Print this page
new smatch

Split Close
Expand all
Collapse all
          --- old/usr/src/tools/smatch/src/evaluate.c
          +++ new/usr/src/tools/smatch/src/evaluate.c
↓ open down ↓ 26 lines elided ↑ open up ↑
  27   27  #include <stdlib.h>
  28   28  #include <stdarg.h>
  29   29  #include <stddef.h>
  30   30  #include <stdio.h>
  31   31  #include <string.h>
  32   32  #include <ctype.h>
  33   33  #include <unistd.h>
  34   34  #include <fcntl.h>
  35   35  #include <limits.h>
  36   36  
       37 +#include "evaluate.h"
  37   38  #include "lib.h"
  38   39  #include "allocate.h"
  39   40  #include "parse.h"
  40   41  #include "token.h"
  41   42  #include "symbol.h"
  42   43  #include "target.h"
  43   44  #include "expression.h"
  44   45  
  45   46  struct symbol *current_fn;
  46   47  
       48 +struct ident bad_address_space = { .len = 6, .name = "bad AS", };
       49 +
  47   50  static struct symbol *degenerate(struct expression *expr);
  48   51  static struct symbol *evaluate_symbol(struct symbol *sym);
  49   52  
       53 +static inline int valid_expr_type(struct expression *expr)
       54 +{
       55 +        return expr && valid_type(expr->ctype);
       56 +}
       57 +
       58 +static inline int valid_subexpr_type(struct expression *expr)
       59 +{
       60 +        return valid_expr_type(expr->left)
       61 +            && valid_expr_type(expr->right);
       62 +}
       63 +
  50   64  static struct symbol *evaluate_symbol_expression(struct expression *expr)
  51   65  {
  52   66          struct expression *addr;
  53   67          struct symbol *sym = expr->symbol;
  54   68          struct symbol *base_type;
  55   69  
  56   70          if (!sym) {
  57   71                  expression_error(expr, "undefined identifier '%s'", show_ident(expr->symbol_name));
  58   72                  return NULL;
  59   73          }
↓ open down ↓ 129 lines elided ↑ open up ↑
 189  203  left:
 190  204          return left;
 191  205  }
 192  206  
 193  207  static int same_cast_type(struct symbol *orig, struct symbol *new)
 194  208  {
 195  209          return orig->bit_size == new->bit_size &&
 196  210                 orig->bit_offset == new->bit_offset;
 197  211  }
 198  212  
 199      -static struct symbol *base_type(struct symbol *node, unsigned long *modp, unsigned long *asp)
      213 +static struct symbol *base_type(struct symbol *node, unsigned long *modp, struct ident **asp)
 200  214  {
 201      -        unsigned long mod, as;
      215 +        unsigned long mod = 0;
      216 +        struct ident *as = NULL;
 202  217  
 203      -        mod = 0; as = 0;
 204  218          while (node) {
 205  219                  mod |= node->ctype.modifiers;
 206      -                as |= node->ctype.as;
      220 +                combine_address_space(node->pos, &as, node->ctype.as);
 207  221                  if (node->type == SYM_NODE) {
 208  222                          node = node->ctype.base_type;
 209  223                          continue;
 210  224                  }
 211  225                  break;
 212  226          }
 213  227          *modp = mod & ~MOD_IGNORE;
 214  228          *asp = as;
 215  229          return node;
 216  230  }
 217  231  
 218  232  static int is_same_type(struct expression *expr, struct symbol *new)
 219  233  {
 220  234          struct symbol *old = expr->ctype;
 221      -        unsigned long oldmod, newmod, oldas, newas;
      235 +        unsigned long oldmod, newmod;
      236 +        struct ident *oldas, *newas;
 222  237  
 223  238          old = base_type(old, &oldmod, &oldas);
 224  239          new = base_type(new, &newmod, &newas);
 225  240  
 226  241          /* Same base type, same address space? */
 227  242          if (old == new && oldas == newas) {
 228  243                  unsigned long difmod;
 229  244  
 230  245                  /* Check the modifier bits. */
 231  246                  difmod = (oldmod ^ newmod) & ~MOD_NOCAST;
↓ open down ↓ 154 lines elided ↑ open up ↑
 386  401  
 387  402  static inline int is_string_type(struct symbol *type)
 388  403  {
 389  404          if (type->type == SYM_NODE)
 390  405                  type = type->ctype.base_type;
 391  406          return type->type == SYM_ARRAY && is_byte_type(type->ctype.base_type);
 392  407  }
 393  408  
 394  409  static struct symbol *bad_expr_type(struct expression *expr)
 395  410  {
 396      -        sparse_error(expr->pos, "incompatible types for operation (%s)", show_special(expr->op));
 397  411          switch (expr->type) {
 398  412          case EXPR_BINOP:
 399  413          case EXPR_COMPARE:
      414 +                if (!valid_subexpr_type(expr))
      415 +                        break;
      416 +                sparse_error(expr->pos, "incompatible types for operation (%s)", show_special(expr->op));
 400  417                  info(expr->pos, "   left side has type %s", show_typename(expr->left->ctype));
 401  418                  info(expr->pos, "   right side has type %s", show_typename(expr->right->ctype));
 402  419                  break;
 403  420          case EXPR_PREOP:
 404  421          case EXPR_POSTOP:
      422 +                if (!valid_expr_type(expr->unop))
      423 +                        break;
      424 +                sparse_error(expr->pos, "incompatible types for operation (%s)", show_special(expr->op));
 405  425                  info(expr->pos, "   argument has type %s", show_typename(expr->unop->ctype));
 406  426                  break;
 407  427          default:
 408  428                  break;
 409  429          }
 410  430  
 411  431          expr->flags = CEF_NONE;
 412  432          return expr->ctype = &bad_ctype;
 413  433  }
 414  434  
↓ open down ↓ 216 lines elided ↑ open up ↑
 631  651                  mul->right = val;
 632  652                  index = mul;
 633  653          }
 634  654  
 635  655          expr->right = index;
 636  656          return ctype;
 637  657  }
 638  658  
 639  659  static void examine_fn_arguments(struct symbol *fn);
 640  660  
 641      -#define MOD_IGN (MOD_VOLATILE | MOD_CONST | MOD_PURE)
      661 +#define MOD_IGN (MOD_QUALIFIER | MOD_PURE)
 642  662  
 643  663  const char *type_difference(struct ctype *c1, struct ctype *c2,
 644  664          unsigned long mod1, unsigned long mod2)
 645  665  {
 646      -        unsigned long as1 = c1->as, as2 = c2->as;
      666 +        struct ident *as1 = c1->as, *as2 = c2->as;
 647  667          struct symbol *t1 = c1->base_type;
 648  668          struct symbol *t2 = c2->base_type;
 649  669          int move1 = 1, move2 = 1;
 650  670          mod1 |= c1->modifiers;
 651  671          mod2 |= c2->modifiers;
 652  672          for (;;) {
 653  673                  unsigned long diff;
 654  674                  int type;
 655  675                  struct symbol *base1 = t1->ctype.base_type;
 656  676                  struct symbol *base2 = t2->ctype.base_type;
 657  677  
 658  678                  /*
 659  679                   * FIXME! Collect alignment and context too here!
