = ltype->ctype.base_type;
890 if (rtype->type == SYM_NODE)
891 rtype = rtype->ctype.base_type;
892 if (is_int_type(ltype) && is_int_type(rtype)) {
893 struct symbol *ctype = integer_promotion(ltype);
894 expr->left = cast_to(expr->left, ctype);
895 expr->ctype = ctype;
896 ctype = integer_promotion(rtype);
897 expr->right = cast_to(expr->right, ctype);
898 return expr->ctype;
899 }
900 return bad_expr_type(expr);
901 }
902
903 static struct symbol *evaluate_binop(struct expression *expr)
904 {
905 switch (expr->op) {
906 // addition can take ptr+int, fp and int
907 case '+':
908 return evaluate_add(expr);
909
910 // subtraction can take ptr-ptr, fp and int
911 case '-':
912 return evaluate_sub(expr);
913
914 // Arithmetic operations can take fp and int
915 case '*': case '/':
916 return evaluate_arith(expr, 1);
917
918 // shifts do integer promotions, but that's it.
919 case SPECIAL_LEFTSHIFT: case SPECIAL_RIGHTSHIFT:
920 return evaluate_shift(expr);
921
922 // The rest are integer operations
923 // '%', '&', '^', '|'
924 default:
925 return evaluate_arith(expr, 0);
926 }
927 }
928
929 static struct symbol *evaluate_comma(struct expression *expr)
930 {
931 expr->ctype = expr->right->ctype;
932 return expr->ctype;
933 }
934
935 static int modify_for_unsigned(int op)
936 {
937 if (op == '<')
938 op = SPECIAL_UNSIGNED_LT;
939 else if (op == '>')
940 op = SPECIAL_UNSIGNED_GT;
941 else if (op == SPECIAL_LTE)
942 op = SPECIAL_UNSIGNED_LTE;
943 else if (op == SPECIAL_GTE)
944 op = SPECIAL_UNSIGNED_GTE;
945 return op;
946 }
947
948 static struct symbol *evaluate_compare(struct expression *expr)
949 {
950 struct expression *left = expr->left, *right = expr->right;
951 struct symbol *ltype = left->ctype, *rtype = right->ctype;
952 struct symbol *ctype;
953
954 /* Type types? */
955 if (is_type_type(ltype) && is_type_type(rtype))
956 goto OK;
957
958 if (is_safe_type(ltype) || is_safe_type(rtype))
959 warning(expr->pos, "testing a 'safe expression'");
960
961 /* Pointer types? */
962 if (is_ptr_type(ltype) || is_ptr_type(rtype)) {
963 // FIXME! Check the types for compatibility
964 expr->op = modify_for_unsigned(expr->op);
965 goto OK;
966 }
967
968 ctype = compatible_integer_binop(&expr->left, &expr->right);
969 if (ctype) {
970 if (ctype->ctype.modifiers & MOD_UNSIGNED)
971 expr->op = modify_for_unsigned(expr->op);
972 goto OK;
973 }
974
975 ctype = compatible_float_binop(&expr->left, &expr->right);
976 if (ctype)
977 goto OK;
978
979 ctype = compatible_restricted_binop(expr->op, &expr->left, &expr->right);
980 if (ctype) {
981 if (ctype->ctype.modifiers & MOD_UNSIGNED)
982 expr->op = modify_for_unsigned(expr->op);
983 goto OK;
984 }
985
986 bad_expr_type(expr);
987
988 OK:
989 expr->ctype = &bool_ctype;
990 return &bool_ctype;
991 }
992
993 /*
994 * FIXME!! This should do casts, array degeneration etc..
995 */
996 static struct symbol *compatible_ptr_type(struct expression *left, struct expression *right)
997 {
998 struct symbol *ltype = left->ctype, *rtype = right->ctype;
999
1000 if (ltype->type == SYM_NODE)
1001 ltype = ltype->ctype.base_type;
1002
1003 if (rtype->type == SYM_NODE)
1004 rtype = rtype->ctype.base_type;
1005
1006 if (ltype->type == SYM_PTR) {
1007 if (is_null_ptr(right) || rtype->ctype.base_type == &void_ctype)
1008 return ltype;
1009 }
1010
1011 if (rtype->type == SYM_PTR) {
1012 if (is_null_ptr(left) || ltype->ctype.base_type == &void_ctype)
1013 return rtype;
1014 }
1015 return NULL;
1016 }
1017
1018 /*
1019 * NOTE! The degenerate case of "x ? : y", where we don't
1020 * have a true case, this will possibly promote "x" to the
1021 * same type as "y", and thus _change_ the conditional
1022 * test in the expression. But since promotion is "safe"
1023 * for testing, that's ok.
1024 */
1025 static struct symbol *evaluate_conditional_expression(struct expression *expr)
1026 {
1027 struct expression **true;
1028 struct symbol *ctype, *ltype, *rtype;
1029 const char * typediff;
1030
1031 if (!evaluate_conditional(expr->conditional, 0))
1032 return NULL;
1033 if (!evaluate_expression(expr->cond_false))
1034 return NULL;
1035
1036 ctype = degenerate(expr->conditional);
1037 rtype = degenerate(expr->cond_false);
1038
1039 true = &expr->conditional;
1040 ltype = ctype;
1041 if (expr->cond_true) {
1042 if (!evaluate_expression(expr->cond_true))
1043 return NULL;
1044 ltype = degenerate(expr->cond_true);
1045 true = &expr->cond_true;
1046 }
1047
1048 ctype = compatible_integer_binop(true, &expr->cond_false);
1049 if (ctype)
1050 goto out;
1051 ctype = compatible_ptr_type(*true, expr->cond_false);
1052 if (ctype)
1053 goto out;
1054 ctype = compatible_float_binop(true, &expr->cond_false);
1055 if (ctype)
1056 goto out;
1057 ctype = compatible_restricted_binop('?', true, &expr->cond_false);
1058 if (ctype)
1059 goto out;
1060 ctype = ltype;
1061 typediff = type_difference(ltype, rtype, MOD_IGN, MOD_IGN);
1062 if (!typediff)
1063 goto out;
1064 sparse_error(expr->pos, "incompatible types in conditional expression (%s)", typediff);
1065 return NULL;
1066
1067 out:
1068 expr->ctype = ctype;
1069 return ctype;
1070 }
1071
1072 /* FP assignments can not do modulo or bit operations */
1073 static int compatible_float_op(int op)
1074 {
1075 return op == '=' ||
1076 op == SPECIAL_ADD_ASSIGN ||
1077 op == SPECIAL_SUB_ASSIGN ||
1078 op == SPECIAL_MUL_ASSIGN ||
1079 op == SPECIAL_DIV_ASSIGN;
1080 }
1081
1082 static int compatible_assignment_types(struct expression *expr, struct symbol *target,
1083 struct expression **rp, struct symbol *source, const char *where, int op)
1084 {
1085 const char *typediff;
1086 struct symbol *t;
1087 int target_as;
1088
1089 if (is_int_type(target)) {
1090 if (is_int_type(source))
1091 goto Cast;
1092 if (is_float_type(source))
1093 goto Cast;
1094 } else if (is_float_type(target)) {
1095 if (!compatible_float_op(op)) {
1096 sparse_error(expr->pos, "invalid assignment");
1097 return 0;
1098 }
1099 if (is_int_type(source))
1100 goto Cast;
1101 if (is_float_type(source))
1102 goto Cast;
1103 } else if (is_restricted_type(target)) {
1104 if (restricted_binop(op, target)) {
1105 sparse_error(expr->pos, "bad restricted assignment");
1106 return 0;
1107 }
1108 if (!restricted_value(*rp, target))
1109 return 1;
1110 } else if (is_ptr_type(target)) {
1111 if (op == SPECIAL_ADD_ASSIGN || op == SPECIAL_SUB_ASSIGN) {
1112 evaluate_ptr_add(expr, target, rp);
