]> git.proxmox.com Git - mirror_frr.git/blob - tools/gcc-plugins/frr-format.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #8353 from opensourcerouting/llvm-20210327
[mirror_frr.git] / tools / gcc-plugins / frr-format.c
1 /* Check calls to formatted I/O functions (-Wformat).
2 Copyright (C) 1992-2019 Free Software Foundation, Inc.
3
4 Extended for FRR's printfrr() with Linux kernel style extensions
5 Copyright (C) 2019-2020 David Lamparter, for NetDEF, Inc.
6
7 This file is part of GCC.
8
9 GCC is free software; you can redistribute it and/or modify it under
10 the terms of the GNU General Public License as published by the Free
11 Software Foundation; either version 3, or (at your option) any later
12 version.
13
14 GCC is distributed in the hope that it will be useful, but WITHOUT ANY
15 WARRANTY; without even the implied warranty of MERCHANTABILITY or
16 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
17 for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with GCC; see the file COPYING.GPLv3. If not see
21 <http://www.gnu.org/licenses/>. */
22
23 #include "gcc-common.h"
24
25 #include "config.h"
26 #include "system.h"
27 #include "coretypes.h"
28 #include "tm.h"
29 //include "c-target.h"
30 #include "c-common.h"
31 #include "alloc-pool.h"
32 #include "stringpool.h"
33 #include "c-tree.h"
34 #include "c-objc.h"
35 #include "intl.h"
36 #include "langhooks.h"
37 #include "frr-format.h"
38 #include "diagnostic.h"
39 #include "substring-locations.h"
40 #include "selftest.h"
41 #include "selftest-diagnostic.h"
42 #ifndef FIRST_PSEUDO_REGISTER
43 #define FIRST_PSEUDO_REGISTER 0
44 #endif
45 #include "builtins.h"
46 #include "attribs.h"
47 #include "gcc-rich-location.h"
48 #include "c-pretty-print.h"
49 #include "c-pragma.h"
50
51 extern struct cpp_reader *parse_in;
52
53 #pragma GCC visibility push(hidden)
54
55 /* Handle attributes associated with format checking. */
56
57 /* This must be in the same order as format_types, except for
58 format_type_error. Target-specific format types do not have
59 matching enum values. */
60 enum format_type { frr_printf_format_type,
61 format_type_error = -1};
62
63 struct function_format_info
64 {
65 int format_type; /* type of format (printf, scanf, etc.) */
66 unsigned HOST_WIDE_INT format_num; /* number of format argument */
67 unsigned HOST_WIDE_INT first_arg_num; /* number of first arg (zero for varargs) */
68 };
69
70 static GTY(()) tree local_uint64_t_node;
71 static GTY(()) tree local_int64_t_node;
72
73 static GTY(()) tree local_size_t_node;
74 static GTY(()) tree local_ssize_t_node;
75 static GTY(()) tree local_atomic_size_t_node;
76 static GTY(()) tree local_atomic_ssize_t_node;
77 static GTY(()) tree local_ptrdiff_t_node;
78
79 static GTY(()) tree local_pid_t_node;
80 static GTY(()) tree local_uid_t_node;
81 static GTY(()) tree local_gid_t_node;
82 static GTY(()) tree local_time_t_node;
83
84 static GTY(()) tree local_socklen_t_node;
85 static GTY(()) tree local_in_addr_t_node;
86
87 static struct type_special {
88 tree *match;
89 tree *replace;
90 tree *cousin;
91 } special_types[] = {
92 { &local_atomic_size_t_node, &local_size_t_node, &local_ssize_t_node, },
93 { &local_atomic_ssize_t_node, &local_ssize_t_node, &local_size_t_node, },
94 { &local_size_t_node, NULL, &local_ssize_t_node, },
95 { &local_ssize_t_node, NULL, &local_size_t_node, },
96 { &local_uint64_t_node, NULL, &local_int64_t_node, },
97 { &local_int64_t_node, NULL, &local_uint64_t_node, },
98 { &local_pid_t_node, NULL, &local_pid_t_node, },
99 { &local_uid_t_node, NULL, &local_uid_t_node, },
100 { &local_gid_t_node, NULL, &local_gid_t_node, },
101 { &local_time_t_node, NULL, &local_time_t_node, },
102 { NULL, NULL, NULL, }
103 };
104
105 static bool decode_format_attr (tree, function_format_info *, int);
106 static int decode_format_type (const char *);
107
108 static bool check_format_string (tree argument,
109 unsigned HOST_WIDE_INT format_num,
110 int flags, bool *no_add_attrs,
111 int expected_format_type);
112 static bool get_constant (tree expr, unsigned HOST_WIDE_INT *value,
113 int validated_p);
114 static const char *convert_format_name_to_system_name (const char *attr_name);
115
116 static int first_target_format_type;
117 static const char *format_name (int format_num);
118 static int format_flags (int format_num);
119
120 /* Emit a warning as per format_warning_va, but construct the substring_loc
121 for the character at offset (CHAR_IDX - 1) within a string constant
122 FORMAT_STRING_CST at FMT_STRING_LOC. */
123
124 ATTRIBUTE_GCC_DIAG (5,6)
125 static bool
126 format_warning_at_char (location_t fmt_string_loc, tree format_string_cst,
127 int char_idx, int opt, const char *gmsgid, ...)
128 {
129 va_list ap;
130 va_start (ap, gmsgid);
131 tree string_type = TREE_TYPE (format_string_cst);
132
133 /* The callers are of the form:
134 format_warning (format_string_loc, format_string_cst,
135 format_chars - orig_format_chars,
136 where format_chars has already been incremented, so that
137 CHAR_IDX is one character beyond where the warning should
138 be emitted. Fix it. */
139 char_idx -= 1;
140
141 substring_loc fmt_loc (fmt_string_loc, string_type, char_idx, char_idx,
142 char_idx);
143 #if BUILDING_GCC_VERSION >= 9000
144 format_string_diagnostic_t diag (fmt_loc, NULL, UNKNOWN_LOCATION, NULL,
145 NULL);
146 bool warned = diag.emit_warning_va (opt, gmsgid, &ap);
147 #else
148 bool warned = format_warning_va (fmt_loc, UNKNOWN_LOCATION, NULL,
149 opt, gmsgid, &ap);
150 #endif
151 va_end (ap);
152
153 return warned;
154 }
155
156 /* Check that we have a pointer to a string suitable for use as a format.
157 The default is to check for a char type.
158 For objective-c dialects, this is extended to include references to string
159 objects validated by objc_string_ref_type_p ().
160 Targets may also provide a string object type that can be used within c and
161 c++ and shared with their respective objective-c dialects. In this case the
162 reference to a format string is checked for validity via a hook.
163
164 The function returns true if strref points to any string type valid for the
165 language dialect and target. */
166
167 static bool
168 valid_stringptr_type_p (tree strref)
169 {
170 return (strref != NULL
171 && TREE_CODE (strref) == POINTER_TYPE
172 && (TYPE_MAIN_VARIANT (TREE_TYPE (strref)) == char_type_node
173 || objc_string_ref_type_p (strref)));
174 // || (*targetcm.string_object_ref_type_p) ((const_tree) strref)));
175 }
176
177 /* Handle a "format_arg" attribute; arguments as in
178 struct attribute_spec.handler. */
179 tree
180 handle_frr_format_arg_attribute (tree *node, tree ARG_UNUSED (name),
181 tree args, int flags, bool *no_add_attrs)
182 {
183 tree type = *node;
184 tree format_num_expr = TREE_VALUE (args);
185 unsigned HOST_WIDE_INT format_num = 0;
186
187 if (!get_constant (format_num_expr, &format_num, 0))
188 {
189 error ("format string has invalid operand number");
190 *no_add_attrs = true;
191 return NULL_TREE;
192 }
193
194 if (prototype_p (type))
195 {
196 /* The format arg can be any string reference valid for the language and
197 target. We cannot be more specific in this case. */
198 if (!check_format_string (type, format_num, flags, no_add_attrs, -1))
199 return NULL_TREE;
200 }
201
202 if (!valid_stringptr_type_p (TREE_TYPE (type)))
203 {
204 if (!(flags & (int) ATTR_FLAG_BUILT_IN))
205 error ("function does not return string type");
206 *no_add_attrs = true;
207 return NULL_TREE;
208 }
209
210 return NULL_TREE;
211 }
212
213 /* Verify that the format_num argument is actually a string reference suitable,
214 for the language dialect and target (in case the format attribute is in
215 error). When we know the specific reference type expected, this is also
216 checked. */
217 static bool
218 check_format_string (tree fntype, unsigned HOST_WIDE_INT format_num,
219 int flags, bool *no_add_attrs, int expected_format_type)
220 {
221 unsigned HOST_WIDE_INT i;
222 bool is_target_sref, is_char_ref;
223 tree ref;
224 int fmt_flags;
225 function_args_iterator iter;
226
227 i = 1;
228 FOREACH_FUNCTION_ARGS (fntype, ref, iter)
229 {
230 if (i == format_num)
231 break;
232 i++;
233 }
234
235 if (!ref
236 || !valid_stringptr_type_p (ref))
237 {
238 if (!(flags & (int) ATTR_FLAG_BUILT_IN))
239 error ("format string argument is not a string type");
240 *no_add_attrs = true;
241 return false;
242 }
243
244 /* We only know that we want a suitable string reference. */
245 if (expected_format_type < 0)
246 return true;
247
248 /* Now check that the arg matches the expected type. */
249 is_char_ref =
250 (TYPE_MAIN_VARIANT (TREE_TYPE (ref)) == char_type_node);
251
252 fmt_flags = format_flags (expected_format_type);
253 is_target_sref = false;
254
255 if (!(fmt_flags & FMT_FLAG_PARSE_ARG_CONVERT_EXTERNAL))
256 {
257 if (is_char_ref)
258 return true; /* OK, we expected a char and found one. */
259 else
260 {
261 error ("found a %qT but the format argument should be a string",
262 ref);
263 *no_add_attrs = true;
264 return false;
265 }
266 }
267
268 /* We expect a string object type as the format arg. */
269 if (is_char_ref)
270 {
271 error ("format argument should be a %qs reference but a string was found", format_name (expected_format_type));
272 *no_add_attrs = true;
273 return false;
274 }
275
276 /* We will allow a target string ref to match only itself. */
277 if (first_target_format_type
278 && expected_format_type >= first_target_format_type
279 && is_target_sref)
280 return true;
281 else
282 {
283 error ("format argument should be a %qs reference",
284 format_name (expected_format_type));
285 *no_add_attrs = true;
286 return false;
287 }
288
289 gcc_unreachable ();
290 }
291
292 /* Verify EXPR is a constant, and store its value.
293 If validated_p is true there should be no errors.
294 Returns true on success, false otherwise. */
295 static bool
296 get_constant (tree expr, unsigned HOST_WIDE_INT *value, int validated_p)
297 {
298 if (!tree_fits_uhwi_p (expr))
299 {
300 gcc_assert (!validated_p);
301 return false;
302 }
303
304 *value = TREE_INT_CST_LOW (expr);
305
306 return true;
307 }
308
309 /* Decode the arguments to a "format" attribute into a
310 function_format_info structure. It is already known that the list
311 is of the right length. If VALIDATED_P is true, then these
312 attributes have already been validated and must not be erroneous;
313 if false, it will give an error message. Returns true if the
314 attributes are successfully decoded, false otherwise. */
315
316 static bool
317 decode_format_attr (tree args, function_format_info *info, int validated_p)
318 {
319 tree format_type_id = TREE_VALUE (args);
320 tree format_num_expr = TREE_VALUE (TREE_CHAIN (args));
321 tree first_arg_num_expr
322 = TREE_VALUE (TREE_CHAIN (TREE_CHAIN (args)));
323
324 if (TREE_CODE (format_type_id) != STRING_CST)
325 {
326 gcc_assert (!validated_p);
327 error ("unrecognized format specifier");
328 return false;
329 }
330 else
331 {
332 const char *p = TREE_STRING_POINTER (format_type_id);
333
334 p = convert_format_name_to_system_name (p);
335
336 info->format_type = decode_format_type (p);
337
338 if (info->format_type == format_type_error)
339 {
340 gcc_assert (!validated_p);
341 warning (OPT_Wformat_, "%qE is an unrecognized format function type",
342 format_type_id);
343 return false;
344 }
345 }
346
347 if (!get_constant (format_num_expr, &info->format_num, validated_p))
348 {
349 error ("format string has invalid operand number");
350 return false;
351 }
352
353 if (!get_constant (first_arg_num_expr, &info->first_arg_num, validated_p))
354 {
355 error ("%<...%> has invalid operand number");
356 return false;
357 }
358
359 if (info->first_arg_num != 0 && info->first_arg_num <= info->format_num)
360 {
361 gcc_assert (!validated_p);
362 error ("format string argument follows the arguments to be formatted");
363 return false;
364 }
365
366 return true;
367 }
368 \f
369 /* Check a call to a format function against a parameter list. */
370
371 /* The C standard version C++ is treated as equivalent to
372 or inheriting from, for the purpose of format features supported. */
373 #define CPLUSPLUS_STD_VER (cxx_dialect < cxx11 ? STD_C94 : STD_C99)
374 /* The C standard version we are checking formats against when pedantic. */
375 #define C_STD_VER ((int) (c_dialect_cxx () \
376 ? CPLUSPLUS_STD_VER \
377 : (flag_isoc99 \
378 ? STD_C99 \
379 : (flag_isoc94 ? STD_C94 : STD_C89))))
380 /* The name to give to the standard version we are warning about when
381 pedantic. FEATURE_VER is the version in which the feature warned out
382 appeared, which is higher than C_STD_VER. */
383 #define C_STD_NAME(FEATURE_VER) (c_dialect_cxx () \
384 ? (cxx_dialect < cxx11 ? "ISO C++98" \
385 : "ISO C++11") \
386 : ((FEATURE_VER) == STD_EXT \
387 ? "ISO C" \
388 : "ISO C90"))
389 /* Adjust a C standard version, which may be STD_C9L, to account for
390 -Wno-long-long. Returns other standard versions unchanged. */
391 #define ADJ_STD(VER) ((int) ((VER) == STD_C9L \
392 ? (warn_long_long ? STD_C99 : STD_C89) \
393 : (VER)))
394
395 /* Enum describing the kind of specifiers present in the format and
396 requiring an argument. */
397 enum format_specifier_kind {
398 CF_KIND_FORMAT,
399 CF_KIND_FIELD_WIDTH,
400 CF_KIND_FIELD_PRECISION
401 };
402
403 static const char *kind_descriptions[] = {
404 N_("format"),
405 N_("field width specifier"),
406 N_("field precision specifier")
407 };
408
409 /* Structure describing details of a type expected in format checking,
410 and the type to check against it. */
411 struct format_wanted_type
412 {
413 /* The type wanted. */
414 tree wanted_type;
415 /* The name of this type to use in diagnostics. */
416 const char *wanted_type_name;
417 /* Should be type checked just for scalar width identity. */
418 int scalar_identity_flag;
419 /* The level of indirection through pointers at which this type occurs. */
420 int pointer_count;
421 /* Whether, when pointer_count is 1, to allow any character type when
422 pedantic, rather than just the character or void type specified. */
423 int char_lenient_flag;
424 /* Whether the argument, dereferenced once, is written into and so the
425 argument must not be a pointer to a const-qualified type. */
426 int writing_in_flag;
427 /* Whether the argument, dereferenced once, is read from and so
428 must not be a NULL pointer. */
429 int reading_from_flag;
430 /* The kind of specifier that this type is used for. */
431 enum format_specifier_kind kind;
432 /* The starting character of the specifier. This never includes the
433 initial percent sign. */
434 const char *format_start;
435 /* The length of the specifier. */
436 int format_length;
437 /* The actual parameter to check against the wanted type. */
438 tree param;
439 /* The argument number of that parameter. */
440 int arg_num;
441 /* The offset location of this argument with respect to the format
442 string location. */
443 unsigned int offset_loc;
444 /* The next type to check for this format conversion, or NULL if none. */
445 struct format_wanted_type *next;
446 };
447
448 /* Convenience macro for format_length_info meaning unused. */
449 #define NO_FMT NULL, FMT_LEN_none, STD_C89
450
451 static const format_length_info printf_length_specs[] =
452 {
453 { "h", FMT_LEN_h, STD_C89, "hh", FMT_LEN_hh, STD_C99, 0 },
454 { "l", FMT_LEN_l, STD_C89, "ll", FMT_LEN_ll, STD_C9L, 0 },
455 { "q", FMT_LEN_ll, STD_EXT, NO_FMT, 0 },
456 { "L", FMT_LEN_L, STD_C89, NO_FMT, 0 },
457 { "z", FMT_LEN_z, STD_C99, NO_FMT, 0 },
458 { "Z", FMT_LEN_z, STD_EXT, NO_FMT, 0 },
459 { "t", FMT_LEN_t, STD_C99, NO_FMT, 0 },
460 { "j", FMT_LEN_j, STD_C99, NO_FMT, 0 },
461 { "H", FMT_LEN_H, STD_EXT, NO_FMT, 0 },
462 { "D", FMT_LEN_D, STD_EXT, "DD", FMT_LEN_DD, STD_EXT, 0 },
463 { NO_FMT, NO_FMT, 0 }
464 };
465
466 static const format_flag_spec printf_flag_specs[] =
467 {
468 { ' ', 0, 0, 0, N_("' ' flag"), N_("the ' ' printf flag"), STD_C89 },
469 { '+', 0, 0, 0, N_("'+' flag"), N_("the '+' printf flag"), STD_C89 },
470 { '#', 0, 0, 0, N_("'#' flag"), N_("the '#' printf flag"), STD_C89 },
471 { '0', 0, 0, 0, N_("'0' flag"), N_("the '0' printf flag"), STD_C89 },
472 { '-', 0, 0, 0, N_("'-' flag"), N_("the '-' printf flag"), STD_C89 },
473 { '\'', 0, 0, 0, N_("''' flag"), N_("the ''' printf flag"), STD_EXT },
474 { 'I', 0, 0, 0, N_("'I' flag"), N_("the 'I' printf flag"), STD_EXT },
475 { 'w', 0, 0, 0, N_("field width"), N_("field width in printf format"), STD_C89 },
476 { 'p', 0, 0, 0, N_("precision"), N_("precision in printf format"), STD_C89 },
477 { 'L', 0, 0, 0, N_("length modifier"), N_("length modifier in printf format"), STD_C89 },
478 { 0, 0, 0, 0, NULL, NULL, STD_C89 }
479 };
480
481
482 static const format_flag_pair printf_flag_pairs[] =
483 {
484 { ' ', '+', 1, 0 },
485 { '0', '-', 1, 0 },
486 { '0', 'p', 1, 'i' },
487 { 0, 0, 0, 0 }
488 };
489
490 #define ETAB_SZ 128
491 static kernel_ext_fmt ext_p[ETAB_SZ] = {
492 { }
493 };
494 static kernel_ext_fmt ext_d[ETAB_SZ] = {
495 { }
496 };
497
498 static const format_char_info print_char_table[] =
499 {
500 /* C89 conversion specifiers. */
501 /* none, hh, h, l, ll, L, z, t, j, H, D, DD */
502 { "di", 0, STD_C89, { T89_I, T99_SC, T89_S, T89_L, T9L_LL, TEX_S64, T99_SST, T99_PD, T99_IM, BADLEN, BADLEN, BADLEN }, "-wp0 +'I", "i", NULL, ext_d },
503 { "oxX", 0, STD_C89, { T89_UI, T99_UC, T89_US, T89_UL, T9L_ULL, TEX_U64, T99_ST, T99_UPD, T99_UIM, BADLEN, BADLEN, BADLEN }, "-wp0#", "i", NULL, NULL },
504 { "u", 0, STD_C89, { T89_UI, T99_UC, T89_US, T89_UL, T9L_ULL, TEX_U64, T99_ST, T99_UPD, T99_UIM, BADLEN, BADLEN, BADLEN }, "-wp0'I", "i", NULL, NULL },
505 { "fgG", 0, STD_C89, { T89_D, BADLEN, BADLEN, T99_D, BADLEN, T89_LD, BADLEN, BADLEN, BADLEN, TEX_D32, TEX_D64, TEX_D128 }, "-wp0 +#'I", "", NULL, NULL },
506 { "eE", 0, STD_C89, { T89_D, BADLEN, BADLEN, T99_D, BADLEN, T89_LD, BADLEN, BADLEN, BADLEN, TEX_D32, TEX_D64, TEX_D128 }, "-wp0 +#I", "", NULL, NULL },
507 { "c", 0, STD_C89, { T89_I, BADLEN, BADLEN, T94_WI, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-w", "", NULL, NULL },
508 { "s", 1, STD_C89, { T89_C, BADLEN, BADLEN, T94_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp", "cR", NULL, NULL },
509 { "p", 1, STD_C89, { T89_V, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp", "c", NULL, ext_p },
510 { "n", 1, STD_C89, { T89_I, T99_SC, T89_S, T89_L, T9L_LL, BADLEN, T99_SST, T99_PD, T99_IM, BADLEN, BADLEN, BADLEN }, "", "W", NULL, NULL },
511 /* C99 conversion specifiers. */
512 { "F", 0, STD_C99, { T99_D, BADLEN, BADLEN, T99_D, BADLEN, T99_LD, BADLEN, BADLEN, BADLEN, TEX_D32, TEX_D64, TEX_D128 }, "-wp0 +#'I", "", NULL, NULL },
513 { "aA", 0, STD_C99, { T99_D, BADLEN, BADLEN, T99_D, BADLEN, T99_LD, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp0 +#", "", NULL, NULL },
514 /* X/Open conversion specifiers. */
515 { "C", 0, STD_EXT, { TEX_WI, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-w", "", NULL, NULL },
516 { "S", 1, STD_EXT, { TEX_W, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp", "R", NULL, NULL },
517 /* GNU conversion specifiers. */
518 { "m", 0, STD_EXT, { T89_V, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN, BADLEN }, "-wp", "", NULL, NULL },
519 { NULL, 0, STD_C89, NOLENGTHS, NULL, NULL, NULL, NULL }
520 };
521
522 /* This must be in the same order as enum format_type. */
523 static const format_kind_info format_types_orig[] =
524 {
525 { "frr_printf", printf_length_specs, print_char_table, " +#0-'I", NULL,
526 printf_flag_specs, printf_flag_pairs,
527 FMT_FLAG_ARG_CONVERT|FMT_FLAG_DOLLAR_MULTIPLE|FMT_FLAG_USE_DOLLAR|FMT_FLAG_EMPTY_PREC_OK,
528 'w', 0, 'p', 0, 'L', 0,
529 &integer_type_node, &integer_type_node
530 },
531 };
532
533 /* This layer of indirection allows GCC to reassign format_types with
534 new data if necessary, while still allowing the original data to be
535 const. */
536 static const format_kind_info *format_types = format_types_orig;
537
538 static int n_format_types = ARRAY_SIZE (format_types_orig);
539
540 /* Structure detailing the results of checking a format function call
541 where the format expression may be a conditional expression with
542 many leaves resulting from nested conditional expressions. */
543 struct format_check_results
544 {
545 /* Number of leaves of the format argument that could not be checked
546 as they were not string literals. */
547 int number_non_literal;
548 /* Number of leaves of the format argument that were null pointers or
549 string literals, but had extra format arguments. */
550 int number_extra_args;
551 location_t extra_arg_loc;
552 /* Number of leaves of the format argument that were null pointers or
553 string literals, but had extra format arguments and used $ operand
554 numbers. */
555 int number_dollar_extra_args;
556 /* Number of leaves of the format argument that were wide string
557 literals. */
558 int number_wide;
559 /* Number of leaves of the format argument that are not array of "char". */
560 int number_non_char;
561 /* Number of leaves of the format argument that were empty strings. */
562 int number_empty;
563 /* Number of leaves of the format argument that were unterminated
564 strings. */
565 int number_unterminated;
566 /* Number of leaves of the format argument that were not counted above. */
567 int number_other;
568 /* Location of the format string. */
569 location_t format_string_loc;
570 };
571
572 struct format_check_context
573 {
574 format_check_results *res;
575 function_format_info *info;
576 tree params;
577 vec<location_t> *arglocs;
578 };
579
580 /* Return the format name (as specified in the original table) for the format
581 type indicated by format_num. */
582 static const char *
583 format_name (int format_num)
584 {
585 if (format_num >= 0 && format_num < n_format_types)
586 return format_types[format_num].name;
587 gcc_unreachable ();
588 }
589
590 /* Return the format flags (as specified in the original table) for the format
591 type indicated by format_num. */
592 static int
593 format_flags (int format_num)
594 {
595 if (format_num >= 0 && format_num < n_format_types)
596 return format_types[format_num].flags;
597 gcc_unreachable ();
598 }
599
600 static void check_format_info (function_format_info *, tree,
601 vec<location_t> *);
602 static void check_format_arg (void *, tree, unsigned HOST_WIDE_INT);
603 static void check_format_info_main (format_check_results *,
604 function_format_info *, const char *,
605 location_t, tree,
606 int, tree,
607 unsigned HOST_WIDE_INT,
608 object_allocator<format_wanted_type> &,
609 vec<location_t> *);
610
611 static void init_dollar_format_checking (int, tree);
612 static int maybe_read_dollar_number (const char **, int,
613 tree, tree *, const format_kind_info *);
614 static bool avoid_dollar_number (const char *);
615 static void finish_dollar_format_checking (format_check_results *, int);
616
617 static const format_flag_spec *get_flag_spec (const format_flag_spec *,
618 int, const char *);
619
620 static void check_format_types (const substring_loc &fmt_loc,
621 format_wanted_type *,
622 const format_kind_info *fki,
623 int offset_to_type_start,
624 char conversion_char,
625 vec<location_t> *arglocs);
626 static void format_type_warning (const substring_loc &fmt_loc,
627 location_t param_loc,
628 format_wanted_type *, tree,
629 tree,
630 const format_kind_info *fki,
631 int offset_to_type_start,
632 char conversion_char,
633 const char *extra = NULL);
634
635 static bool check_kef_type (const substring_loc &fmt_loc,
636 const struct kernel_ext_fmt *kef,
637 unsigned arg_num,
638 tree cur_param,
639 tree wanted_type,
640 const format_kind_info *fki,
641 int offset_to_type_start,
642 char conversion_char,
643 vec<location_t> *arglocs);
644
645 /* Decode a format type from a string, returning the type, or
646 format_type_error if not valid, in which case the caller should print an
647 error message. */
648 static int
649 decode_format_type (const char *s)
650 {
651 int i;
652 int slen;
653
654 s = convert_format_name_to_system_name (s);
655 slen = strlen (s);
656 for (i = 0; i < n_format_types; i++)
657 {
658 int alen;
659 if (!strcmp (s, format_types[i].name))
660 return i;
661 alen = strlen (format_types[i].name);
662 if (slen == alen + 4 && s[0] == '_' && s[1] == '_'
663 && s[slen - 1] == '_' && s[slen - 2] == '_'
664 && !strncmp (s + 2, format_types[i].name, alen))
665 return i;
666 }
667 return format_type_error;
668 }
669
670 \f
671 /* Check the argument list of a call to printf, scanf, etc.