 660  680                   */
 661  681                  if (move1) {
 662  682                          if (t1 && t1->type != SYM_PTR) {
 663  683                                  mod1 |= t1->ctype.modifiers;
 664      -                                as1 |= t1->ctype.as;
      684 +                                combine_address_space(t1->pos, &as1, t1->ctype.as);
 665  685                          }
 666  686                          move1 = 0;
 667  687                  }
 668  688  
 669  689                  if (move2) {
 670  690                          if (t2 && t2->type != SYM_PTR) {
 671  691                                  mod2 |= t2->ctype.modifiers;
 672      -                                as2 |= t2->ctype.as;
      692 +                                combine_address_space(t2->pos, &as2, t2->ctype.as);
 673  693                          }
 674  694                          move2 = 0;
 675  695                  }
 676  696  
 677  697                  if (t1 == t2)
 678  698                          break;
 679  699                  if (!t1 || !t2)
 680  700                          return "different types";
 681  701  
 682  702                  if (t1->type == SYM_NODE || t1->type == SYM_ENUM) {
↓ open down ↓ 157 lines elided ↑ open up ↑
 840  860          if (lbase->bit_size > bits_in_char) {
 841  861                  struct expression *sub = alloc_expression(expr->pos, EXPR_BINOP);
 842  862                  struct expression *div = expr;
 843  863                  struct expression *val = alloc_expression(expr->pos, EXPR_VALUE);
 844  864                  unsigned long value = bits_to_bytes(lbase->bit_size);
 845  865  
 846  866                  val->ctype = size_t_ctype;
 847  867                  val->value = value;
 848  868  
 849  869                  if (value & (value-1)) {
 850      -                        if (Wptr_subtraction_blows)
      870 +                        if (Wptr_subtraction_blows) {
 851  871                                  warning(expr->pos, "potentially expensive pointer subtraction");
      872 +                                info(expr->pos, "    '%s' has a non-power-of-2 size: %lu", show_typename(lbase), value);
      873 +                        }
 852  874                  }
 853  875  
 854  876                  sub->op = '-';
 855  877                  sub->ctype = ssize_t_ctype;
 856  878                  sub->left = l;
 857  879                  sub->right = r;
 858  880  
 859  881                  div->op = '/';
 860  882                  div->left = sub;
 861  883                  div->right = val;
↓ open down ↓ 8 lines elided ↑ open up ↑
 870  892  {
 871  893          struct symbol *ctype;
 872  894  
 873  895          if (!expr)
 874  896                  return NULL;
 875  897  
 876  898          if (!iterator && expr->type == EXPR_ASSIGNMENT && expr->op == '=')
 877  899                  warning(expr->pos, "assignment expression in conditional");
 878  900  
 879  901          ctype = evaluate_expression(expr);
 880      -        if (ctype) {
 881      -                if (is_safe_type(ctype))
 882      -                        warning(expr->pos, "testing a 'safe expression'");
 883      -                if (is_func_type(ctype)) {
 884      -                        if (Waddress)
 885      -                                warning(expr->pos, "the address of %s will always evaluate as true", "a function");
 886      -                } else if (is_array_type(ctype)) {
 887      -                        if (Waddress)
 888      -                                warning(expr->pos, "the address of %s will always evaluate as true", "an array");
 889      -                } else if (!is_scalar_type(ctype)) {
 890      -                        sparse_error(expr->pos, "incorrect type in conditional");
 891      -                        info(expr->pos, "   got %s", show_typename(ctype));
 892      -                        ctype = NULL;
 893      -                }
      902 +        if (!valid_type(ctype))
      903 +                return NULL;
      904 +        if (is_safe_type(ctype))
      905 +                warning(expr->pos, "testing a 'safe expression'");
      906 +        if (is_func_type(ctype)) {
      907 +                if (Waddress)
      908 +                        warning(expr->pos, "the address of %s will always evaluate as true", "a function");
      909 +        } else if (is_array_type(ctype)) {
      910 +                if (Waddress)
      911 +                        warning(expr->pos, "the address of %s will always evaluate as true", "an array");
      912 +        } else if (!is_scalar_type(ctype)) {
      913 +                sparse_error(expr->pos, "incorrect type in conditional (non-scalar type)");
      914 +                info(expr->pos, "   got %s", show_typename(ctype));
      915 +                return NULL;
 894  916          }
 895      -        ctype = degenerate(expr);
 896  917  
      918 +        ctype = degenerate(expr);
 897  919          return ctype;
 898  920  }
 899  921  
 900  922  static struct symbol *evaluate_logical(struct expression *expr)
 901  923  {
 902  924          if (!evaluate_conditional(expr->left, 0))
 903  925                  return NULL;
 904  926          if (!evaluate_conditional(expr->right, 0))
 905  927                  return NULL;
 906  928  
↓ open down ↓ 91 lines elided ↑ open up ↑
 998 1020                  op = SPECIAL_UNSIGNED_LT;
 999 1021          else if (op == '>')
1000 1022                  op = SPECIAL_UNSIGNED_GT;
1001 1023          else if (op == SPECIAL_LTE)
1002 1024                  op = SPECIAL_UNSIGNED_LTE;
1003 1025          else if (op == SPECIAL_GTE)
1004 1026                  op = SPECIAL_UNSIGNED_GTE;
1005 1027          return op;
1006 1028  }
1007 1029  
     1030 +enum null_constant_type {
     1031 +        NON_NULL,
     1032 +        NULL_PTR,
     1033 +        NULL_ZERO,
     1034 +};
     1035 +
1008 1036  static inline int is_null_pointer_constant(struct expression *e)
1009 1037  {
1010 1038          if (e->ctype == &null_ctype)
1011      -                return 1;
     1039 +                return NULL_PTR;
1012 1040          if (!(e->flags & CEF_ICE))
1013      -                return 0;
1014      -        return is_zero_constant(e) ? 2 : 0;
     1041 +                return NON_NULL;
     1042 +        return is_zero_constant(e) ? NULL_ZERO : NON_NULL;
1015 1043  }
1016 1044  
1017 1045  static struct symbol *evaluate_compare(struct expression *expr)
1018 1046  {
1019 1047          struct expression *left = expr->left, *right = expr->right;
1020 1048          struct symbol *ltype, *rtype, *lbase, *rbase;
1021 1049          int lclass = classify_type(degenerate(left), &ltype);
1022 1050          int rclass = classify_type(degenerate(right), &rtype);
1023 1051          struct symbol *ctype;
1024 1052          const char *typediff;
↓ open down ↓ 25 lines elided ↑ open up ↑
1050 1078          }
1051 1079  
1052 1080          /* at least one must be a pointer */
1053 1081          if (!((lclass | rclass) & TYPE_PTR))
1054 1082                  return bad_expr_type(expr);
1055 1083  
1056 1084          /* equality comparisons can be with null pointer constants */
1057 1085          if (expr->op == SPECIAL_EQUAL || expr->op == SPECIAL_NOTEQUAL) {
1058 1086                  int is_null1 = is_null_pointer_constant(left);
1059 1087                  int is_null2 = is_null_pointer_constant(right);
1060      -                if (is_null1 == 2)
     1088 +                if (is_null1 == NULL_ZERO)
1061 1089                          bad_null(left);
1062      -                if (is_null2 == 2)
     1090 +                if (is_null2 == NULL_ZERO)
1063 1091                          bad_null(right);
1064 1092                  if (is_null1 && is_null2) {
1065 1093                          int positive = expr->op == SPECIAL_EQUAL;
1066 1094                          expr->type = EXPR_VALUE;
1067 1095                          expr->value = positive;
1068 1096                          goto OK;
1069 1097                  }
1070 1098                  if (is_null1 && (rclass & TYPE_PTR)) {
1071 1099                          left = cast_to(left, rtype);
1072 1100                          goto OK;
↓ open down ↓ 24 lines elided ↑ open up ↑
1097 1125                          }
1098 1126                  }
1099 1127          }
1100 1128  
1101 1129          typediff = type_difference(&ltype->ctype, &rtype->ctype,
1102 1130                                     target_qualifiers(rtype),
1103 1131                                     target_qualifiers(ltype));
1104 1132          if (!typediff)
1105 1133                  goto OK;
1106 1134  
1107      -        expression_error(expr, "incompatible types in comparison expression (%s)", typediff);
     1135 +        expression_error(expr, "incompatible types in comparison expression (%s):", typediff);
     1136 +        info(expr->pos, "   %s", show_typename(ltype));
     1137 +        info(expr->pos, "   %s", show_typename(rtype));
1108 1138          return NULL;
1109 1139  
1110 1140  OK:
1111 1141          /* the result is int [6.5.8(6), 6.5.9(3)]*/
1112 1142          expr->ctype = &int_ctype;
1113 1143          return &int_ctype;
1114 1144  }
1115 1145  
1116 1146  /*
1117 1147   * NOTE! The degenerate case of "x ? : y", where we don't
1118 1148   * have a true case, this will possibly promote "x" to the
1119 1149   * same type as "y", and thus _change_ the conditional
1120 1150   * test in the expression. But since promotion is "safe"
1121 1151   * for testing, that's OK.
