| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
'fix-volatile-simplification', 'struct-asm-ops', 'restricted-pointers', 'fix-f2i-casts', 'symaddr-description', 'flush-stdout' and 'diet-simple' into tip
|
|
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
|
|
This is slightly shorter (and thus may avoid long lines) and
facilitate the introduction of MOD_RETRICT in a later patch.
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
|
|
ASM operands have the following syntax:
[<ident>] "<constraint>" '(' <expr> ')'
For some reasons, during parsing this is stored
as a sequence of 3 expressions. This has some serious
disadvantages though:
- <ident> has not the type of an expression
- it complicates processing when compared to having a specific
struct for it (need to loop & maintain some state).
- <ident> is optional and stored as a null pointer when not present
which is annoying, for example, if null pointers are used internally
in ptr-lists to mark removed pointers.
Fix this by using a specific structure to store the 3 elements
of ASM operands.
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
|
|
|
|
It's often the case that we simply need the expr's truth value.
To get the value of an expression or simply if we need to know
if it's a constant value we can use some functions like
get_expression_value() or const_expression_value() depending
on the type of warning needed if the expression is not constant
(for various definition of constant).
However none of these functions take in account the fact that
a comma expression can also have a value known at compile time.
In order to not introduce unwanted change elsewheer in the code,
introduce a new function expr_truth_value() which never warn
but will return -1 if the expr have no known boolean value.
Note: the whole set of functions should be unified to take comma
expressions in account when needed.
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
|
|
Even if sparse attempted to verify that initializers for static storage
duration objects are constant expressions [6.7.8(4)] (which it
currently does not), it could not tell reliably.
Example:
enum { b = 0 };
static void *c = { (void*)b }; /* disallowed by C99 */
References to enum members are not allowed in address constants [6.6(9)]
and thus, the initializer is not a constant expression at all.
Prepare for a more fine-grained tracking of expression constness in the
sense of C99 [6.4.4, 6.6].
Introduce a broader set of constness tracking flags, resembling the
four types of primary expression constants [6.4.4] (integer, floating,
enumeration, character). Define helper macros to consistently set and
clear these flags as they are not completely independent.
In particular, introduce the following flags for tagging expression constness
at the level of primary expressions:
- CEF_INT: integer constant, i.e. literal
- CEF_FLOAT: floating point constant (former Float_literal flag)
- CEF_ENUM: enumeration constant
- CEF_CHAR: character constant
Introduce the CEF_ICE flag meant for tagging integer constant
expressions. It is equivalent to the former Int_const_expr flag.
Note that CEF_INT, CEF_ENUM and CEF_CHAR flags imply CEF_ICE being set.
Signed-off-by: Nicolai Stange <nicstange@gmail.com>
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
|
|
The test wasn't using is_float_type() and thus missed
SYM_NODE->SUM_BASETYPE::fp_type.
Use is_float_type() now.
Reported-by: Dibyendu Majumdar <mobile@majumdar.org.uk>
CC: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
|
|
When an array is initialized, it may be convenient to first
initialize all entries with some default value via the
'[a ... b]' notation and then override some of these entries
with a non-default value. Unfortunately, this, of course,
is not compatible with the default warning flag '-Woverride-init'.
Fix this by introducing an exception to the usual detection
of overlapping initializers which, only for what concerns this
warning, ignore an '[a ... b]' entry if:
- it is the first one
- it covers the whole range of the array.
If needed, the previous ehaviour can be restored by using a new
warning flag, disabled by default: '-Woverride-init-whole-range'.
Suggested-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
Signed-off-by: Christopher Li <sparse@chrisli.org>
|
|
The current routine checking if some initializers overlap with each
others only check the offset of the initialierd fields, not taking
in account that array elements can be initialized by range with the
'[a ... b]' notation.
Fix this by changing the check so that now we compare the offset of
the current field with the end of the previous one.
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
Signed-off-by: Christopher Li <sparse@chrisli.org>
|
|
By default, sparse only warns on the first overlapping initialier.