672 ATTRS are the attributes on the function type. There are NARGS argument
673 values in the array ARGARRAY.
674 Also, if -Wsuggest-attribute=format,
675 warn for calls to vprintf or vscanf in functions with no such format
676 attribute themselves. */
677
678 void
679 check_function_format (tree attrs, int nargs, tree *argarray,
680 vec<location_t> *arglocs)
681 {
682 tree a;
683
684 /* See if this function has any format attributes. */
685 for (a = attrs; a; a = TREE_CHAIN (a))
686 {
687 if (is_attribute_p ("frr_format", TREE_PURPOSE (a)))
688 {
689 /* Yup; check it. */
690 function_format_info info;
691 decode_format_attr (TREE_VALUE (a), &info, /*validated=*/true);
692 if (warn_format)
693 {
694 /* FIXME: Rewrite all the internal functions in this file
695 to use the ARGARRAY directly instead of constructing this
696 temporary list. */
697 tree params = NULL_TREE;
698 int i;
699 for (i = nargs - 1; i >= 0; i--)
700 params = tree_cons (NULL_TREE, argarray[i], params);
701 check_format_info (&info, params, arglocs);
702 }
703
704 /* Attempt to detect whether the current function might benefit
705 from the format attribute if the called function is decorated
706 with it. Avoid using calls with string literal formats for
707 guidance since those are unlikely to be viable candidates. */
708 if (warn_suggest_attribute_format
709 && current_function_decl != NULL_TREE
710 && info.first_arg_num == 0
711 && (format_types[info.format_type].flags
712 & (int) FMT_FLAG_ARG_CONVERT)
713 /* c_strlen will fail for a function parameter but succeed
714 for a literal or constant array. */
715 && !c_strlen (argarray[info.format_num - 1], 1))
716 {
717 tree c;
718 for (c = TYPE_ATTRIBUTES (TREE_TYPE (current_function_decl));
719 c;
720 c = TREE_CHAIN (c))
721 if (is_attribute_p ("frr_format", TREE_PURPOSE (c))
722 && (decode_format_type (IDENTIFIER_POINTER
723 (TREE_VALUE (TREE_VALUE (c))))
724 == info.format_type))
725 break;
726 if (c == NULL_TREE)
727 {
728 /* Check if the current function has a parameter to which
729 the format attribute could be attached; if not, it
730 can't be a candidate for a format attribute, despite
731 the vprintf-like or vscanf-like call. */
732 tree args;
733 for (args = DECL_ARGUMENTS (current_function_decl);
734 args != 0;
735 args = DECL_CHAIN (args))
736 {
737 if (TREE_CODE (TREE_TYPE (args)) == POINTER_TYPE
738 && (TYPE_MAIN_VARIANT (TREE_TYPE (TREE_TYPE (args)))
739 == char_type_node))
740 break;
741 }
742 if (args != 0)
743 warning (OPT_Wsuggest_attribute_format,
744 "function %qD might be a candidate for %qs %<frr_format%> attribute",
745 current_function_decl,
746 format_types[info.format_type].name);
747 }
748 }
749 }
750 }
751 }
752
753
754 /* Variables used by the checking of $ operand number formats. */
755 static char *dollar_arguments_used = NULL;
756 static char *dollar_arguments_pointer_p = NULL;
757 static int dollar_arguments_alloc = 0;
758 static int dollar_arguments_count;
759 static int dollar_first_arg_num;
760 static int dollar_max_arg_used;
761 static int dollar_format_warned;
762
763 /* Initialize the checking for a format string that may contain $
764 parameter number specifications; we will need to keep track of whether
765 each parameter has been used. FIRST_ARG_NUM is the number of the first
766 argument that is a parameter to the format, or 0 for a vprintf-style
767 function; PARAMS is the list of arguments starting at this argument. */
768
769 static void
770 init_dollar_format_checking (int first_arg_num, tree params)
771 {
772 tree oparams = params;
773
774 dollar_first_arg_num = first_arg_num;
775 dollar_arguments_count = 0;
776 dollar_max_arg_used = 0;
777 dollar_format_warned = 0;
778 if (first_arg_num > 0)
779 {
780 while (params)
781 {
782 dollar_arguments_count++;
783 params = TREE_CHAIN (params);
784 }
785 }
786 if (dollar_arguments_alloc < dollar_arguments_count)
787 {
788 free (dollar_arguments_used);
789 free (dollar_arguments_pointer_p);
790 dollar_arguments_alloc = dollar_arguments_count;
791 dollar_arguments_used = XNEWVEC (char, dollar_arguments_alloc);
792 dollar_arguments_pointer_p = XNEWVEC (char, dollar_arguments_alloc);
793 }
794 if (dollar_arguments_alloc)
795 {
796 memset (dollar_arguments_used, 0, dollar_arguments_alloc);
797 if (first_arg_num > 0)
798 {
799 int i = 0;
800 params = oparams;
801 while (params)
802 {
803 dollar_arguments_pointer_p[i] = (TREE_CODE (TREE_TYPE (TREE_VALUE (params)))
804 == POINTER_TYPE);
805 params = TREE_CHAIN (params);
806 i++;
807 }
808 }
809 }
810 }
811
812
813 /* Look for a decimal number followed by a $ in *FORMAT. If DOLLAR_NEEDED
814 is set, it is an error if one is not found; otherwise, it is OK. If
815 such a number is found, check whether it is within range and mark that
816 numbered operand as being used for later checking. Returns the operand
817 number if found and within range, zero if no such number was found and
818 this is OK, or -1 on error. PARAMS points to the first operand of the
819 format; PARAM_PTR is made to point to the parameter referred to. If
820 a $ format is found, *FORMAT is updated to point just after it. */
821
822 static int
823 maybe_read_dollar_number (const char **format,
824 int dollar_needed, tree params, tree *param_ptr,
825 const format_kind_info *fki)
826 {
827 int argnum;
828 int overflow_flag;
829 const char *fcp = *format;
830 if (!ISDIGIT (*fcp))
831 {
832 if (dollar_needed)
833 {
834 warning (OPT_Wformat_, "missing $ operand number in format");
835 return -1;
836 }
837 else
838 return 0;
839 }
840 argnum = 0;
841 overflow_flag = 0;
842 while (ISDIGIT (*fcp))
843 {
844 int nargnum;
845 nargnum = 10 * argnum + (*fcp - '0');
846 if (nargnum < 0 || nargnum / 10 != argnum)
847 overflow_flag = 1;
848 argnum = nargnum;
849 fcp++;
850 }
851 if (*fcp != '$')
852 {
853 if (dollar_needed)
854 {
855 warning (OPT_Wformat_, "missing $ operand number in format");
856 return -1;
857 }
858 else
859 return 0;
860 }
861 *format = fcp + 1;
862 if (pedantic && !dollar_format_warned)
863 {
864 warning (OPT_Wformat_, "%s does not support %%n$ operand number formats",
865 C_STD_NAME (STD_EXT));
866 dollar_format_warned = 1;
867 }
868 if (overflow_flag || argnum == 0
869 || (dollar_first_arg_num && argnum > dollar_arguments_count))
870 {
871 warning (OPT_Wformat_, "operand number out of range in format");
872 return -1;
873 }
874 if (argnum > dollar_max_arg_used)
875 dollar_max_arg_used = argnum;
876 /* For vprintf-style functions we may need to allocate more memory to
877 track which arguments are used. */
878 while (dollar_arguments_alloc < dollar_max_arg_used)
879 {
880 int nalloc;
881 nalloc = 2 * dollar_arguments_alloc + 16;
882 dollar_arguments_used = XRESIZEVEC (char, dollar_arguments_used,
883 nalloc);
884 dollar_arguments_pointer_p = XRESIZEVEC (char, dollar_arguments_pointer_p,
885 nalloc);
886 memset (dollar_arguments_used + dollar_arguments_alloc, 0,
887 nalloc - dollar_arguments_alloc);
888 dollar_arguments_alloc = nalloc;
889 }
890 if (!(fki->flags & (int) FMT_FLAG_DOLLAR_MULTIPLE)
891 && dollar_arguments_used[argnum - 1] == 1)
892 {
893 dollar_arguments_used[argnum - 1] = 2;
894 warning (OPT_Wformat_, "format argument %d used more than once in %s format",
895 argnum, fki->name);
896 }
897 else
898 dollar_arguments_used[argnum - 1] = 1;
899 if (dollar_first_arg_num)
900 {
901 int i;
902 *param_ptr = params;
903 for (i = 1; i < argnum && *param_ptr != 0; i++)
904 *param_ptr = TREE_CHAIN (*param_ptr);
905
906 /* This case shouldn't be caught here. */
907 gcc_assert (*param_ptr);
908 }
909 else
910 *param_ptr = 0;
911 return argnum;
912 }
913
914 /* Ensure that FORMAT does not start with a decimal number followed by
915 a $; give a diagnostic and return true if it does, false otherwise. */
916
917 static bool
918 avoid_dollar_number (const char *format)
919 {
920 if (!ISDIGIT (*format))
921 return false;
922 while (ISDIGIT (*format))
923 format++;
924 if (*format == '$')
925 {
926 warning (OPT_Wformat_, "%<$%> operand number used after format without operand number");
927 return true;
928 }
929 return false;
930 }
931
932
933 /* Finish the checking for a format string that used $ operand number formats
934 instead of non-$ formats. We check for unused operands before used ones
935 (a serious error, since the implementation of the format function
936 can't know what types to pass to va_arg to find the later arguments).
937 and for unused operands at the end of the format (if we know how many
938 arguments the format had, so not for vprintf). If there were operand
939 numbers out of range on a non-vprintf-style format, we won't have reached
940 here. If POINTER_GAP_OK, unused arguments are OK if all arguments are
941 pointers. */
942
943 static void
944 finish_dollar_format_checking (format_check_results *res, int pointer_gap_ok)
945 {
946 int i;
947 bool found_pointer_gap = false;
948 for (i = 0; i < dollar_max_arg_used; i++)
949 {
950 if (!dollar_arguments_used[i])
951 {
952 if (pointer_gap_ok && (dollar_first_arg_num == 0
953 || dollar_arguments_pointer_p[i]))
954 found_pointer_gap = true;
955 else
956 warning_at (res->format_string_loc, OPT_Wformat_,
957 "format argument %d unused before used argument %d in %<$%>-style format",
958 i + 1, dollar_max_arg_used);
959 }
960 }
961 if (found_pointer_gap
962 || (dollar_first_arg_num
963 && dollar_max_arg_used < dollar_arguments_count))
964 {
965 res->number_other--;
966 res->number_dollar_extra_args++;
967 }
968 }
969
970
971 /* Retrieve the specification for a format flag. SPEC contains the
972 specifications for format flags for the applicable kind of format.
973 FLAG is the flag in question. If PREDICATES is NULL, the basic
974 spec for that flag must be retrieved and must exist. If
975 PREDICATES is not NULL, it is a string listing possible predicates
976 for the spec entry; if an entry predicated on any of these is
977 found, it is returned, otherwise NULL is returned. */
978
979 static const format_flag_spec *
980 get_flag_spec (const format_flag_spec *spec, int flag, const char *predicates)
981 {
982 int i;
983 for (i = 0; spec[i].flag_char != 0; i++)
984 {
985 if (spec[i].flag_char != flag)
986 continue;
987 if (predicates != NULL)
988 {
989 if (spec[i].predicate != 0
990 && strchr (predicates, spec[i].predicate) != 0)
991 return &spec[i];
992 }
993 else if (spec[i].predicate == 0)
994 return &spec[i];
995 }
996 gcc_assert (predicates);
997 return NULL;
998 }
999
1000
1001 /* Check the argument list of a call to printf, scanf, etc.
1002 INFO points to the function_format_info structure.
1003 PARAMS is the list of argument values. */
1004
1005 static void
1006 check_format_info (function_format_info *info, tree params,
1007 vec<location_t> *arglocs)
1008 {
1009 format_check_context format_ctx;
1010 unsigned HOST_WIDE_INT arg_num;
1011 tree format_tree;
1012 format_check_results res;
1013 /* Skip to format argument. If the argument isn't available, there's
1014 no work for us to do; prototype checking will catch the problem. */
1015 for (arg_num = 1; ; ++arg_num)
1016 {
1017 if (params == 0)
1018 return;
1019 if (arg_num == info->format_num)
1020 break;
1021 params = TREE_CHAIN (params);
1022 }
1023 format_tree = TREE_VALUE (params);
1024 params = TREE_CHAIN (params);
1025 if (format_tree == 0)
1026 return;
1027
1028 res.number_non_literal = 0;
1029 res.number_extra_args = 0;
1030 res.extra_arg_loc = UNKNOWN_LOCATION;
1031 res.number_dollar_extra_args = 0;
1032 res.number_wide = 0;
1033 res.number_non_char = 0;
1034 res.number_empty = 0;
1035 res.number_unterminated = 0;
1036 res.number_other = 0;
1037 res.format_string_loc = input_location;
1038
1039 format_ctx.res = &res;
1040 format_ctx.info = info;
1041 format_ctx.params = params;
1042 format_ctx.arglocs = arglocs;
1043
1044 check_function_arguments_recurse (check_format_arg, &format_ctx,
1045 format_tree, arg_num);
1046
1047 location_t loc = format_ctx.res->format_string_loc;
1048
1049 if (res.number_non_literal > 0)
1050 {
1051 /* Functions taking a va_list normally pass a non-literal format
1052 string. These functions typically are declared with
1053 first_arg_num == 0, so avoid warning in those cases. */
1054 if (!(format_types[info->format_type].flags & (int) FMT_FLAG_ARG_CONVERT))
1055 {
1056 /* For strftime-like formats, warn for not checking the format
1057 string; but there are no arguments to check. */
1058 warning_at (loc, OPT_Wformat_nonliteral,
1059 "format not a string literal, format string not checked");
1060 }
1061 else if (info->first_arg_num != 0)
1062 {
1063 /* If there are no arguments for the format at all, we may have
1064 printf (foo) which is likely to be a security hole. */
1065 while (arg_num + 1 < info->first_arg_num)
1066 {
1067 if (params == 0)
1068 break;
1069 params = TREE_CHAIN (params);
1070 ++arg_num;
1071 }
1072 if (params == 0 && warn_format_security)
1073 warning_at (loc, OPT_Wformat_security,
1074 "format not a string literal and no format arguments");
1075 else if (params == 0 && warn_format_nonliteral)
1076 warning_at (loc, OPT_Wformat_nonliteral,
1077 "format not a string literal and no format arguments");
1078 else
1079 warning_at (loc, OPT_Wformat_nonliteral,
1080 "format not a string literal, argument types not checked");
1081 }
1082 }
1083
1084 /* If there were extra arguments to the format, normally warn. However,
1085 the standard does say extra arguments are ignored, so in the specific
1086 case where we have multiple leaves (conditional expressions or
1087 ngettext) allow extra arguments if at least one leaf didn't have extra
1088 arguments, but was otherwise OK (either non-literal or checked OK).