1122 1152   */
1123 1153  static struct symbol *evaluate_conditional_expression(struct expression *expr)
1124 1154  {
1125      -        struct expression **true;
     1155 +        struct expression **cond;
1126 1156          struct symbol *ctype, *ltype, *rtype, *lbase, *rbase;
1127 1157          int lclass, rclass;
1128 1158          const char * typediff;
1129 1159          int qual;
1130 1160  
1131 1161          if (!evaluate_conditional(expr->conditional, 0))
1132 1162                  return NULL;
1133 1163          if (!evaluate_expression(expr->cond_false))
1134 1164                  return NULL;
1135 1165  
1136 1166          ctype = degenerate(expr->conditional);
1137 1167          rtype = degenerate(expr->cond_false);
1138 1168  
1139      -        true = &expr->conditional;
     1169 +        cond = &expr->conditional;
1140 1170          ltype = ctype;
1141 1171          if (expr->cond_true) {
1142 1172                  if (!evaluate_expression(expr->cond_true))
1143 1173                          return NULL;
1144 1174                  ltype = degenerate(expr->cond_true);
1145      -                true = &expr->cond_true;
     1175 +                cond = &expr->cond_true;
1146 1176          }
1147 1177  
1148      -        expr->flags = (expr->conditional->flags & (*true)->flags &
     1178 +        expr->flags = (expr->conditional->flags & (*cond)->flags &
1149 1179                          expr->cond_false->flags & ~CEF_CONST_MASK);
1150 1180          /*
1151 1181           * A conditional operator yields a particular constant
1152 1182           * expression type only if all of its three subexpressions are
1153 1183           * of that type [6.6(6), 6.6(8)].
1154 1184           * As an extension, relax this restriction by allowing any
1155 1185           * constant expression type for the condition expression.
1156 1186           *
1157 1187           * A conditional operator never yields an address constant
1158 1188           * [6.6(9)].
1159 1189           * However, as an extension, if the condition is any constant
1160 1190           * expression, and the true and false expressions are both
1161 1191           * address constants, mark the result as an address constant.
1162 1192           */
1163 1193          if (expr->conditional->flags & (CEF_ACE | CEF_ADDR))
1164      -                expr->flags = (*true)->flags & expr->cond_false->flags & ~CEF_CONST_MASK;
     1194 +                expr->flags = (*cond)->flags & expr->cond_false->flags & ~CEF_CONST_MASK;
1165 1195  
1166 1196          lclass = classify_type(ltype, &ltype);
1167 1197          rclass = classify_type(rtype, &rtype);
1168 1198          if (lclass & rclass & TYPE_NUM) {
1169      -                ctype = usual_conversions('?', *true, expr->cond_false,
     1199 +                ctype = usual_conversions('?', *cond, expr->cond_false,
1170 1200                                            lclass, rclass, ltype, rtype);
1171      -                *true = cast_to(*true, ctype);
     1201 +                *cond = cast_to(*cond, ctype);
1172 1202                  expr->cond_false = cast_to(expr->cond_false, ctype);
1173 1203                  goto out;
1174 1204          }
1175 1205  
1176 1206          if ((lclass | rclass) & TYPE_PTR) {
1177      -                int is_null1 = is_null_pointer_constant(*true);
     1207 +                int is_null1 = is_null_pointer_constant(*cond);
1178 1208                  int is_null2 = is_null_pointer_constant(expr->cond_false);
1179 1209  
1180 1210                  if (is_null1 && is_null2) {
1181      -                        *true = cast_to(*true, &ptr_ctype);
     1211 +                        *cond = cast_to(*cond, &ptr_ctype);
1182 1212                          expr->cond_false = cast_to(expr->cond_false, &ptr_ctype);
1183 1213                          ctype = &ptr_ctype;
1184 1214                          goto out;
1185 1215                  }
1186 1216                  if (is_null1 && (rclass & TYPE_PTR)) {
1187      -                        if (is_null1 == 2)
1188      -                                bad_null(*true);
1189      -                        *true = cast_to(*true, rtype);
     1217 +                        if (is_null1 == NULL_ZERO)
     1218 +                                bad_null(*cond);
     1219 +                        *cond = cast_to(*cond, rtype);
1190 1220                          ctype = rtype;
1191 1221                          goto out;
1192 1222                  }
1193 1223                  if (is_null2 && (lclass & TYPE_PTR)) {
1194      -                        if (is_null2 == 2)
     1224 +                        if (is_null2 == NULL_ZERO)
1195 1225                                  bad_null(expr->cond_false);
1196 1226                          expr->cond_false = cast_to(expr->cond_false, ltype);
1197 1227                          ctype = ltype;
1198 1228                          goto out;
1199 1229                  }
1200 1230                  if (!(lclass & rclass & TYPE_PTR)) {
1201 1231                          typediff = "different types";
1202 1232                          goto Err;
1203 1233                  }
1204 1234                  /* OK, it's pointer on pointer */
↓ open down ↓ 28 lines elided ↑ open up ↑
1233 1263          }
1234 1264  
1235 1265          /* void on void, struct on same struct, union on same union */
1236 1266          if (ltype == rtype) {
1237 1267                  ctype = ltype;
1238 1268                  goto out;
1239 1269          }
1240 1270          typediff = "different base types";
1241 1271  
1242 1272  Err:
1243      -        expression_error(expr, "incompatible types in conditional expression (%s)", typediff);
     1273 +        expression_error(expr, "incompatible types in conditional expression (%s):", typediff);
     1274 +        info(expr->pos, "   %s", show_typename(ltype));
     1275 +        info(expr->pos, "   %s", show_typename(rtype));
1244 1276          /*
1245 1277           * if the condition is constant, the type is in fact known
1246 1278           * so use it, as gcc & clang do.