While this may be sensible for most situation, it's not always wanted
to hide those others errors. This is especially annoying when testing.
Change this by introducing a new warning flag '-Woverride-init-all',
disabled by default and whose intented use is sparse's testsuite.
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
Signed-off-by: Christopher Li <sparse@chrisli.org>
|
|
Sparse warns unconditionally about overlapping initilalizers.
Introduces a warning flag to control this, use the same name
as GCC's and enabled it by default.
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
Signed-off-by: Christopher Li <sparse@chrisli.org>
|
|
Expansion cost of an expression should be a monotonically
increasing function of its sub-expressions.
Here, for the costs of calling a pure function, the costs is
reset to zero (wich is used when the expression expand to
a constant/to test if the expression is a constant or not).
Fix this by setting the cost as the total expansion cost of
all the arguments plus one for the function itself.
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
Signed-off-by: Christopher Li <sparse@chrisli.org>
|
|
No functional changes, just move some code around and rename
'eval_init_table[]' to 'builtins_table[]'.
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
Signed-off-by: Christopher Li <sparse@chrisli.org>
|
|
The old code was relicensed by Novafora Corporation, successor in interest to
Transmeta Corporation, in 2009. Other authors were also asked about the change
of their contributions to the MIT license and all with copyrightable changes
agreed to it.
Signed-off-by: Franz Schrober <franzschrober@yahoo.de>
Acked-by: Adam DiCarlo <adam@bikko.org>
Acked-by: Al Viro <viro@ZenIV.linux.org.uk>
Acked-by: Alberto Bertogli <albertito@blitiri.com.ar>
Acked-by: Alecs King <alecs@perlchina.org>
Acked-by: Alexander Shishkin <alexander.shishckin@gmail.com>
Acked-by: Alexey Dobriyan <adobriyan@gmail.com>
Acked-by: Alexey Zaytsev <alexey.zaytsev@gmail.com>
Acked-by: Andries E. Brouwer <Andries.Brouwer@cwi.nl>
Acked-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
Acked-by: Atsushi Nemoto <anemo@mba.ocn.ne.jp>
Acked-by: Ben Pfaff <blp@nicira.com>
Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Acked-by: Bernd Petrovitsch <bernd@petrovitsch.priv.at>
Acked-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
Acked-by: Blue Swirl <blauwirbel@gmail.com>
Acked-by: Chris Forbes <chrisf@ijw.co.nz>
Acked-by: Chris Wedgwood <cw@f00f.org>
Acked-by: Christopher Li <sparse@chrisli.org>
Acked-by: Damien Lespiau <damien.lespiau@gmail.com>
Acked-by: Dan Carpenter <error27@gmail.com>
Acked-by: Dan McGee <dan@archlinux.org>
Acked-by: Daniel De Graaf <danieldegraaf@gmail.com>
Acked-by: Daniel Sheridan <dan.sheridan@postman.org.uk>
Acked-by: Dave Jones <davej@redhat.com>
Acked-by: David Given <dg@cowlark.com>
Acked-by: David Miller <davem@redhat.com>
Acked-by: David Mosberger-Tang <dmosberger@gmail.com>
Acked-by: David Olien <David.Olien@lsi.com>
Acked-by: Diego Elio Pettenò <flameeyes@flameeyes.eu>
Acked-by: Emil Medve <Emilian.Medve@Freescale.com>
Acked-by: Ethan Jackson <jacksone@nicira.com>
Acked-by: Florian Fainelli <f.fainelli@gmail.com>
Acked-by: Frank Zago <fzago@systemfabricworks.com>
Acked-by: Frederic Crozat <fcrozat@suse.com>
Acked-by: Geoff Johnstone <geoff.johnstone@gmail.com>
Acked-by: Hannes Eder <hannes@hanneseder.net>