1113 return 1;
1114 }
1115 if (op != '=') {
1116 sparse_error(expr->pos, "invalid pointer assignment");
1117 return 0;
1118 }
1119 } else if (op != '=') {
1120 sparse_error(expr->pos, "invalid assignment");
1121 return 0;
1122 }
1123
1124 /* It's ok if the target is more volatile or const than the source */
1125 typediff = type_difference(target, source, MOD_VOLATILE | MOD_CONST, 0);
1126 if (!typediff)
1127 return 1;
1128
1129 /* Pointer destination? */
1130 t = target;
1131 target_as = t->ctype.as;
1132 if (t->type == SYM_NODE) {
1133 t = t->ctype.base_type;
1134 target_as |= t->ctype.as;
1135 }
1136 if (t->type == SYM_PTR || t->type == SYM_FN || t->type == SYM_ARRAY) {
1137 struct expression *right = *rp;
1138 struct symbol *s = source;
1139 int source_as;
1140
1141 // NULL pointer is always ok
1142 if (is_null_ptr(right))
1143 goto Cast;
1144
1145 /* "void *" matches anything as long as the address space is ok */
1146 source_as = s->ctype.as;
1147 if (s->type == SYM_NODE) {
1148 s = s->ctype.base_type;
1149 source_as |= s->ctype.as;
1150 }
1151 if (source_as == target_as && (s->type == SYM_PTR || s->type == SYM_ARRAY)) {
1152 s = get_base_type(s);
1153 t = get_base_type(t);
1154 if (s == &void_ctype || t == &void_ctype)
1155 goto Cast;
1156 }
1157 }
1158
1159 warning(expr->pos, "incorrect type in %s (%s)", where, typediff);
1160 info(expr->pos, " expected %s", show_typename(target));
1161 info(expr->pos, " got %s", show_typename(source));
1162 *rp = cast_to(*rp, target);
1163 return 0;
1164 Cast:
1165 *rp = cast_to(*rp, target);
1166 return 1;
1167 }
1168
1169 static void mark_assigned(struct expression *expr)
1170 {
1171 struct symbol *sym;
1172
1173 if (!expr)
1174 return;
1175 switch (expr->type) {
1176 case EXPR_SYMBOL:
1177 sym = expr->symbol;
1178 if (!sym)
1179 return;
1180 if (sym->type != SYM_NODE)
1181 return;
1182 sym->ctype.modifiers |= MOD_ASSIGNED;
1183 return;
1184
1185 case EXPR_BINOP:
1186 mark_assigned(expr->left);
1187 mark_assigned(expr->right);
1188 return;
1189 case EXPR_CAST:
1190 mark_assigned(expr->cast_expression);
1191 return;
1192 case EXPR_SLICE:
1193 mark_assigned(expr->base);
1194 return;
1195 default:
1196 /* Hmm? */
1197 return;
1198 }
1199 }
1200
1201 static void evaluate_assign_to(struct expression *left, struct symbol *type)
1202 {
1203 if (type->ctype.modifiers & MOD_CONST)
1204 sparse_error(left->pos, "assignment to const expression");
1205
1206 /* We know left is an lvalue, so it's a "preop-*" */
1207 mark_assigned(left->unop);
1208 }
1209
1210 static struct symbol *evaluate_assignment(struct expression *expr)
1211 {
1212 struct expression *left = expr->left, *right = expr->right;
1213 struct expression *where = expr;
1214 struct symbol *ltype, *rtype;
1215
1216 if (!lvalue_expression(left)) {
1217 sparse_error(expr->pos, "not an lvalue");
1218 return NULL;
1219 }
1220
1221 ltype = left->ctype;
1222
1223 rtype = degenerate(right);
1224
1225 if (!compatible_assignment_types(where, ltype, &where->right, rtype, "assignment", expr->op))
1226 return NULL;
1227
1228 evaluate_assign_to(left, ltype);
1229
1230 expr->ctype = ltype;
1231 return ltype;
1232 }
1233
1234 static void examine_fn_arguments(struct symbol *fn)
1235 {
1236 struct symbol *s;
1237
1238 FOR_EACH_PTR(fn->arguments, s) {
1239 struct symbol *arg = evaluate_symbol(s);
1240 /* Array/function arguments silently degenerate into pointers */
1241 if (arg) {
1242 struct symbol *ptr;
1243 switch(arg->type) {
1244 case SYM_ARRAY:
1245 case SYM_FN:
1246 ptr = alloc_symbol(s->pos, SYM_PTR);
1247 if (arg->type == SYM_ARRAY)
1248 ptr->ctype = arg->ctype;
1249 else
1250 ptr->ctype.base_type = arg;
1251 ptr->ctype.as |= s->ctype.as;
1252 ptr->ctype.modifiers |= s->ctype.modifiers;
1253
1254 s->ctype.base_type = ptr;
1255 s->ctype.as = 0;
1256 s->ctype.modifiers = 0;
1257 s->bit_size = 0;
1258 s->examined = 0;
1259 examine_symbol_type(s);
1260 break;
1261 default:
1262 /* nothing */
1263 break;
1264 }
1265 }
1266 } END_FOR_EACH_PTR(s);
1267 }
1268
1269 static struct symbol *convert_to_as_mod(struct symbol *sym, int as, int mod)
1270 {
1271 /* Take the modifiers of the pointer, and apply them to the member */
1272 mod |= sym->ctype.modifiers;
1273 if (sym->ctype.as != as || sym->ctype.modifiers != mod) {
1274 struct symbol *newsym = alloc_symbol(sym->pos, SYM_NODE);
1275 *newsym = *sym;
1276 newsym->ctype.as = as;
1277 newsym->ctype.modifiers = mod;
1278 sym = newsym;
1279 }
1280 return sym;
1281 }
1282
1283 #define MOD_PTRINHERIT (MOD_VOLATILE | MOD_CONST | MOD_NODEREF | MOD_STORAGE)
1284
1285 static struct symbol *create_pointer(struct expression *expr, struct symbol *sym, int degenerate)
1286 {
1287 struct symbol *node = alloc_symbol(expr->pos, SYM_NODE);
1288 struct symbol *ptr = alloc_symbol(expr->pos, SYM_PTR);
1289
1290 node->ctype.base_type = ptr;
1291 ptr->bit_size = bits_in_pointer;
1292 ptr->ctype.alignment = pointer_alignment;
1293
1294 node->bit_size = bits_in_pointer;
1295 node->ctype.alignment = pointer_alignment;
1296
1297 access_symbol(sym);
1298 if (sym->ctype.modifiers & MOD_REGISTER) {
1299 warning(expr->pos, "taking address of 'register' variable '%s'", show_ident(sym->ident));
1300 sym->ctype.modifiers &= ~MOD_REGISTER;
1301 }
1302 if (sym->type == SYM_NODE) {
1303 ptr->ctype.as |= sym->ctype.as;
1304 ptr->ctype.modifiers |= sym->ctype.modifiers & MOD_PTRINHERIT;
1305 sym = sym->ctype.base_type;
1306 }
1307 if (degenerate && sym->type == SYM_ARRAY) {
1308 ptr->ctype.as |= sym->ctype.as;
1309 ptr->ctype.modifiers |= sym->ctype.modifiers & MOD_PTRINHERIT;
1310 sym = sym->ctype.base_type;
1311 }
1312 ptr->ctype.base_type = sym;
1313
1314 return node;
1315 }
1316
1317 /* Arrays degenerate into pointers on pointer arithmetic */
1318 static struct symbol *degenerate(struct expression *expr)
1319 {
1320 struct symbol *ctype, *base;
1321
1322 if (!expr)
1323 return NULL;
1324 ctype = expr->ctype;
1325 if (!ctype)
1326 return NULL;
1327 base = examine_symbol_type(ctype);
1328 if (ctype->type == SYM_NODE)
1329 base = ctype->ctype.base_type;
1330 /*
1331 * Arrays degenerate into pointers to the entries, while
1332 * functions degenerate into pointers to themselves.
1333 * If array was part of non-lvalue compound, we create a copy
1334 * of that compound first and then act as if we were dealing with
1335 * the corresponding field in there.