1247 1279           */
1248 1280          switch (expr_truth_value(expr->conditional)) {
1249 1281          case 1: expr->ctype = ltype;
1250 1282                  break;
1251 1283          case 0: expr->ctype = rtype;
1252 1284                  break;
1253 1285          default:
↓ open down ↓ 5 lines elided ↑ open up ↑
1259 1291          expr->ctype = ctype;
1260 1292          return ctype;
1261 1293  
1262 1294  Qual:
1263 1295          if (qual & ~ctype->ctype.modifiers) {
1264 1296                  struct symbol *sym = alloc_symbol(ctype->pos, SYM_PTR);
1265 1297                  *sym = *ctype;
1266 1298                  sym->ctype.modifiers |= qual;
1267 1299                  ctype = sym;
1268 1300          }
1269      -        *true = cast_to(*true, ctype);
     1301 +        *cond = cast_to(*cond, ctype);
1270 1302          expr->cond_false = cast_to(expr->cond_false, ctype);
1271 1303          goto out;
1272 1304  }
1273 1305  
1274 1306  /* FP assignments can not do modulo or bit operations */
1275 1307  static int compatible_float_op(int op)
1276 1308  {
1277 1309          return  op == SPECIAL_ADD_ASSIGN ||
1278 1310                  op == SPECIAL_SUB_ASSIGN ||
1279 1311                  op == SPECIAL_MUL_ASSIGN ||
↓ open down ↓ 19 lines elided ↑ open up ↑
1299 1331                                  warning(expr->pos, "bad assignment (%s) to %s",
1300 1332                                          show_special(op), show_typename(t));
1301 1333                                  expr->right = cast_to(expr->right, target);
1302 1334                                  return 0;
1303 1335                          }
1304 1336                          /* allowed assignments unfoul */
1305 1337                          if (sclass & TYPE_FOULED && unfoul(s) == t)
1306 1338                                  goto Cast;
1307 1339                          if (!restricted_value(expr->right, t))
1308 1340                                  return 1;
     1341 +                } else if (op == SPECIAL_SHR_ASSIGN || op == SPECIAL_SHL_ASSIGN) {
     1342 +                        // shifts do integer promotions, but that's it.
     1343 +                        unrestrict(expr->right, sclass, &s);
     1344 +                        target = integer_promotion(s);
     1345 +                        goto Cast;
1309 1346                  } else if (!(sclass & TYPE_RESTRICT))
1310 1347                          goto usual;
1311 1348                  /* source and target would better be identical restricted */
1312 1349                  if (t == s)
1313 1350                          return 1;
1314 1351                  warning(expr->pos, "invalid assignment: %s", show_special(op));
1315 1352                  info(expr->pos, "   left side has type %s", show_typename(t));
1316 1353                  info(expr->pos, "   right side has type %s", show_typename(s));
1317 1354                  expr->right = cast_to(expr->right, target);
1318 1355                  return 0;
↓ open down ↓ 68 lines elided ↑ open up ↑
1387 1424                  *typediff = "different base types";
1388 1425                  return 0;
1389 1426          }
1390 1427  
1391 1428          if (tclass == TYPE_PTR) {
1392 1429                  unsigned long mod1, mod2;
1393 1430                  struct symbol *b1, *b2;
1394 1431                  // NULL pointer is always OK
1395 1432                  int is_null = is_null_pointer_constant(*rp);
1396 1433                  if (is_null) {
1397      -                        if (is_null == 2)
     1434 +                        if (is_null == NULL_ZERO)
1398 1435                                  bad_null(*rp);
1399 1436                          goto Cast;
1400 1437                  }
1401 1438                  if (!(sclass & TYPE_PTR)) {
1402 1439                          *typediff = "different base types";
1403 1440                          return 0;
1404 1441                  }
1405 1442                  b1 = examine_pointer_target(t);
1406 1443                  b2 = examine_pointer_target(s);
1407 1444                  mod1 = target_qualifiers(t);
↓ open down ↓ 129 lines elided ↑ open up ↑
1537 1574          if (type->ctype.modifiers & MOD_CONST)
1538 1575                  expression_error(left, "assignment to const expression");
1539 1576  
1540 1577          /* We know left is an lvalue, so it's a "preop-*" */
1541 1578          mark_assigned(left->unop);
1542 1579  }
1543 1580  
1544 1581  static struct symbol *evaluate_assignment(struct expression *expr)
1545 1582  {
1546 1583          struct expression *left = expr->left;
1547      -        struct expression *where = expr;
1548 1584          struct symbol *ltype;
1549 1585  
1550 1586          if (!lvalue_expression(left)) {
1551 1587                  expression_error(expr, "not an lvalue");
1552 1588                  return NULL;
1553 1589          }
1554 1590  
1555 1591          ltype = left->ctype;
1556 1592  
1557 1593          if (expr->op != '=') {
1558 1594                  if (!evaluate_assign_op(expr))
1559 1595                          return NULL;
1560 1596          } else {
1561      -                if (!compatible_assignment_types(where, ltype, &expr->right, "assignment"))
     1597 +                if (!compatible_assignment_types(expr, ltype, &expr->right, "assignment"))
1562 1598                          return NULL;
1563 1599          }
1564 1600  
1565 1601          evaluate_assign_to(left, ltype);
1566 1602  
1567 1603          expr->ctype = ltype;
1568 1604          return ltype;
1569 1605  }
1570 1606  
1571 1607  static void examine_fn_arguments(struct symbol *fn)
↓ open down ↓ 6 lines elided ↑ open up ↑
1578 1614                  if (arg) {
1579 1615                          struct symbol *ptr;
1580 1616                          switch(arg->type) {
1581 1617                          case SYM_ARRAY:
1582 1618                          case SYM_FN:
1583 1619                                  ptr = alloc_symbol(s->pos, SYM_PTR);
1584 1620                                  if (arg->type == SYM_ARRAY)
1585 1621                                          ptr->ctype = arg->ctype;
1586 1622                                  else
1587 1623                                          ptr->ctype.base_type = arg;
1588      -                                ptr->ctype.as |= s->ctype.as;
     1624 +                                combine_address_space(s->pos, &ptr->ctype.as, s->ctype.as);
1589 1625                                  ptr->ctype.modifiers |= s->ctype.modifiers & MOD_PTRINHERIT;
1590 1626  
1591 1627                                  s->ctype.base_type = ptr;
1592      -                                s->ctype.as = 0;
     1628 +                                s->ctype.as = NULL;
1593 1629                                  s->ctype.modifiers &= ~MOD_PTRINHERIT;
1594 1630                                  s->bit_size = 0;
1595 1631                                  s->examined = 0;
1596 1632                                  examine_symbol_type(s);
1597 1633                                  break;
1598 1634                          default:
1599 1635                                  /* nothing */
1600 1636                                  break;
1601 1637                          }
1602 1638                  }
1603 1639          } END_FOR_EACH_PTR(s);
1604 1640  }
1605 1641  
1606      -static struct symbol *convert_to_as_mod(struct symbol *sym, int as, int mod)
     1642 +static struct symbol *convert_to_as_mod(struct symbol *sym, struct ident *as, int mod)
1607 1643  {
1608 1644          /* Take the modifiers of the pointer, and apply them to the member */
1609 1645          mod |= sym->ctype.modifiers;
1610 1646          if (sym->ctype.as != as || sym->ctype.modifiers != mod) {
1611 1647                  struct symbol *newsym = alloc_symbol(sym->pos, SYM_NODE);
1612 1648                  *newsym = *sym;
1613 1649                  newsym->ctype.as = as;
1614 1650                  newsym->ctype.modifiers = mod;
1615 1651                  sym = newsym;
1616 1652          }
↓ open down ↓ 11 lines elided ↑ open up ↑
1628 1664  
1629 1665          node->bit_size = bits_in_pointer;
1630 1666          node->ctype.alignment = pointer_alignment;
1631 1667  