1089 If the format is an empty string, this should be counted similarly to the
1090 case of extra format arguments. */
1091 if (res.number_extra_args > 0 && res.number_non_literal == 0
1092 && res.number_other == 0)
1093 {
1094 if (res.extra_arg_loc == UNKNOWN_LOCATION)
1095 res.extra_arg_loc = loc;
1096 warning_at (res.extra_arg_loc, OPT_Wformat_extra_args,
1097 "too many arguments for format");
1098 }
1099 if (res.number_dollar_extra_args > 0 && res.number_non_literal == 0
1100 && res.number_other == 0)
1101 warning_at (loc, OPT_Wformat_extra_args, "unused arguments in %<$%>-style format");
1102 if (res.number_empty > 0 && res.number_non_literal == 0
1103 && res.number_other == 0)
1104 warning_at (loc, OPT_Wformat_zero_length, "zero-length %s format string",
1105 format_types[info->format_type].name);
1106
1107 if (res.number_wide > 0)
1108 warning_at (loc, OPT_Wformat_, "format is a wide character string");
1109
1110 if (res.number_non_char > 0)
1111 warning_at (loc, OPT_Wformat_,
1112 "format string is not an array of type %qs", "char");
1113
1114 if (res.number_unterminated > 0)
1115 warning_at (loc, OPT_Wformat_, "unterminated format string");
1116 }
1117
1118 /* Callback from check_function_arguments_recurse to check a
1119 format string. FORMAT_TREE is the format parameter. ARG_NUM
1120 is the number of the format argument. CTX points to a
1121 format_check_context. */
1122
1123 static void
1124 check_format_arg (void *ctx, tree format_tree,
1125 unsigned HOST_WIDE_INT arg_num)
1126 {
1127 format_check_context *format_ctx = (format_check_context *) ctx;
1128 format_check_results *res = format_ctx->res;
1129 function_format_info *info = format_ctx->info;
1130 tree params = format_ctx->params;
1131 vec<location_t> *arglocs = format_ctx->arglocs;
1132
1133 int format_length;
1134 HOST_WIDE_INT offset;
1135 const char *format_chars;
1136 tree array_size = 0;
1137 tree array_init;
1138
1139 location_t fmt_param_loc = EXPR_LOC_OR_LOC (format_tree, input_location);
1140
1141 /* Pull out a constant value if the front end didn't, and handle location
1142 wrappers. */
1143 format_tree = fold_for_warn (format_tree);
1144 STRIP_NOPS (format_tree);
1145
1146 if (integer_zerop (format_tree))
1147 {
1148 /* Skip to first argument to check, so we can see if this format
1149 has any arguments (it shouldn't). */
1150 while (arg_num + 1 < info->first_arg_num)
1151 {
1152 if (params == 0)
1153 return;
1154 params = TREE_CHAIN (params);
1155 ++arg_num;
1156 }
1157
1158 if (params == 0)
1159 res->number_other++;
1160 else
1161 {
1162 if (res->number_extra_args == 0)
1163 res->extra_arg_loc = EXPR_LOC_OR_LOC (TREE_VALUE (params),
1164 input_location);
1165 res->number_extra_args++;
1166 }
1167 return;
1168 }
1169
1170 offset = 0;
1171 if (TREE_CODE (format_tree) == POINTER_PLUS_EXPR)
1172 {
1173 tree arg0, arg1;
1174
1175 arg0 = TREE_OPERAND (format_tree, 0);
1176 arg1 = TREE_OPERAND (format_tree, 1);
1177 STRIP_NOPS (arg0);
1178 STRIP_NOPS (arg1);
1179 if (TREE_CODE (arg1) == INTEGER_CST)
1180 format_tree = arg0;
1181 else
1182 {
1183 res->number_non_literal++;
1184 return;
1185 }
1186 /* POINTER_PLUS_EXPR offsets are to be interpreted signed. */
1187 if (!cst_and_fits_in_hwi (arg1))
1188 {
1189 res->number_non_literal++;
1190 return;
1191 }
1192 offset = int_cst_value (arg1);
1193 }
1194 if (TREE_CODE (format_tree) != ADDR_EXPR)
1195 {
1196 res->number_non_literal++;
1197 return;
1198 }
1199 res->format_string_loc = EXPR_LOC_OR_LOC (format_tree, input_location);
1200 format_tree = TREE_OPERAND (format_tree, 0);
1201 if (format_types[info->format_type].flags
1202 & (int) FMT_FLAG_PARSE_ARG_CONVERT_EXTERNAL)
1203 {
1204 /* We cannot examine this string here - but we can check that it is
1205 a valid type. */
1206 if (TREE_CODE (format_tree) != CONST_DECL)
1207 {
1208 res->number_non_literal++;
1209 return;
1210 }
1211 /* Skip to first argument to check. */
1212 while (arg_num + 1 < info->first_arg_num)
1213 {
1214 if (params == 0)
1215 return;
1216 params = TREE_CHAIN (params);
1217 ++arg_num;
1218 }
1219 return;
1220 }
1221 if (TREE_CODE (format_tree) == ARRAY_REF
1222 && tree_fits_shwi_p (TREE_OPERAND (format_tree, 1))
1223 && (offset += tree_to_shwi (TREE_OPERAND (format_tree, 1))) >= 0)
1224 format_tree = TREE_OPERAND (format_tree, 0);
1225 if (offset < 0)
1226 {
1227 res->number_non_literal++;
1228 return;
1229 }
1230 if (VAR_P (format_tree)
1231 && TREE_CODE (TREE_TYPE (format_tree)) == ARRAY_TYPE
1232 && (array_init = decl_constant_value (format_tree)) != format_tree
1233 && TREE_CODE (array_init) == STRING_CST)
1234 {
1235 /* Extract the string constant initializer. Note that this may include
1236 a trailing NUL character that is not in the array (e.g.
1237 const char a[3] = "foo";). */
1238 array_size = DECL_SIZE_UNIT (format_tree);
1239 format_tree = array_init;
1240 }
1241 if (TREE_CODE (format_tree) != STRING_CST)
1242 {
1243 res->number_non_literal++;
1244 return;
1245 }
1246 tree underlying_type
1247 = TYPE_MAIN_VARIANT (TREE_TYPE (TREE_TYPE (format_tree)));
1248 if (underlying_type != char_type_node)
1249 {
1250 if (underlying_type == char16_type_node
1251 || underlying_type == char32_type_node
1252 || underlying_type == wchar_type_node)
1253 res->number_wide++;
1254 else
1255 res->number_non_char++;
1256 return;
1257 }
1258 format_chars = TREE_STRING_POINTER (format_tree);
1259 format_length = TREE_STRING_LENGTH (format_tree);
1260 if (array_size != 0)
1261 {
1262 /* Variable length arrays can't be initialized. */
1263 gcc_assert (TREE_CODE (array_size) == INTEGER_CST);
1264
1265 if (tree_fits_shwi_p (array_size))
1266 {
1267 HOST_WIDE_INT array_size_value = tree_to_shwi (array_size);
1268 if (array_size_value > 0
1269 && array_size_value == (int) array_size_value
1270 && format_length > array_size_value)
1271 format_length = array_size_value;
1272 }
1273 }
1274 if (offset)
1275 {
1276 if (offset >= format_length)
1277 {
1278 res->number_non_literal++;
1279 return;
1280 }
1281 format_chars += offset;
1282 format_length -= offset;
1283 }
1284 if (format_length < 1 || format_chars[--format_length] != 0)
1285 {
1286 res->number_unterminated++;
1287 return;
1288 }
1289 if (format_length == 0)
1290 {
1291 res->number_empty++;
1292 return;
1293 }
1294
1295 /* Skip to first argument to check. */
1296 while (arg_num + 1 < info->first_arg_num)
1297 {
1298 if (params == 0)
1299 return;
1300 params = TREE_CHAIN (params);
1301 ++arg_num;
1302 }
1303 /* Provisionally increment res->number_other; check_format_info_main
1304 will decrement it if it finds there are extra arguments, but this way
1305 need not adjust it for every return. */
1306 res->number_other++;
1307 object_allocator <format_wanted_type> fwt_pool ("format_wanted_type pool");
1308 check_format_info_main (res, info, format_chars, fmt_param_loc, format_tree,
1309 format_length, params, arg_num, fwt_pool, arglocs);
1310 }
1311
1312 /* Support class for argument_parser and check_format_info_main.
1313 Tracks any flag characters that have been applied to the
1314 current argument. */
1315
1316 class flag_chars_t
1317 {
1318 public:
1319 flag_chars_t ();
1320 bool has_char_p (char ch) const;
1321 void add_char (char ch);
1322 void validate (const format_kind_info *fki,
1323 const format_char_info *fci,
1324 const format_flag_spec *flag_specs,
1325 const char * const format_chars,
1326 tree format_string_cst,
1327 location_t format_string_loc,
1328 const char * const orig_format_chars,
1329 char format_char,
1330 bool quoted);
1331 int get_alloc_flag (const format_kind_info *fki);
1332 int assignment_suppression_p (const format_kind_info *fki);
1333
1334 private:
1335 char m_flag_chars[256];
1336 };
1337
1338 /* Support struct for argument_parser and check_format_info_main.
1339 Encapsulates any length modifier applied to the current argument. */
1340
1341 struct length_modifier
1342 {
1343 length_modifier ()
1344 : chars (NULL), val (FMT_LEN_none), std (STD_C89),
1345 scalar_identity_flag (0)
1346 {
1347 }
1348
1349 length_modifier (const char *chars_,
1350 enum format_lengths val_,
1351 enum format_std_version std_,
1352 int scalar_identity_flag_)
1353 : chars (chars_), val (val_), std (std_),
1354 scalar_identity_flag (scalar_identity_flag_)
1355 {
1356 }
1357
1358 const char *chars;
1359 enum format_lengths val;
1360 enum format_std_version std;
1361 int scalar_identity_flag;
1362 };
1363
1364 /* Parsing one argument within a format string. */
1365
1366 class argument_parser
1367 {
1368 public:
1369 argument_parser (function_format_info *info, const char *&format_chars,
1370 tree format_string_cst,
1371 const char * const orig_format_chars,
1372 location_t format_string_loc, flag_chars_t &flag_chars,
1373 int &has_operand_number, tree first_fillin_param,
1374 object_allocator <format_wanted_type> &fwt_pool_,
1375 vec<location_t> *arglocs);
1376
1377 bool read_any_dollar ();
1378
1379 bool read_format_flags ();
1380
1381 bool
1382 read_any_format_width (tree &params,
1383 unsigned HOST_WIDE_INT &arg_num);
1384
1385 void
1386 read_any_format_left_precision ();
1387
1388 bool
1389 read_any_format_precision (tree &params,
1390 unsigned HOST_WIDE_INT &arg_num);
1391
1392 void handle_alloc_chars ();
1393
1394 length_modifier read_any_length_modifier ();
1395
1396 void read_any_other_modifier ();
1397
1398 const format_char_info *find_format_char_info (char format_char);
1399
1400 void
1401 validate_flag_pairs (const format_char_info *fci,
1402 char format_char);
1403
1404 void
1405 give_y2k_warnings (const format_char_info *fci,
1406 char format_char);
1407
1408 void parse_any_scan_set (const format_char_info *fci);
1409
1410 bool handle_conversions (const format_char_info *fci,
1411 const length_modifier &len_modifier,
1412 tree &wanted_type,
1413 const char *&wanted_type_name,
1414 unsigned HOST_WIDE_INT &arg_num,
1415 tree &params,
1416 char format_char);
1417
1418 bool
1419 check_argument_type (const format_char_info *fci,
1420 const struct kernel_ext_fmt *kef,
1421 const length_modifier &len_modifier,
1422 tree &wanted_type,
1423 const char *&wanted_type_name,
1424 const bool suppressed,
1425 unsigned HOST_WIDE_INT &arg_num,
1426 tree &params,
1427 const int alloc_flag,
1428 const char * const format_start,
1429 const char * const type_start,
1430 location_t fmt_param_loc,
1431 char conversion_char);
1432
1433 private:
1434 const function_format_info *const info;
1435 const format_kind_info * const fki;
1436 const format_flag_spec * const flag_specs;
1437 const char *start_of_this_format;
1438 const char *&format_chars;
1439 const tree format_string_cst;
1440 const char * const orig_format_chars;
1441 const location_t format_string_loc;
1442 object_allocator <format_wanted_type> &fwt_pool;
1443 flag_chars_t &flag_chars;
1444 int main_arg_num;
1445 tree main_arg_params;
1446 int &has_operand_number;
1447 const tree first_fillin_param;
1448 format_wanted_type width_wanted_type;
1449 format_wanted_type precision_wanted_type;
1450 public:
1451 format_wanted_type main_wanted_type;
1452 private:
1453 format_wanted_type *first_wanted_type;
1454 format_wanted_type *last_wanted_type;
1455 vec<location_t> *arglocs;
1456 };
1457
1458 /* flag_chars_t's constructor. */
1459
1460 flag_chars_t::flag_chars_t ()
1461 {
1462 m_flag_chars[0] = 0;
1463 }
1464
1465 /* Has CH been seen as a flag within the current argument? */
1466
1467 bool
1468 flag_chars_t::has_char_p (char ch) const
1469 {
1470 return strchr (m_flag_chars, ch) != 0;
1471 }
1472
1473 /* Add CH to the flags seen within the current argument. */
1474
1475 void
1476 flag_chars_t::add_char (char ch)
1477 {
1478 int i = strlen (m_flag_chars);
1479 m_flag_chars[i++] = ch;
1480 m_flag_chars[i] = 0;
1481 }
1482
1483 /* Validate the individual flags used, removing any that are invalid. */
1484
1485 void
1486 flag_chars_t::validate (const format_kind_info *fki,
1487 const format_char_info *fci,
1488 const format_flag_spec *flag_specs,
1489 const char * const format_chars,
1490 tree format_string_cst,
1491 location_t format_string_loc,
1492 const char * const orig_format_chars,
1493 char format_char,
1494 bool quoted)
1495 {
1496 int i;
1497 int d = 0;
1498 bool quotflag = false;
1499
1500 for (i = 0; m_flag_chars[i] != 0; i++)
1501 {
1502 const format_flag_spec *s = get_flag_spec (flag_specs,
1503 m_flag_chars[i], NULL);
1504 m_flag_chars[i - d] = m_flag_chars[i];
1505 if (m_flag_chars[i] == fki->length_code_char)
1506 continue;
1507
1508 /* Remember if a quoting flag is seen. */
1509 quotflag |= s->quoting;
1510
1511 if (strchr (fci->flag_chars, m_flag_chars[i]) == 0)
1512 {
1513 format_warning_at_char (format_string_loc, format_string_cst,
1514 format_chars - orig_format_chars,
1515 OPT_Wformat_,
1516 "%s used with %<%%%c%> %s format",
1517 _(s->name), format_char, fki->name);
1518 d++;
1519 continue;
1520 }
1521 if (pedantic)
1522 {
1523 const format_flag_spec *t;
1524 if (ADJ_STD (s->std) > C_STD_VER)
1525 warning_at (format_string_loc, OPT_Wformat_,
1526 "%s does not support %s",
1527 C_STD_NAME (s->std), _(s->long_name));
1528 t = get_flag_spec (flag_specs, m_flag_chars[i], fci->flags2);
1529 if (t != NULL && ADJ_STD (t->std) > ADJ_STD (s->std))
1530 {
1531 const char *long_name = (t->long_name != NULL
1532 ? t->long_name
1533 : s->long_name);
1534 if (ADJ_STD (t->std) > C_STD_VER)
1535 warning_at (format_string_loc, OPT_Wformat_,
1536 "%s does not support %s with the %<%%%c%> %s format",
1537 C_STD_NAME (t->std), _(long_name),
1538 format_char, fki->name);
1539 }
1540 }
1541
1542 /* Detect quoting directives used within a quoted sequence, such
1543 as GCC's "%<...%qE". */
1544 if (quoted && s->quoting)
1545 {
1546 format_warning_at_char (format_string_loc, format_string_cst,
1547 format_chars - orig_format_chars - 1,
1548 OPT_Wformat_,
1549 "%s used within a quoted sequence",
1550 _(s->name));
1551 }
1552 }
1553 m_flag_chars[i - d] = 0;
1554
1555 if (!quoted
1556 && !quotflag
1557 && strchr (fci->flags2, '\''))
1558 {
1559 format_warning_at_char (format_string_loc, format_string_cst,
1560 format_chars - orig_format_chars,
1561 OPT_Wformat_,
1562 "%qc conversion used unquoted",
1563 format_char);
1564 }
1565 }
1566
1567 /* Determine if an assignment-allocation has been set, requiring
1568 an extra char ** for writing back a dynamically-allocated char *.
1569 This is for handling the optional 'm' character in scanf. */
1570
1571 int
1572 flag_chars_t::get_alloc_flag (const format_kind_info *fki)
1573 {
1574 if ((fki->flags & (int) FMT_FLAG_SCANF_A_KLUDGE)
1575 && has_char_p ('a'))
1576 return 1;
1577 if (fki->alloc_char && has_char_p (fki->alloc_char))
1578 return 1;
1579 return 0;
1580 }
1581
1582 /* Determine if an assignment-suppression character was seen.
1583 ('*' in scanf, for discarding the converted input). */
1584
1585 int
1586 flag_chars_t::assignment_suppression_p (const format_kind_info *fki)
1587 {
1588 if (fki->suppression_char
1589 && has_char_p (fki->suppression_char))
1590 return 1;
1591 return 0;
1592 }
1593
1594 /* Constructor for argument_parser. Initialize for parsing one
1595 argument within a format string. */
1596
1597 argument_parser::
1598 argument_parser (function_format_info *info_, const char *&format_chars_,
1599 tree format_string_cst_,
1600 const char * const orig_format_chars_,
1601 location_t format_string_loc_,
1602 flag_chars_t &flag_chars_,
1603 int &has_operand_number_,
1604 tree first_fillin_param_,
1605 object_allocator <format_wanted_type> &fwt_pool_,
1606 vec<location_t> *arglocs_)
1607 : info (info_),
1608 fki (&format_types[info->format_type]),
1609 flag_specs (fki->flag_specs),
1610 start_of_this_format (format_chars_),
1611 format_chars (format_chars_),
1612 format_string_cst (format_string_cst_),
1613 orig_format_chars (orig_format_chars_),
1614 format_string_loc (format_string_loc_),
1615 fwt_pool (fwt_pool_),
1616 flag_chars (flag_chars_),
1617 main_arg_num (0),
1618 main_arg_params (NULL),
1619 has_operand_number (has_operand_number_),
1620 first_fillin_param (first_fillin_param_),
1621 first_wanted_type (NULL),
1622 last_wanted_type (NULL),
1623 arglocs (arglocs_)
1624 {
1625 }
1626
1627 /* Handle dollars at the start of format arguments, setting up main_arg_params
1628 and main_arg_num.
1629
1630 Return true if format parsing is to continue, false otherwise. */
1631
1632 bool
1633 argument_parser::read_any_dollar ()
1634 {
1635 if ((fki->flags & (int) FMT_FLAG_USE_DOLLAR) && has_operand_number != 0)
1636 {
1637 /* Possibly read a $ operand number at the start of the format.
1638 If one was previously used, one is required here. If one
1639 is not used here, we can't immediately conclude this is a
1640 format without them, since it could be printf %m or scanf %*. */
1641 int opnum;
1642 opnum = maybe_read_dollar_number (&format_chars, 0,
1643 first_fillin_param,
1644 &main_arg_params, fki);
1645 if (opnum == -1)
1646 return false;
1647 else if (opnum > 0)
1648 {
1649 has_operand_number = 1;
1650 main_arg_num = opnum + info->first_arg_num - 1;
1651 }
1652 }
1653 else if (fki->flags & FMT_FLAG_USE_DOLLAR)
1654 {
1655 if (avoid_dollar_number (format_chars))
1656 return false;
1657 }
1658 return true;
1659 }
1660
1661 /* Read any format flags, but do not yet validate them beyond removing
1662 duplicates, since in general validation depends on the rest of
1663 the format.
1664
1665 Return true if format parsing is to continue, false otherwise. */
1666
1667 bool
1668 argument_parser::read_format_flags ()
1669 {
1670 while (*format_chars != 0
1671 && strchr (fki->flag_chars, *format_chars) != 0)
1672 {
1673 const format_flag_spec *s = get_flag_spec (flag_specs,
1674 *format_chars, NULL);
1675 if (flag_chars.has_char_p (*format_chars))
1676 {
1677 format_warning_at_char (format_string_loc, format_string_cst,
1678 format_chars + 1 - orig_format_chars,
1679 OPT_Wformat_,
1680 "repeated %s in format", _(s->name));
1681 }
1682 else
1683 flag_chars.add_char (*format_chars);
1684
1685 if (s->skip_next_char)
1686 {
1687 ++format_chars;
1688 if (*format_chars == 0)
1689 {
1690 warning_at (format_string_loc, OPT_Wformat_,
1691 "missing fill character at end of strfmon format");
1692 return false;
1693 }
1694 }
1695 ++format_chars;
1696 }
1697
1698 return true;
1699 }
1700
1701 /* Read any format width, possibly * or *m$.