1336 */
1337 switch (base->type) {
1338 case SYM_ARRAY:
1339 if (expr->type == EXPR_SLICE) {
1340 struct symbol *a = alloc_symbol(expr->pos, SYM_NODE);
1341 struct expression *e0, *e1, *e2, *e3, *e4;
1342
1343 a->ctype.base_type = expr->base->ctype;
1344 a->bit_size = expr->base->ctype->bit_size;
1345 a->array_size = expr->base->ctype->array_size;
1346
1347 e0 = alloc_expression(expr->pos, EXPR_SYMBOL);
1348 e0->symbol = a;
1349 e0->ctype = &lazy_ptr_ctype;
1350
1351 e1 = alloc_expression(expr->pos, EXPR_PREOP);
1352 e1->unop = e0;
1353 e1->op = '*';
1354 e1->ctype = expr->base->ctype; /* XXX */
1355
1356 e2 = alloc_expression(expr->pos, EXPR_ASSIGNMENT);
1357 e2->left = e1;
1358 e2->right = expr->base;
1359 e2->op = '=';
1360 e2->ctype = expr->base->ctype;
1361
1362 if (expr->r_bitpos) {
1363 e3 = alloc_expression(expr->pos, EXPR_BINOP);
1364 e3->op = '+';
1365 e3->left = e0;
1366 e3->right = alloc_const_expression(expr->pos,
1367 expr->r_bitpos >> 3);
1368 e3->ctype = &lazy_ptr_ctype;
1369 } else {
1370 e3 = e0;
1371 }
1372
1373 e4 = alloc_expression(expr->pos, EXPR_COMMA);
1374 e4->left = e2;
1375 e4->right = e3;
1376 e4->ctype = &lazy_ptr_ctype;
1377
1378 expr->unop = e4;
1379 expr->type = EXPR_PREOP;
1380 expr->op = '*';
1381 }
1382 case SYM_FN:
1383 if (expr->op != '*' || expr->type != EXPR_PREOP) {
1384 sparse_error(expr->pos, "strange non-value function or array");
1385 return &bad_ctype;
1386 }
1387 *expr = *expr->unop;
1388 ctype = create_pointer(expr, ctype, 1);
1389 expr->ctype = ctype;
1390 default:
1391 /* nothing */;
1392 }
1393 return ctype;
1394 }
1395
1396 static struct symbol *evaluate_addressof(struct expression *expr)
1397 {
1398 struct expression *op = expr->unop;
1399 struct symbol *ctype;
1400
1401 if (op->op != '*' || op->type != EXPR_PREOP) {
1402 sparse_error(expr->pos, "not addressable");
1403 return NULL;
1404 }
1405 ctype = op->ctype;
1406 *expr = *op->unop;
1407
1408 if (expr->type == EXPR_SYMBOL) {
1409 struct symbol *sym = expr->symbol;
1410 sym->ctype.modifiers |= MOD_ADDRESSABLE;
1411 }
1412
1413 /*
1414 * symbol expression evaluation is lazy about the type
1415 * of the sub-expression, so we may have to generate
1416 * the type here if so..
1417 */
1418 if (expr->ctype == &lazy_ptr_ctype) {
1419 ctype = create_pointer(expr, ctype, 0);
1420 expr->ctype = ctype;
1421 }
1422 return expr->ctype;
1423 }
1424
1425
1426 static struct symbol *evaluate_dereference(struct expression *expr)
1427 {
1428 struct expression *op = expr->unop;
1429 struct symbol *ctype = op->ctype, *node, *target;
1430
1431 /* Simplify: *&(expr) => (expr) */
1432 if (op->type == EXPR_PREOP && op->op == '&') {
1433 *expr = *op->unop;
1434 return expr->ctype;
1435 }
1436
1437 /* Dereferencing a node drops all the node information. */
1438 if (ctype->type == SYM_NODE)
1439 ctype = ctype->ctype.base_type;
1440
1441 node = alloc_symbol(expr->pos, SYM_NODE);
1442 target = ctype->ctype.base_type;
1443
1444 switch (ctype->type) {
1445 default:
1446 sparse_error(expr->pos, "cannot derefence this type");
1447 return NULL;
1448 case SYM_PTR:
1449 node->ctype.modifiers = target->ctype.modifiers & MOD_SPECIFIER;
1450 merge_type(node, ctype);
1451 break;
1452
1453 case SYM_ARRAY:
1454 if (!lvalue_expression(op)) {
1455 sparse_error(op->pos, "non-lvalue array??");
1456 return NULL;
1457 }
1458
1459 /* Do the implied "addressof" on the array */
1460 *op = *op->unop;
1461
1462 /*
1463 * When an array is dereferenced, we need to pick
1464 * up the attributes of the original node too..
1465 */
1466 merge_type(node, op->ctype);
1467 merge_type(node, ctype);
1468 break;
1469 }
1470
1471 node->bit_size = target->bit_size;
1472 node->array_size = target->array_size;
1473
1474 expr->ctype = node;
1475 return node;
1476 }
1477
1478 /*
1479 * Unary post-ops: x++ and x--
1480 */
1481 static struct symbol *evaluate_postop(struct expression *expr)
1482 {
1483 struct expression *op = expr->unop;
1484 struct symbol *ctype = op->ctype;
1485
1486 if (!lvalue_expression(expr->unop)) {
1487 sparse_error(expr->pos, "need lvalue expression for ++/--");
1488 return NULL;
1489 }
1490 if (is_restricted_type(ctype) && restricted_unop(expr->op, ctype)) {
1491 sparse_error(expr->pos, "bad operation on restricted");
1492 return NULL;
1493 }
1494
1495 evaluate_assign_to(op, ctype);
1496
1497 expr->ctype = ctype;
1498 expr->op_value = 1;
1499 if (is_ptr_type(ctype))
1500 expr->op_value = ptr_object_size(ctype) >> 3;
1501
1502 return ctype;
1503 }
1504
1505 static struct symbol *evaluate_sign(struct expression *expr)
1506 {
1507 struct symbol *ctype = expr->unop->ctype;
1508 if (is_int_type(ctype)) {
1509 struct symbol *rtype = rtype = integer_promotion(ctype);
1510 expr->unop = cast_to(expr->unop, rtype);
1511 ctype = rtype;
1512 } else if (is_float_type(ctype) && expr->op != '~') {
1513 /* no conversions needed */
1514 } else if (is_restricted_type(ctype) && !restricted_unop(expr->op, ctype)) {
1515 /* no conversions needed */
1516 } else {
1517 return bad_expr_type(expr);
1518 }
1519 if (expr->op == '+')
1520 *expr = *expr->unop;
1521 expr->ctype = ctype;
1522 return ctype;
1523 }
1524
1525 static struct symbol *evaluate_preop(struct expression *expr)
1526 {
1527 struct symbol *ctype = expr->unop->ctype;
1528
1529 switch (expr->op) {
1530 case '(':
1531 *expr = *expr->unop;
1532 return ctype;
1533
1534 case '+':
1535 case '-':
1536 case '~':
1537 return evaluate_sign(expr);
1538
1539 case '*':
1540 return evaluate_dereference(expr);
1541
1542 case '&':
1543 return evaluate_addressof(expr);
1544
1545 case SPECIAL_INCREMENT:
1546 case SPECIAL_DECREMENT:
1547 /*
1548 * From a type evaluation standpoint the pre-ops are
1549 * the same as the postops
1550 */
1551 return evaluate_postop(expr);
1552
1553 case '!':
1554 if (is_safe_type(ctype))
1555 warning(expr->pos, "testing a 'safe expression'");
1556 if (is_float_type(ctype)) {
1557 struct expression *arg = expr->unop;
1558 expr->type = EXPR_BINOP;
1559 expr->op = SPECIAL_EQUAL;
1560 expr->left = arg;
1561 expr->right = alloc_expression(expr->pos, EXPR_FVALUE);
1562 expr->right->ctype = ctype;
1563 expr->right->fvalue = 0;
1564 }
1565 ctype = &bool_ctype;
1566 break;
1567
1568 default:
1569 break;
1570 }
1571 expr->ctype = ctype;
1572 return &bool_ctype;
1573 }
1574
1575 static struct symbol *find_identifier(struct ident *ident, struct symbol_list *_list, int *offset)
1576 {
1577 struct ptr_list *head = (struct ptr_list *)_list;
1578 struct ptr_list *list = head;
1579
1580 if (!head)
1581 return NULL;
1582 do {
1583 int i;
1584 for (i = 0; i < list->nr; i++) {
1585 struct symbol *sym = (struct symbol *) list->list[i];
1586 if (sym->ident) {
1587 if (sym->ident != ident)
1588 continue;
1589 *offset = sym->offset;
1590 return sym;
1591 } else {
1592 struct symbol *ctype = sym->ctype.base_type;
1593 struct symbol *sub;
1594 if (!ctype)
1595 continue;
1596 if (ctype->type != SYM_UNION && ctype->type != SYM_STRUCT)
1597 continue;
1598 sub = find_identifier(ident, ctype->symbol_list, offset);
1599 if (!sub)
1600 continue;
1601 *offset += sym->offset;
1602 return sub;
1603 }
1604 }
1605 } while ((list = list->next) != head);
1606 return NULL;
1607 }
1608
1609 static struct expression *evaluate_offset(struct expression *expr, unsigned long offset)
1610 {
1611 struct expression *add;
1612
1613 /*
1614 * Create a new add-expression
1615 *
1616 * NOTE! Even if we just add zero, we need a new node
1617 * for the member pointer, since it has a different
1618 * type than the original pointer. We could make that
1619 * be just a cast, but the fact is, a node is a node,
1620 * so we might as well just do the "add zero" here.