Acked-by: Jan Pokorný <pokorny_jan@seznam.cz>
Acked-by: Jeff Garzik <jgarzik@redhat.com>
Acked-by: Jiri Slaby <jslaby@suse.cz>
Acked-by: Joe Perches <joe@perches.com>
Acked-by: Joel Soete <rubisher@scarlet.be>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Acked-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Acked-by: Josh Triplett <josh@kernel.org>
Acked-by: Kamil Dudka <kdudka@redhat.com>
Acked-by: Kim Phillips <kim.phillips@linaro.org>
Acked-by: KOSAKI Motohiro <kosaki.motohiro@gmail.com>
Acked-by: Kovarththanan Rajaratnam <kovarththanan.rajaratnam@gmail.com>
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Acked-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
Acked-by: Martin Nagy <nagy.martin@gmail.com>
Acked-by: Masatake YAMATO <yamato@redhat.com>
Acked-by: Mauro Dreissig <mukadr@gmail.com>
Acked-by: Michael Büsch <m@bues.ch>
Acked-by: Michael Stefaniuc <mstefani@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Mika Kukkonen <mikukkon@iki.fi>
Acked-by: Mike Frysinger <vapier@gentoo.org>
Acked-by: Mitesh Shah <Mitesh.Shah@synopsys.com>
Acked-by: Morten Welinder <mortenw@gnome.org>
Acked-by: Namhyung Kim <namhyung@gmail.com>
Acked-by: Nicolas Kaiser <nikai@nikai.net>
Acked-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Pavel Roskin <proski@gnu.org>
Acked-by: Pekka Enberg <penberg@cs.helsinki.fi>
Acked-by: Peter Jones <pjones@redhat.com>
Acked-by: Peter A Jonsson <pj@sics.se>
Acked-by: Ralf Wildenhues <Ralf.Wildenhues@gmx.de>
Acked-by: Ramsay Jones <ramsay@ramsay1.demon.co.uk>
Acked-by: Randy Dunlap <rdunlap@xenotime.net>
Acked-by: Reinhard Tartler <siretart@tauware.de>
Ached-by: Richard Knutsson <richard.knutsson@gmail.com>
Acked-by: Rob Taylor <rob.taylor@codethink.co.uk>
Acked-by: Rui Saraiva <rmpsaraiva@gmail.com>
Acked-by: Ryan Anderson <ryan@michonline.com>
Acked-by: Sam Ravnborg <sam@ravnborg.org>
Acked-by: Samuel Bronson <naesten@gmail.com>
Acked-by: Santtu Hyrkkö <santtu.hyrkko@gmail.com>
Acked-by: Shakthi Kannan <shakthimaan@gmail.com>
Acked-by: Stephen Hemminger <shemminger@linux-foundation.org>
Acked-by: Thomas Schmid <Thomas.Schmid@br-automation.com>
Acked-by: Tilman Sauerbeck <tilman@code-monkey.de>
Acked-by: Vegard Nossum <vegardno@ifi.uio.no>
Acked-by: Xi Wang <xi.wang@gmail.com>
Acked-by: Yura Pakhuchiy <pakhuchiy@gmail.com>
Signed-off-by: Christopher Li <sparse@chrisli.org>
|
|
Avoid evaluating INT_MIN / -1 and INT_MIN % -1, which will trap on x86
and crash sparse.
Signed-off-by: Xi Wang <xi.wang@gmail.com>
Signed-off-by: Christopher Li <sparse@chrisli.org>
|
|
The previous warning about bad constant is actually
mean for variable length array.
Signed-off-by: Christopher Li <sparse@chrisli.org>
|
|
Casting to _Bool requires a zero test rather than truncation. Also add
a new cast warning for _Bool since this is not about truncation.
Cc: Pekka Enberg <penberg@kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Xi Wang <xi.wang@gmail.com>
Signed-off-by: Christopher Li <sparse@chrisli.org>
|
|
This patch fixes __builtin_safe_p() to work properly for calls to pure
functions.
Cc: Christopher Li <sparse@chrisli.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Pekka Enberg <penberg@kernel.org>
Signed-off-by: Christopher Li <sparse@chrisli.org>
|
|
GCC provides a 128 bit type called internally as TImode (__int128_t)on 64 bit
platforms (at least x86_64 and Sparc64). These types are used by OpenBIOS.