1632 1668          access_symbol(sym);
1633 1669          if (sym->ctype.modifiers & MOD_REGISTER) {
1634 1670                  warning(expr->pos, "taking address of 'register' variable '%s'", show_ident(sym->ident));
1635 1671                  sym->ctype.modifiers &= ~MOD_REGISTER;
1636 1672          }
1637 1673          if (sym->type == SYM_NODE) {
1638      -                ptr->ctype.as |= sym->ctype.as;
     1674 +                combine_address_space(sym->pos, &ptr->ctype.as, sym->ctype.as);
1639 1675                  ptr->ctype.modifiers |= sym->ctype.modifiers & MOD_PTRINHERIT;
1640 1676                  sym = sym->ctype.base_type;
1641 1677          }
1642 1678          if (degenerate && sym->type == SYM_ARRAY) {
1643      -                ptr->ctype.as |= sym->ctype.as;
     1679 +                combine_address_space(sym->pos, &ptr->ctype.as, sym->ctype.as);
1644 1680                  ptr->ctype.modifiers |= sym->ctype.modifiers & MOD_PTRINHERIT;
1645 1681                  sym = sym->ctype.base_type;
1646 1682          }
1647 1683          ptr->ctype.base_type = sym;
1648 1684  
1649 1685          return node;
1650 1686  }
1651 1687  
1652 1688  /* Arrays degenerate into pointers on pointer arithmetic */
1653 1689  static struct symbol *degenerate(struct expression *expr)
↓ open down ↓ 115 lines elided ↑ open up ↑
1769 1805                  expr->flags = CEF_NONE;
1770 1806                  return expr->ctype;
1771 1807          }
1772 1808  
1773 1809          examine_symbol_type(ctype);
1774 1810  
1775 1811          /* Dereferencing a node drops all the node information. */
1776 1812          if (ctype->type == SYM_NODE)
1777 1813                  ctype = ctype->ctype.base_type;
1778 1814  
1779      -        node = alloc_symbol(expr->pos, SYM_NODE);
1780 1815          target = ctype->ctype.base_type;
     1816 +        examine_symbol_type(target);
1781 1817  
1782 1818          switch (ctype->type) {
1783 1819          default:
1784 1820                  expression_error(expr, "cannot dereference this type");
1785 1821                  return NULL;
     1822 +        case SYM_FN:
     1823 +                *expr = *op;
     1824 +                return expr->ctype;
1786 1825          case SYM_PTR:
     1826 +                node = alloc_symbol(expr->pos, SYM_NODE);
1787 1827                  node->ctype.modifiers = target->ctype.modifiers & MOD_SPECIFIER;
1788 1828                  merge_type(node, ctype);
1789 1829                  break;
1790 1830  
1791 1831          case SYM_ARRAY:
1792 1832                  if (!lvalue_expression(op)) {
1793 1833                          expression_error(op, "non-lvalue array??");
1794 1834                          return NULL;
1795 1835                  }
1796 1836  
1797 1837                  /* Do the implied "addressof" on the array */
1798 1838                  *op = *op->unop;
1799 1839  
1800 1840                  /*
1801 1841                   * When an array is dereferenced, we need to pick
1802 1842                   * up the attributes of the original node too..
1803 1843                   */
     1844 +                node = alloc_symbol(expr->pos, SYM_NODE);
1804 1845                  merge_type(node, op->ctype);
1805 1846                  merge_type(node, ctype);
1806 1847                  break;
1807 1848          }
1808 1849  
1809 1850          node->bit_size = target->bit_size;
1810 1851          node->array_size = target->array_size;
1811 1852  
1812 1853          expr->ctype = node;
1813 1854          return node;
↓ open down ↓ 93 lines elided ↑ open up ↑
1907 1948  
1908 1949          case SPECIAL_INCREMENT:
1909 1950          case SPECIAL_DECREMENT:
1910 1951                  /*
1911 1952                   * From a type evaluation standpoint the preops are
1912 1953                   * the same as the postops
1913 1954                   */
1914 1955                  return evaluate_postop(expr);
1915 1956  
1916 1957          case '!':
     1958 +                ctype = degenerate(expr->unop);
1917 1959                  expr->flags = expr->unop->flags & ~CEF_CONST_MASK;
1918 1960                  /*
1919 1961                   * A logical negation never yields an address constant
1920 1962                   * [6.6(9)].
1921 1963                   */
1922 1964                  expr->flags &= ~CEF_ADDR;
1923 1965  
1924 1966                  if (is_safe_type(ctype))
1925 1967                          warning(expr->pos, "testing a 'safe expression'");
1926 1968                  if (is_float_type(ctype)) {
↓ open down ↓ 87 lines elided ↑ open up ↑
2014 2056          return add;
2015 2057  }
2016 2058  
2017 2059  /* structure/union dereference */
2018 2060  static struct symbol *evaluate_member_dereference(struct expression *expr)
2019 2061  {
2020 2062          int offset;
2021 2063          struct symbol *ctype, *member;
2022 2064          struct expression *deref = expr->deref, *add;
2023 2065          struct ident *ident = expr->member;
     2066 +        struct ident *address_space;
2024 2067          unsigned int mod;
2025      -        int address_space;
2026 2068  
2027 2069          if (!evaluate_expression(deref))
2028 2070                  return NULL;
2029 2071          if (!ident) {
2030 2072                  expression_error(expr, "bad member name");
2031 2073                  return NULL;
2032 2074          }
2033 2075  
2034 2076          ctype = deref->ctype;
2035 2077          examine_symbol_type(ctype);
2036 2078          address_space = ctype->ctype.as;
2037 2079          mod = ctype->ctype.modifiers;
2038 2080          if (ctype->type == SYM_NODE) {
2039 2081                  ctype = ctype->ctype.base_type;
2040      -                address_space |= ctype->ctype.as;
     2082 +                combine_address_space(deref->pos, &address_space, ctype->ctype.as);
2041 2083                  mod |= ctype->ctype.modifiers;
2042 2084          }
2043 2085          if (!ctype || (ctype->type != SYM_STRUCT && ctype->type != SYM_UNION)) {
2044 2086                  expression_error(expr, "expected structure or union");
2045 2087                  return NULL;
2046 2088          }
2047 2089          offset = 0;
2048 2090          member = find_identifier(ident, ctype->symbol_list, &offset);
2049 2091          if (!member) {
2050 2092                  const char *type = ctype->type == SYM_STRUCT ? "struct" : "union";
↓ open down ↓ 116 lines elided ↑ open up ↑
2167 2209                  return NULL;
2168 2210  
2169 2211          size = type->bit_size;
2170 2212  
2171 2213          if (size < 0 && is_void_type(type)) {
2172 2214                  if (Wpointer_arith)
2173 2215                          warning(expr->pos, "expression using sizeof(void)");
2174 2216                  size = bits_in_char;
2175 2217          }
2176 2218  
2177      -        if (size == 1 && is_bool_type(type)) {
     2219 +        if (is_bool_type(type)) {
2178 2220                  if (Wsizeof_bool)
2179      -                        warning(expr->pos, "expression using sizeof bool");
2180      -                size = bits_in_char;
     2221 +                        warning(expr->pos, "expression using sizeof _Bool");
     2222 +                size = bits_to_bytes(bits_in_bool) * bits_in_char;
2181 2223          }
2182 2224  
2183 2225          if (is_function(type->ctype.base_type)) {
2184 2226                  if (Wpointer_arith)
2185 2227                          warning(expr->pos, "expression using sizeof on a function");
2186 2228                  size = bits_in_char;
2187 2229          }
2188 2230  
     2231 +        if (is_array_type(type) && size < 0) {  // VLA, 1-dimension only
     2232 +                struct expression *base, *size;
     2233 +                struct symbol *base_type;
     2234 +
     2235 +                if (type->type == SYM_NODE)
     2236 +                        type = type->ctype.base_type;   // strip the SYM_NODE
     2237 +                base_type = get_base_type(type);
     2238 +                if (!base_type)
     2239 +                        goto error;
     2240 +                if (base_type->bit_size <= 0) {
     2241 +                        base = alloc_expression(expr->pos, EXPR_SIZEOF);
     2242 +                        base->cast_type = base_type;