1621 */
1622 add = alloc_expression(expr->pos, EXPR_BINOP);
1623 add->op = '+';
1624 add->left = expr;
1625 add->right = alloc_expression(expr->pos, EXPR_VALUE);
1626 add->right->ctype = &int_ctype;
1627 add->right->value = offset;
1628
1629 /*
1630 * The ctype of the pointer will be lazily evaluated if
1631 * we ever take the address of this member dereference..
1632 */
1633 add->ctype = &lazy_ptr_ctype;
1634 return add;
1635 }
1636
1637 /* structure/union dereference */
1638 static struct symbol *evaluate_member_dereference(struct expression *expr)
1639 {
1640 int offset;
1641 struct symbol *ctype, *member;
1642 struct expression *deref = expr->deref, *add;
1643 struct ident *ident = expr->member;
1644 unsigned int mod;
1645 int address_space;
1646
1647 if (!evaluate_expression(deref))
1648 return NULL;
1649 if (!ident) {
1650 sparse_error(expr->pos, "bad member name");
1651 return NULL;
1652 }
1653
1654 ctype = deref->ctype;
1655 address_space = ctype->ctype.as;
1656 mod = ctype->ctype.modifiers;
1657 if (ctype->type == SYM_NODE) {
1658 ctype = ctype->ctype.base_type;
1659 address_space |= ctype->ctype.as;
1660 mod |= ctype->ctype.modifiers;
1661 }
1662 if (!ctype || (ctype->type != SYM_STRUCT && ctype->type != SYM_UNION)) {
1663 sparse_error(expr->pos, "expected structure or union");
1664 return NULL;
1665 }
1666 examine_symbol_type(ctype);
1667 offset = 0;
1668 member = find_identifier(ident, ctype->symbol_list, &offset);
1669 if (!member) {
1670 const char *type = ctype->type == SYM_STRUCT ? "struct" : "union";
1671 const char *name = "<unnamed>";
1672 int namelen = 9;
1673 if (ctype->ident) {
1674 name = ctype->ident->name;
1675 namelen = ctype->ident->len;
1676 }
1677 sparse_error(expr->pos, "no member '%s' in %s %.*s",
1678 show_ident(ident), type, namelen, name);
1679 return NULL;
1680 }
1681
1682 /*
1683 * The member needs to take on the address space and modifiers of
1684 * the "parent" type.
1685 */
1686 member = convert_to_as_mod(member, address_space, mod);
1687 ctype = get_base_type(member);
1688
1689 if (!lvalue_expression(deref)) {
1690 if (deref->type != EXPR_SLICE) {
1691 expr->base = deref;
1692 expr->r_bitpos = 0;
1693 } else {
1694 expr->base = deref->base;
1695 expr->r_bitpos = deref->r_bitpos;
1696 }
1697 expr->r_bitpos += offset << 3;
1698 expr->type = EXPR_SLICE;
1699 expr->r_nrbits = member->bit_size;
1700 expr->r_bitpos += member->bit_offset;
1701 expr->ctype = member;
1702 return member;
1703 }
1704
1705 deref = deref->unop;
1706 expr->deref = deref;
1707
1708 add = evaluate_offset(deref, offset);
1709 expr->type = EXPR_PREOP;
1710 expr->op = '*';
1711 expr->unop = add;
1712
1713 expr->ctype = member;
1714 return member;
1715 }
1716
1717 static int is_promoted(struct expression *expr)
1718 {
1719 while (1) {
1720 switch (expr->type) {
1721 case EXPR_BINOP:
1722 case EXPR_SELECT:
1723 case EXPR_CONDITIONAL:
1724 return 1;
1725 case EXPR_COMMA:
1726 expr = expr->right;
1727 continue;
1728 case EXPR_PREOP:
1729 switch (expr->op) {
1730 case '(':
1731 expr = expr->unop;
1732 continue;
1733 case '+':
1734 case '-':
1735 case '~':
1736 return 1;
1737 default:
1738 return 0;
1739 }
1740 default:
1741 return 0;
1742 }
1743 }
1744 }
1745
1746
1747 static struct symbol *evaluate_cast(struct expression *);
1748
1749 static struct symbol *evaluate_type_information(struct expression *expr)
1750 {
1751 struct symbol *sym = expr->cast_type;
1752 if (!sym) {
1753 sym = evaluate_expression(expr->cast_expression);
1754 if (!sym)
1755 return NULL;
1756 /*
1757 * Expressions of restricted types will possibly get
1758 * promoted - check that here
1759 */
1760 if (is_restricted_type(sym)) {
1761 if (sym->bit_size < bits_in_int && is_promoted(expr))
1762 sym = &int_ctype;
1763 }
1764 }
1765 examine_symbol_type(sym);
1766 if (is_bitfield_type(sym)) {
1767 sparse_error(expr->pos, "trying to examine bitfield type");
1768 return NULL;
1769 }
1770 return sym;
1771 }
1772
1773 static struct symbol *evaluate_sizeof(struct expression *expr)
1774 {
1775 struct symbol *type;
1776 int size;
1777
1778 type = evaluate_type_information(expr);
1779 if (!type)
1780 return NULL;
1781
1782 size = type->bit_size;
1783 if ((size < 0) || (size & 7))
1784 sparse_error(expr->pos, "cannot size expression");
1785 expr->type = EXPR_VALUE;
1786 expr->value = size >> 3;
1787 expr->ctype = size_t_ctype;
1788 return size_t_ctype;
1789 }
1790
1791 static struct symbol *evaluate_ptrsizeof(struct expression *expr)
1792 {
1793 struct symbol *type;
1794 int size;
1795
1796 type = evaluate_type_information(expr);
1797 if (!type)
1798 return NULL;
1799
1800 if (type->type == SYM_NODE)
1801 type = type->ctype.base_type;
1802 if (!type)
1803 return NULL;
1804 switch (type->type) {
1805 case SYM_ARRAY:
1806 break;
1807 case SYM_PTR:
1808 type = get_base_type(type);
1809 if (type)
1810 break;
1811 default:
1812 sparse_error(expr->pos, "expected pointer expression");
1813 return NULL;
1814 }
1815 size = type->bit_size;
1816 if (size & 7)
1817 size = 0;
1818 expr->type = EXPR_VALUE;
1819 expr->value = size >> 3;
1820 expr->ctype = size_t_ctype;
1821 return size_t_ctype;
1822 }
1823
1824 static struct symbol *evaluate_alignof(struct expression *expr)
1825 {
1826 struct symbol *type;
1827
1828 type = evaluate_type_information(expr);
1829 if (!type)
1830 return NULL;
1831
1832 expr->type = EXPR_VALUE;
1833 expr->value = type->ctype.alignment;
1834 expr->ctype = size_t_ctype;
1835 return size_t_ctype;
1836 }
1837
1838 static int evaluate_arguments(struct symbol *f, struct symbol *fn, struct expression_list *head)