Add support for types "long long long", __mode__(TI) and __(u)int128_t.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Christopher Li <sparse@chrisli.org>
|
|
Was:Re: Initializing float variables without type suffix)
> cast_to() seems fine.
>
> In expanding stage, cast_value() did not cast the constant
> correctly.
You're right, I also noticed this in the meantime.
The decision, whether newtype is int_type or fp_type is not made
correctly.
The following patch seems to work:
Fix implicit cast to float
Patch modified by Chris.
Signed-Off-By: Thomas Schmid <Thomas.Schmid@br-automation.com>
Signed-Off-By: Christopher Li <sparse@chrisli.org>
|
|
Signed-off-by: David Given <dg@cowlark.com>
[negative value division fixed by alexey.zaytsev@gmal.com]
Signed-off-by: Alexey Zaytsev <alexey.zaytsev@gmail.com>
|
|
Signed-off-by: Josh Triplett <josh@freedesktop.org>
|
|
Signed-off-by: Josh Triplett <josh@freedesktop.org>
|
|
Errors make Sparse stop emitting warnings. Only parse errors and similar
"cannot proceed" errors should call sparse_error.
Signed-off-by: Josh Triplett <josh@kernel.org>
|
|
a) qualifiers should not be ignored beyond the top layer
b) qualifiers *should* be ignored in top layer of function arguments
c) change prototype - pass ctype * instead of symbol * and pass
"what to add to modifiers in that ctype" instead of "what to ignore".
We are still not quite done (there are incomplete types, there
are array size comparisons, there is lifting of signedness logics
into compatible_assignment_types()), but it's a much better approximation.
BTW, it's already good enough for kernel ARRAY_SIZE(), which
has become a major source of noise lately...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
[Josh: prototype fix]
Signed-off-by: Josh Triplett <josh@freedesktop.org>
|
|
Turn FORCE_MOD into storage class specifier (that's how it's
actually used and that makes for much simpler logics).
Introduce explicit EXPR_FORCE_CAST for forced casts; handle it
properly.
Kill the idiocy in get_as() (we end up picking the oddest things
for address space - e.g. if we have int __attribute__((address_space(1))) *p,
we'll get warnings about removal of address space when we do things like
(unsigned short)*p. Fixed. BTW, that had caught a bunch of very odd
bogosities in the kernel and eliminated several false positives in there.
As the result, get_as() is gone now and evaluate_cast() got simpler.
Kill the similar idiocy in handling pointer assignments; while we are at it,
fix the qualifiers check for assignments to/from void * (you can't assign
const int * to void * - qualifiers on the left side should be no less than
on the right one; for normal codepath we get that checked, but the special
case of void * skips these checks).
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
|
AFAICS, that should do null pointer constants right. We assign
special instance of void * (&null_ctype) to (void *)<zero integer
constant expression> and replace it with normal void * when we
don't want null pointer constant. is_zero_constant() checks if
we have an integer constant expression, does conservative expand
(i.e. instead of generating an error on 1/0, etc. leaves the
node unreplaced) and checks if we have reduced the sucker to
EXPR_VALUE[0] without comma taint.
Implemented all (AFAICS) special cases involving null pointer
constants; most changes in evaluate_compare() and evaluate_conditional().
Both are still incomplete; handling of qualifiers is still missing,
but that's a separate story.
Note that we get two new sets of warnings on the kernel build; one is
due to wrong size_t (handled in the next patch; didn't show up until
now since we didn't warn on comparison of pointers to incompatible
types) and another is a pile of warnings about integer 0 used as NULL
on
if (p == 0)
where p is a pointer. Additionally, there's an idiotic
(p>0)
in one place (again, p is a pointer). Bugger if I know how gcc doesn't
warn on that one, it's certainly a standard violation and bloody pointless
even as extension...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
|
Treat it as normal binary operation, taint the value, check the taint.
We can do other kind of value tainting with the same infrastructure
as well...