     2243 +                        if (!evaluate_sizeof(base))
     2244 +                                goto error;
     2245 +                } else {
     2246 +                        base = alloc_expression(expr->pos, EXPR_VALUE);
     2247 +                        base->value = bits_to_bytes(base_type->bit_size);
     2248 +                        base->ctype = size_t_ctype;
     2249 +                }
     2250 +                size = alloc_expression(expr->pos, EXPR_CAST);
     2251 +                size->cast_type = size_t_ctype;
     2252 +                size->cast_expression = type->array_size;
     2253 +                if (!evaluate_expression(size))
     2254 +                        goto error;
     2255 +                expr->left = size;
     2256 +                expr->right = base;
     2257 +                expr->type = EXPR_BINOP;
     2258 +                expr->op = '*';
     2259 +                return expr->ctype = size_t_ctype;
     2260 +        }
     2261 +
     2262 +error:
2189 2263          if ((size < 0) || (size & (bits_in_char - 1)))
2190 2264                  expression_error(expr, "cannot size expression");
2191 2265  
2192 2266          expr->type = EXPR_VALUE;
2193 2267          expr->value = bits_to_bytes(size);
2194 2268          expr->taint = 0;
2195 2269          expr->ctype = size_t_ctype;
2196 2270          return size_t_ctype;
2197 2271  }
2198 2272  
↓ open down ↓ 641 lines elided ↑ open up ↑
2840 2914                   */
2841 2915                  if (old->flags & (CEF_ICE | CEF_ADDR))
2842 2916                          flags = CEF_ADDR;
2843 2917          }
2844 2918  
2845 2919          return flags;
2846 2920  }
2847 2921  
2848 2922  static struct symbol *evaluate_cast(struct expression *expr)
2849 2923  {
2850      -        struct expression *target = expr->cast_expression;
     2924 +        struct expression *source = expr->cast_expression;
2851 2925          struct symbol *ctype;
2852      -        struct symbol *t1, *t2;
2853      -        int class1, class2;
2854      -        int as1 = 0, as2 = 0;
     2926 +        struct symbol *ttype, *stype;
     2927 +        int tclass, sclass;
     2928 +        struct ident *tas = NULL, *sas = NULL;
2855 2929  
2856      -        if (!target)
     2930 +        if (!source)
2857 2931                  return NULL;
2858 2932  
2859 2933          /*
2860 2934           * Special case: a cast can be followed by an
2861 2935           * initializer, in which case we need to pass
2862 2936           * the type value down to that initializer rather
2863 2937           * than trying to evaluate it as an expression
2864 2938           *
2865 2939           * A more complex case is when the initializer is
2866 2940           * dereferenced as part of a post-fix expression.
2867 2941           * We need to produce an expression that can be dereferenced.
2868 2942           */
2869      -        if (target->type == EXPR_INITIALIZER) {
     2943 +        if (source->type == EXPR_INITIALIZER) {
2870 2944                  struct symbol *sym = expr->cast_type;
2871 2945                  struct expression *addr = alloc_expression(expr->pos, EXPR_SYMBOL);
2872 2946  
2873      -                sym->initializer = target;
     2947 +                sym->initializer = source;
2874 2948                  evaluate_symbol(sym);
2875 2949  
2876 2950                  addr->ctype = &lazy_ptr_ctype;  /* Lazy eval */
2877 2951                  addr->symbol = sym;
2878 2952                  if (sym->ctype.modifiers & MOD_TOPLEVEL)
2879 2953                          addr->flags |= CEF_ADDR;
2880 2954  
2881 2955                  expr->type = EXPR_PREOP;
2882 2956                  expr->op = '*';
2883 2957                  expr->unop = addr;
2884 2958                  expr->ctype = sym;
2885 2959  
2886 2960                  return sym;
2887 2961          }
2888 2962  
2889 2963          ctype = examine_symbol_type(expr->cast_type);
2890 2964          expr->ctype = ctype;
2891 2965          expr->cast_type = ctype;
2892 2966  
2893      -        evaluate_expression(target);
2894      -        degenerate(target);
     2967 +        evaluate_expression(source);
     2968 +        degenerate(source);
2895 2969  
2896      -        class1 = classify_type(ctype, &t1);
     2970 +        tclass = classify_type(ctype, &ttype);
2897 2971  
2898      -        expr->flags = cast_flags(expr, target);
     2972 +        expr->flags = cast_flags(expr, source);
2899 2973  
2900 2974          /*
2901 2975           * You can always throw a value away by casting to
2902 2976           * "void" - that's an implicit "force". Note that
2903 2977           * the same is _not_ true of "void *".
2904 2978           */
2905      -        if (t1 == &void_ctype)
     2979 +        if (ttype == &void_ctype)
2906 2980                  goto out;
2907 2981  
2908      -        if (class1 & (TYPE_COMPOUND | TYPE_FN))
2909      -                warning(expr->pos, "cast to non-scalar");
2910      -
2911      -        t2 = target->ctype;
2912      -        if (!t2) {
     2982 +        stype = source->ctype;
     2983 +        if (!stype) {
2913 2984                  expression_error(expr, "cast from unknown type");
2914 2985                  goto out;
2915 2986          }
2916      -        class2 = classify_type(t2, &t2);
     2987 +        sclass = classify_type(stype, &stype);
2917 2988  
2918      -        if (class2 & TYPE_COMPOUND)
2919      -                warning(expr->pos, "cast from non-scalar");
2920      -
2921 2989          if (expr->type == EXPR_FORCE_CAST)
2922 2990                  goto out;
2923 2991  
     2992 +        if (tclass & (TYPE_COMPOUND | TYPE_FN))
     2993 +                warning(expr->pos, "cast to non-scalar");
     2994 +
     2995 +        if (sclass & TYPE_COMPOUND)
     2996 +                warning(expr->pos, "cast from non-scalar");
     2997 +
2924 2998          /* allowed cast unfouls */
2925      -        if (class2 & TYPE_FOULED)
2926      -                t2 = unfoul(t2);
     2999 +        if (sclass & TYPE_FOULED)
     3000 +                stype = unfoul(stype);
2927 3001  
2928      -        if (t1 != t2) {
2929      -                if ((class1 & TYPE_RESTRICT) && restricted_value(target, t1))
     3002 +        if (ttype != stype) {
     3003 +                if ((tclass & TYPE_RESTRICT) && restricted_value(source, ttype))
2930 3004                          warning(expr->pos, "cast to %s",
2931      -                                show_typename(t1));
2932      -                if (class2 & TYPE_RESTRICT) {
2933      -                        if (t1 == &bool_ctype) {
2934      -                                if (class2 & TYPE_FOULED)
     3005 +                                show_typename(ttype));
     3006 +                if (sclass & TYPE_RESTRICT) {
     3007 +                        if (ttype == &bool_ctype) {
     3008 +                                if (sclass & TYPE_FOULED)
2935 3009                                          warning(expr->pos, "%s degrades to integer",
2936      -                                                show_typename(t2));
     3010 +                                                show_typename(stype));
2937 3011                          } else {
2938 3012                                  warning(expr->pos, "cast from %s",
2939      -                                        show_typename(t2));
     3013 +                                        show_typename(stype));
2940 3014                          }
2941 3015                  }
2942 3016          }
2943 3017  
2944      -        if (t1 == &ulong_ctype)
2945      -                as1 = -1;
2946      -        else if (class1 == TYPE_PTR) {
2947      -                examine_pointer_target(t1);
2948      -                as1 = t1->ctype.as;
     3018 +        if ((ttype == &ulong_ctype || ttype == uintptr_ctype) && !Wcast_from_as)
     3019 +                tas = &bad_address_space;
     3020 +        else if (tclass == TYPE_PTR) {
     3021 +                examine_pointer_target(ttype);
     3022 +                tas = ttype->ctype.as;
2949 3023          }
2950 3024  
2951      -        if (t2 == &ulong_ctype)
