[PATCH] Add a truncation warning for values under a bitwise or
Sam Panzer
espanz at gmail.com
Thu Feb 21 12:23:54 PST 2013
Implemented rsmith's suggestions to include other operations.
I wonder if it might be worthwhile to warn on bitwise-ands which are zeroed out:
int8_t x;
x &= 0xff00; // This is just x = 0!
http://llvm-reviews.chandlerc.com/D405
CHANGE SINCE LAST DIFF
http://llvm-reviews.chandlerc.com/D405?vs=987&id=1069#toc
Files:
lib/Sema/SemaChecking.cpp
test/Sema/constant-conversion.c
test/Sema/shift.c
Index: lib/Sema/SemaChecking.cpp
===================================================================
--- lib/Sema/SemaChecking.cpp
+++ lib/Sema/SemaChecking.cpp
@@ -4778,6 +4778,54 @@
}
}
+// Determine if E is an expression prone to implicit narrowing bugs, containing
+// a constant. If so, Value is set to the value of that constant.
+static bool OperandMightImplicitlyNarrow(Sema &S, llvm::APSInt &Value,
+ Expr *E) {
+ BinaryOperator *Bop = dyn_cast<BinaryOperator>(E);
+ if (!Bop)
+ return false;
+
+ switch (Bop->getOpcode()) {
+ case BO_Or:
+ case BO_OrAssign:
+ case BO_Add:
+ case BO_AddAssign:
+ case BO_Sub:
+ case BO_SubAssign:
+ case BO_Mul:
+ case BO_MulAssign:
+ case BO_Xor:
+ case BO_XorAssign:
+ return Bop->getLHS()->EvaluateAsInt(Value, S.Context,
+ Expr::SE_AllowSideEffects) ||
+ Bop->getRHS()->EvaluateAsInt(Value, S.Context,
+ Expr::SE_AllowSideEffects);
+
+ // We can ignore the left side of the comma operator, since the value is
+ // explicitly ignored anyway.
+ case BO_Comma:
+ return Bop->getRHS()->EvaluateAsInt(Value, S.Context,
+ Expr::SE_AllowSideEffects);
+ case BO_Shl:
+ case BO_ShlAssign:
+ return Bop->getLHS()->EvaluateAsInt(Value, S.Context,
+ Expr::SE_AllowSideEffects);
+ default:
+ break;
+ }
+ return false;
+}
+
+// Returns true when Value's value would change when narrowed to TargetRange.
+static bool TruncationChangesValue(const llvm::APSInt &Value,
+ const IntRange &TargetRange) {
+ bool isSigned = !TargetRange.NonNegative;
+ llvm::APSInt UnsignedValue(Value);
+ return (!isSigned && UnsignedValue.getActiveBits() > TargetRange.Width) ||
+ (isSigned && Value.getMinSignedBits() > TargetRange.Width);
+}
+
void CheckImplicitConversion(Sema &S, Expr *E, QualType T,
SourceLocation CC, bool *ICContext = 0) {
if (E->isTypeDependent() || E->isValueDependent()) return;
@@ -4962,9 +5010,17 @@
if (SourceRange.Width > TargetRange.Width) {
// If the source is a constant, use a default-on diagnostic.
+ // Also use a default-on diagnostic if the source is involved in a
+ // narrowing-prone operation with a constant.
// TODO: this should happen for bitfield stores, too.
llvm::APSInt Value(32);
- if (E->isIntegerConstantExpr(Value, S.Context)) {
+ if (E->isIntegerConstantExpr(Value, S.Context) ||
+ OperandMightImplicitlyNarrow(S, Value, E)) {
+ // In case the number involved happens to be a wide type but have a
+ // small value nonetheless, don't issue a warning.
+ if (!TruncationChangesValue(Value, TargetRange))
+ return;
+
if (S.SourceMgr.isInSystemMacro(CC))
return;
@@ -5114,6 +5170,22 @@
if (E->getType() != T)
CheckImplicitConversion(S, E, T, CC);
+ // For CompoundAssignmentOperators, check the conversion from the computed
+ // LHS type to the type of the assignee.
+ if (CompoundAssignOperator *CAO = dyn_cast<CompoundAssignOperator>(E)) {
+ QualType LHST = CAO->getComputationLHSType();
+ // This CheckImplicitConversion would trigger a warning in addition to the
+ // more serious problem of using NULLs in arithmetic.
+ // Let the call to CheckImplicitConversion on the child expressions at the
+ // bottom of this function handle them by filtering those out here.
+ if (LHST != T &&
+ T->isIntegralType(S.Context) && LHST->isIntegralType(S.Context) &&
+ CAO->getRHS()->isNullPointerConstant(S.Context,
+ Expr::NPC_ValueDependentIsNotNull)
+ != Expr::NPCK_GNUNull)
+ CheckImplicitConversion(S, CAO->getRHS(), T, CC);
+ }
+
// Now continue drilling into this expression.