Review and testing would be welcome; AFAICS, it works, but...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
|
Hopefully correct handling of integer constant expressions. Please, review.
Rules:
* two new flags for expression: int_const_expr and float_literal.
* parser sets them by the following rules:
* EXPR_FVALUE gets float_literal
* EXPR_VALUE gets int_const_expr
* EXPR_PREOP[(] inherits from argument
* EXPR_SIZEOF, EXPR_PTRSIZEOF, EXPR_ALIGNOF get int_const_expr
* EXPR_BINOP, EXPR_COMPARE, EXPR_LOGICAL, EXPR_CONDITIONAL,
EXPR_PREOP[+,-,!,~]: get marked int_const_expr if all their
arguments are marked that way
* EXPR_CAST gets marked int_const_expr if argument is marked
that way; if argument is marked float_literal but not
int_const_expr, we get both flags set.
* EXPR_TYPE also gets marked int_const_expr (to make it DTRT
on the builtin_same_type_p() et.al.)
* EXPR_OFFSETOF gets marked int_const_expr
When we get an expression from parser, we know that having int_const_expr on
it is almost equivalent to "it's an integer constant expression". Indeed,
the only checks we still have not done are that all casts present in there
are to integer types, that expression is correctly typed and that all indices
in offsetof are integer constant expressions. That belongs to evaluate_expression()
and is easily done there.
* evaluate_expression() removes int_const_expr from some nodes:
* EXPR_BINOP, EXPR_COMPARE, EXPR_LOGICAL, EXPR_CONDITIONAL,
EXPR_PREOP: if the node is marked int_const_expr and some
of its arguments are not marked that way once we have
done evaluate_expression() on them, unmark our node.
* EXPR_IMLICIT_CAST: inherit flags from argument.
* cannibalizing nodes in *& and &* simplifications: unmark
the result.
* EXPR_CAST: unmark if we are casting not to an integer type.
Unmark if argument is not marked with int_const_expr after
evaluate_expression() on it *and* our node is not marked
float_literal (i.e. (int)0.0 is fine with us).
* EXPR_BINOP created (or cannibalizing EXPR_OFFSETOF) by
evaluation of evaluate_offsetof() get int_const_expr
if both arguments (already typechecked) have int_const_expr.
* unmark node when we declare it mistyped.
That does it - after evaluate_expression() we keep int_const_expr only if
expression was a valid integer constant expression.
Remaining issue: VLA handling. Right now sparse doesn't deal with those in
any sane way, but once we start handling their sizeof, we'll need to check
that type is constant-sized before marking EXPR_SIZEOF int_const_expr.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
|
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
|
Fix the check for overlapping initializers; the current code tries to
skip ones with zero ->bit_size, but doesn't get it right.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
|
expand_compare could dereference left->ctype without checking that left !=
NULL. Fix that, by extending the check for (left && right) around most of the
function.
Thanks to Florian Krohm of IBM for reporting the problem.
Signed-off-by: Josh Triplett <josh@freedesktop.org>
|
|
Signed-off-by: Josh Triplett <josh@freedesktop.org>
|
|
Signed-off-by: Josh Triplett <josh@freedesktop.org>
|
|
For inline functions, Sparse inlines the function body at evaluation. It is
very hard to find out the original function call. This change preserves the
original call as an annotation.
Signed-Off-By: Christopher Li <sparse@chrisli.org>
|
|
Add a new function expression_error, which works just like
sparse_error but also installs a bad_ctype into the expression.
Signed-Off-By: Christopher Li <sparse@chrisli.org>
|
|
Signed-Off-By: Christopher Li <sparse@chrisli.org>
|
|
Signed-off-by: Pavel Roskin <proski@gnu.org>
Signed-off-by: Josh Triplett <josh@freedesktop.org>
|
|
|
|
bit_offset() doesn't deal with nested designators.
Fixed, testcase added.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
|
If a field of a structure has size 0 (which happens with an empty struct), the
subsequent field will have the same offset. Assigning to both thus triggers
the "Initializer entry defined twice" error, which should not happen. Change
verify_nonoverlapping to not warn about overlaps where the first field has
size 0.