2952      -                as2 = -1;
2953      -        else if (class2 == TYPE_PTR) {
2954      -                examine_pointer_target(t2);
2955      -                as2 = t2->ctype.as;
     3025 +        if ((stype == &ulong_ctype || stype == uintptr_ctype))
     3026 +                sas = &bad_address_space;
     3027 +        else if (sclass == TYPE_PTR) {
     3028 +                examine_pointer_target(stype);
     3029 +                sas = stype->ctype.as;
2956 3030          }
2957 3031  
2958      -        if (!as1 && as2 > 0)
2959      -                warning(expr->pos, "cast removes address space of expression");
2960      -        if (as1 > 0 && as2 > 0 && as1 != as2)
2961      -                warning(expr->pos, "cast between address spaces (<asn:%d>-><asn:%d>)", as2, as1);
2962      -        if (as1 > 0 && !as2 &&
2963      -            !is_null_pointer_constant(target) && Wcast_to_as)
     3032 +        if (!tas && valid_as(sas))
     3033 +                warning(expr->pos, "cast removes address space '%s' of expression", show_as(sas));
     3034 +        if (valid_as(tas) && valid_as(sas) && tas != sas)
     3035 +                warning(expr->pos, "cast between address spaces (%s -> %s)", show_as(sas), show_as(tas));
     3036 +        if (valid_as(tas) && !sas &&
     3037 +            !is_null_pointer_constant(source) && Wcast_to_as)
2964 3038                  warning(expr->pos,
2965      -                        "cast adds address space to expression (<asn:%d>)", as1);
     3039 +                        "cast adds address space '%s' to expression", show_as(tas));
2966 3040  
2967      -        if (!(t1->ctype.modifiers & MOD_PTRINHERIT) && class1 == TYPE_PTR &&
2968      -            !as1 && (target->flags & CEF_ICE)) {
2969      -                if (t1->ctype.base_type == &void_ctype) {
2970      -                        if (is_zero_constant(target)) {
     3041 +        if (!(ttype->ctype.modifiers & MOD_PTRINHERIT) && tclass == TYPE_PTR &&
     3042 +            !tas && (source->flags & CEF_ICE)) {
     3043 +                if (ttype->ctype.base_type == &void_ctype) {
     3044 +                        if (is_zero_constant(source)) {
2971 3045                                  /* NULL */
2972 3046                                  expr->type = EXPR_VALUE;
2973 3047                                  expr->ctype = &null_ctype;
2974 3048                                  expr->value = 0;
2975 3049                                  return expr->ctype;
2976 3050                          }
2977 3051                  }
2978 3052          }
2979 3053  
2980      -        if (t1 == &bool_ctype)
     3054 +        if (ttype == &bool_ctype)
2981 3055                  cast_to_bool(expr);
2982 3056  
     3057 +        // checks pointers to restricted
     3058 +        while (Wbitwise_pointer && tclass == TYPE_PTR && sclass == TYPE_PTR) {
     3059 +                tclass = classify_type(ttype->ctype.base_type, &ttype);
     3060 +                sclass = classify_type(stype->ctype.base_type, &stype);
     3061 +                if (ttype == stype)
     3062 +                        break;
     3063 +                if (!ttype || !stype)
     3064 +                        break;
     3065 +                if (ttype == &void_ctype || stype == &void_ctype)
     3066 +                        break;
     3067 +                if (tclass & TYPE_RESTRICT) {
     3068 +                        warning(expr->pos, "cast to %s", show_typename(ctype));
     3069 +                        break;
     3070 +                }
     3071 +                if (sclass & TYPE_RESTRICT) {
     3072 +                        warning(expr->pos, "cast from %s", show_typename(source->ctype));
     3073 +                        break;
     3074 +                }
     3075 +        }
2983 3076  out:
2984 3077          return ctype;
2985 3078  }
2986 3079  
2987 3080  /*
2988 3081   * Evaluate a call expression with a symbol. This
2989 3082   * should expand inline functions, and evaluate
2990 3083   * builtins.
2991 3084   */
2992 3085  static int evaluate_symbol_call(struct expression *expr)
↓ open down ↓ 183 lines elided ↑ open up ↑
3176 3269          switch (expr->type) {
3177 3270          case EXPR_VALUE:
3178 3271          case EXPR_FVALUE:
3179 3272                  expression_error(expr, "value expression without a type");
3180 3273                  return NULL;
3181 3274          case EXPR_STRING:
3182 3275                  return evaluate_string(expr);
3183 3276          case EXPR_SYMBOL:
3184 3277                  return evaluate_symbol_expression(expr);
3185 3278          case EXPR_BINOP:
3186      -                if (!evaluate_expression(expr->left))
     3279 +                evaluate_expression(expr->left);
     3280 +                evaluate_expression(expr->right);
     3281 +                if (!valid_subexpr_type(expr))
3187 3282                          return NULL;
3188      -                if (!evaluate_expression(expr->right))
3189      -                        return NULL;
3190 3283                  return evaluate_binop(expr);
3191 3284          case EXPR_LOGICAL:
3192 3285                  return evaluate_logical(expr);
3193 3286          case EXPR_COMMA:
3194 3287                  evaluate_expression(expr->left);
3195 3288                  if (!evaluate_expression(expr->right))
3196 3289                          return NULL;
3197 3290                  return evaluate_comma(expr);
3198 3291          case EXPR_COMPARE:
3199      -                if (!evaluate_expression(expr->left))
     3292 +                evaluate_expression(expr->left);
     3293 +                evaluate_expression(expr->right);
     3294 +                if (!valid_subexpr_type(expr))
3200 3295                          return NULL;
3201      -                if (!evaluate_expression(expr->right))
3202      -                        return NULL;
3203 3296                  return evaluate_compare(expr);
3204 3297          case EXPR_ASSIGNMENT:
3205      -                if (!evaluate_expression(expr->left))
     3298 +                evaluate_expression(expr->left);
     3299 +                evaluate_expression(expr->right);
     3300 +                if (!valid_subexpr_type(expr))
3206 3301                          return NULL;
3207      -                if (!evaluate_expression(expr->right))
3208      -                        return NULL;
3209 3302                  return evaluate_assignment(expr);
3210 3303          case EXPR_PREOP:
3211 3304                  if (!evaluate_expression(expr->unop))
3212 3305                          return NULL;
3213 3306                  return evaluate_preop(expr);
3214 3307          case EXPR_POSTOP:
3215 3308                  if (!evaluate_expression(expr->unop))
3216 3309                          return NULL;
3217 3310                  return evaluate_postop(expr);
3218 3311          case EXPR_CAST:
↓ open down ↓ 34 lines elided ↑ open up ↑
3253 3346          /* These can not exist as stand-alone expressions */
3254 3347          case EXPR_INITIALIZER:
3255 3348          case EXPR_IDENTIFIER:
3256 3349          case EXPR_INDEX:
3257 3350          case EXPR_POS:
3258 3351                  expression_error(expr, "internal front-end error: initializer in expression");
3259 3352                  return NULL;
3260 3353          case EXPR_SLICE:
3261 3354                  expression_error(expr, "internal front-end error: SLICE re-evaluated");
3262 3355                  return NULL;
     3356 +        case EXPR_ASM_OPERAND:
     3357 +                expression_error(expr, "internal front-end error: ASM_OPERAND evaluated");
     3358 +                return NULL;
3263 3359          }
3264 3360          return NULL;
3265 3361  }
3266 3362  
3267      -static void check_duplicates(struct symbol *sym)
     3363 +void check_duplicates(struct symbol *sym)
3268 3364  {
3269 3365          int declared = 0;
3270 3366          struct symbol *next = sym;
3271 3367          int initialized = sym->initializer != NULL;
3272 3368  
3273 3369          while ((next = next->same_symbol) != NULL) {
3274 3370                  const char *typediff;
3275 3371                  evaluate_symbol(next);