1702
1703 Return true if format parsing is to continue, false otherwise. */
1704
1705 bool
1706 argument_parser::
1707 read_any_format_width (tree &params,
1708 unsigned HOST_WIDE_INT &arg_num)
1709 {
1710 if (!fki->width_char)
1711 return true;
1712
1713 if (fki->width_type != NULL && *format_chars == '*')
1714 {
1715 flag_chars.add_char (fki->width_char);
1716 /* "...a field width...may be indicated by an asterisk.
1717 In this case, an int argument supplies the field width..." */
1718 ++format_chars;
1719 if (has_operand_number != 0)
1720 {
1721 int opnum;
1722 opnum = maybe_read_dollar_number (&format_chars,
1723 has_operand_number == 1,
1724 first_fillin_param,
1725 &params, fki);
1726 if (opnum == -1)
1727 return false;
1728 else if (opnum > 0)
1729 {
1730 has_operand_number = 1;
1731 arg_num = opnum + info->first_arg_num - 1;
1732 }
1733 else
1734 has_operand_number = 0;
1735 }
1736 else
1737 {
1738 if (avoid_dollar_number (format_chars))
1739 return false;
1740 }
1741 if (info->first_arg_num != 0)
1742 {
1743 tree cur_param;
1744 if (params == 0)
1745 cur_param = NULL;
1746 else
1747 {
1748 cur_param = TREE_VALUE (params);
1749 if (has_operand_number <= 0)
1750 {
1751 params = TREE_CHAIN (params);
1752 ++arg_num;
1753 }
1754 }
1755 width_wanted_type.wanted_type = *fki->width_type;
1756 width_wanted_type.wanted_type_name = NULL;
1757 width_wanted_type.pointer_count = 0;
1758 width_wanted_type.char_lenient_flag = 0;
1759 width_wanted_type.scalar_identity_flag = 0;
1760 width_wanted_type.writing_in_flag = 0;
1761 width_wanted_type.reading_from_flag = 0;
1762 width_wanted_type.kind = CF_KIND_FIELD_WIDTH;
1763 width_wanted_type.format_start = format_chars - 1;
1764 width_wanted_type.format_length = 1;
1765 width_wanted_type.param = cur_param;
1766 width_wanted_type.arg_num = arg_num;
1767 width_wanted_type.offset_loc =
1768 format_chars - orig_format_chars;
1769 width_wanted_type.next = NULL;
1770 if (last_wanted_type != 0)
1771 last_wanted_type->next = &width_wanted_type;
1772 if (first_wanted_type == 0)
1773 first_wanted_type = &width_wanted_type;
1774 last_wanted_type = &width_wanted_type;
1775 }
1776 }
1777 else
1778 {
1779 /* Possibly read a numeric width. If the width is zero,
1780 we complain if appropriate. */
1781 int non_zero_width_char = FALSE;
1782 int found_width = FALSE;
1783 while (ISDIGIT (*format_chars))
1784 {
1785 found_width = TRUE;
1786 if (*format_chars != '0')
1787 non_zero_width_char = TRUE;
1788 ++format_chars;
1789 }
1790 if (found_width && !non_zero_width_char &&
1791 (fki->flags & (int) FMT_FLAG_ZERO_WIDTH_BAD))
1792 warning_at (format_string_loc, OPT_Wformat_,
1793 "zero width in %s format", fki->name);
1794 if (found_width)
1795 flag_chars.add_char (fki->width_char);
1796 }
1797
1798 return true;
1799 }
1800
1801 /* Read any format left precision (must be a number, not *). */
1802 void
1803 argument_parser::read_any_format_left_precision ()
1804 {
1805 if (fki->left_precision_char == 0)
1806 return;
1807 if (*format_chars != '#')
1808 return;
1809
1810 ++format_chars;
1811 flag_chars.add_char (fki->left_precision_char);
1812 if (!ISDIGIT (*format_chars))
1813 format_warning_at_char (format_string_loc, format_string_cst,
1814 format_chars - orig_format_chars,
1815 OPT_Wformat_,
1816 "empty left precision in %s format", fki->name);
1817 while (ISDIGIT (*format_chars))
1818 ++format_chars;
1819 }
1820
1821 /* Read any format precision, possibly * or *m$.
1822
1823 Return true if format parsing is to continue, false otherwise. */
1824
1825 bool
1826 argument_parser::
1827 read_any_format_precision (tree &params,
1828 unsigned HOST_WIDE_INT &arg_num)
1829 {
1830 if (fki->precision_char == 0)
1831 return true;
1832 if (*format_chars != '.')
1833 return true;
1834
1835 ++format_chars;
1836 flag_chars.add_char (fki->precision_char);
1837 if (fki->precision_type != NULL && *format_chars == '*')
1838 {
1839 /* "...a...precision...may be indicated by an asterisk.
1840 In this case, an int argument supplies the...precision." */
1841 ++format_chars;
1842 if (has_operand_number != 0)
1843 {
1844 int opnum;
1845 opnum = maybe_read_dollar_number (&format_chars,
1846 has_operand_number == 1,
1847 first_fillin_param,
1848 &params, fki);
1849 if (opnum == -1)
1850 return false;
1851 else if (opnum > 0)
1852 {
1853 has_operand_number = 1;
1854 arg_num = opnum + info->first_arg_num - 1;
1855 }
1856 else
1857 has_operand_number = 0;
1858 }
1859 else
1860 {
1861 if (avoid_dollar_number (format_chars))
1862 return false;
1863 }
1864 if (info->first_arg_num != 0)
1865 {
1866 tree cur_param;
1867 if (params == 0)
1868 cur_param = NULL;
1869 else
1870 {
1871 cur_param = TREE_VALUE (params);
1872 if (has_operand_number <= 0)
1873 {
1874 params = TREE_CHAIN (params);
1875 ++arg_num;
1876 }
1877 }
1878 precision_wanted_type.wanted_type = *fki->precision_type;
1879 precision_wanted_type.wanted_type_name = NULL;
1880 precision_wanted_type.pointer_count = 0;
1881 precision_wanted_type.char_lenient_flag = 0;
1882 precision_wanted_type.scalar_identity_flag = 0;
1883 precision_wanted_type.writing_in_flag = 0;
1884 precision_wanted_type.reading_from_flag = 0;
1885 precision_wanted_type.kind = CF_KIND_FIELD_PRECISION;
1886 precision_wanted_type.param = cur_param;
1887 precision_wanted_type.format_start = format_chars - 2;
1888 precision_wanted_type.format_length = 2;
1889 precision_wanted_type.arg_num = arg_num;
1890 precision_wanted_type.offset_loc =
1891 format_chars - orig_format_chars;
1892 precision_wanted_type.next = NULL;
1893 if (last_wanted_type != 0)
1894 last_wanted_type->next = &precision_wanted_type;
1895 if (first_wanted_type == 0)
1896 first_wanted_type = &precision_wanted_type;
1897 last_wanted_type = &precision_wanted_type;
1898 }
1899 }
1900 else
1901 {
1902 if (!(fki->flags & (int) FMT_FLAG_EMPTY_PREC_OK)
1903 && !ISDIGIT (*format_chars))
1904 format_warning_at_char (format_string_loc, format_string_cst,
1905 format_chars - orig_format_chars,
1906 OPT_Wformat_,
1907 "empty precision in %s format", fki->name);
1908 while (ISDIGIT (*format_chars))
1909 ++format_chars;
1910 }
1911
1912 return true;
1913 }
1914
1915 /* Parse any assignment-allocation flags, which request an extra
1916 char ** for writing back a dynamically-allocated char *.
1917 This is for handling the optional 'm' character in scanf,
1918 and, before C99, 'a' (for compatibility with a non-standard
1919 GNU libc extension). */
1920
1921 void
1922 argument_parser::handle_alloc_chars ()
1923 {
1924 if (fki->alloc_char && fki->alloc_char == *format_chars)
1925 {
1926 flag_chars.add_char (fki->alloc_char);
1927 format_chars++;
1928 }
1929
1930 /* Handle the scanf allocation kludge. */
1931 if (fki->flags & (int) FMT_FLAG_SCANF_A_KLUDGE)
1932 {
1933 if (*format_chars == 'a' && !flag_isoc99)
1934 {
1935 if (format_chars[1] == 's' || format_chars[1] == 'S'
1936 || format_chars[1] == '[')
1937 {
1938 /* 'a' is used as a flag. */
1939 flag_chars.add_char ('a');
1940 format_chars++;
1941 }
1942 }
1943 }
1944 }
1945
1946 /* Look for length modifiers within the current format argument,
1947 returning a length_modifier instance describing it (or the
1948 default if one is not found).
1949
1950 Issue warnings about non-standard modifiers. */
1951
1952 length_modifier
1953 argument_parser::read_any_length_modifier ()
1954 {
1955 length_modifier result;
1956
1957 const format_length_info *fli = fki->length_char_specs;
1958 if (!fli)
1959 return result;
1960
1961 while (fli->name != 0
1962 && strncmp (fli->name, format_chars, strlen (fli->name)))
1963 fli++;
1964 if (fli->name != 0)
1965 {
1966 format_chars += strlen (fli->name);
1967 if (fli->double_name != 0 && fli->name[0] == *format_chars)
1968 {
1969 format_chars++;
1970 result = length_modifier (fli->double_name, fli->double_index,
1971 fli->double_std, 0);
1972 }
1973 else
1974 {
1975 result = length_modifier (fli->name, fli->index, fli->std,
1976 fli->scalar_identity_flag);
1977 }
1978 flag_chars.add_char (fki->length_code_char);
1979 }
1980 if (pedantic)
1981 {
1982 /* Warn if the length modifier is non-standard. */
1983 if (ADJ_STD (result.std) > C_STD_VER)
1984 warning_at (format_string_loc, OPT_Wformat_,
1985 "%s does not support the %qs %s length modifier",
1986 C_STD_NAME (result.std), result.chars,
1987 fki->name);
1988 }
1989
1990 return result;
1991 }
1992
1993 /* Read any other modifier (strftime E/O). */
1994
1995 void
1996 argument_parser::read_any_other_modifier ()
1997 {
1998 if (fki->modifier_chars == NULL)
1999 return;
2000
2001 while (*format_chars != 0
2002 && strchr (fki->modifier_chars, *format_chars) != 0)
2003 {
2004 if (flag_chars.has_char_p (*format_chars))
2005 {
2006 const format_flag_spec *s = get_flag_spec (flag_specs,
2007 *format_chars, NULL);
2008 format_warning_at_char (format_string_loc, format_string_cst,
2009 format_chars - orig_format_chars,
2010 OPT_Wformat_,
2011 "repeated %s in format", _(s->name));
2012 }
2013 else
2014 flag_chars.add_char (*format_chars);
2015 ++format_chars;
2016 }
2017 }
2018
2019 /* Return the format_char_info corresponding to FORMAT_CHAR,
2020 potentially issuing a warning if the format char is
2021 not supported in the C standard version we are checking
2022 against.
2023
2024 Issue a warning and return NULL if it is not found.
2025
2026 Issue warnings about non-standard modifiers. */
2027
2028 const format_char_info *
2029 argument_parser::find_format_char_info (char format_char)
2030 {
2031 const format_char_info *fci = fki->conversion_specs;
2032
2033 while (fci->format_chars != 0
2034 && strchr (fci->format_chars, format_char) == 0)
2035 ++fci;
2036 if (fci->format_chars == 0)
2037 {
2038 format_warning_at_char (format_string_loc, format_string_cst,
2039 format_chars - orig_format_chars,
2040 OPT_Wformat_,
2041 "unknown conversion type character %qc in format",
2042 format_char);
2043 return NULL;
2044 }
2045
2046 if (pedantic)
2047 {
2048 if (ADJ_STD (fci->std) > C_STD_VER)
2049 format_warning_at_char (format_string_loc, format_string_cst,
2050 format_chars - orig_format_chars,
2051 OPT_Wformat_,
2052 "%s does not support the %<%%%c%> %s format",
2053 C_STD_NAME (fci->std), format_char, fki->name);
2054 }
2055
2056 return fci;
2057 }
2058
2059 /* Validate the pairs of flags used.
2060 Issue warnings about incompatible combinations of flags. */
2061
2062 void
2063 argument_parser::validate_flag_pairs (const format_char_info *fci,
2064 char format_char)
2065 {
2066 const format_flag_pair * const bad_flag_pairs = fki->bad_flag_pairs;
2067
2068 for (int i = 0; bad_flag_pairs[i].flag_char1 != 0; i++)
2069 {
2070 const format_flag_spec *s, *t;
2071 if (!flag_chars.has_char_p (bad_flag_pairs[i].flag_char1))
2072 continue;
2073 if (!flag_chars.has_char_p (bad_flag_pairs[i].flag_char2))
2074 continue;
2075 if (bad_flag_pairs[i].predicate != 0
2076 && strchr (fci->flags2, bad_flag_pairs[i].predicate) == 0)
2077 continue;
2078 s = get_flag_spec (flag_specs, bad_flag_pairs[i].flag_char1, NULL);
2079 t = get_flag_spec (flag_specs, bad_flag_pairs[i].flag_char2, NULL);
2080 if (bad_flag_pairs[i].ignored)
2081 {
2082 if (bad_flag_pairs[i].predicate != 0)
2083 warning_at (format_string_loc, OPT_Wformat_,
2084 "%s ignored with %s and %<%%%c%> %s format",
2085 _(s->name), _(t->name), format_char,
2086 fki->name);
2087 else
2088 warning_at (format_string_loc, OPT_Wformat_,
2089 "%s ignored with %s in %s format",
2090 _(s->name), _(t->name), fki->name);
2091 }
2092 else
2093 {
2094 if (bad_flag_pairs[i].predicate != 0)
2095 warning_at (format_string_loc, OPT_Wformat_,
2096 "use of %s and %s together with %<%%%c%> %s format",
2097 _(s->name), _(t->name), format_char,
2098 fki->name);
2099 else
2100 warning_at (format_string_loc, OPT_Wformat_,
2101 "use of %s and %s together in %s format",
2102 _(s->name), _(t->name), fki->name);
2103 }
2104 }
2105 }
2106
2107 /* Give Y2K warnings. */
2108
2109 void
2110 argument_parser::give_y2k_warnings (const format_char_info *fci,
2111 char format_char)
2112 {
2113 if (!warn_format_y2k)
2114 return;
2115
2116 int y2k_level = 0;
2117 if (strchr (fci->flags2, '4') != 0)
2118 if (flag_chars.has_char_p ('E'))
2119 y2k_level = 3;
2120 else
2121 y2k_level = 2;
2122 else if (strchr (fci->flags2, '3') != 0)
2123 y2k_level = 3;
2124 else if (strchr (fci->flags2, '2') != 0)
2125 y2k_level = 2;
2126 if (y2k_level == 3)
2127 warning_at (format_string_loc, OPT_Wformat_y2k,
2128 "%<%%%c%> yields only last 2 digits of year in some locales", format_char);
2129 else if (y2k_level == 2)
2130 warning_at (format_string_loc, OPT_Wformat_y2k,
2131 "%<%%%c%> yields only last 2 digits of year",
2132 format_char);
2133 }
2134
2135 /* Parse any "scan sets" enclosed in square brackets, e.g.
2136 for scanf-style calls. */
2137
2138 void
2139 argument_parser::parse_any_scan_set (const format_char_info *fci)
2140 {
2141 if (strchr (fci->flags2, '[') == NULL)
2142 return;
2143
2144 /* Skip over scan set, in case it happens to have '%' in it. */
2145 if (*format_chars == '^')
2146 ++format_chars;
2147 /* Find closing bracket; if one is hit immediately, then
2148 it's part of the scan set rather than a terminator. */
2149 if (*format_chars == ']')
2150 ++format_chars;
2151 while (*format_chars && *format_chars != ']')
2152 ++format_chars;
2153 if (*format_chars != ']')
2154 /* The end of the format string was reached. */
2155 format_warning_at_char (format_string_loc, format_string_cst,
2156 format_chars - orig_format_chars,
2157 OPT_Wformat_,
2158 "no closing %<]%> for %<%%[%> format");
2159 }
2160
2161 /* Return true if this argument is to be continued to be parsed,
2162 false to skip to next argument. */
2163
2164 bool
2165 argument_parser::handle_conversions (const format_char_info *fci,
2166 const length_modifier &len_modifier,
2167 tree &wanted_type,
2168 const char *&wanted_type_name,
2169 unsigned HOST_WIDE_INT &arg_num,
2170 tree &params,
2171 char format_char)
2172 {
2173 enum format_std_version wanted_type_std;
2174
2175 if (!(fki->flags & (int) FMT_FLAG_ARG_CONVERT))
2176 return true;
2177
2178 wanted_type = (fci->types[len_modifier.val].type
2179 ? *fci->types[len_modifier.val].type : 0);
2180 wanted_type_name = fci->types[len_modifier.val].name;
2181 wanted_type_std = fci->types[len_modifier.val].std;
2182 if (wanted_type == 0)
2183 {
2184 format_warning_at_char (format_string_loc, format_string_cst,
2185 format_chars - orig_format_chars,
2186 OPT_Wformat_,
2187 "use of %qs length modifier with %qc type character has either no effect or undefined behavior",
2188 len_modifier.chars, format_char);
2189 /* Heuristic: skip one argument when an invalid length/type
2190 combination is encountered. */
2191 arg_num++;
2192 if (params != 0)
2193 params = TREE_CHAIN (params);
2194 return false;
2195 }
2196 else if (pedantic
2197 /* Warn if non-standard, provided it is more non-standard
2198 than the length and type characters that may already
2199 have been warned for. */
2200 && ADJ_STD (wanted_type_std) > ADJ_STD (len_modifier.std)
2201 && ADJ_STD (wanted_type_std) > ADJ_STD (fci->std))
2202 {
2203 if (ADJ_STD (wanted_type_std) > C_STD_VER)
2204 format_warning_at_char (format_string_loc, format_string_cst,
2205 format_chars - orig_format_chars,
2206 OPT_Wformat_,
2207 "%s does not support the %<%%%s%c%> %s format",
2208 C_STD_NAME (wanted_type_std),
2209 len_modifier.chars,
2210 format_char, fki->name);
2211 }
2212
2213 return true;
2214 }
2215
2216 /* Check type of argument against desired type.
2217
2218 Return true if format parsing is to continue, false otherwise. */
2219
2220 bool
2221 argument_parser::
2222 check_argument_type (const format_char_info *fci,
2223 const struct kernel_ext_fmt *kef,
2224 const length_modifier &len_modifier,
2225 tree &wanted_type,
2226 const char *&wanted_type_name,
2227 const bool suppressed,
2228 unsigned HOST_WIDE_INT &arg_num,
2229 tree &params,
2230 const int alloc_flag,
2231 const char * const format_start,
2232 const char * const type_start,
2233 location_t fmt_param_loc,
2234 char conversion_char)
2235 {
2236 if (info->first_arg_num == 0)
2237 return true;
2238
2239 if ((fci->pointer_count == 0 && wanted_type == void_type_node)
2240 || suppressed)
2241 {
2242 if (main_arg_num != 0)
2243 {
2244 if (suppressed)
2245 warning_at (format_string_loc, OPT_Wformat_,
2246 "operand number specified with suppressed assignment");
2247 else
2248 warning_at (format_string_loc, OPT_Wformat_,
2249 "operand number specified for format taking no argument");
2250 }
2251 }
2252 else
2253 {
2254 format_wanted_type *wanted_type_ptr;
2255
2256 if (main_arg_num != 0)
2257 {
2258 arg_num = main_arg_num;
2259 params = main_arg_params;
2260 }
2261 else
2262 {
2263 ++arg_num;
2264 if (has_operand_number > 0)
2265 {
2266 warning_at (format_string_loc, OPT_Wformat_,
2267 "missing $ operand number in format");
2268 return false;
2269 }
2270 else
2271 has_operand_number = 0;
2272 }
2273
2274 wanted_type_ptr = &main_wanted_type;
2275 while (fci)
2276 {
2277 tree cur_param;
2278 if (params == 0)
2279 cur_param = NULL;
2280 else
2281 {
2282 cur_param = TREE_VALUE (params);
2283 params = TREE_CHAIN (params);
2284 }
2285
2286 wanted_type_ptr->wanted_type = wanted_type;
2287 wanted_type_ptr->wanted_type_name = wanted_type_name;
2288 wanted_type_ptr->pointer_count = fci->pointer_count + alloc_flag;
2289 wanted_type_ptr->char_lenient_flag = 0;
2290 if (strchr (fci->flags2, 'c') != 0)
2291 wanted_type_ptr->char_lenient_flag = 1;
2292 wanted_type_ptr->scalar_identity_flag = 0;
2293 if (len_modifier.scalar_identity_flag)
2294 wanted_type_ptr->scalar_identity_flag = 1;
2295 wanted_type_ptr->writing_in_flag = 0;
2296 wanted_type_ptr->reading_from_flag = 0;
2297 if (alloc_flag)
2298 wanted_type_ptr->writing_in_flag = 1;
2299 else
2300 {
2301 if (strchr (fci->flags2, 'W') != 0)
2302 wanted_type_ptr->writing_in_flag = 1;
2303 if (strchr (fci->flags2, 'R') != 0)
2304 wanted_type_ptr->reading_from_flag = 1;
2305 }
2306 wanted_type_ptr->kind = CF_KIND_FORMAT;
2307 wanted_type_ptr->param = cur_param;
2308 wanted_type_ptr->arg_num = arg_num;
2309 wanted_type_ptr->format_start = format_start;
2310 wanted_type_ptr->format_length = format_chars - format_start;
2311 wanted_type_ptr->offset_loc = format_chars - orig_format_chars;
2312 wanted_type_ptr->next = NULL;
2313 if (last_wanted_type != 0)
2314 last_wanted_type->next = wanted_type_ptr;
2315 if (first_wanted_type == 0)
2316 first_wanted_type = wanted_type_ptr;
2317 last_wanted_type = wanted_type_ptr;
2318
2319 fci = fci->chain;
2320 if (fci)
2321 {
2322 wanted_type_ptr = fwt_pool.allocate ();
2323 arg_num++;
2324 wanted_type = *fci->types[len_modifier.val].type;
2325 wanted_type_name = fci->types[len_modifier.val].name;
2326 }
2327 }
2328 }
2329
2330 if (first_wanted_type != 0)
2331 {
2332 ptrdiff_t offset_to_format_start = (start_of_this_format - 1) - orig_format_chars;
2333 ptrdiff_t offset_to_format_end = (format_chars - 1) - orig_format_chars;
2334 /* By default, use the end of the range for the caret location. */
2335 substring_loc fmt_loc (fmt_param_loc, TREE_TYPE (format_string_cst),
2336 offset_to_format_end,
2337 offset_to_format_start, offset_to_format_end);
2338 ptrdiff_t offset_to_type_start = type_start - orig_format_chars;
2339 check_format_types (fmt_loc, first_wanted_type, fki,
2340 offset_to_type_start,
2341 conversion_char, arglocs);
2342
2343 /* note printf extension type checks are *additional* - %p must always
2344 * be pointer compatible, %d always int compatible.