Add a validation file (validation/initializer-entry-defined-twice.c) for this
warning, which covers two cases where it should trigger (same struct field
twice; two fields of a union) and this case where it should not.
Signed-off-by: Josh Triplett <josh@freedesktop.org>
|
|
Surprisingly, gcc apparently doesn't warn/notice. And yes, we had at
least one such error in the kernel due to some over-eager cut-and-paste
happening.
[ Side note: this should also fix a problem with bitfields at byte
offset zero not necessarily getting sorted right. Not that that would
have likely affected any current usage of sparse. ]
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Add the ability to turn off checks for casts that truncate constant values
using -Wno-cast-truncate, helpful when attempting to track down a particular
class of warnings only without losing them amongst others. Checks for
truncating casts default to on, so this does not change the default behavior
of sparse.
Signed-off-by: Josh Triplett <josh@freedesktop.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
This removes the list of symbols for block statements, and instead makes
a declaration be a statement of its own.
This is necessary to correctly handle the case of mixed statements and
declarations correctly, since the order of declarations and statements
is meaningful.
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Mitesh Shah (and others) report that broken libc's will have their own
"error()" that the sparse naming clashes with.
So use a sed-script to rewrite all the occurrences.
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
This shares more of the code with the regular constant symbol
dereference, and in the process should fix the case of offset zero.
|
|
It's really the same thing as a constant variable.
|
|
This replaceq calls to warning() with error() at places where (I think)
the gcc reports an error. Also added a global variable die_if_error
which is set if there is one or more errors. If someone wants to stop
processing further, can check for the variable.
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
This means that we can do
#if defined(TOKEN) && TOKEN > 1
and we will _not_ warn even with -Wundef, since the "TOKEN > 1" test
will never even be expanded if TOKEN isn't defined.
Al Viro gets credit for the algorithm changes, I just did the actual coding.
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
|
|
It's disgusting how intimate lib.c is with all the types,
and this is slowly trying to split things up a bit. Now
the intimate part is in allocate.c, but maybe we can get
to the point where each allocation user just declares its
own allocation strategy, and just uses the generic routines
in allocate.c
|
|
|
|
to handle the case where the result is the conditional.
|
|
|
|
I used to think I needed it. That's no longer the case: we just
follow the "bit_offset" in the type information.
There may be cases where we inadvertently cast the information
away, and those places will break now, but that's a bug really,
not an excuse for EXPR_BITFIELD.
|
|
This also makes our evaluation simplification only happen
for the implied ones. If you put an explicit cast somewhere,
it does _not_ get combined with an implied one.
|
|
We need to ignore the bits that weren't valid
in the old type.
|
|
Show the old value with as many bits as it had originally,
not with the full - possibly sign-extended - set of bits.
|
|
Is this a valid warning? I suspect we may want to make it conditional.
But it does point out some half-way suspicious code in the kernel (of
the "it works, but maybe it wasn't really robust" variety).
|
|
We turn it into a proper (tmp = x, tmp ? tmp : y) at evaluation
time, so later phases never have to worry about the issue. But
some of the old code lingered.
|
|
The cost of constants is 0. It matters now that we use this
cost for __builtin_const_p().
|
|
While __builtin_constant_p() tells you whether an expression is
constant, __builtin_safe_p() tells you whether it has side effects.
NOTE! A "safe" expression can still access pointers and generally
cause SIGSEGV and chaos. But it's useful to check whether a macro
argument can safely be used multiple times, for example.
Suggested use something like
#define MY_MACRO(a) do { \
__builtin_warning(!__builtin_safe_p(a), "Macro argument with side effects"); \
... use 'a' multiple times ...
which does the obvious thing.
|
|
Turn a trivial STMT_COMPOUND into its single statement. And if,
as a result, we can turn a EXPR_STATEMENT of a STMT_EXPRESSION
into it's simple expression, all the better.
|
|
It just ends up propagating the expression to the linearizer,
which creates an internal "context" instruction for it.
|
|
returns the size of the underlying object.