1839 {
1840 struct expression *expr;
1841 struct symbol_list *argument_types = fn->arguments;
1842 struct symbol *argtype;
1843 int i = 1;
1844
1845 PREPARE_PTR_LIST(argument_types, argtype);
1846 FOR_EACH_PTR (head, expr) {
1847 struct expression **p = THIS_ADDRESS(expr);
1848 struct symbol *ctype, *target;
1849 ctype = evaluate_expression(expr);
1850
1851 if (!ctype)
1852 return 0;
1853
1854 ctype = degenerate(expr);
1855
1856 target = argtype;
1857 if (!target && ctype->bit_size < bits_in_int)
1858 target = &int_ctype;
1859 if (target) {
1860 static char where[30];
1861 examine_symbol_type(target);
1862 sprintf(where, "argument %d", i);
1863 compatible_assignment_types(expr, target, p, ctype, where, '=');
1864 }
1865
1866 i++;
1867 NEXT_PTR_LIST(argtype);
1868 } END_FOR_EACH_PTR(expr);
1869 FINISH_PTR_LIST(argtype);
1870 return 1;
1871 }
1872
1873 static void evaluate_initializer(struct symbol *ctype, struct expression **ep);
1874
1875 static int evaluate_one_array_initializer(struct symbol *ctype, struct expression **ep, int current)
1876 {
1877 struct expression *entry = *ep;
1878 struct expression **parent, *reuse = NULL;
1879 unsigned long offset;
1880 struct symbol *sym;
1881 unsigned long from, to;
1882 int accept_string = is_byte_type(ctype);
1883
1884 from = current;
1885 to = from+1;
1886 parent = ep;
1887 if (entry->type == EXPR_INDEX) {
1888 from = entry->idx_from;
1889 to = entry->idx_to+1;
1890 parent = &entry->idx_expression;
1891 reuse = entry;
1892 entry = entry->idx_expression;
1893 }
1894
1895 offset = from * (ctype->bit_size>>3);
1896 if (offset) {
1897 if (!reuse) reuse = alloc_expression(entry->pos, EXPR_POS);
1898 reuse->type = EXPR_POS;
1899 reuse->ctype = ctype;
1900 reuse->init_offset = offset;
1901 reuse->init_nr = to - from;
1902 reuse->init_expr = entry;
1903 parent = &reuse->init_expr;
1904 entry = reuse;
1905 }
1906 *ep = entry;
1907
1908 if (accept_string && entry->type == EXPR_STRING) {
1909 sym = evaluate_expression(entry);
1910 to = from + get_expression_value(sym->array_size);
1911 } else {
1912 evaluate_initializer(ctype, parent);
1913 }
1914 return to;
1915 }
1916
1917 static void evaluate_array_initializer(struct symbol *ctype, struct expression *expr)
1918 {
1919 struct expression *entry;
1920 int current = 0;
1921
1922 FOR_EACH_PTR(expr->expr_list, entry) {
1923 current = evaluate_one_array_initializer(ctype, THIS_ADDRESS(entry), current);
1924 } END_FOR_EACH_PTR(entry);
1925 }
1926
1927 /* A scalar initializer is allowed, and acts pretty much like an array of one */
1928 static void evaluate_scalar_initializer(struct symbol *ctype, struct expression *expr)
1929 {
1930 if (expression_list_size(expr->expr_list) != 1) {
1931 sparse_error(expr->pos, "unexpected compound initializer");
1932 return;
1933 }
1934 evaluate_array_initializer(ctype, expr);
1935 return;
1936 }
1937
1938 static struct symbol *find_struct_ident(struct symbol *ctype, struct ident *ident)
1939 {
1940 struct symbol *sym;
1941
1942 FOR_EACH_PTR(ctype->symbol_list, sym) {
1943 if (sym->ident == ident)
1944 return sym;
1945 } END_FOR_EACH_PTR(sym);
1946 return NULL;
1947 }
1948
1949 static int evaluate_one_struct_initializer(struct symbol *ctype, struct expression **ep, struct symbol *sym)
1950 {
1951 struct expression *entry = *ep;
1952 struct expression **parent;
1953 struct expression *reuse = NULL;
1954 unsigned long offset;
1955
1956 if (!sym) {
1957 sparse_error(entry->pos, "unknown named initializer");
1958 return -1;
1959 }
1960
1961 if (entry->type == EXPR_IDENTIFIER) {
1962 reuse = entry;
1963 entry = entry->ident_expression;
1964 }
1965
1966 parent = ep;
1967 offset = sym->offset;
1968 if (offset) {
1969 if (!reuse)
1970 reuse = alloc_expression(entry->pos, EXPR_POS);
1971 reuse->type = EXPR_POS;
1972 reuse->ctype = sym;
1973 reuse->init_offset = offset;
1974 reuse->init_nr = 1;
1975 reuse->init_expr = entry;
1976 parent = &reuse->init_expr;
1977 entry = reuse;
1978 }
1979 *ep = entry;
1980 evaluate_initializer(sym, parent);
1981 return 0;
1982 }
1983
1984 static void evaluate_struct_or_union_initializer(struct symbol *ctype, struct expression *expr, int multiple)
1985 {
1986 struct expression *entry;
1987 struct symbol *sym;
1988
1989 PREPARE_PTR_LIST(ctype->symbol_list, sym);
1990 FOR_EACH_PTR(expr->expr_list, entry) {
1991 if (entry->type == EXPR_IDENTIFIER) {
1992 struct ident *ident = entry->expr_ident;
1993 /* We special-case the "already right place" case */
1994 if (!sym || sym->ident != ident) {
1995 RESET_PTR_LIST(sym);
1996 for (;;) {
1997 if (!sym)
1998 break;
1999 if (sym->ident == ident)
2000 break;
2001 NEXT_PTR_LIST(sym);
2002 }
2003 }
2004 }
2005 if (evaluate_one_struct_initializer(ctype, THIS_ADDRESS(entry), sym))
2006 return;
2007 NEXT_PTR_LIST(sym);
2008 } END_FOR_EACH_PTR(entry);
2009 FINISH_PTR_LIST(sym);
2010 }
2011
2012 /*
2013 * Initializers are kind of like assignments. Except
2014 * they can be a hell of a lot more complex.
2015 */
2016 static void evaluate_initializer(struct symbol *ctype, struct expression **ep)
2017 {
2018 struct expression *expr = *ep;
2019
2020 /*
2021 * Simple non-structure/array initializers are the simple
2022 * case, and look (and parse) largely like assignments.
2023 */
2024 switch (expr->type) {
2025 default: {
2026 int is_string = expr->type == EXPR_STRING;
2027 struct symbol *rtype = evaluate_expression(expr);
2028 if (rtype) {
2029 /*
2030 * Special case:
2031 * char array[] = "string"
2032 * should _not_ degenerate.