2345 */
2346 if (first_wanted_type->kind != CF_KIND_FORMAT || !kef)
2347 return true;
2348
2349 const struct kernel_ext_fmt *kef_now;
2350 bool success;
2351
2352 for (kef_now = kef; kef_now->suffix && !strcmp (kef->suffix, kef_now->suffix); kef_now++)
2353 {
2354 success = check_kef_type (fmt_loc, kef_now,
2355 first_wanted_type->arg_num,
2356 first_wanted_type->param,
2357 kef_now->type, fki, offset_to_type_start, conversion_char, arglocs);
2358
2359 if (success)
2360 return true;
2361 }
2362
2363 location_t param_loc;
2364
2365 if (EXPR_HAS_LOCATION (first_wanted_type->param))
2366 param_loc = EXPR_LOCATION (first_wanted_type->param);
2367 else if (arglocs)
2368 {
2369 /* arg_num is 1-based. */
2370 gcc_assert (first_wanted_type->arg_num > 0);
2371 param_loc = (*arglocs)[first_wanted_type->arg_num - 1];
2372 }
2373
2374 format_type_warning (fmt_loc, param_loc, first_wanted_type,
2375 kef->type, TREE_TYPE (first_wanted_type->param),
2376 fki, offset_to_type_start, conversion_char);
2377 }
2378
2379 return true;
2380 }
2381
2382 /* Do the main part of checking a call to a format function. FORMAT_CHARS
2383 is the NUL-terminated format string (which at this point may contain
2384 internal NUL characters); FORMAT_LENGTH is its length (excluding the
2385 terminating NUL character). ARG_NUM is one less than the number of
2386 the first format argument to check; PARAMS points to that format
2387 argument in the list of arguments. */
2388
2389 static void
2390 check_format_info_main (format_check_results *res,
2391 function_format_info *info, const char *format_chars,
2392 location_t fmt_param_loc, tree format_string_cst,
2393 int format_length, tree params,
2394 unsigned HOST_WIDE_INT arg_num,
2395 object_allocator <format_wanted_type> &fwt_pool,
2396 vec<location_t> *arglocs)
2397 {
2398 const char * const orig_format_chars = format_chars;
2399 const tree first_fillin_param = params;
2400
2401 const format_kind_info * const fki = &format_types[info->format_type];
2402 const format_flag_spec * const flag_specs = fki->flag_specs;
2403 const location_t format_string_loc = res->format_string_loc;
2404
2405 /* -1 if no conversions taking an operand have been found; 0 if one has
2406 and it didn't use $; 1 if $ formats are in use. */
2407 int has_operand_number = -1;
2408
2409 /* Vector of pointers to opening quoting directives (like GCC "%<"). */
2410 auto_vec<const char*> quotdirs;
2411
2412 /* Pointers to the most recent color directives (like GCC's "%r or %R").
2413 A starting color directive much be terminated before the end of
2414 the format string. A terminating directive makes no sense without
2415 a prior starting directive. */
2416 const char *color_begin = NULL;
2417 const char *color_end = NULL;
2418
2419 init_dollar_format_checking (info->first_arg_num, first_fillin_param);
2420
2421 while (*format_chars != 0)
2422 {
2423 if (*format_chars++ != '%')
2424 continue;
2425 if (*format_chars == 0)
2426 {
2427 format_warning_at_char (format_string_loc, format_string_cst,
2428 format_chars - orig_format_chars,
2429 OPT_Wformat_,
2430 "spurious trailing %<%%%> in format");
2431 continue;
2432 }
2433 if (*format_chars == '%')
2434 {
2435 ++format_chars;
2436 continue;
2437 }
2438
2439 flag_chars_t flag_chars;
2440 argument_parser arg_parser (info, format_chars, format_string_cst,
2441 orig_format_chars, format_string_loc,
2442 flag_chars, has_operand_number,
2443 first_fillin_param, fwt_pool, arglocs);
2444
2445 if (!arg_parser.read_any_dollar ())
2446 return;
2447
2448 if (!arg_parser.read_format_flags ())
2449 return;
2450
2451 /* Read any format width, possibly * or *m$. */
2452 if (!arg_parser.read_any_format_width (params, arg_num))
2453 return;
2454
2455 /* Read any format left precision (must be a number, not *). */
2456 arg_parser.read_any_format_left_precision ();
2457
2458 /* Read any format precision, possibly * or *m$. */
2459 if (!arg_parser.read_any_format_precision (params, arg_num))
2460 return;
2461
2462 const char *format_start = format_chars;
2463
2464 arg_parser.handle_alloc_chars ();
2465
2466 /* The rest of the conversion specification is the length modifier
2467 (if any), and the conversion specifier, so this is where the
2468 type information starts. If we need to issue a suggestion
2469 about a type mismatch, then we should preserve everything up
2470 to here. */
2471 const char *type_start = format_chars;
2472
2473 /* Read any length modifier, if this kind of format has them. */
2474 const length_modifier len_modifier
2475 = arg_parser.read_any_length_modifier ();
2476
2477 /* Read any modifier (strftime E/O). */
2478 arg_parser.read_any_other_modifier ();
2479
2480 char format_char = *format_chars;
2481 if (format_char == 0
2482 || (!(fki->flags & (int) FMT_FLAG_FANCY_PERCENT_OK)
2483 && format_char == '%'))
2484 {
2485 format_warning_at_char (format_string_loc, format_string_cst,
2486 format_chars - orig_format_chars,
2487 OPT_Wformat_,
2488 "conversion lacks type at end of format");
2489 continue;
2490 }
2491 format_chars++;
2492
2493 const format_char_info * const fci
2494 = arg_parser.find_format_char_info (format_char);
2495 if (!fci)
2496 continue;
2497
2498 struct kernel_ext_fmt *etab = fci->kernel_ext;
2499
2500 if (etab && format_chars[0] >= 'A' && format_chars[0] <= 'Z')
2501 {
2502 struct kernel_ext_fmt *etab_end = etab + ETAB_SZ;
2503
2504 for (; etab < etab_end && etab->suffix; etab++)
2505 {
2506 if (!strncmp (etab->suffix, format_chars, strlen (etab->suffix)))
2507 break;
2508 }
2509
2510 if (!etab->suffix || etab == etab_end)
2511 {
2512 format_warning_at_char (format_string_loc, format_string_cst,
2513 format_chars - orig_format_chars + 1,
2514 OPT_Wformat_,
2515 "unrecognized printf extension suffix");
2516 etab = NULL;
2517 }
2518 else
2519 {
2520 format_chars += strlen (etab->suffix);
2521 }
2522 }
2523 else
2524 etab = NULL;
2525
2526 flag_chars.validate (fki, fci, flag_specs, format_chars,
2527 format_string_cst,
2528 format_string_loc, orig_format_chars, format_char,
2529 quotdirs.length () > 0);
2530
2531 const int alloc_flag = flag_chars.get_alloc_flag (fki);
2532 const bool suppressed = flag_chars.assignment_suppression_p (fki);
2533
2534 /* Diagnose nested or unmatched quoting directives such as GCC's
2535 "%<...%<" and "%>...%>". */
2536 bool quot_begin_p = strchr (fci->flags2, '<');
2537 bool quot_end_p = strchr (fci->flags2, '>');
2538
2539 if (quot_begin_p && !quot_end_p)
2540 {
2541 if (quotdirs.length ())
2542 format_warning_at_char (format_string_loc, format_string_cst,
2543 format_chars - orig_format_chars,
2544 OPT_Wformat_,
2545 "nested quoting directive");
2546 quotdirs.safe_push (format_chars);
2547 }
2548 else if (!quot_begin_p && quot_end_p)
2549 {
2550 if (quotdirs.length ())
2551 quotdirs.pop ();
2552 else
2553 format_warning_at_char (format_string_loc, format_string_cst,
2554 format_chars - orig_format_chars,
2555 OPT_Wformat_,
2556 "unmatched quoting directive");
2557 }
2558
2559 bool color_begin_p = strchr (fci->flags2, '/');
2560 if (color_begin_p)
2561 {
2562 color_begin = format_chars;
2563 color_end = NULL;
2564 }
2565 else if (strchr (fci->flags2, '\\'))
2566 {
2567 if (color_end)
2568 format_warning_at_char (format_string_loc, format_string_cst,
2569 format_chars - orig_format_chars,
2570 OPT_Wformat_,
2571 "%qc directive redundant after prior occurence of the same", format_char);
2572 else if (!color_begin)
2573 format_warning_at_char (format_string_loc, format_string_cst,
2574 format_chars - orig_format_chars,
2575 OPT_Wformat_,
2576 "unmatched color reset directive");
2577 color_end = format_chars;
2578 }
2579
2580 /* Diagnose directives that shouldn't appear in a quoted sequence.
2581 (They are denoted by a double quote in FLAGS2.) */
2582 if (quotdirs.length ())
2583 {
2584 if (strchr (fci->flags2, '"'))
2585 format_warning_at_char (format_string_loc, format_string_cst,
2586 format_chars - orig_format_chars,
2587 OPT_Wformat_,
2588 "%qc conversion used within a quoted sequence",
2589 format_char);
2590 }
2591
2592 /* Validate the pairs of flags used. */
2593 arg_parser.validate_flag_pairs (fci, format_char);
2594
2595 arg_parser.give_y2k_warnings (fci, format_char);
2596
2597 arg_parser.parse_any_scan_set (fci);
2598
2599 tree wanted_type = NULL;
2600 const char *wanted_type_name = NULL;
2601
2602 if (!arg_parser.handle_conversions (fci, len_modifier,
2603 wanted_type, wanted_type_name,
2604 arg_num,
2605 params,
2606 format_char))
2607 continue;
2608
2609 arg_parser.main_wanted_type.next = NULL;
2610
2611 /* Finally. . .check type of argument against desired type! */
2612 if (!arg_parser.check_argument_type (fci, etab, len_modifier,
2613 wanted_type, wanted_type_name,
2614 suppressed,
2615 arg_num, params,
2616 alloc_flag,
2617 format_start, type_start,
2618 fmt_param_loc,
2619 format_char))
2620 return;
2621 }
2622
2623 if (format_chars - orig_format_chars != format_length)
2624 format_warning_at_char (format_string_loc, format_string_cst,
2625 format_chars + 1 - orig_format_chars,
2626 OPT_Wformat_contains_nul,
2627 "embedded %<\\0%> in format");
2628 if (info->first_arg_num != 0 && params != 0
2629 && has_operand_number <= 0)
2630 {
2631 res->number_other--;
2632 res->number_extra_args++;
2633 }
2634 if (has_operand_number > 0)
2635 finish_dollar_format_checking (res, fki->flags & (int) FMT_FLAG_DOLLAR_GAP_POINTER_OK);
2636
2637 if (quotdirs.length ())
2638 format_warning_at_char (format_string_loc, format_string_cst,
2639 quotdirs.pop () - orig_format_chars,
2640 OPT_Wformat_, "unterminated quoting directive");
2641 if (color_begin && !color_end)
2642 format_warning_at_char (format_string_loc, format_string_cst,
2643 color_begin - orig_format_chars,
2644 OPT_Wformat_, "unterminated color directive");
2645 }
2646
2647 /* Check the argument types from a single format conversion (possibly
2648 including width and precision arguments).
2649
2650 FMT_LOC is the location of the format conversion.
2651
2652 TYPES is a singly-linked list expressing the parts of the format
2653 conversion that expect argument types, and the arguments they
2654 correspond to.
2655
2656 OFFSET_TO_TYPE_START is the offset within the execution-charset encoded
2657 format string to where type information begins for the conversion
2658 (the length modifier and conversion specifier).
2659
2660 CONVERSION_CHAR is the user-provided conversion specifier.
2661
2662 For example, given:
2663
2664 sprintf (d, "before %-+*.*lld after", arg3, arg4, arg5);
2665
2666 then FMT_LOC covers this range:
2667
2668 sprintf (d, "before %-+*.*lld after", arg3, arg4, arg5);
2669 ^^^^^^^^^
2670
2671 and TYPES in this case is a three-entry singly-linked list consisting of:
2672 (1) the check for the field width here:
2673 sprintf (d, "before %-+*.*lld after", arg3, arg4, arg5);
2674 ^ ^^^^
2675 against arg3, and
2676 (2) the check for the field precision here:
2677 sprintf (d, "before %-+*.*lld after", arg3, arg4, arg5);
2678 ^^ ^^^^
2679 against arg4, and
2680 (3) the check for the length modifier and conversion char here:
2681 sprintf (d, "before %-+*.*lld after", arg3, arg4, arg5);
2682 ^^^ ^^^^
2683 against arg5.
2684
2685 OFFSET_TO_TYPE_START is 13, the offset to the "lld" within the
2686 STRING_CST:
2687
2688 0000000000111111111122
2689 0123456789012345678901
2690 sprintf (d, "before %-+*.*lld after", arg3, arg4, arg5);
2691 ^ ^
2692 | ` CONVERSION_CHAR: 'd'
2693 type starts here. */
2694 tree type_normalize (tree type, tree *cousin, tree target = NULL)
2695 {
2696 while (1)
2697 {
2698 if (TREE_CODE (type) == FUNCTION_TYPE || TREE_CODE (type) == POINTER_TYPE)
2699 return type;
2700 if (target)
2701 /* Strip off any "const" etc. */
2702 type = build_qualified_type (type, 0);
2703 if (TREE_CODE (TYPE_NAME (type)) != TYPE_DECL)
2704 return type;
2705
2706 if (target && (type == target || TYPE_NAME (type) == target))
2707 return target;
2708
2709 struct type_special *t;
2710 for (t = special_types; t->match; t++)
2711 {
2712 if (!*t->match)
2713 continue;
2714 if (TYPE_NAME (type) != *t->match)
2715 continue;
2716 if (t->cousin && *t->cousin)
2717 *cousin = *t->cousin;
2718 if (t->replace)
2719 return *t->replace ? *t->replace : type;
2720 return type;
2721 }
2722
2723 tree orig = DECL_ORIGINAL_TYPE (TYPE_NAME (type));
2724 if (!orig)
2725 return type;
2726
2727 type = orig;
2728 }
2729 return type;
2730 }
2731
2732 /* gcc-10 asserts when you give a TYPE_DECL instead of the actual TYPE */
2733 static tree
2734 decl_deref(tree typ)
2735 {
2736 while (TREE_CODE (typ) == TYPE_DECL)
2737 typ = DECL_ORIGINAL_TYPE (typ);
2738
2739 return typ;
2740 }
2741
2742 static void
2743 check_format_types (const substring_loc &fmt_loc,
2744 format_wanted_type *types, const format_kind_info *fki,
2745 int offset_to_type_start,
2746 char conversion_char,
2747 vec<location_t> *arglocs)
2748 {
2749 for (; types != 0; types = types->next)
2750 {
2751 tree cur_param;
2752 tree cur_type;
2753 tree cur_type_cousin = NULL;
2754 tree orig_cur_type;
2755 tree wanted_type;
2756 int arg_num;
2757 int i;
2758 int char_type_flag;
2759
2760 wanted_type = types->wanted_type;
2761 arg_num = types->arg_num;
2762
2763 wanted_type = decl_deref(wanted_type);
2764
2765 /* The following should not occur here. */
2766 gcc_assert (wanted_type);
2767 gcc_assert (wanted_type != void_type_node || types->pointer_count);
2768
2769 if (types->pointer_count == 0)
2770 wanted_type = lang_hooks.types.type_promotes_to (wanted_type);
2771
2772 switch (TREE_CODE (wanted_type))
2773 {
2774 case IDENTIFIER_NODE:
2775 break;
2776 case TYPE_DECL:
2777 wanted_type = TYPE_MAIN_VARIANT (DECL_ORIGINAL_TYPE (wanted_type));
2778 break;
2779 default:
2780 wanted_type = TYPE_MAIN_VARIANT (wanted_type);
2781 break;
2782 }
2783
2784 cur_param = types->param;
2785 if (!cur_param)
2786 {
2787 format_type_warning (fmt_loc, UNKNOWN_LOCATION, types, wanted_type,
2788 NULL, fki, offset_to_type_start,
2789 conversion_char);
2790 continue;
2791 }
2792
2793 cur_type = TREE_TYPE (cur_param);
2794 if (cur_type == error_mark_node)
2795 continue;
2796 orig_cur_type = cur_type;
2797 char_type_flag = 0;
2798
2799 location_t param_loc = UNKNOWN_LOCATION;
2800 if (EXPR_HAS_LOCATION (cur_param))
2801 param_loc = EXPR_LOCATION (cur_param);
2802 else if (arglocs)
2803 {
2804 /* arg_num is 1-based. */
2805 gcc_assert (types->arg_num > 0);
2806 param_loc = (*arglocs)[types->arg_num - 1];
2807 }
2808
2809 STRIP_NOPS (cur_param);
2810
2811 /* Check the types of any additional pointer arguments
2812 that precede the "real" argument. */
2813 for (i = 0; i < types->pointer_count; ++i)
2814 {
2815 if (TREE_CODE (cur_type) == POINTER_TYPE)
2816 {
2817 cur_type = TREE_TYPE (cur_type);
2818 if (cur_type == error_mark_node)
2819 break;
2820
2821 /* Check for writing through a NULL pointer. */
2822 if (types->writing_in_flag
2823 && i == 0
2824 && cur_param != 0
2825 && integer_zerop (cur_param))
2826 warning (OPT_Wformat_, "writing through null pointer (argument %d)", arg_num);
2827
2828 /* Check for reading through a NULL pointer. */
2829 if (types->reading_from_flag
2830 && i == 0
2831 && cur_param != 0
2832 && integer_zerop (cur_param))
2833 warning (OPT_Wformat_, "reading through null pointer (argument %d)", arg_num);
2834
2835 if (cur_param != 0 && TREE_CODE (cur_param) == ADDR_EXPR)
2836 cur_param = TREE_OPERAND (cur_param, 0);
2837 else
2838 cur_param = 0;
2839
2840 /* See if this is an attempt to write into a const type with
2841 scanf or with printf "%n". Note: the writing in happens
2842 at the first indirection only, if for example
2843 void * const * is passed to scanf %p; passing
2844 const void ** is simply passing an incompatible type. */
2845 if (types->writing_in_flag
2846 && i == 0
2847 && (TYPE_READONLY (cur_type)
2848 || (cur_param != 0
2849 && (CONSTANT_CLASS_P (cur_param)
2850 || (DECL_P (cur_param)
2851 && TREE_READONLY (cur_param))))))
2852 warning (OPT_Wformat_, "writing into constant object (argument %d)", arg_num);
2853
2854 /* If there are extra type qualifiers beyond the first
2855 indirection, then this makes the types technically
2856 incompatible. */
2857 if (i > 0
2858 && pedantic
2859 && (TYPE_READONLY (cur_type)
2860 || TYPE_VOLATILE (cur_type)
2861 || TYPE_ATOMIC (cur_type)
2862 || TYPE_RESTRICT (cur_type)))
2863 warning (OPT_Wformat_, "extra type qualifiers in format argument (argument %d)",
2864 arg_num);
2865
2866 }
2867 else
2868 {
2869 format_type_warning (fmt_loc, param_loc,
2870 types, wanted_type, orig_cur_type, fki,
2871 offset_to_type_start, conversion_char);
2872 break;
2873 }
2874 }
2875
2876 if (i < types->pointer_count)
2877 continue;
2878
2879 cur_type = type_normalize (cur_type, &cur_type_cousin);
2880
2881 /* Check whether the argument type is a character type. This leniency
2882 only applies to certain formats, flagged with 'c'. */
2883 if (types->char_lenient_flag)
2884 char_type_flag = (cur_type == char_type_node
2885 || cur_type == signed_char_type_node
2886 || cur_type == unsigned_char_type_node);
2887
2888 int compat = lang_hooks.types_compatible_p (decl_deref (wanted_type), decl_deref (cur_type));
2889 /* Check the type of the "real" argument, if there's a type we want. */
2890 if ((TREE_CODE (wanted_type) != INTEGER_TYPE || types->pointer_count)
2891 && compat)
2892 continue;
2893 if (TREE_CODE (wanted_type) == INTEGER_TYPE && !types->pointer_count
2894 && compat)
2895 {
2896 compat_inner:
2897 if (TREE_CODE (cur_param) == INTEGER_CST)
2898 continue;
2899
2900 if (TREE_CODE (types->wanted_type) == TYPE_DECL
2901 && TREE_CODE (cur_type) == TYPE_DECL)
2902 {
2903 if (types->wanted_type == cur_type)
2904 continue;
2905 format_type_warning (fmt_loc, param_loc, types,
2906 wanted_type, orig_cur_type, fki,
2907 offset_to_type_start, conversion_char,
2908 " (strict match required [A])");
2909 continue;
2910 }
2911 else if (TREE_CODE (types->wanted_type) == TYPE_DECL)
2912 {
2913 if (types->wanted_type == TYPE_NAME(cur_type))
2914 continue;
2915 format_type_warning (fmt_loc, param_loc, types,
2916 wanted_type, orig_cur_type, fki,
2917 offset_to_type_start, conversion_char,
2918 " (strict match required [B])");
2919 continue;
2920 }
2921 else if (wanted_type == cur_type)
2922 continue;
2923 else if (cur_type_cousin)
2924 {
2925 format_type_warning (fmt_loc, param_loc, types,
2926 wanted_type, orig_cur_type, fki,
2927 offset_to_type_start, conversion_char,
2928 " (strict match required [C])");
2929 }
2930
2931 /*
2932 format_type_warning (fmt_loc, param_loc, types,
2933 wanted_type, orig_cur_type, fki,
2934 offset_to_type_start, conversion_char,
2935 " (ultra-pedantic mode)");
2936 */
2937 continue;
2938 }
2939
2940 /* If we want 'void *', allow any pointer type.