This is different from "sizeof(*expr)" for arrays, where
the array would degenerate to a pointer to one member, and
thus "sizeof(*expr)" gives the size of one entry in the
array.
Why do this? It's useful for things like
#define memset(a,b,c) ({ \
(void) __builtin_warning(__sizeof_ptr__(a) > 1, __sizeof_ptr__(a) != (c), "check memset size"); \
memset(a, b, c); })
where we really want to check the size of the object we're
doing the "memset()" on, but the regular sizeof() just doesn't
cut it.
|
|
It's not an error, it just is pretty rare. It happens when there
are bitfields that are all at byte offset zero, and we need to
allocate a new EXPR_POS when we offset these bitfields due to
them being inside a nested initializer.
|
|
- handling of "unexpanded identifiers should be replaced with 0" is
moved to pre-process.c and done on token replacement level
- warning about such replacement made conditional
- expand() and expand_one_symbol() return int now - it's "is the first
token completely expanded now" (simplifies the life in #if handling,
etc.)
- crud removed from evaluate.c and expand.c
|
|
|
|
This should mean that the initializers are nicely sorted
in ascending order, which makes it possible to check for
duplicates and just in general is a good idea. We also need
the sorted order to emit the dang things, after all.
|
|
Otherwise the inner levels get the wrong offsets, because they
haven't added up the depth of the outer ones yet.
|
|
We move the offset from EXPR_POS into each of the EXPR_INITIALIZER
entries - they should all have an EXPR_POS themselves, except for
one potential zero-offset one (which we turn into an EXPR_POS by
re-using the now unused nested EXPR_INITIALIZER).
|
|
They happen with the new
struct xxx x = { .a.b[10].c = val; }
syntax.
|
|
Obviously we should have just exited earlier, but this allows us to
survive past errors.
|
|
We used to trigger the size check only when shifting constant
values by a constant value. Which is obviously bogus - we should
check the shift amount even for a non-const left side.
Noticed by Eric Sesterhenn
|
|
|
|
warn->warning
error->error_die
new error
lib.h:
warn->warning
error->error_die
new error
Add gcc format checking to warning/error/...
|
|
..and switch us entirely over to the new naming scheme.
All the nasty work of going through the users thanks to Chris Li.
|
|
A "might take an exception" expression may not be re-ordered very
much wrt other expressions, but it _can_ be dropped entirely if it
is part of an expression that has no other effect.
In contrast, a real side effect obviously can't be dropped.
|
|
Cset exclude: welinder@troll.com|ChangeSet|20040812190029|57250
Cset exclude: welinder@troll.com|ChangeSet|20040812184608|57271
Cset exclude: welinder@troll.com|ChangeSet|20040812175907|57697
Cset exclude: welinder@troll.com|ChangeSet|20040812160921|53242
|
|
|
|
Handling of non-lvalue compound objects:
We introduce a new primitive - EXPR_SLICE. Meaning is "that many bits
from that offset in that non-lvalue struct or union". It is used when
we try to get a member out of a non-lvalue struct or union (subsequent .<field>
just narrow the slice). And as far as scalar, struct and union fields count,
that's it. The only subtle point is handling of array fields. And there
I'm doing what C99 requires - they *do* decay to real, honest pointers,
causing a copy of object to memory if needed. We get an anonymous object
that lives until the next sequence point; optimizer is certainly free to
get rid of it completely if it can make do with the value we'd copied there.
Note that you _are_ allowed to say
foo().a[1] = 0;
It doesn't make sense, since the value you've assigned will be immediately
lost (and any optimizer will turn that into f()), but it is legitimate and
it avoids a *lot* of PITA in describing semantics.
It covers only array decay - any other member of non-lvalue struct or union
is *not* an lvalue and in
struct foo {int x; int y[2];};
struct foo a(void);
...
a().x = 0; /* not allowed, non-lvalue */
a().y[0] = 1; /* allowed, but pointless */
you will get an error from the first assignment, but not from the second
one.