2033 */
2034 if (!is_string || !is_string_type(ctype))
2035 rtype = degenerate(expr);
2036 compatible_assignment_types(expr, ctype, ep, rtype, "initializer", '=');
2037 }
2038 return;
2039 }
2040
2041 case EXPR_INITIALIZER:
2042 expr->ctype = ctype;
2043 if (ctype->type == SYM_NODE)
2044 ctype = ctype->ctype.base_type;
2045
2046 switch (ctype->type) {
2047 case SYM_ARRAY:
2048 case SYM_PTR:
2049 evaluate_array_initializer(get_base_type(ctype), expr);
2050 return;
2051 case SYM_UNION:
2052 evaluate_struct_or_union_initializer(ctype, expr, 0);
2053 return;
2054 case SYM_STRUCT:
2055 evaluate_struct_or_union_initializer(ctype, expr, 1);
2056 return;
2057 default:
2058 evaluate_scalar_initializer(ctype, expr);
2059 return;
2060 }
2061
2062 case EXPR_IDENTIFIER:
2063 if (ctype->type == SYM_NODE)
2064 ctype = ctype->ctype.base_type;
2065 if (ctype->type != SYM_STRUCT && ctype->type != SYM_UNION) {
2066 sparse_error(expr->pos, "expected structure or union for '%s' dereference", show_ident(expr->expr_ident));
2067 show_symbol(ctype);
2068 return;
2069 }
2070 evaluate_one_struct_initializer(ctype, ep,
2071 find_struct_ident(ctype, expr->expr_ident));
2072 return;
2073
2074 case EXPR_INDEX:
2075 if (ctype->type == SYM_NODE)
2076 ctype = ctype->ctype.base_type;
2077 if (ctype->type != SYM_ARRAY) {
2078 sparse_error(expr->pos, "expected array");
2079 return;
2080 }
2081 evaluate_one_array_initializer(ctype->ctype.base_type, ep, 0);
2082 return;
2083
2084 case EXPR_POS:
2085 /*
2086 * An EXPR_POS expression has already been evaluated, and we don't
2087 * need to do anything more
2088 */
2089 return;
2090 }
2091 }
2092
2093 static int get_as(struct symbol *sym)
2094 {
2095 int as;
2096 unsigned long mod;
2097
2098 if (!sym)
2099 return 0;
2100 as = sym->ctype.as;
2101 mod = sym->ctype.modifiers;
2102 if (sym->type == SYM_NODE) {
2103 sym = sym->ctype.base_type;
2104 as |= sym->ctype.as;
2105 mod |= sym->ctype.modifiers;
2106 }
2107
2108 /*
2109 * At least for now, allow casting to a "unsigned long".
2110 * That's how we do things like pointer arithmetic and
2111 * store pointers to registers.
2112 */
2113 if (sym == &ulong_ctype)
2114 return -1;
2115
2116 if (sym && sym->type == SYM_PTR) {
2117 sym = get_base_type(sym);
2118 as |= sym->ctype.as;
2119 mod |= sym->ctype.modifiers;
2120 }
2121 if (mod & MOD_FORCE)
2122 return -1;
2123 return as;
2124 }
2125
2126 static void cast_to_as(struct expression *e, int as)
2127 {
2128 struct expression *v = e->cast_expression;
2129
2130 if (!Wcast_to_address_space)
2131 return;
2132
2133 /* cast from constant 0 to pointer is OK */
2134 if (v->type == EXPR_VALUE && is_int_type(v->ctype) && !v->value)
2135 return;
2136
2137 warning(e->pos, "cast adds address space to expression (<asn:%d>)", as);
2138 }
2139
2140 static struct symbol *evaluate_cast(struct expression *expr)
2141 {
2142 struct expression *target = expr->cast_expression;
2143 struct symbol *ctype = examine_symbol_type(expr->cast_type);
2144 struct symbol *t1, *t2;
2145 enum type type1, type2;
2146 int as1, as2;
2147
2148 if (!target)
2149 return NULL;
2150
2151 expr->ctype = ctype;
2152 expr->cast_type = ctype;
2153
2154 /*
2155 * Special case: a cast can be followed by an
2156 * initializer, in which case we need to pass
2157 * the type value down to that initializer rather
2158 * than trying to evaluate it as an expression
2159 *
2160 * A more complex case is when the initializer is
2161 * dereferenced as part of a post-fix expression.
2162 * We need to produce an expression that can be dereferenced.
2163 */
2164 if (target->type == EXPR_INITIALIZER) {
2165 struct symbol *sym = expr->cast_type;
2166 struct expression *addr = alloc_expression(expr->pos, EXPR_SYMBOL);
2167
2168 sym->initializer = expr->cast_expression;
2169 evaluate_symbol(sym);
2170
2171 addr->ctype = &lazy_ptr_ctype; /* Lazy eval */
2172 addr->symbol = sym;
2173
2174 expr->type = EXPR_PREOP;
2175 expr->op = '*';
2176 expr->unop = addr;
2177 expr->ctype = sym;
2178
2179 return sym;
2180 }
2181
2182 evaluate_expression(target);
2183 degenerate(target);
2184
2185 t1 = ctype;
2186 if (t1->type == SYM_NODE)
2187 t1 = t1->ctype.base_type;
2188 if (t1->type == SYM_ENUM)
2189 t1 = t1->ctype.base_type;
2190
2191 /*
2192 * You can always throw a value away by casting to
2193 * "void" - that's an implicit "force". Note that
2194 * the same is _not_ true of "void *".
2195 */
2196 if (t1 == &void_ctype)
2197 goto out;
2198
2199 type1 = t1->type;
2200 if (type1 == SYM_ARRAY || type1 == SYM_UNION || type1 == SYM_STRUCT)
2201 warning(expr->pos, "cast to non-scalar");
2202
2203 t2 = target->ctype;
2204 if (!t2) {
2205 sparse_error(expr->pos, "cast from unknown type");
2206 goto out;
2207 }
2208 if (t2->type == SYM_NODE)
2209 t2 = t2->ctype.base_type;
2210 if (t2->type == SYM_ENUM)
2211 t2 = t2->ctype.base_type;
2212
2213 type2 = t2->type;
2214 if (type2 == SYM_ARRAY || type2 == SYM_UNION || type2 == SYM_STRUCT)
2215 warning(expr->pos, "cast from non-scalar");
2216
2217 if (!(ctype->ctype.modifiers & MOD_FORCE) && t1 != t2) {
2218 if (t1->type == SYM_RESTRICT)
2219 warning(expr->pos, "cast to restricted type");
2220 if (t2->type == SYM_RESTRICT)
2221 warning(expr->pos, "cast from restricted type");
2222 }
2223
2224 as1 = get_as(ctype);
2225 as2 = get_as(target->ctype);
2226 if (!as1 && as2 > 0)
2227 warning(expr->pos, "cast removes address space of expression");
2228 if (as1 > 0 && as2 > 0 && as1 != as2)
2229 warning(expr->pos, "cast between address spaces (<asn:%d>-><asn:%d>)", as2, as1);
2230 if (as1 > 0 && !as2)
2231 cast_to_as(expr, as1);
2232
2233 /*
2234 * Casts of constant values are special: they
2235 * can be NULL, and thus need to be simplified
2236 * early.
2237 */
2238 if (target->type == EXPR_VALUE)
2239 cast_value(expr, ctype, target, target->ctype);
2240
2241 out:
2242 return ctype;
2243 }
2244
2245 /*
2246 * Evaluate a call expression with a symbol. This
2247 * should expand inline functions, and evaluate
2248 * builtins.