2941 (Anything else would already have got a warning.)
2942 With -Wpedantic, only allow pointers to void and to character
2943 types. */
2944 if (wanted_type == void_type_node
2945 && (!pedantic || (i == 1 && char_type_flag)))
2946 continue;
2947 /* Don't warn about differences merely in signedness, unless
2948 -Wpedantic. With -Wpedantic, warn if the type is a pointer
2949 target and not a character type, and for character types at
2950 a second level of indirection. */
2951 if (TREE_CODE (wanted_type) == INTEGER_TYPE
2952 && TREE_CODE (cur_type) == INTEGER_TYPE
2953 && ((!pedantic && !warn_format_signedness)
2954 || (i == 0 && !warn_format_signedness)
2955 || (i == 1 && char_type_flag))
2956 && (TYPE_UNSIGNED (wanted_type)
2957 ? wanted_type == c_common_unsigned_type (cur_type)
2958 : wanted_type == c_common_signed_type (cur_type)))
2959 {
2960 if (cur_type_cousin)
2961 {
2962 if (TREE_CODE (types->wanted_type) == TYPE_DECL
2963 && TREE_CODE (cur_type_cousin) == TYPE_DECL)
2964 {
2965 if (types->wanted_type == cur_type_cousin)
2966 continue;
2967 format_type_warning (fmt_loc, param_loc, types,
2968 wanted_type, orig_cur_type, fki,
2969 offset_to_type_start, conversion_char,
2970 " (strict match required [X])");
2971 continue;
2972 }
2973 else if (TREE_CODE (types->wanted_type) == TYPE_DECL)
2974 {
2975 if (types->wanted_type == TYPE_NAME(cur_type_cousin))
2976 continue;
2977 format_type_warning (fmt_loc, param_loc, types,
2978 wanted_type, orig_cur_type, fki,
2979 offset_to_type_start, conversion_char,
2980 " (strict match required [Y])");
2981 continue;
2982 }
2983 else if (wanted_type == cur_type_cousin)
2984 continue;
2985 else
2986 {
2987 format_type_warning (fmt_loc, param_loc, types,
2988 wanted_type, orig_cur_type, fki,
2989 offset_to_type_start, conversion_char,
2990 " (strict match required [Z])");
2991 }
2992 }
2993
2994 goto compat_inner;
2995 }
2996 /* Don't warn about differences merely in signedness if we know
2997 that the current type is integer-promoted and its original type
2998 was unsigned such as that it is in the range of WANTED_TYPE. */
2999 if (TREE_CODE (wanted_type) == INTEGER_TYPE
3000 && TREE_CODE (cur_type) == INTEGER_TYPE
3001 && warn_format_signedness
3002 && TYPE_UNSIGNED (wanted_type)
3003 && cur_param != NULL_TREE
3004 && TREE_CODE (cur_param) == NOP_EXPR)
3005 {
3006 tree t = TREE_TYPE (TREE_OPERAND (cur_param, 0));
3007 if (TYPE_UNSIGNED (t)
3008 && cur_type == lang_hooks.types.type_promotes_to (t))
3009 continue;
3010 }
3011 /* Likewise, "signed char", "unsigned char" and "char" are
3012 equivalent but the above test won't consider them equivalent. */
3013 if (wanted_type == char_type_node
3014 && (!pedantic || i < 2)
3015 && char_type_flag)
3016 continue;
3017 if (types->scalar_identity_flag
3018 && (TREE_CODE (cur_type) == TREE_CODE (wanted_type)
3019 || (INTEGRAL_TYPE_P (cur_type)
3020 && INTEGRAL_TYPE_P (wanted_type)))
3021 && TYPE_PRECISION (cur_type) == TYPE_PRECISION (wanted_type))
3022 continue;
3023 /* Now we have a type mismatch. */
3024 format_type_warning (fmt_loc, param_loc, types,
3025 wanted_type, orig_cur_type, fki,
3026 offset_to_type_start, conversion_char);
3027 }
3028 }
3029
3030 static bool
3031 check_kef_type (const substring_loc &fmt_loc,
3032 const struct kernel_ext_fmt *kef,
3033 unsigned arg_num,
3034 tree cur_param,
3035 tree wanted_type,
3036 const format_kind_info *fki,
3037 int offset_to_type_start,
3038 char conversion_char,
3039 vec<location_t> *arglocs)
3040 {
3041 tree cur_type;
3042 bool ok = true;
3043 int i;
3044
3045 /* The following should not occur here. */
3046 gcc_assert (wanted_type);
3047 gcc_assert (wanted_type != void_type_node || kef->ptrlevel);
3048
3049 if (TREE_CODE (wanted_type) == TYPE_DECL)
3050 wanted_type = DECL_ORIGINAL_TYPE (wanted_type);
3051
3052 if (!cur_param)
3053 return false;
3054
3055 cur_type = TREE_TYPE (cur_param);
3056 if (cur_type == error_mark_node)
3057 return false;
3058
3059 location_t param_loc = UNKNOWN_LOCATION;
3060 if (EXPR_HAS_LOCATION (cur_param))
3061 param_loc = EXPR_LOCATION (cur_param);
3062 else if (arglocs)
3063 {
3064 /* arg_num is 1-based. */
3065 gcc_assert (arg_num > 0);
3066 param_loc = (*arglocs)[arg_num - 1];
3067 }
3068 (void)param_loc;
3069
3070 STRIP_NOPS (cur_param);
3071
3072 /* Check the types of any additional pointer arguments
3073 that precede the "real" argument. */
3074 for (i = 0; i < kef->ptrlevel; ++i)
3075 {
3076 if (TREE_CODE (cur_type) == POINTER_TYPE)
3077 {
3078 cur_type = TREE_TYPE (cur_type);
3079 if (cur_type == error_mark_node)
3080 break;
3081
3082 if (cur_param != 0 && TREE_CODE (cur_param) == ADDR_EXPR)
3083 cur_param = TREE_OPERAND (cur_param, 0);
3084 else
3085 cur_param = 0;
3086
3087 /* If there are extra type qualifiers beyond the first
3088 indirection, then this makes the types technically
3089 incompatible. */
3090 if (i > 0
3091 && pedantic
3092 && (TYPE_READONLY (cur_type)
3093 || TYPE_VOLATILE (cur_type)
3094 || TYPE_ATOMIC (cur_type)
3095 || TYPE_RESTRICT (cur_type)))
3096 warning (OPT_Wformat_, "extra type qualifiers in format argument (argument %d)",
3097 arg_num);
3098
3099 }
3100 else
3101 {
3102 ok = false;
3103 break;
3104 }
3105 }
3106
3107 if (i < kef->ptrlevel)
3108 return ok;
3109
3110 int compat = lang_hooks.types_compatible_p (wanted_type, cur_type);
3111
3112 if (!compat)
3113 return false;
3114
3115 tree cousin;
3116 tree normal_type;
3117
3118 normal_type = type_normalize (cur_type, &cousin, wanted_type);
3119
3120 return normal_type == wanted_type;
3121 }
3122
3123
3124 /* Given type TYPE, attempt to dereference the type N times
3125 (e.g. from ("int ***", 2) to "int *")
3126
3127 Return the derefenced type, with any qualifiers
3128 such as "const" stripped from the result, or
3129 NULL if unsuccessful (e.g. TYPE is not a pointer type). */
3130
3131 static tree
3132 deref_n_times (tree type, int n)
3133 {
3134 gcc_assert (type);
3135
3136 for (int i = n; i > 0; i--)
3137 {
3138 if (TREE_CODE (type) != POINTER_TYPE)
3139 return NULL_TREE;
3140 type = TREE_TYPE (type);
3141 }
3142 /* Strip off any "const" etc. */
3143 return build_qualified_type (type, 0);
3144 }
3145
3146 /* Lookup the format code for FORMAT_LEN within FLI,
3147 returning the string code for expressing it, or NULL
3148 if it is not found. */
3149
3150 static const char *
3151 get_modifier_for_format_len (const format_length_info *fli,
3152 enum format_lengths format_len)
3153 {
3154 for (; fli->name; fli++)
3155 {
3156 if (fli->index == format_len)
3157 return fli->name;
3158 if (fli->double_index == format_len)
3159 return fli->double_name;
3160 }
3161 return NULL;
3162 }
3163
3164 #if CHECKING_P
3165
3166 namespace selftest {
3167
3168 static void
3169 test_get_modifier_for_format_len ()
3170 {
3171 ASSERT_STREQ ("h",
3172 get_modifier_for_format_len (printf_length_specs, FMT_LEN_h));
3173 ASSERT_STREQ ("hh",
3174 get_modifier_for_format_len (printf_length_specs, FMT_LEN_hh));
3175 ASSERT_STREQ ("L",
3176 get_modifier_for_format_len (printf_length_specs, FMT_LEN_L));
3177 ASSERT_EQ (NULL,
3178 get_modifier_for_format_len (printf_length_specs, FMT_LEN_none));
3179 }
3180
3181 } // namespace selftest
3182
3183 #endif /* CHECKING_P */
3184
3185 /* Determine if SPEC_TYPE and ARG_TYPE are sufficiently similar for a
3186 format_type_detail using SPEC_TYPE to be offered as a suggestion for
3187 Wformat type errors where the argument has type ARG_TYPE. */
3188
3189 static bool
3190 matching_type_p (tree spec_type, tree arg_type)
3191 {
3192 gcc_assert (spec_type);
3193 gcc_assert (arg_type);
3194
3195 spec_type = decl_deref (spec_type);
3196 arg_type = decl_deref (arg_type);
3197
3198 /* If any of the types requires structural equality, we can't compare
3199 their canonical types. */
3200 if (TYPE_STRUCTURAL_EQUALITY_P (spec_type)
3201 || TYPE_STRUCTURAL_EQUALITY_P (arg_type))
3202 return false;
3203
3204 spec_type = TYPE_CANONICAL (spec_type);
3205 arg_type = TYPE_CANONICAL (arg_type);
3206
3207 if (TREE_CODE (spec_type) == INTEGER_TYPE
3208 && TREE_CODE (arg_type) == INTEGER_TYPE
3209 && (TYPE_UNSIGNED (spec_type)
3210 ? spec_type == c_common_unsigned_type (arg_type)
3211 : spec_type == c_common_signed_type (arg_type)))
3212 return true;
3213
3214 return spec_type == arg_type;
3215 }
3216
3217 /* Subroutine of get_format_for_type.
3218
3219 Generate a string containing the length modifier and conversion specifier
3220 that should be used to format arguments of type ARG_TYPE within FKI
3221 (effectively the inverse of the checking code).
3222
3223 If CONVERSION_CHAR is not zero (the first pass), the resulting suggestion
3224 is required to use it, for correcting bogus length modifiers.
3225 If CONVERSION_CHAR is zero (the second pass), then allow any suggestion
3226 that matches ARG_TYPE.
3227
3228 If successful, returns a non-NULL string which should be freed
3229 by the caller.
3230 Otherwise, returns NULL. */
3231
3232 static char *
3233 get_format_for_type_1 (const format_kind_info *fki, tree arg_type,
3234 char conversion_char)
3235 {
3236 gcc_assert (arg_type);
3237
3238 const format_char_info *spec;
3239 for (spec = &fki->conversion_specs[0];
3240 spec->format_chars;
3241 spec++)
3242 {
3243 if (conversion_char)
3244 if (!strchr (spec->format_chars, conversion_char))
3245 continue;
3246
3247 tree effective_arg_type = deref_n_times (arg_type,
3248 spec->pointer_count);
3249 if (!effective_arg_type)
3250 continue;
3251 for (int i = 0; i < FMT_LEN_MAX; i++)
3252 {
3253 const format_type_detail *ftd = &spec->types[i];
3254 if (!ftd->type)
3255 continue;
3256 if (matching_type_p (*ftd->type, effective_arg_type))
3257 {
3258 const char *len_modifier
3259 = get_modifier_for_format_len (fki->length_char_specs,
3260 (enum format_lengths)i);
3261 if (!len_modifier)
3262 len_modifier = "";
3263
3264 if (conversion_char)
3265 /* We found a match, using the given conversion char - the
3266 length modifier was incorrect (or absent).
3267 Provide a suggestion using the conversion char with the
3268 correct length modifier for the type. */
3269 return xasprintf ("%s%c", len_modifier, conversion_char);
3270 else
3271 /* 2nd pass: no match was possible using the user-provided
3272 conversion char, but we do have a match without using it.
3273 Provide a suggestion using the first conversion char
3274 listed for the given type. */
3275 return xasprintf ("%s%c", len_modifier, spec->format_chars[0]);
3276 }
3277 }
3278 }
3279
3280 return NULL;
3281 }
3282
3283 /* Generate a string containing the length modifier and conversion specifier
3284 that should be used to format arguments of type ARG_TYPE within FKI
3285 (effectively the inverse of the checking code).
3286
3287 If successful, returns a non-NULL string which should be freed
3288 by the caller.
3289 Otherwise, returns NULL. */
3290
3291 static char *
3292 get_format_for_type (const format_kind_info *fki, tree arg_type,
3293 char conversion_char)
3294 {
3295 gcc_assert (arg_type);
3296 gcc_assert (conversion_char);
3297
3298 /* First pass: look for a format_char_info containing CONVERSION_CHAR
3299 If we find one, then presumably the length modifier was incorrect
3300 (or absent). */
3301 char *result = get_format_for_type_1 (fki, arg_type, conversion_char);
3302 if (result)
3303 return result;
3304
3305 /* Second pass: we didn't find a match for CONVERSION_CHAR, so try
3306 matching just on the type. */
3307 return get_format_for_type_1 (fki, arg_type, '\0');
3308 }
3309
3310 /* Attempt to get a string for use as a replacement fix-it hint for the
3311 source range in FMT_LOC.
3312
3313 Preserve all of the text within the range of FMT_LOC up to
3314 OFFSET_TO_TYPE_START, replacing the rest with an appropriate
3315 length modifier and conversion specifier for ARG_TYPE, attempting
3316 to keep the user-provided CONVERSION_CHAR if possible.
3317
3318 For example, given a long vs long long mismatch for arg5 here:
3319
3320 000000000111111111122222222223333333333|
3321 123456789012345678901234567890123456789` column numbers
3322 0000000000111111111122|
3323 0123456789012345678901` string offsets
3324 V~~~~~~~~ : range of FMT_LOC, from cols 23-31
3325 sprintf (d, "before %-+*.*lld after", arg3, arg4, arg5);
3326 ^ ^
3327 | ` CONVERSION_CHAR: 'd'
3328 type starts here
3329
3330 where OFFSET_TO_TYPE_START is 13 (the offset to the "lld" within the
3331 STRING_CST), where the user provided:
3332 %-+*.*lld
3333 the result (assuming "long" argument 5) should be:
3334 %-+*.*ld
3335
3336 If successful, returns a non-NULL string which should be freed
3337 by the caller.
3338 Otherwise, returns NULL. */
3339
3340 static char *
3341 get_corrected_substring (const substring_loc &fmt_loc,
3342 format_wanted_type *type, tree arg_type,
3343 const format_kind_info *fki,
3344 int offset_to_type_start, char conversion_char)
3345 {
3346 /* Attempt to provide hints for argument types, but not for field widths
3347 and precisions. */
3348 if (!arg_type)
3349 return NULL;
3350 if (type->kind != CF_KIND_FORMAT)
3351 return NULL;
3352
3353 /* Locate the current code within the source range, rejecting
3354 any awkward cases where the format string occupies more than
3355 one line.
3356 Lookup the place where the type starts (including any length
3357 modifiers), getting it as the caret location. */
3358 substring_loc type_loc (fmt_loc);
3359 type_loc.set_caret_index (offset_to_type_start);
3360
3361 location_t fmt_substring_loc;
3362 const char *err = type_loc.get_location (&fmt_substring_loc);
3363 if (err)
3364 return NULL;
3365
3366 source_range fmt_substring_range
3367 = get_range_from_loc (line_table, fmt_substring_loc);
3368
3369 expanded_location caret
3370 = expand_location_to_spelling_point (fmt_substring_loc);
3371 expanded_location start
3372 = expand_location_to_spelling_point (fmt_substring_range.m_start);
3373 expanded_location finish
3374 = expand_location_to_spelling_point (fmt_substring_range.m_finish);
3375 if (caret.file != start.file)
3376 return NULL;
3377 if (start.file != finish.file)
3378 return NULL;
3379 if (caret.line != start.line)
3380 return NULL;
3381 if (start.line != finish.line)
3382 return NULL;
3383 if (start.column > caret.column)
3384 return NULL;
3385 if (start.column > finish.column)
3386 return NULL;
3387 if (caret.column > finish.column)
3388 return NULL;
3389
3390 #if BUILDING_GCC_VERSION >= 9000
3391 char_span line = location_get_source_line (start.file, start.line);
3392 if (!line)
3393 return NULL;
3394
3395 /* If we got this far, then we have the line containing the
3396 existing conversion specification.
3397
3398 Generate a trimmed copy, containing the prefix part of the conversion
3399 specification, up to the (but not including) the length modifier.
3400 In the above example, this would be "%-+*.*". */
3401 int length_up_to_type = caret.column - start.column;
3402 char_span prefix_span = line.subspan (start.column - 1, length_up_to_type);
3403 char *prefix = prefix_span.xstrdup ();
3404 #else
3405 char *prefix = NULL;
3406 #endif
3407
3408 /* Now attempt to generate a suggestion for the rest of the specification
3409 (length modifier and conversion char), based on ARG_TYPE and
3410 CONVERSION_CHAR.
3411 In the above example, this would be "ld". */
3412 char *format_for_type = get_format_for_type (fki, arg_type, conversion_char);
3413 if (!format_for_type)
3414 {
3415 free (prefix);
3416 return NULL;
3417 }
3418
3419 /* Success. Generate the resulting suggestion for the whole range of
3420 FMT_LOC by concatenating the two strings.
3421 In the above example, this would be "%-+*.*ld". */
3422 char *result = concat (prefix, format_for_type, NULL);
3423 free (format_for_type);
3424 free (prefix);
3425 return result;
3426 }
3427
3428 /* Helper class for adding zero or more trailing '*' to types.