// Skip past explicit casts.
@@ -5127,8 +5199,9 @@
if (BO->isComparisonOp())
return AnalyzeComparison(S, BO);
- // And with simple assignments.
- if (BO->getOpcode() == BO_Assign)
+ // And with simple assignments. We also do a special check for bitwise or
+ // assignments to catch overflow in bitfields.
+ if (BO->getOpcode() == BO_Assign || BO->getOpcode() == BO_OrAssign)
return AnalyzeAssignment(S, BO);
}
Index: test/Sema/constant-conversion.c
===================================================================
--- test/Sema/constant-conversion.c
+++ test/Sema/constant-conversion.c
@@ -66,17 +66,49 @@
struct {
unsigned int twoBits1:2;
unsigned int twoBits2:2;
- unsigned int reserved:28;
+ unsigned int twoBits3:2;
+ unsigned int reserved:26;
} f;
f.twoBits1 = ~1; // expected-warning {{implicit truncation from 'int' to bitfield changes value from -2 to 2}}
f.twoBits2 = ~2; // expected-warning {{implicit truncation from 'int' to bitfield changes value from -3 to 1}}
f.twoBits1 &= ~1; // no-warning
f.twoBits2 &= ~2; // no-warning
+ f.twoBits3 |= 4; // expected-warning {{implicit truncation from 'int' to bitfield changes value from 4 to 0}}
+ f.twoBits3 |= 1; // no-warning
}
void test8() {
enum E { A, B, C };
struct { enum E x : 1; } f;
f.x = C; // expected-warning {{implicit truncation from 'int' to bitfield changes value from 2 to 0}}
}
+
+int func(int);
+
+void test9() {
+ unsigned char x = 0;
+ unsigned char y = 0;
+ x = y | 0x1ff; // expected-warning {{implicit conversion from 'int' to 'unsigned char' changes value from 511 to 255}}
+ x = y | 0xff; // no-warning
+ x = 0x1ff | y; // expected-warning {{implicit conversion from 'int' to 'unsigned char' changes value from 511 to 255}}
+ x = 0xff | y; // no-warning
+ x = (y | 0x1ff); // expected-warning {{implicit conversion from 'int' to 'unsigned char' changes value from 511 to 255}}
+ x = (y | 0xff); // no-warning
+ x = 0x1ff + y; // expected-warning {{implicit conversion from 'int' to 'unsigned char' changes value from 511 to 255}}
+ x = 0xff + y; // no-warning
+ x += 0x1ff; // expected-warning {{implicit conversion from 'int' to 'unsigned char' changes value from 511 to 255}}
+ x = 0x1ff - y; // expected-warning {{implicit conversion from 'int' to 'unsigned char' changes value from 511 to 255}}
+ x = 0xff - y; // no-warning
+ x -= 0x1ff; // expected-warning {{implicit conversion from 'int' to 'unsigned char' changes value from 511 to 255}}
+ x = y * 0x1ff; // expected-warning {{implicit conversion from 'int' to 'unsigned char' changes value from 511 to 255}}
+ x = y * 0xff; // no-warning
+ x *= 0x1ff; // expected-warning {{implicit conversion from 'int' to 'unsigned char' changes value from 511 to 255}}
+ x = y ^ 0x1ff; // expected-warning {{implicit conversion from 'int' to 'unsigned char' changes value from 511 to 255}}
+ x = y ^ 0xff; // no-warning
+ x ^= 0x1ff; // expected-warning {{implicit conversion from 'int' to 'unsigned char' changes value from 511 to 255}}
+ x = (func(1), 0x1ff); // expected-warning {{implicit conversion from 'int' to 'unsigned char' changes value from 511 to 255}}
+ x = (func(1), 0xff); // no-warning
+ x = 0xff << y; // no-warning
+ x = 0x1ff << y; // expected-warning {{implicit conversion from 'int' to 'unsigned char' changes value from 511 to 255}}
+}
Index: test/Sema/shift.c
===================================================================
--- test/Sema/shift.c
+++ test/Sema/shift.c
@@ -27,8 +27,8 @@
c >>= 1;
c <<= -1; // expected-warning {{shift count is negative}}
c >>= -1; // expected-warning {{shift count is negative}}
- c <<= 999999; // expected-warning {{shift count >= width of type}}
- c >>= 999999; // expected-warning {{shift count >= width of type}}
+ c <<= 999999; // expected-warning {{shift count >= width of type}} expected-warning {{changes value}}
+ c >>= 999999; // expected-warning {{shift count >= width of type}} expected-warning {{changes value}}
c <<= CHAR_BIT; // expected-warning {{shift count >= width of type}}
c >>= CHAR_BIT; // expected-warning {{shift count >= width of type}}
c <<= CHAR_BIT+1; // expected-warning {{shift count >= width of type}}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D405.5.patch
Type: text/x-patch
Size: 8247 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20130221/9f6029e9/attachment.bin>
More information about the cfe-commits
mailing list