2249 */
2250 static int evaluate_symbol_call(struct expression *expr)
2251 {
2252 struct expression *fn = expr->fn;
2253 struct symbol *ctype = fn->ctype;
2254
2255 if (fn->type != EXPR_PREOP)
2256 return 0;
2257
2258 if (ctype->op && ctype->op->evaluate)
2259 return ctype->op->evaluate(expr);
2260
2261 if (ctype->ctype.modifiers & MOD_INLINE) {
2262 int ret;
2263 struct symbol *curr = current_fn;
2264 current_fn = ctype->ctype.base_type;
2265 examine_fn_arguments(current_fn);
2266
2267 ret = inline_function(expr, ctype);
2268
2269 /* restore the old function */
2270 current_fn = curr;
2271 return ret;
2272 }
2273
2274 return 0;
2275 }
2276
2277 static struct symbol *evaluate_call(struct expression *expr)
2278 {
2279 int args, fnargs;
2280 struct symbol *ctype, *sym;
2281 struct expression *fn = expr->fn;
2282 struct expression_list *arglist = expr->args;
2283
2284 if (!evaluate_expression(fn))
2285 return NULL;
2286 sym = ctype = fn->ctype;
2287 if (ctype->type == SYM_NODE)
2288 ctype = ctype->ctype.base_type;
2289 if (ctype->type == SYM_PTR || ctype->type == SYM_ARRAY)
2290 ctype = get_base_type(ctype);
2291 if (!evaluate_arguments(sym, ctype, arglist))
2292 return NULL;
2293 if (ctype->type != SYM_FN) {
2294 sparse_error(expr->pos, "not a function %s", show_ident(sym->ident));
2295 return NULL;
2296 }
2297 args = expression_list_size(expr->args);
2298 fnargs = symbol_list_size(ctype->arguments);
2299 if (args < fnargs)
2300 sparse_error(expr->pos, "not enough arguments for function %s", show_ident(sym->ident));
2301 if (args > fnargs && !ctype->variadic)
2302 sparse_error(expr->pos, "too many arguments for function %s", show_ident(sym->ident));
2303 if (sym->type == SYM_NODE) {
2304 if (evaluate_symbol_call(expr))
2305 return expr->ctype;
2306 }
2307 expr->ctype = ctype->ctype.base_type;
2308 return expr->ctype;
2309 }
2310
2311 struct symbol *evaluate_expression(struct expression *expr)
2312 {
2313 if (!expr)
2314 return NULL;
2315 if (expr->ctype)
2316 return expr->ctype;
2317
2318 switch (expr->type) {
2319 case EXPR_VALUE:
2320 case EXPR_FVALUE:
2321 sparse_error(expr->pos, "value expression without a type");
2322 return NULL;
2323 case EXPR_STRING:
2324 return evaluate_string(expr);
2325 case EXPR_SYMBOL:
2326 return evaluate_symbol_expression(expr);
2327 case EXPR_BINOP:
2328 if (!evaluate_expression(expr->left))
2329 return NULL;
2330 if (!evaluate_expression(expr->right))
2331 return NULL;
2332 return evaluate_binop(expr);
2333 case EXPR_LOGICAL:
2334 return evaluate_logical(expr);
2335 case EXPR_COMMA:
2336 evaluate_expression(expr->left);
2337 if (!evaluate_expression(expr->right))
2338 return NULL;
2339 return evaluate_comma(expr);
2340 case EXPR_COMPARE:
2341 if (!evaluate_expression(expr->left))
2342 return NULL;
2343 if (!evaluate_expression(expr->right))
2344 return NULL;
2345 return evaluate_compare(expr);
2346 case EXPR_ASSIGNMENT:
2347 if (!evaluate_expression(expr->left))
2348 return NULL;
2349 if (!evaluate_expression(expr->right))
2350 return NULL;
2351 return evaluate_assignment(expr);
2352 case EXPR_PREOP:
2353 if (!evaluate_expression(expr->unop))
2354 return NULL;
2355 return evaluate_preop(expr);
2356 case EXPR_POSTOP:
2357 if (!evaluate_expression(expr->unop))
2358 return NULL;
2359 return evaluate_postop(expr);
2360 case EXPR_CAST:
2361 case EXPR_IMPLIED_CAST:
2362 return evaluate_cast(expr);
2363 case EXPR_SIZEOF:
2364 return evaluate_sizeof(expr);
2365 case EXPR_PTRSIZEOF:
2366 return evaluate_ptrsizeof(expr);
2367 case EXPR_ALIGNOF:
2368 return evaluate_alignof(expr);
2369 case EXPR_DEREF:
2370 return evaluate_member_dereference(expr);
2371 case EXPR_CALL:
2372 return evaluate_call(expr);
2373 case EXPR_SELECT:
2374 case EXPR_CONDITIONAL:
2375 return evaluate_conditional_expression(expr);
2376 case EXPR_STATEMENT:
2377 expr->ctype = evaluate_statement(expr->statement);
2378 return expr->ctype;
2379
2380 case EXPR_LABEL:
2381 expr->ctype = &ptr_ctype;
2382 return &ptr_ctype;
2383
2384 case EXPR_TYPE:
2385 /* Evaluate the type of the symbol .. */
2386 evaluate_symbol(expr->symbol);
2387 /* .. but the type of the _expression_ is a "type" */
2388 expr->ctype = &type_ctype;
2389 return &type_ctype;
2390
2391 /* These can not exist as stand-alone expressions */
2392 case EXPR_INITIALIZER:
2393 case EXPR_IDENTIFIER:
2394 case EXPR_INDEX:
2395 case EXPR_POS:
2396 sparse_error(expr->pos, "internal front-end error: initializer in expression");
2397 return NULL;
2398 case EXPR_SLICE:
2399 sparse_error(expr->pos, "internal front-end error: SLICE re-evaluated");
2400 return NULL;
2401 }
2402 return NULL;
2403 }
2404
2405 static void check_duplicates(struct symbol *sym)
2406 {
2407 int declared = 0;
2408 struct symbol *next = sym;
2409
2410 while ((next = next->same_symbol) != NULL) {
2411 const char *typediff;
2412 evaluate_symbol(next);
2413 declared++;
2414 typediff = type_difference(sym, next, 0, 0);
2415 if (typediff) {
2416 sparse_error(sym->pos, "symbol '%s' redeclared with different type (originally declared at %s:%d) - %s",
2417 show_ident(sym->ident),
2418 stream_name(next->pos.stream), next->pos.line, typediff);
2419 return;
2420 }
2421 }
2422 if (!declared) {
2423 unsigned long mod = sym->ctype.modifiers;
2424 if (mod & (MOD_STATIC | MOD_REGISTER))
2425 return;
2426 if (!(mod & MOD_TOPLEVEL))
2427 return;
2428 if (!Wdecl)
2429 return;
2430 if (sym->ident == &main_ident)
2431 return;
2432 warning(sym->pos, "symbol '%s' was not declared. Should it be static?", show_ident(sym->ident));
2433 }
2434 }
2435
2436 static struct symbol *evaluate_symbol(struct symbol *sym)
2437 {
2438 struct symbol *base_type;
2439
2440 if (!sym)
2441 return sym;
2442 if (sym->evaluated)
2443 return sym;
2444 sym->evaluated = 1;
2445
2446 sym = examine_symbol_type(sym);
2447 base_type = get_base_type(sym);
2448 if (!base_type)
2449 return NULL;
2450
2451 /* Evaluate the initializers */
2452 if (sym->initializer)
2453 evaluate_initializer(sym, &sym->initializer);
2454
2455 /* And finally, evaluate the body of the symbol too */
2456 if (base_type->type == SYM_FN) {
2457 struct symbol *curr = current_fn;
2458
2459 current_fn = base_type;
2460
2461 examine_fn_arguments(base_type);
2462 if (!base_type->stmt && base_type->inline_stmt)
2463 uninline(sym);
2464 if (base_type->stmt)
2465 evaluate_statement(base_type->stmt);
2466
2467 current_fn = curr;
2468 }
2469
2470 return base_type;
2471 }
2472
2473 void evaluate_symbol_list(struct symbol_list *list)
2474 {
2475 struct symbol *sym;
2476
2477 FOR_EACH_PTR(list, sym) {
2478 evaluate_symbol(sym);
2479 check_duplicates(sym);
2480 } END_FOR_EACH_PTR(sym);
2481 }
2482
2483 static struct symbol *evaluate_return_expression(struct statement *stmt)
2484 {
2485 struct expression *expr = stmt->expression;
2486 struct symbol *ctype, *fntype;
2487
2488 evaluate_expression(expr);
2489 ctype = degenerate(expr);
2490 fntype = current_fn->ctype.base_type;
2491 if (!fntype || fntype == &void_ctype) {
2492 if (expr && ctype != &void_ctype)
2493 sparse_error(expr->pos, "return expression in %s function", fntype?"void":"typeless");
2494 return NULL;
2495 }
2496
2497 if (!expr) {
2498 sparse_error(stmt->pos, "return with no return value");
2499 return NULL;
2500 }
2501 if (!ctype)
2502 return NULL;
2503 compatible_assignment_types(expr, fntype, &stmt->expression, ctype, "return expression", '=');
2504 return NULL;
2505 }
2506
2507 static void evaluate_if_statement(struct statement *stmt)
2508 {
2509 if (!stmt->if_conditional)
2510 return;
2511
2512 evaluate_conditional(stmt->if_conditional, 0);
2513 evaluate_statement(stmt->if_true);
2514 evaluate_statement(stmt->if_false);
2515 }
2516
2517 static void evaluate_iterator(struct statement *stmt)
2518 {
2519 evaluate_conditional(stmt->iterator_pre_condition, 1);
2520 evaluate_conditional(stmt->iterator_post_condition,1);
2521 evaluate_statement(stmt->iterator_pre_statement);
2522 evaluate_statement(stmt->iterator_statement);
2523 evaluate_statement(stmt->iterator_post_statement);
2524 }
2525
2526 static void verify_output_constraint(struct expression *expr, const char *constraint)
2527 {
2528 switch (*constraint) {
2529 case '=': /* Assignment */
2530 case '+': /* Update */
2531 break;
2532 default:
2533 sparse_error(expr->pos, "output constraint is not an assignment constraint (\"%s\")", constraint);
2534 }
2535 }
2536
2537 static void verify_input_constraint(struct expression *expr, const char *constraint)
2538 {
2539 switch (*constraint) {
2540 case '=': /* Assignment */
2541 case '+': /* Update */
2542 sparse_error(expr->pos, "input constraint with assignment (\"%s\")", constraint);
2543 }
2544 }
2545
2546 static void evaluate_asm_statement(struct statement *stmt)
2547 {
2548 struct expression *expr;
2549 int state;
2550
2551 expr = stmt->asm_string;
2552 if (!expr || expr->type != EXPR_STRING) {
2553 sparse_error(stmt->pos, "need constant string for inline asm");
2554 return;
2555 }
2556
2557 state = 0;
2558 FOR_EACH_PTR(stmt->asm_outputs, expr) {
2559 struct ident *ident;
2560
2561 switch (state) {
2562 case 0: /* Identifier */
2563 state = 1;
2564 ident = (struct ident *)expr;
2565 continue;
2566
2567 case 1: /* Constraint */
2568 state = 2;
2569 if (!expr || expr->type != EXPR_STRING) {
2570 sparse_error(expr ? expr->pos : stmt->pos, "asm output constraint is not a string");
2571 *THIS_ADDRESS(expr) = NULL;
2572 continue;
2573 }
2574 verify_output_constraint(expr, expr->string->data);
2575 continue;
2576
2577 case 2: /* Expression */
2578 state = 0;
2579 if (!evaluate_expression(expr))
2580 return;
2581 if (!lvalue_expression(expr))
2582 warning(expr->pos, "asm output is not an lvalue");
2583 evaluate_assign_to(expr, expr->ctype);
2584 continue;
2585 }
2586 } END_FOR_EACH_PTR(expr);
2587
2588 state = 0;
2589 FOR_EACH_PTR(stmt->asm_inputs, expr) {
2590 struct ident *ident;
2591
2592 switch (state) {
2593 case 0: /* Identifier */
2594 state = 1;
2595 ident = (struct ident *)expr;
2596 continue;
2597
2598 case 1: /* Constraint */
2599 state = 2;
2600 if (!expr || expr->type != EXPR_STRING) {
2601 sparse_error(expr ? expr->pos : stmt->pos, "asm input constraint is not a string");
2602 *THIS_ADDRESS(expr) = NULL;
2603 continue;
2604 }
2605 verify_input_constraint(expr, expr->string->data);
2606 continue;
2607
2608 case 2: /* Expression */
2609 state = 0;
2610 if (!evaluate_expression(expr))
2611 return;
2612 continue;
2613 }
2614 } END_FOR_EACH_PTR(expr);
2615
2616 FOR_EACH_PTR(stmt->asm_clobbers, expr) {
2617 if (!expr) {
2618 sparse_error(stmt->pos, "bad asm output");
2619 return;
2620 }
2621 if (expr->type == EXPR_STRING)
2622 continue;
2623 sparse_error(expr->pos, "asm clobber is not a string");
2624 } END_FOR_EACH_PTR(expr);
2625 }
2626
2627 static void evaluate_case_statement(struct statement *stmt)
2628 {
2629 evaluate_expression(stmt->case_expression);
2630 evaluate_expression(stmt->case_to);
2631 evaluate_statement(stmt->case_statement);
2632 }
2633
2634 static void check_case_type(struct expression *switch_expr,
2635 struct expression *case_expr,
2636 struct expression **enumcase)
2637 {
2638 struct symbol *switch_type, *case_type;
2639 if (!case_expr)
2640 return;
2641 switch_type = switch_expr->ctype;
2642 case_type = evaluate_expression(case_expr);
2643
2644 if (case_type && switch_type) {
2645 if (enumcase) {
2646 if (*enumcase)
2647 warn_for_different_enum_types(case_expr->pos, case_type, (*enumcase)->ctype);
2648 else if (is_enum_type(case_type))
2649 *enumcase = case_expr;
2650 }
2651
2652 /* Both integer types? */
2653 if (compatible_restricted_binop(SPECIAL_EQUAL, &switch_expr, &case_expr))
2654 return;
2655 if (is_int_type(switch_type) && is_int_type(case_type))
2656 return;
2657 }
2658
2659 sparse_error(case_expr->pos, "incompatible types for 'case' statement");
2660 }
2661
2662 static void evaluate_switch_statement(struct statement *stmt)
2663 {
2664 struct symbol *sym;
2665 struct expression *enumcase = NULL;
2666 struct expression **enumcase_holder = &enumcase;
2667 struct expression *sel = stmt->switch_expression;
2668
2669 evaluate_expression(sel);
2670 evaluate_statement(stmt->switch_statement);
2671 if (!sel)
2672 return;
2673 if (sel->ctype && is_enum_type(sel->ctype))
2674 enumcase_holder = NULL; /* Only check cases against switch */
2675
2676 FOR_EACH_PTR(stmt->switch_case->symbol_list, sym) {
2677 struct statement *case_stmt = sym->stmt;
2678 check_case_type(sel, case_stmt->case_expression, enumcase_holder);
2679 check_case_type(sel, case_stmt->case_to, enumcase_holder);
2680 } END_FOR_EACH_PTR(sym);
2681 }
2682
2683 struct symbol *evaluate_statement(struct statement *stmt)
2684 {
2685 if (!stmt)
2686 return NULL;
2687
2688 switch (stmt->type) {
2689 case STMT_DECLARATION: {
2690 struct symbol *s;
2691 FOR_EACH_PTR(stmt->declaration, s) {
2692 evaluate_symbol(s);
2693 } END_FOR_EACH_PTR(s);
2694 return NULL;
2695 }
2696
2697 case STMT_RETURN:
2698 return evaluate_return_expression(stmt);
2699
2700 case STMT_EXPRESSION:
2701 if (!evaluate_expression(stmt->expression))
2702 return NULL;
2703 return degenerate(stmt->expression);
2704
2705 case STMT_COMPOUND: {
2706 struct statement *s;
2707 struct symbol *type = NULL;
2708
2709 /* Evaluate the return symbol in the compound statement */
2710 evaluate_symbol(stmt->ret);
2711
2712 /*
2713 * Then, evaluate each statement, making the type of the
2714 * compound statement be the type of the last statement
2715 */
2716 type = NULL;
2717 FOR_EACH_PTR(stmt->stmts, s) {
2718 type = evaluate_statement(s);
2719 } END_FOR_EACH_PTR(s);
2720 if (!type)
2721 type = &void_ctype;
2722 return type;
2723 }
2724 case STMT_IF:
2725 evaluate_if_statement(stmt);
2726 return NULL;
2727 case STMT_ITERATOR:
2728 evaluate_iterator(stmt);
2729 return NULL;
2730 case STMT_SWITCH:
2731 evaluate_switch_statement(stmt);
2732 return NULL;
2733 case STMT_CASE:
2734 evaluate_case_statement(stmt);
2735 return NULL;
2736 case STMT_LABEL:
2737 return evaluate_statement(stmt->label_statement);
2738 case STMT_GOTO:
2739 evaluate_expression(stmt->goto_expression);
2740 return NULL;
2741 case STMT_NONE:
2742 break;
2743 case STMT_ASM:
2744 evaluate_asm_statement(stmt);
2745 return NULL;
2746 case STMT_CONTEXT:
2747 evaluate_expression(stmt->expression);
2748 return NULL;
2749 case STMT_RANGE:
2750 evaluate_expression(stmt->range_expression);
2751 evaluate_expression(stmt->range_low);
2752 evaluate_expression(stmt->range_high);
2753 return NULL;
2754 }
2755 return NULL;
2756 }
Static analysis for C