3429
3430 The format type and name exclude any '*' for pointers, so those
3431 must be formatted manually. For all the types we currently have,
3432 this is adequate, but formats taking pointers to functions or
3433 arrays would require the full type to be built up in order to
3434 print it with %T. */
3435
3436 class indirection_suffix
3437 {
3438 public:
3439 indirection_suffix (int pointer_count) : m_pointer_count (pointer_count) {}
3440
3441 /* Determine the size of the buffer (including NUL-terminator). */
3442
3443 size_t get_buffer_size () const
3444 {
3445 return m_pointer_count + 2;
3446 }
3447
3448 /* Write the '*' to DST and add a NUL-terminator. */
3449
3450 void fill_buffer (char *dst) const
3451 {
3452 if (m_pointer_count == 0)
3453 dst[0] = 0;
3454 else if (c_dialect_cxx ())
3455 {
3456 memset (dst, '*', m_pointer_count);
3457 dst[m_pointer_count] = 0;
3458 }
3459 else
3460 {
3461 dst[0] = ' ';
3462 memset (dst + 1, '*', m_pointer_count);
3463 dst[m_pointer_count + 1] = 0;
3464 }
3465 }
3466
3467 private:
3468 int m_pointer_count;
3469 };
3470
3471 #if BUILDING_GCC_VERSION >= 9000
3472 /* not exported by GCC... need a local copy :( */
3473 class frr_range_label_for_type_mismatch : public range_label
3474 {
3475 public:
3476 frr_range_label_for_type_mismatch (tree labelled_type, tree other_type)
3477 : m_labelled_type (labelled_type), m_other_type (other_type)
3478 {
3479 }
3480
3481 label_text get_text (unsigned range_idx) const OVERRIDE;
3482
3483 protected:
3484 tree m_labelled_type;
3485 tree m_other_type;
3486 };
3487
3488 /* Print T to CPP. */
3489
3490 static void
3491 print_type (c_pretty_printer *cpp, tree t, bool *quoted)
3492 {
3493 gcc_assert (TYPE_P (t));
3494 struct obstack *ob = pp_buffer (cpp)->obstack;
3495 char *p = (char *) obstack_base (ob);
3496 /* Remember the end of the initial dump. */
3497 int len = obstack_object_size (ob);
3498
3499 tree name = TYPE_NAME (t);
3500 if (name && TREE_CODE (name) == TYPE_DECL && DECL_NAME (name))
3501 pp_identifier (cpp, lang_hooks.decl_printable_name (name, 2));
3502 else
3503 cpp->type_id (t);
3504
3505 /* If we're printing a type that involves typedefs, also print the
3506 stripped version. But sometimes the stripped version looks
3507 exactly the same, so we don't want it after all. To avoid
3508 printing it in that case, we play ugly obstack games. */
3509 if (TYPE_CANONICAL (t) && t != TYPE_CANONICAL (t))
3510 {
3511 c_pretty_printer cpp2;
3512 /* Print the stripped version into a temporary printer. */
3513 cpp2.type_id (TYPE_CANONICAL (t));
3514 struct obstack *ob2 = cpp2.buffer->obstack;
3515 /* Get the stripped version from the temporary printer. */
3516 const char *aka = (char *) obstack_base (ob2);
3517 int aka_len = obstack_object_size (ob2);
3518 int type1_len = obstack_object_size (ob) - len;
3519
3520 /* If they are identical, bail out. */
3521 if (aka_len == type1_len && memcmp (p + len, aka, aka_len) == 0)
3522 return;
3523
3524 /* They're not, print the stripped version now. */
3525 if (*quoted)
3526 pp_end_quote (cpp, pp_show_color (cpp));
3527 pp_c_whitespace (cpp);
3528 pp_left_brace (cpp);
3529 pp_c_ws_string (cpp, _("aka"));
3530 pp_c_whitespace (cpp);
3531 if (*quoted)
3532 pp_begin_quote (cpp, pp_show_color (cpp));
3533 cpp->type_id (TYPE_CANONICAL (t));
3534 if (*quoted)
3535 pp_end_quote (cpp, pp_show_color (cpp));
3536 pp_right_brace (cpp);
3537 /* No further closing quotes are needed. */
3538 *quoted = false;
3539 }
3540 }
3541
3542 /* C-specific implementation of range_label::get_text () vfunc for
3543 range_label_for_type_mismatch. */
3544 #if BUILDING_GCC_VERSION >= 10000
3545 #define label_borrow(text) label_text::borrow(text)
3546 #define label_take(text) label_text::take(text)
3547 #else
3548 #define label_borrow(text) label_text((char *)text, false)
3549 #define label_take(text) label_text(text, true)
3550 #endif
3551
3552 label_text
3553 frr_range_label_for_type_mismatch::get_text (unsigned /*range_idx*/) const
3554 {
3555 if (m_labelled_type == NULL_TREE)
3556 return label_borrow("(null tree)");
3557
3558 c_pretty_printer cpp;
3559 bool quoted = false;
3560 print_type (&cpp, m_labelled_type, &quoted);
3561 return label_take(xstrdup (pp_formatted_text (&cpp)));
3562 }
3563
3564 #define range_label_for_type_mismatch frr_range_label_for_type_mismatch
3565 #endif
3566
3567 /* Subclass of range_label for labelling the range in the format string
3568 with the type in question, adding trailing '*' for pointer_count. */
3569
3570 class range_label_for_format_type_mismatch
3571 : public range_label_for_type_mismatch
3572 {
3573 public:
3574 range_label_for_format_type_mismatch (tree labelled_type, tree other_type,
3575 int pointer_count)
3576 : range_label_for_type_mismatch (labelled_type, other_type),
3577 m_pointer_count (pointer_count)
3578 {
3579 }
3580
3581 label_text get_text (unsigned range_idx) const FINAL OVERRIDE
3582 {
3583 label_text text = range_label_for_type_mismatch::get_text (range_idx);
3584 if (text.m_buffer == NULL)
3585 return text;
3586
3587 indirection_suffix suffix (m_pointer_count);
3588 char *p = (char *) alloca (suffix.get_buffer_size ());
3589 suffix.fill_buffer (p);
3590
3591 char *result = concat (text.m_buffer, p, NULL);
3592 text.maybe_free ();
3593 return label_take(result);
3594 }
3595
3596 private:
3597 int m_pointer_count;
3598 };
3599
3600 /* Give a warning about a format argument of different type from that expected.
3601 The range of the diagnostic is taken from WHOLE_FMT_LOC; the caret location
3602 is based on the location of the char at TYPE->offset_loc.
3603 PARAM_LOC is the location of the relevant argument, or UNKNOWN_LOCATION
3604 if this is unavailable.
3605 WANTED_TYPE is the type the argument should have,
3606 possibly stripped of pointer dereferences. The description (such as "field
3607 precision"), the placement in the format string, a possibly more
3608 friendly name of WANTED_TYPE, and the number of pointer dereferences
3609 are taken from TYPE. ARG_TYPE is the type of the actual argument,
3610 or NULL if it is missing.
3611
3612 OFFSET_TO_TYPE_START is the offset within the execution-charset encoded
3613 format string to where type information begins for the conversion
3614 (the length modifier and conversion specifier).
3615 CONVERSION_CHAR is the user-provided conversion specifier.
3616
3617 For example, given a type mismatch for argument 5 here:
3618
3619 00000000011111111112222222222333333333344444444445555555555|
3620 12345678901234567890123456789012345678901234567890123456789` column numbers
3621 0000000000111111111122|
3622 0123456789012345678901` offsets within STRING_CST
3623 V~~~~~~~~ : range of WHOLE_FMT_LOC, from cols 23-31
3624 sprintf (d, "before %-+*.*lld after", int_expr, int_expr, long_expr);
3625 ^ ^ ^~~~~~~~~
3626 | ` CONVERSION_CHAR: 'd' PARAM_LOC
3627 type starts here
3628
3629 OFFSET_TO_TYPE_START is 13, the offset to the "lld" within the
3630 STRING_CST. */
3631
3632 static void
3633 format_type_warning (const substring_loc &whole_fmt_loc,
3634 location_t param_loc,
3635 format_wanted_type *type,
3636 tree wanted_type, tree arg_type,
3637 const format_kind_info *fki,
3638 int offset_to_type_start,
3639 char conversion_char,
3640 const char *extra)
3641 {
3642 enum format_specifier_kind kind = type->kind;
3643 const char *wanted_type_name = type->wanted_type_name;
3644 const char *format_start = type->format_start;
3645 int format_length = type->format_length;
3646 int pointer_count = type->pointer_count;
3647 int arg_num = type->arg_num;
3648
3649 if (!extra)
3650 extra = "";
3651
3652 /* If ARG_TYPE is a typedef with a misleading name (for example,
3653 size_t but not the standard size_t expected by printf %zu), avoid
3654 printing the typedef name. */
3655 if (wanted_type_name
3656 && arg_type
3657 && TYPE_NAME (arg_type)
3658 && TREE_CODE (TYPE_NAME (arg_type)) == TYPE_DECL
3659 && DECL_NAME (TYPE_NAME (arg_type))
3660 && !strcmp (wanted_type_name,
3661 lang_hooks.decl_printable_name (TYPE_NAME (arg_type), 2)))
3662 arg_type = TYPE_MAIN_VARIANT (arg_type);
3663
3664 indirection_suffix suffix (pointer_count);
3665 char *p = (char *) alloca (suffix.get_buffer_size ());
3666 suffix.fill_buffer (p);
3667
3668 /* WHOLE_FMT_LOC has the caret at the end of the range.
3669 Set the caret to be at the offset from TYPE. Subtract one
3670 from the offset for the same reason as in format_warning_at_char. */
3671 substring_loc fmt_loc (whole_fmt_loc);
3672 fmt_loc.set_caret_index (type->offset_loc - 1);
3673
3674 #if BUILDING_GCC_VERSION >= 9000
3675 range_label_for_format_type_mismatch fmt_label (wanted_type, arg_type,
3676 pointer_count);
3677 range_label_for_type_mismatch param_label (arg_type, wanted_type);
3678
3679 /* Get a string for use as a replacement fix-it hint for the range in
3680 fmt_loc, or NULL. */
3681 char *corrected_substring
3682 = get_corrected_substring (fmt_loc, type, arg_type, fki,
3683 offset_to_type_start, conversion_char);
3684 format_string_diagnostic_t diag (fmt_loc, &fmt_label, param_loc, &param_label,
3685 corrected_substring);
3686 # define format_warning_at_substring(a,b,c,d,e,...) \
3687 diag.emit_warning(__VA_ARGS__)
3688 #else
3689 # define format_warning_at_substring(a,b,c,d,...) \
3690 format_warning_at_substring(a,c,__VA_ARGS__)
3691 /* Get a string for use as a replacement fix-it hint for the range in
3692 fmt_loc, or NULL. */
3693 char *corrected_substring
3694 = get_corrected_substring (fmt_loc, type, arg_type, fki,
3695 offset_to_type_start, conversion_char);
3696
3697 #endif
3698
3699 if (wanted_type_name)
3700 {
3701 if (arg_type)
3702 format_warning_at_substring
3703 (fmt_loc, &fmt_label, param_loc, &param_label,
3704 corrected_substring, OPT_Wformat_,
3705 "%s %<%s%.*s%> expects argument of type %<%s%s%>, but argument %d has type %qT%s",
3706 gettext (kind_descriptions[kind]),
3707 (kind == CF_KIND_FORMAT ? "%" : ""),
3708 format_length, format_start,
3709 wanted_type_name, p, arg_num, arg_type, extra);
3710 else
3711 format_warning_at_substring
3712 (fmt_loc, &fmt_label, param_loc, &param_label,
3713 corrected_substring, OPT_Wformat_,
3714 "%s %<%s%.*s%> expects a matching %<%s%s%> argument%s",
3715 gettext (kind_descriptions[kind]),
3716 (kind == CF_KIND_FORMAT ? "%" : ""),
3717 format_length, format_start, wanted_type_name, p, extra);
3718 }
3719 else
3720 {
3721 if (arg_type)
3722 format_warning_at_substring
3723 (fmt_loc, &fmt_label, param_loc, &param_label,
3724 corrected_substring, OPT_Wformat_,
3725 "%s %<%s%.*s%> expects argument of type %<%T%s%>, but argument %d has type %qT%s",
3726 gettext (kind_descriptions[kind]),
3727 (kind == CF_KIND_FORMAT ? "%" : ""),
3728 format_length, format_start,
3729 wanted_type, p, arg_num, arg_type, extra);
3730 else
3731 format_warning_at_substring
3732 (fmt_loc, &fmt_label, param_loc, &param_label,
3733 corrected_substring, OPT_Wformat_,
3734 "%s %<%s%.*s%> expects a matching %<%T%s%> argument%s",
3735 gettext (kind_descriptions[kind]),
3736 (kind == CF_KIND_FORMAT ? "%" : ""),
3737 format_length, format_start, wanted_type, p, extra);
3738 }
3739
3740 free (corrected_substring);
3741 }
3742
3743
3744 #if 0
3745 /* Given a format_char_info array FCI, and a character C, this function
3746 returns the index into the conversion_specs where that specifier's
3747 data is located. The character must exist. */
3748 static unsigned int
3749 find_char_info_specifier_index (const format_char_info *fci, int c)
3750 {
3751 unsigned i;
3752
3753 for (i = 0; fci->format_chars; i++, fci++)
3754 if (strchr (fci->format_chars, c))
3755 return i;
3756
3757 /* We shouldn't be looking for a non-existent specifier. */
3758 gcc_unreachable ();
3759 }
3760
3761 /* Given a format_length_info array FLI, and a character C, this
3762 function returns the index into the conversion_specs where that
3763 modifier's data is located. The character must exist. */
3764 static unsigned int
3765 find_length_info_modifier_index (const format_length_info *fli, int c)
3766 {
3767 unsigned i;
3768
3769 for (i = 0; fli->name; i++, fli++)
3770 if (strchr (fli->name, c))
3771 return i;
3772
3773 /* We shouldn't be looking for a non-existent modifier. */
3774 gcc_unreachable ();
3775 }
3776 #endif
3777
3778 #ifdef TARGET_FORMAT_TYPES
3779 extern const format_kind_info TARGET_FORMAT_TYPES[];
3780 #endif
3781
3782 #ifdef TARGET_OVERRIDES_FORMAT_ATTRIBUTES
3783 extern const target_ovr_attr TARGET_OVERRIDES_FORMAT_ATTRIBUTES[];
3784 #endif
3785 #ifdef TARGET_OVERRIDES_FORMAT_INIT
3786 extern void TARGET_OVERRIDES_FORMAT_INIT (void);
3787 #endif
3788
3789 /* Attributes such as "printf" are equivalent to those such as
3790 "gnu_printf" unless this is overridden by a target. */
3791 static const target_ovr_attr gnu_target_overrides_format_attributes[] =
3792 {
3793 { NULL, NULL }
3794 };
3795
3796 /* Translate to unified attribute name. This is used in decode_format_type and
3797 decode_format_attr. In attr_name the user specified argument is passed. It
3798 returns the unified format name from TARGET_OVERRIDES_FORMAT_ATTRIBUTES
3799 or the attr_name passed to this function, if there is no matching entry. */
3800 static const char *
3801 convert_format_name_to_system_name (const char *attr_name)
3802 {
3803 int i;
3804
3805 if (attr_name == NULL || *attr_name == 0
3806 || strncmp (attr_name, "gcc_", 4) == 0)
3807 return attr_name;
3808 #ifdef TARGET_OVERRIDES_FORMAT_INIT
3809 TARGET_OVERRIDES_FORMAT_INIT ();
3810 #endif
3811
3812 #ifdef TARGET_OVERRIDES_FORMAT_ATTRIBUTES
3813 /* Check if format attribute is overridden by target. */
3814 if (TARGET_OVERRIDES_FORMAT_ATTRIBUTES != NULL
3815 && TARGET_OVERRIDES_FORMAT_ATTRIBUTES_COUNT > 0)
3816 {
3817 for (i = 0; i < TARGET_OVERRIDES_FORMAT_ATTRIBUTES_COUNT; ++i)
3818 {
3819 if (cmp_attribs (TARGET_OVERRIDES_FORMAT_ATTRIBUTES[i].named_attr_src,
3820 attr_name))
3821 return attr_name;
3822 if (cmp_attribs (TARGET_OVERRIDES_FORMAT_ATTRIBUTES[i].named_attr_dst,
3823 attr_name))
3824 return TARGET_OVERRIDES_FORMAT_ATTRIBUTES[i].named_attr_src;
3825 }
3826 }
3827 #endif
3828 /* Otherwise default to gnu format. */
3829 for (i = 0;
3830 gnu_target_overrides_format_attributes[i].named_attr_src != NULL;
3831 ++i)
3832 {
3833 if (cmp_attribs (gnu_target_overrides_format_attributes[i].named_attr_src,
3834 attr_name))
3835 return attr_name;
3836 if (cmp_attribs (gnu_target_overrides_format_attributes[i].named_attr_dst,
3837 attr_name))
3838 return gnu_target_overrides_format_attributes[i].named_attr_src;
3839 }
3840
3841 return attr_name;
3842 }
3843
3844 /* Handle a "format" attribute; arguments as in
3845 struct attribute_spec.handler. */
3846 tree
3847 handle_frr_format_attribute (tree *node, tree ARG_UNUSED (name), tree args,
3848 int flags, bool *no_add_attrs)
3849 {
3850 tree type = *node;
3851 function_format_info info;
3852
3853 /* Canonicalize name of format function. */
3854 if (TREE_CODE (TREE_VALUE (args)) == IDENTIFIER_NODE)
3855 TREE_VALUE (args) = canonicalize_attr_name (TREE_VALUE (args));
3856
3857 if (!decode_format_attr (args, &info, 0))
3858 {
3859 *no_add_attrs = true;
3860 return NULL_TREE;
3861 }
3862
3863 if (prototype_p (type))
3864 {
3865 if (!check_format_string (type, info.format_num, flags,
3866 no_add_attrs, info.format_type))
3867 return NULL_TREE;
3868
3869 if (info.first_arg_num != 0)
3870 {
3871 unsigned HOST_WIDE_INT arg_num = 1;
3872 function_args_iterator iter;
3873 tree arg_type;
3874
3875 /* Verify that first_arg_num points to the last arg,
3876 the ... */
3877 FOREACH_FUNCTION_ARGS (type, arg_type, iter)
3878 arg_num++;
3879
3880 if (arg_num != info.first_arg_num)
3881 {
3882 if (!(flags & (int) ATTR_FLAG_BUILT_IN))
3883 error ("arguments to be formatted is not %<...%>");
3884 *no_add_attrs = true;
3885 return NULL_TREE;
3886 }
3887 }
3888 }
3889
3890 /* Check if this is a strftime variant. Just for this variant
3891 FMT_FLAG_ARG_CONVERT is not set. */
3892 if ((format_types[info.format_type].flags & (int) FMT_FLAG_ARG_CONVERT) == 0
3893 && info.first_arg_num != 0)
3894 {
3895 error ("strftime formats cannot format arguments");
3896 *no_add_attrs = true;
3897 return NULL_TREE;
3898 }
3899
3900 return NULL_TREE;
3901 }
3902
3903 #if CHECKING_P
3904
3905 namespace selftest {
3906
3907 /* Selftests of location handling. */
3908
3909 /* Get the format_kind_info with the given name. */
3910
3911 static const format_kind_info *
3912 get_info (const char *name)
3913 {
3914 int idx = decode_format_type (name);
3915 const format_kind_info *fki = &format_types[idx];
3916 ASSERT_STREQ (fki->name, name);
3917 return fki;
3918 }
3919
3920 /* Verify that get_format_for_type (FKI, TYPE, CONVERSION_CHAR)
3921 is EXPECTED_FORMAT. */
3922
3923 static void
3924 assert_format_for_type_streq (const location &loc, const format_kind_info *fki,
3925 const char *expected_format, tree type,
3926 char conversion_char)
3927 {
3928 gcc_assert (fki);
3929 gcc_assert (expected_format);
3930 gcc_assert (type);
3931
3932 char *actual_format = get_format_for_type (fki, type, conversion_char);
3933 ASSERT_STREQ_AT (loc, expected_format, actual_format);
3934 free (actual_format);
3935 }
3936
3937 /* Selftests for get_format_for_type. */
3938
3939 #define ASSERT_FORMAT_FOR_TYPE_STREQ(EXPECTED_FORMAT, TYPE, CONVERSION_CHAR) \
3940 assert_format_for_type_streq (SELFTEST_LOCATION, (fki), (EXPECTED_FORMAT), \
3941 (TYPE), (CONVERSION_CHAR))
3942
3943 /* Selftest for get_format_for_type for "printf"-style functions. */
3944
3945 static void
3946 test_get_format_for_type_printf ()
3947 {
3948 const format_kind_info *fki = get_info ("gnu_printf");
3949 ASSERT_NE (fki, NULL);
3950
3951 ASSERT_FORMAT_FOR_TYPE_STREQ ("f", double_type_node, 'i');
3952 ASSERT_FORMAT_FOR_TYPE_STREQ ("Lf", long_double_type_node, 'i');
3953 ASSERT_FORMAT_FOR_TYPE_STREQ ("f", double_type_node, 'o');
3954 ASSERT_FORMAT_FOR_TYPE_STREQ ("Lf", long_double_type_node, 'o');
3955 ASSERT_FORMAT_FOR_TYPE_STREQ ("f", double_type_node, 'x');
3956 ASSERT_FORMAT_FOR_TYPE_STREQ ("Lf", long_double_type_node, 'x');
3957 ASSERT_FORMAT_FOR_TYPE_STREQ ("f", double_type_node, 'X');
3958 ASSERT_FORMAT_FOR_TYPE_STREQ ("Lf", long_double_type_node, 'X');
3959 ASSERT_FORMAT_FOR_TYPE_STREQ ("d", integer_type_node, 'd');
3960 ASSERT_FORMAT_FOR_TYPE_STREQ ("i", integer_type_node, 'i');
3961 ASSERT_FORMAT_FOR_TYPE_STREQ ("o", integer_type_node, 'o');
3962 ASSERT_FORMAT_FOR_TYPE_STREQ ("x", integer_type_node, 'x');
3963 ASSERT_FORMAT_FOR_TYPE_STREQ ("X", integer_type_node, 'X');
3964 ASSERT_FORMAT_FOR_TYPE_STREQ ("d", unsigned_type_node, 'd');
3965 ASSERT_FORMAT_FOR_TYPE_STREQ ("i", unsigned_type_node, 'i');
3966 ASSERT_FORMAT_FOR_TYPE_STREQ ("o", unsigned_type_node, 'o');
3967 ASSERT_FORMAT_FOR_TYPE_STREQ ("x", unsigned_type_node, 'x');
3968 ASSERT_FORMAT_FOR_TYPE_STREQ ("X", unsigned_type_node, 'X');
3969 ASSERT_FORMAT_FOR_TYPE_STREQ ("ld", long_integer_type_node, 'd');
3970 ASSERT_FORMAT_FOR_TYPE_STREQ ("li", long_integer_type_node, 'i');
3971 ASSERT_FORMAT_FOR_TYPE_STREQ ("lx", long_integer_type_node, 'x');
3972 ASSERT_FORMAT_FOR_TYPE_STREQ ("lo", long_unsigned_type_node, 'o');
3973 ASSERT_FORMAT_FOR_TYPE_STREQ ("lx", long_unsigned_type_node, 'x');
3974 ASSERT_FORMAT_FOR_TYPE_STREQ ("lld", long_long_integer_type_node, 'd');
3975 ASSERT_FORMAT_FOR_TYPE_STREQ ("lli", long_long_integer_type_node, 'i');
3976 ASSERT_FORMAT_FOR_TYPE_STREQ ("llo", long_long_unsigned_type_node, 'o');
3977 ASSERT_FORMAT_FOR_TYPE_STREQ ("llx", long_long_unsigned_type_node, 'x');
3978 ASSERT_FORMAT_FOR_TYPE_STREQ ("s", build_pointer_type (char_type_node), 'i');
3979 }
3980
3981 /* Selftest for get_format_for_type for "scanf"-style functions. */
3982
3983 static void
3984 test_get_format_for_type_scanf ()
3985 {
3986 const format_kind_info *fki = get_info ("gnu_scanf");
3987 ASSERT_NE (fki, NULL);
3988 ASSERT_FORMAT_FOR_TYPE_STREQ ("d", build_pointer_type (integer_type_node), 'd');
3989 ASSERT_FORMAT_FOR_TYPE_STREQ ("u", build_pointer_type (unsigned_type_node), 'u');
3990 ASSERT_FORMAT_FOR_TYPE_STREQ ("ld",
3991 build_pointer_type (long_integer_type_node), 'd');
3992 ASSERT_FORMAT_FOR_TYPE_STREQ ("lu",
3993 build_pointer_type (long_unsigned_type_node), 'u');
3994 ASSERT_FORMAT_FOR_TYPE_STREQ
3995 ("lld", build_pointer_type (long_long_integer_type_node), 'd');
3996 ASSERT_FORMAT_FOR_TYPE_STREQ
3997 ("llu", build_pointer_type (long_long_unsigned_type_node), 'u');
3998 ASSERT_FORMAT_FOR_TYPE_STREQ ("e", build_pointer_type (float_type_node), 'e');
3999 ASSERT_FORMAT_FOR_TYPE_STREQ ("le", build_pointer_type (double_type_node), 'e');
4000 }
4001
4002 #undef ASSERT_FORMAT_FOR_TYPE_STREQ
4003
4004 /* Exercise the type-printing label code, to give some coverage
4005 under "make selftest-valgrind" (in particular, to ensure that
4006 the label-printing machinery doesn't leak). */
4007
4008 static void
4009 test_type_mismatch_range_labels ()
4010 {
4011 /* Create a tempfile and write some text to it.
4012 ....................0000000001 11111111 12 22222222
4013 ....................1234567890 12345678 90 12345678. */
4014 const char *content = " printf (\"msg: %i\\n\", msg);\n";
4015 temp_source_file tmp (SELFTEST_LOCATION, ".c", content);
4016 line_table_test ltt;
4017
4018 linemap_add (line_table, LC_ENTER, false, tmp.get_filename (), 1);
4019
4020 location_t c17 = linemap_position_for_column (line_table, 17);
4021 ASSERT_EQ (LOCATION_COLUMN (c17), 17);
4022 location_t c18 = linemap_position_for_column (line_table, 18);
4023 location_t c24 = linemap_position_for_column (line_table, 24);
4024 location_t c26 = linemap_position_for_column (line_table, 26);
4025
4026 /* Don't attempt to run the tests if column data might be unavailable. */
4027 if (c26 > LINE_MAP_MAX_LOCATION_WITH_COLS)
4028 return;
4029
4030 location_t fmt = make_location (c18, c17, c18);
4031 ASSERT_EQ (LOCATION_COLUMN (fmt), 18);
4032
4033 location_t param = make_location (c24, c24, c26);
4034 ASSERT_EQ (LOCATION_COLUMN (param), 24);
4035
4036 range_label_for_format_type_mismatch fmt_label (char_type_node,
4037 integer_type_node, 1);
4038 range_label_for_type_mismatch param_label (integer_type_node,
4039 char_type_node);
4040 gcc_rich_location richloc (fmt, &fmt_label);
4041 richloc.add_range (param, SHOW_RANGE_WITHOUT_CARET, &param_label);
4042
4043 test_diagnostic_context dc;
4044 diagnostic_show_locus (&dc, &richloc, DK_ERROR);
4045 if (c_dialect_cxx ())
4046 /* "char*", without a space. */
4047 ASSERT_STREQ ("\n"
4048 " printf (\"msg: %i\\n\", msg);\n"
4049 " ~^ ~~~\n"
4050 " | |\n"
4051 " char* int\n",
4052 pp_formatted_text (dc.printer));
4053 else
4054 /* "char *", with a space. */
4055 ASSERT_STREQ ("\n"
4056 " printf (\"msg: %i\\n\", msg);\n"
4057 " ~^ ~~~\n"
4058 " | |\n"
4059 " | int\n"
4060 " char *\n",
4061 pp_formatted_text (dc.printer));
4062 }
4063
4064 /* Run all of the selftests within this file. */
4065
4066 void
4067 c_format_c_tests ()
4068 {
4069 test_get_modifier_for_format_len ();
4070 test_get_format_for_type_printf ();
4071 test_get_format_for_type_scanf ();
4072 test_type_mismatch_range_labels ();
4073 }
4074
4075 } // namespace selftest
4076
4077 #endif /* CHECKING_P */
4078
4079 // include "gt-c-family-c-format.h"
4080
4081 static const struct attribute_spec frr_format_attribute_table[] =
4082 {
4083 /* { name, min_len, max_len, decl_req, type_req, fn_type_req,
4084 affects_type_identity, handler, exclude } */
4085 { "frr_format", 3, 3, false, true, true, false,
4086 handle_frr_format_attribute, NULL },
4087 { "frr_format_arg", 1, 1, false, true, true, false,
4088 handle_frr_format_arg_attribute, NULL },
4089 { NULL, 0, 0, false, false, false, false, NULL, NULL }
4090 };
4091
4092 static void
4093 register_attributes (void *event_data, void *data)
4094 {
4095 // warning (0, G_("Callback to register attributes"));
4096 register_attribute (frr_format_attribute_table);
4097 }
4098
4099 tree
4100 cb_walk_tree_fn (tree * tp, int * walk_subtrees, void * data ATTRIBUTE_UNUSED)
4101 {
4102 if (TREE_CODE (*tp) != CALL_EXPR)
4103 return NULL_TREE;
4104
4105 tree call_expr = *tp;
4106
4107 int nargs = call_expr_nargs(call_expr);
4108 tree fn = CALL_EXPR_FN(call_expr);
4109
4110 if (!fn || TREE_CODE (fn) != ADDR_EXPR)
4111 return NULL_TREE;
4112
4113 tree fndecl = TREE_OPERAND (fn, 0);
4114 if (TREE_CODE (fndecl) != FUNCTION_DECL)
4115 return NULL_TREE;
4116
4117 #if 0
4118 warning (0, G_("function call to %s, %d args"),
4119 IDENTIFIER_POINTER (DECL_NAME (fndecl)),
4120 nargs);
4121 #endif
4122
4123 tree *fargs = (tree *) alloca (nargs * sizeof (tree));
4124
4125 for (int j = 0; j < nargs; j++)
4126 {
4127 tree arg = CALL_EXPR_ARG(call_expr, j);
4128
4129 /* For -Wformat undo the implicit passing by hidden reference
4130 done by convert_arg_to_ellipsis. */
4131 if (TREE_CODE (arg) == ADDR_EXPR
4132 && TREE_CODE (TREE_TYPE (arg)) == REFERENCE_TYPE)
4133 fargs[j] = TREE_OPERAND (arg, 0);
4134 else
4135 fargs[j] = arg;
4136 }
4137
4138 check_function_format (TYPE_ATTRIBUTES (TREE_TYPE (fndecl)), nargs, fargs, NULL);
4139 return NULL_TREE;
4140 }
4141
4142 static void
4143 setup_type (const char *name, tree *dst)
4144 {
4145 tree tmp;
4146
4147 if (*dst && *dst != void_type_node)
4148 return;
4149
4150 *dst = maybe_get_identifier (name);
4151 if (!*dst)
4152 return;
4153
4154 tmp = identifier_global_value (*dst);
4155 if (tmp && TREE_CODE (tmp) != TYPE_DECL)
4156 {
4157 warning (0, "%qs is not defined as a type", name);
4158 *dst = NULL;
4159 return;
4160 }
4161 if (tmp && TREE_CODE (tmp) == TYPE_DECL)
4162 *dst = tmp;
4163 else
4164 *dst = NULL;
4165 }
4166
4167 static void
4168 handle_finish_parse (void *event_data, void *data)
4169 {
4170 tree fndecl = (tree) event_data;
4171 gcc_assert (TREE_CODE (fndecl) == FUNCTION_DECL);
4172
4173 setup_type ("uint64_t", &local_uint64_t_node);
4174 setup_type ("int64_t", &local_int64_t_node);
4175
4176 setup_type ("size_t", &local_size_t_node);
4177 setup_type ("ssize_t", &local_ssize_t_node);
4178 setup_type ("atomic_size_t", &local_atomic_size_t_node);
4179 setup_type ("atomic_ssize_t", &local_atomic_ssize_t_node);
4180 setup_type ("ptrdiff_t", &local_ptrdiff_t_node);
4181
4182 setup_type ("pid_t", &local_pid_t_node);
4183 setup_type ("uid_t", &local_uid_t_node);
4184 setup_type ("gid_t", &local_gid_t_node);
4185 setup_type ("time_t", &local_time_t_node);
4186
4187 setup_type ("socklen_t", &local_socklen_t_node);
4188 setup_type ("in_addr_t", &local_in_addr_t_node);
4189
4190 const format_char_info *fci;
4191
4192 for (fci = print_char_table; fci->format_chars; fci++)
4193 {
4194 if (!fci->kernel_ext)
4195 continue;
4196
4197 struct kernel_ext_fmt *etab = fci->kernel_ext;
4198 struct kernel_ext_fmt *etab_end = etab + ETAB_SZ;
4199
4200 for (; etab->suffix && etab < etab_end; etab++)
4201 {
4202 tree identifier, node;
4203
4204 if (etab->type && etab->type != void_type_node)
4205 continue;
4206
4207 identifier = maybe_get_identifier (etab->type_str);
4208
4209 if (!identifier || identifier == error_mark_node)
4210 continue;
4211
4212 if (etab->type_code)
4213 {
4214 node = identifier_global_tag (identifier);
4215 if (!node)
4216 continue;
4217
4218 if (node->base.code != etab->type_code)
4219 {
4220 if (!etab->warned)
4221 {
4222 warning (0, "%qs tag category (struct/union/enum) mismatch", etab->type_str);
4223 etab->warned = true;
4224 }
4225 continue;
4226 }
4227 }
4228 else
4229 {
4230 node = identifier_global_value (identifier);
4231 if (!node)
4232 continue;
4233
4234 if (TREE_CODE (node) != TYPE_DECL)
4235 {
4236 if (!etab->warned)
4237 {
4238 warning (0, "%qs is defined as a non-type", etab->type_str);
4239 etab->warned = true;
4240 }
4241 continue;
4242 }
4243 node = TREE_TYPE (node);
4244
4245 if (etab->t_unsigned)
4246 node = c_common_unsigned_type (node);
4247 else if (etab->t_signed)
4248 node = c_common_signed_type (node);
4249 }
4250
4251 etab->type = node;
4252 }
4253 }
4254
4255 walk_tree (&DECL_SAVED_TREE (fndecl), cb_walk_tree_fn, NULL, NULL);
4256 }
4257
4258 static void
4259 handle_pragma_printfrr_ext (cpp_reader *dummy)
4260 {
4261 tree token = 0;
4262 location_t loc;
4263 enum cpp_ttype ttype;
4264
4265 ttype = pragma_lex (&token, &loc);
4266 if (ttype != CPP_STRING)
4267 {
4268 error_at (loc, "%<#pragma FRR printfrr_ext%> requires string argument");
4269 return;
4270 }
4271
4272 const char *s = TREE_STRING_POINTER (token);
4273
4274 if (s[0] != '%')
4275 {
4276 error_at (loc, "%<#pragma FRR printfrr_ext%>: invalid format string, needs to start with '%%'");
4277 return;
4278 }
4279
4280 switch (s[1])
4281 {
4282 case 'p':
4283 case 'd':
4284 case 'i':
4285 break;
4286 default:
4287 error_at (loc, "%<#pragma FRR printfrr_ext%>: invalid format string, needs to be %%p, %%d or %%i");
4288 return;
4289 }
4290
4291 const format_char_info *fci;
4292
4293 for (fci = print_char_table; fci->format_chars; fci++)
4294 if (strchr (fci->format_chars, s[1]))
4295 break;
4296
4297 gcc_assert (fci->format_chars);
4298 gcc_assert (fci->kernel_ext);
4299
4300 struct kernel_ext_fmt *etab = fci->kernel_ext;
4301 struct kernel_ext_fmt *etab_end = etab + ETAB_SZ;
4302
4303 switch (s[2])
4304 {
4305 case 'A' ... 'Z':
4306 break;
4307
4308 default:
4309 error_at (loc, "%<#pragma FRR printfrr_ext%>: invalid format string, suffix must start with an uppercase letter");
4310 return;
4311 }
4312
4313 /* -2 -- need to keep the sentinel at the end */
4314 if (etab[ETAB_SZ - 2].suffix)
4315 {
4316 error_at (loc, "%<#pragma FRR printfrr_ext%>: out of space for format suffixes");
4317 return;
4318 }
4319
4320 for (; etab->suffix && etab < etab_end; etab++)
4321 {
4322 if (!strcmp(s + 2, etab->suffix))
4323 {
4324 memmove (etab + 1, etab, (etab_end - etab - 1) * sizeof (*etab));
4325
4326 if (0)
4327 {
4328 warning_at (loc, OPT_Wformat_,
4329 "%<#pragma FRR printfrr_ext%>: duplicate printf format suffix %qs", s);
4330 warning_at (etab->origin_loc, OPT_Wformat_,
4331 "%<#pragma FRR printfrr_ext%>: previous definition was here");
4332 return;
4333 }
4334
4335 break;
4336 }
4337
4338 if (!strncmp(s + 2, etab->suffix, MIN(strlen(s + 2), strlen(etab->suffix))))
4339 {
4340 warning_at (loc, OPT_Wformat_,
4341 "%<#pragma FRR printfrr_ext%>: overlapping printf format suffix %qs", s);
4342 warning_at (etab->origin_loc, OPT_Wformat_,
4343 "%<#pragma FRR printfrr_ext%>: previous definition for %<%%%c%s%> was here", s[1], etab->suffix);
4344 return;
4345 }
4346 }
4347
4348 gcc_assert (etab < etab_end);
4349
4350 memset (etab, 0, sizeof (*etab));
4351 etab->suffix = xstrdup(s + 2);
4352 etab->origin_loc = loc;
4353 etab->type = void_type_node;
4354
4355 ttype = pragma_lex (&token, &loc);
4356 if (ttype != CPP_OPEN_PAREN)
4357 {
4358 error_at (loc, "%<#pragma FRR printfrr_ext%> expected %<(%>");
4359 goto out_drop;
4360 }
4361
4362 ttype = pragma_lex (&token, &loc);
4363
4364 /* qualifiers */
4365 while (ttype == CPP_NAME)
4366 {
4367 if (!strcmp (IDENTIFIER_POINTER (token), "const"))
4368 etab->t_const = true;
4369 else if (!strcmp (IDENTIFIER_POINTER (token), "signed"))
4370 etab->t_signed = true;
4371 else if (!strcmp (IDENTIFIER_POINTER (token), "unsigned"))
4372 etab->t_unsigned = true;
4373 else
4374 break;
4375
4376 ttype = pragma_lex (&token, &loc);
4377 }
4378
4379 /* tagged types */
4380 if (ttype == CPP_NAME && !strcmp (IDENTIFIER_POINTER (token), "struct"))
4381 {
4382 etab->type_code = RECORD_TYPE;
4383 ttype = pragma_lex (&token, &loc);
4384 }
4385 else if (ttype == CPP_NAME && !strcmp (IDENTIFIER_POINTER (token), "union"))
4386 {
4387 etab->type_code = UNION_TYPE;
4388 ttype = pragma_lex (&token, &loc);
4389 }
4390 else if (ttype == CPP_NAME && !strcmp (IDENTIFIER_POINTER (token), "enum"))
4391 {
4392 etab->type_code = ENUMERAL_TYPE;
4393 ttype = pragma_lex (&token, &loc);
4394 }
4395
4396 /* type name */
4397 if (ttype != CPP_NAME)
4398 {
4399 error_at (loc, "%<#pragma FRR printfrr_ext%>: expected typename identifier");
4400 goto out_drop;
4401 }
4402
4403 etab->type_str = xstrdup (IDENTIFIER_POINTER (token));
4404
4405 while ((ttype = pragma_lex (&token, &loc)) != CPP_CLOSE_PAREN)
4406 {
4407 switch (ttype) {
4408 case CPP_NAME:
4409 error_at (loc, "%<#pragma FRR printfrr_ext%>: unexpected identifier. Note the only supported qualifier is %<const%>");
4410 goto out_drop;
4411
4412 case CPP_MULT:
4413 etab->ptrlevel++;
4414 break;
4415
4416 case CPP_EOF:
4417 error_at (loc, "%<#pragma FRR printfrr_ext%>: premature end of line, missing %<)%>");
4418 goto out_drop;
4419
4420 default:
4421 error_at (loc, "%<#pragma FRR printfrr_ext%>: unsupported token");
4422 goto out_drop;
4423 }
4424 }
4425
4426 ttype = pragma_lex (&token, &loc);
4427 if (ttype != CPP_EOF)
4428 warning_at (loc, OPT_Wformat_,
4429 "%<#pragma FRR printfrr_ext%>: garbage at end of line");
4430
4431 return;
4432
4433 out_drop:
4434 memset (etab, 0, sizeof (*etab));
4435 }
4436
4437 static void
4438 register_pragma_printfrr_ext (void *event_data, void *data)
4439 {
4440 c_register_pragma_with_expansion ("FRR", "printfrr_ext", handle_pragma_printfrr_ext);
4441 }
4442
4443 static void
4444 define_vars (void *gcc_data, void *user_data)
4445 {
4446 cpp_define (parse_in, "_FRR_ATTRIBUTE_PRINTFRR=0x10000");
4447 }
4448
4449 #ifndef __visible
4450 #define __visible __attribute__((visibility("default")))
4451 #endif
4452
4453 __visible int plugin_is_GPL_compatible;
4454
4455 __visible int
4456 plugin_init (struct plugin_name_args *plugin_info,
4457 struct plugin_gcc_version *version)
4458 {
4459 const char *plugin_name = plugin_info->base_name;
4460
4461 if (!plugin_default_version_check(version, &gcc_version))
4462 {
4463 error(G_("incompatible gcc/plugin versions"));
4464 return 1;
4465 }
4466
4467 memset (ext_p, 0, sizeof (ext_p));
4468 memset (ext_d, 0, sizeof (ext_d));
4469
4470 register_callback (plugin_name, PLUGIN_FINISH_PARSE_FUNCTION, handle_finish_parse, NULL);
4471 register_callback (plugin_name, PLUGIN_ATTRIBUTES, register_attributes, NULL);
4472 register_callback (plugin_name, PLUGIN_START_UNIT, define_vars, NULL);
4473 register_callback (plugin_name, PLUGIN_PRAGMAS, register_pragma_printfrr_ext, NULL);
4474 return 0;
4475 }
FRRouting mirror