Signed-off-by: Al Viro <viro@parcelfarce.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Don't complain over undefined preprocessor symbols that start
with an underscore.
This helps quiet a gazillion errors with _cplusplus and others
used by solaris' system headers.
This change may or may not be approapriate on a glibc system.
|
|
Handle integer overflow in unary minus.
|
|
Another case of prematurely loading floating point values.
|
|
"constantness" is probably not a word.
|
|
Make linearize.h show the right ops for the logical (as opposed to
binary) and/or EXPR_BINOP.
|
|
expression.
This is just a very high-level cost, mainly distinguishing
between "safe" and "unsafe" operations, so that we can
determine if we can turn a C conditional into a select
statement, or a logical op into one without short-ciruiting.
|
|
It's the same as a regular C conditional, except you could
evaluate both sides first. Right now we treat it exactly
the same as an EXPR_CONDITIONAL.
|
|
and handle signed division overflow.
Noted by Morten Welinder.
|
|
simplify_float_cmp loads the two values before it checks that they
really are values. (Whereas simplify_float_preop loads after.)
Loading random bit patterns in floating point registers is known to make
Alphas rather upset.
|
|
|
|
FP handling added, everything straightforward by now.
|
|
x && y is x ? (y != 0) : 0, not x ? y : 0. simplify_logical() ended up
with e.g. 2 && 2 being simplified to 2, which is not a good idea.
|
|
simplify_int_binop() was completely broken for comparisons - there the
signedness of (converted) arguments can not be obtained from type of
result. IOW, we had all comparisons in constant expressions done as
signed ones.
Fixed by introducing new primitives for unsigned versions of
comparions (SPECIAL_UNSIGNED_LT, etc.) and remapping in evaluate_compare()
once we know the types. That also fixes similar mess in compile-i386 and
linearize.
|
|
Also remember to do it for the increment and decrement operations.
|
|
|
|
This teaches sparse what __alignof__ really means, instead of just using
the same code as "__sizeof__"
It gets rid of the warnings in ebtables that does:
struct ebt_entries {
...
char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace)));
};
Which caused warning because sparse was evaluating __alignof__ as the same as sizeof,
and sizeof was 57 (ie non-power of 2).
This is just based on the existing code and a peek at the data
structures in expression and symbol.
|
|
This makes "-m64" actually work.
|
|
There's some bug in the code that should fix
&xx[0]
to be the same as "xx", because a zero-offset
dereference has a special (broken) optimization.
I'm too tired to find the bug, so add the
comment so that nobody else ends up being confused
about it.
|
|
We should check the type of the resulting expression
and not worry about how that expression came about.
|
|
Export "type_difference()" for type equality testing
in expand.c.
Evaluate the type in a EXPR_TYPE expression.
|
|
comparisons etc:
if (typeof(a) == int) {
...
(although right now I don't actually do the proper comparison
expansion and all comparisons return "true").
|
|
They were only used for the original pre-instruction
linearization.
|
|
|
|
This lets us get the type of comparison right.
|
|
This doesn't actually get them _right_, but as long as they
end up being constant when used, we at least silently ignore
them until then.
|
|
|
|
is unreachable from the top might still be reachable
through a label inside of it.
|
|
isn't the sole copyright owner these days.
|
|
function call interface over to the much more readable
FOR_EACH_PTR() approach. No need for silly one-line iterator
functions.
|
|
in order to see NULL pointer expressions immediately.
We want NULL pointers to be visible as such at type check time,
long before we do the full expansion/simplification phase.
A NULL pointer is a weaker type than a normal (void *), since
it has no context or address space associated with it, for example.
|
|
- it only happens at evaluate time
- it akes the new context be the "superset" of
the context of the inliner and inlinee.
|
|
does type evaluation, the second one does value evaluation
and inline expansion.
This has the advantage that by the time we do value evaluation
and inline expansion, we have traversed the tree fully once,
which allows us to take advantage of function-global information,
ie we know whether symbols have ever been accessed etc.
|