3276 3372                  if (initialized && next->initializer) {
3277 3373                          sparse_error(sym->pos, "symbol '%s' has multiple initializers (originally initialized at %s:%d)",
↓ open down ↓ 6 lines elided ↑ open up ↑
3284 3380                  typediff = type_difference(&sym->ctype, &next->ctype, 0, 0);
3285 3381                  if (typediff) {
3286 3382                          sparse_error(sym->pos, "symbol '%s' redeclared with different type (originally declared at %s:%d) - %s",
3287 3383                                  show_ident(sym->ident),
3288 3384                                  stream_name(next->pos.stream), next->pos.line, typediff);
3289 3385                          return;
3290 3386                  }
3291 3387          }
3292 3388          if (!declared) {
3293 3389                  unsigned long mod = sym->ctype.modifiers;
3294      -                if (mod & (MOD_STATIC | MOD_REGISTER))
     3390 +                if (mod & (MOD_STATIC | MOD_REGISTER | MOD_EXT_VISIBLE))
3295 3391                          return;
3296 3392                  if (!(mod & MOD_TOPLEVEL))
3297 3393                          return;
3298 3394                  if (!Wdecl)
3299 3395                          return;
3300 3396                  if (sym->ident == &main_ident)
3301 3397                          return;
3302 3398                  warning(sym->pos, "symbol '%s' was not declared. Should it be static?", show_ident(sym->ident));
3303 3399          }
3304 3400  }
↓ open down ↓ 110 lines elided ↑ open up ↑
3415 3511          switch (*constraint) {
3416 3512          case '=':       /* Assignment */
3417 3513          case '+':       /* Update */
3418 3514                  expression_error(expr, "input constraint with assignment (\"%s\")", constraint);
3419 3515          }
3420 3516  }
3421 3517  
3422 3518  static void evaluate_asm_statement(struct statement *stmt)
3423 3519  {
3424 3520          struct expression *expr;
     3521 +        struct expression *op;
3425 3522          struct symbol *sym;
3426      -        int state;
3427 3523  
3428 3524          expr = stmt->asm_string;
3429 3525          if (!expr || expr->type != EXPR_STRING) {
3430 3526                  sparse_error(stmt->pos, "need constant string for inline asm");
3431 3527                  return;
3432 3528          }
3433 3529  
3434      -        state = 0;
3435      -        FOR_EACH_PTR(stmt->asm_outputs, expr) {
3436      -                switch (state) {
3437      -                case 0: /* Identifier */
3438      -                        state = 1;
3439      -                        continue;
     3530 +        FOR_EACH_PTR(stmt->asm_outputs, op) {
     3531 +                /* Identifier */
3440 3532  
3441      -                case 1: /* Constraint */
3442      -                        state = 2;
3443      -                        if (!expr || expr->type != EXPR_STRING) {
3444      -                                sparse_error(expr ? expr->pos : stmt->pos, "asm output constraint is not a string");
3445      -                                *THIS_ADDRESS(expr) = NULL;
3446      -                                continue;
3447      -                        }
     3533 +                /* Constraint */
     3534 +                expr = op->constraint;
     3535 +                if (!expr || expr->type != EXPR_STRING) {
     3536 +                        sparse_error(expr ? expr->pos : stmt->pos, "asm output constraint is not a string");
     3537 +                        op->constraint = NULL;
     3538 +                } else
3448 3539                          verify_output_constraint(expr, expr->string->data);
3449      -                        continue;
3450 3540  
3451      -                case 2: /* Expression */
3452      -                        state = 0;
3453      -                        if (!evaluate_expression(expr))
3454      -                                return;
3455      -                        if (!lvalue_expression(expr))
3456      -                                warning(expr->pos, "asm output is not an lvalue");
3457      -                        evaluate_assign_to(expr, expr->ctype);
3458      -                        continue;
3459      -                }
3460      -        } END_FOR_EACH_PTR(expr);
     3541 +                /* Expression */
     3542 +                expr = op->expr;
     3543 +                if (!evaluate_expression(expr))
     3544 +                        return;
     3545 +                if (!lvalue_expression(expr))
     3546 +                        warning(expr->pos, "asm output is not an lvalue");
     3547 +                evaluate_assign_to(expr, expr->ctype);
     3548 +        } END_FOR_EACH_PTR(op);
3461 3549  
3462      -        state = 0;
3463      -        FOR_EACH_PTR(stmt->asm_inputs, expr) {
3464      -                switch (state) {
3465      -                case 0: /* Identifier */
3466      -                        state = 1;
3467      -                        continue;
     3550 +        FOR_EACH_PTR(stmt->asm_inputs, op) {
     3551 +                /* Identifier */
3468 3552  
3469      -                case 1: /* Constraint */
3470      -                        state = 2;
3471      -                        if (!expr || expr->type != EXPR_STRING) {
3472      -                                sparse_error(expr ? expr->pos : stmt->pos, "asm input constraint is not a string");
3473      -                                *THIS_ADDRESS(expr) = NULL;
3474      -                                continue;
3475      -                        }
     3553 +                /* Constraint */
     3554 +                expr = op->constraint;
     3555 +                if (!expr || expr->type != EXPR_STRING) {
     3556 +                        sparse_error(expr ? expr->pos : stmt->pos, "asm input constraint is not a string");
     3557 +                        op->constraint = NULL;
     3558 +                } else
3476 3559                          verify_input_constraint(expr, expr->string->data);
3477      -                        continue;
3478 3560  
3479      -                case 2: /* Expression */
3480      -                        state = 0;
3481      -                        if (!evaluate_expression(expr))
3482      -                                return;
3483      -                        continue;
3484      -                }
3485      -        } END_FOR_EACH_PTR(expr);
     3561 +                /* Expression */
     3562 +                if (!evaluate_expression(op->expr))
     3563 +                        return;
     3564 +        } END_FOR_EACH_PTR(op);
3486 3565  
3487 3566          FOR_EACH_PTR(stmt->asm_clobbers, expr) {
3488 3567                  if (!expr) {
3489 3568                          sparse_error(stmt->pos, "bad asm clobbers");
3490 3569                          return;
3491 3570                  }
3492 3571                  if (expr->type == EXPR_STRING)
3493 3572                          continue;
3494 3573                  expression_error(expr, "asm clobber is not a string");
3495 3574          } END_FOR_EACH_PTR(expr);
↓ open down ↓ 79 lines elided ↑ open up ↑
3575 3654                  struct statement *case_stmt = sym->stmt;
3576 3655                  check_case_type(sel, case_stmt->case_expression, enumcase_holder);
3577 3656                  check_case_type(sel, case_stmt->case_to, enumcase_holder);
3578 3657          } END_FOR_EACH_PTR(sym);
3579 3658  }
3580 3659  
3581 3660  static void evaluate_goto_statement(struct statement *stmt)
3582 3661  {
3583 3662          struct symbol *label = stmt->goto_label;
3584 3663  
3585      -        if (label && !label->stmt && !lookup_keyword(label->ident, NS_KEYWORD))
     3664 +        if (label && !label->stmt && label->ident && !lookup_keyword(label->ident, NS_KEYWORD))
3586 3665                  sparse_error(stmt->pos, "label '%s' was not declared", show_ident(label->ident));
3587 3666  
3588 3667          evaluate_expression(stmt->goto_expression);
3589 3668  }
3590 3669  
3591 3670  struct symbol *evaluate_statement(struct statement *stmt)
3592 3671  {
3593 3672          if (!stmt)
3594 3673                  return NULL;
3595 3674  
↓ open down ↓ 71 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX