| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This patch corrects a problem in the compiler whereby the determination of
scope levels during the generation of accessibility checks for function calls
within range constraints leads to a compiler crash due to the type not being
fully analyzed at the point in which its scope depth must be obtained.
gcc/ada/
* sem_util.adb
(Innermost_Master_Scope_Depth): Detect and handle case where scope
depth is not set on an enclosing scope.
|
|
On the host-side, the binder now generates CUDA_Execute pragmas to
invoke initialization and finalization on the device-side. The
front end's expansion of these pragmas includes references to
entities declared in package CUDA.Internal. Generate a with-clause so
that unit will be available.
gcc/ada/
* bindgen.adb: When the binder is invoked for the host, generate a
"with CUDA.Internal;" with clause.
|
|
The list of junk entity names for which warnings are suppressed has been
recently modified, so update the documentation accordingly.
gcc/ada/
* doc/gnat_rm/implementation_defined_pragmas.rst
(Pragma Unreferenced): Sync description with
Sem_Warn.Has_Junk_Name routine.
* gnat_rm.texi: Regenerate.
* gnat_ugn.texi: Regenerate.
|
|
Attribute Valid_Scalars applied to prefix with an unchecked union
component causes a legitimate crash in the backend. It was already
rejected in the frontend for prefixes of a public type; now it is
rejected in the frontend regardless of the type privacy.
gcc/ada/
* sem_attr.adb (Analyze_Attribute [Valid_Scalars]): Move check for
unchecked union before checks for private and public types.
|
|
Use switches (one already existing, one newly added here) to indicate to
the binder that CUDA support code is to be generated for either the
host side or for the device side. Add an invocation of Adainit on the
device side from Adainit on the host side; similarly for Adafinal.
gcc/ada/
* bindgen.adb: When the binder is invoked for the host, it
declares imported subprograms corresponding to the Adainit and
Adafinal routines on the device. Declare string constants and
expression functions for the Ada source names and the link names
of these routines. Generate these subprogram declarations (and
accompanying Import pragmas) in Gen_CUDA_Defs. Generate
CUDA_Execute pragmas to call these subprograms from the host in
Gen_Adafinal and Gen_CUDA_Init. When the binder is invoked for the
device, include a CUDA_Global aspect declaration in the
declarations of Adainit and Adafinal and use the aforementioned
link names in the Export pragmas generated for those two routines.
* debug.adb: Update comments about "d_c" and "d_d" switches.
* opt.ads: Declare new Boolean variable,
Enable_CUDA_Device_Expansion. This complements the existing
Enable_CUDA_Expansion variable, which is used to enable host-side
CUDA expansion. The new variable enables device-side CUDA
expansion. It is currently never set during compilation; it is
only set via a binder switch.
* switch-b.adb
(scan_debug_switches): Add new use of the "-d_d" binder switch.
The new switch and the variable Opt.Enabled_CUDA_Device_Expansion
follow the existing pattern of the "-d_c" switch and the variable
Opt.Enabled_CUDA_Expansion. Flag error if both "-d_c" and "-d_d"
are specified.
|
|
In the case of a function, the new expansion of contracts makes use of an
extended return statement to store the result of the function in the return
object while the post-conditions are evaluated.
Unfortunately GNAT does not elide the copy of the return object for extended
return statements for the time being, so this scheme incurs an extra copy of
the return value on the primary or secondary stack, as well as an additional
pair of calls to Adjust/Finalize when the return type needs finalization.
This temporarily changes the expansion to use a block statement containing a
renaming, which does not incur the extra copy provided that it is manually
adjusted to be recognized by the existing "tail call" optimization present
in the Expand_Simple_Function_Return routine.
gcc/ada/
* contracts.adb (uild_Subprogram_Contract_Wrapper): Remove useless
local variable. In the case of a function, replace the extended
return statement by a block statement declaring a renaming of the
call to the local subprogram after removing side effects manually.
(Expand_Subprogram_Contract): Adjust description accordingly.
* exp_ch6.adb (Expand_Ctrl_Function_Call): Rewrite obsolete
comment and do not apply the transformation twice.
* sem_attr.adb (Analyze_Attribute_Old_Result): Now expect a block
statement instead of an extended return statement.
|
|
For error messages with inserted names that include acronyms like SPARK
or CPP, we want to preserve the casing. The list of special-cased named
is currently the same as in gnatpp.
gcc/ada/
* erroutc.adb (Set_Msg_Insertion_Name): Special-case printing with
acronyms.
|
|
Branch is determined as dead following a test always False by
CodePeer analysis, which is incorrect. Justify this false alarm
with an appropriate pragma Annotate.
gcc/ada/
* libgnat/s-imagei.adb (Image_Integer): Add justification.
|
|
Code cleanup; semantics is unaffected.
gcc/ada/
* sem_prag.adb (Get_SPARK_Mode_Type): Fix header box; replace
chained IF with a CASE statement.
|
|
An explicit value of Auto is now accepted for a configuration pragma
SPARK_Mode, as a way to exempt a unit from complete adherence to
SPARK rules when using a global configuration pragma file where
SPARK_Mode=>On is specified.
gcc/ada/
* sem_prag.adb (Analyze_Pragma): Accept SPARK_Mode=>Auto as
configuration pragma.
(Get_SPARK_Mode): Make the value for Auto explicit.
* snames.ads-tmpl (Name_Auto): Add name.
|
|
This patch removes documentation on the SPARK containers,
now under the spark2014 repository.
gcc/ada/
* doc/gnat_rm/the_gnat_library.rst: Remove paragraphs about SPARK
containers.
* gnat_rm.texi, gnat_ugn.texi: Regenerate.
|
|
SPARK does not allow code insertions. This applies also to
calls to Asm intrinsics defined in System.Machine_Code.
gcc/ada/
* libgnat/s-maccod.ads: Mark package as SPARK_Mode Off.
|
|
gcc/ada/
* fe.h (Unnest_Subprogram_Mode): Declare.
|
|
Prevent the compiler from failing with an internal error in some cases involving
an instance of a generic which takes as a formal parameter an instance of a
second generic, where the second generic has an Initial_Condition aspect
specification.
gcc/ada/
* contracts.adb
(Analyze_Package_Contract): Do not analyze the contract of a
temporary package created just to check conformance of an actual
package.
|
|
The SPARK containers are now maintained under the spark2014 repository.
This change replaces the implementation of SPARK containers by a
pragma Compile_Time_Error, pointing the users WITHing the libraries
to their new location.
gcc/ada/
* Makefile.rtl: Remove SPARK containers filenames.
* impunit.adb: Remove SPARK containers packages names.
* libgnat/a-cfdlli.adb, libgnat/a-cfdlli.ads: Remove content and
add pragma Compile_Time_Error with suitable message.
* libgnat/a-cfhama.adb, libgnat/a-cfhama.ads: Likewise.
* libgnat/a-cfhase.adb, libgnat/a-cfhase.ads: Likewise.
* libgnat/a-cfidll.adb, libgnat/a-cfidll.ads: Likewise.
* libgnat/a-cfinse.adb, libgnat/a-cfinse.ads: Likewise.
* libgnat/a-cfinve.adb, libgnat/a-cfinve.ads: Likewise.
* libgnat/a-cforma.adb, libgnat/a-cforma.ads: Likewise.
* libgnat/a-cforse.adb, libgnat/a-cforse.ads: Likewise.
* libgnat/a-cofove.adb, libgnat/a-cofove.ads: Likewise.
* libgnat/a-cofuma.adb, libgnat/a-cofuma.ads: Likewise.
* libgnat/a-cofuse.adb, libgnat/a-cofuse.ads: Likewise.
* libgnat/a-cofuve.adb, libgnat/a-cofuve.ads: Likewise.
* libgnat/a-cofuba.adb, libgnat/a-cofuba.ads: Remove package.
gcc/testsuite/
* gnat.dg/aspect2.adb: Removed.
* gnat.dg/aspect2.ads: Removed.
* gnat.dg/config_pragma1.adb: Removed.
* gnat.dg/config_pragma1_pkg.ads: Removed.
* gnat.dg/equal8.adb: Removed.
* gnat.dg/equal8.ads: Removed.
* gnat.dg/equal8_pkg.ads: Removed.
* gnat.dg/formal_containers.adb: Removed.
* gnat.dg/iter1.adb: Removed.
* gnat.dg/iter1.ads: Removed.
|
|
Prefix of attribute Old is captured either as an object renaming or as
an object declaration. This is now taken into account when applying
validity checks.
gcc/ada/
* exp_attr.adb (Expand_N_Attribute_Reference [Attribute_Old]):
Adapt to object declaration being rewritten into object renaming.
|
|
This patch modifies the expansion of contracts such that the statements
and declarations of a subprogram with post-execution checks get moved to
a local internally generated subprogram which the original subprogram
calls directly followed by the required post-execution checks.
This differs from the current implementation which requires delicate
machinary which coordinates with the finalization process to emulate the
desired behavior within the "at end" procedure.
gcc/ada/
* contracts.adb, contracts.ads
(Analyze_Pragmas_In_Declarations): Added to aid in the new
expansion model so that pragmas relating to contracts can get
processed early before the rest of the subprogram containing them.
(Build_Subprogram_Contract_Wrapper): Created to do the majority of
expansion for postconditions. It builds a local wrapper with the
statements and declarations within a given subprogram.
(Is_Prologue_Renaming): Moved out from Process_Preconditions to be
used generally within the contracts package.
(Build_Entry_Contract_Wrapper): Moved from exp_ch7.
(Expand_Subprogram_Contract): Add new local variable Decls to
store expanded declarations needed for evaluation of contracts.
Call new wrapper building procedure and modify comments to match
new expansion model.
(Get_Postcond_Enabled): Deleted.
(Get_Result_Object_For_Postcond): Deleted.
(Get_Return_Success_For_Postcond): Deleted.
(Process_Contract_Cases): Add new parameter to store declarations.
(Process_Postconditions): Add new parameter to store declarations.
(Process_Preconditions): Add new parameter to store declarations.
Add code to move entry-call prologue renamings
* einfo.ads: Document new field Wrapped_Statements and modify
comment for Postconditions_Proc.
* exp_attr.adb
(Analyze_Attribute): Modify expansion of the 'Old attribute to
recognize new expansion model and use Wrapped_Statements instead
of Postconditions_Proc.
* exp_ch6.adb
(Add_Return): Remove special expansion for postconditions.
(Expand_Call): Modify condition checking for calls to access
subprogram wrappers to handle new expansion models.
(Expand_Call_Helper): Remove special expansion for postconditions.
(Expand_Non_Function_Return): Remove special expansion for
postconditions.
(Expand_Simple_Function_Return): Remove special expansion for
postconditions.
* exp_ch7.adb
(Build_Finalizer): Deleted, but replaced by code in
Build_Finalizer_Helper
(Build_Finalizer_Helper): Renamed to Build_Finalizer, and special
handling of 'Old objects removed.
* exp_ch9.adb
(Build_Contract_Wrapper): Renamed and moved to contracts package.
* exp_prag.adb
(Expand_Pragma_Contract_Cases): Delay analysis of contracts since
they now instead get analyzed as part of the wrapper generation
instead of after analysis of their corresponding subprogram's
body.
(Expand_Pragma_Check): Label expanded if-statements which come
from the expansion of assertion statements as
Comes_From_Check_Or_Contract.
* freeze.adb
(Freeze_Entity): Add special case to avoid freezing when a freeze
node gets generated as part of the expansion of a postcondition
check.
* gen_il-gen-gen_nodes.adb: Add new flag
Comes_From_Check_Or_Contract.
* gen_il-fields.ads: Add new field Wrapped_Statements. Add new
flag Comes_From_Check_Or_Contract.
* gen_il-gen-gen_entities.adb: Add new field Wrapped_Statements.
* ghost.adb
(Is_OK_Declaration): Replace Name_uPostconditions with
Name_uWrapped_Statements.
(Is_OK_Statement): Simplify condition due to the loss of
Original_Node as a result of the new expansion model of contracts
and use new flag Comes_From_Check_Or_Contract in its place.
* inline.adb
(Declare_Postconditions_Result): Replace Name_uPostconditions with
Name_uWrapped_Statements.
(Expand_Inlined_Call): Replace Name_uPostconditions with
Name_uWrapped_Statements.
* lib.adb, lib.ads
(ipu): Created to aid in debugging.
* lib-xref.adb
(Generate_References): Remove special handling for postcondition
procedures.
* sem_attr.adb
(Analyze_Attribute_Old_Result): Add new context in which 'Old can
appear due to the changes in expansion. Replace
Name_uPostconditions with Name_uWrapped_Statements.
(Result): Replace Name_uPostconditions with
Name_uWrapped_Statements.
* sem_ch11.adb
(Analyze_Handled_Statements): Remove check to exclude warnings on
useless assignments within postcondition procedures since
postconditions no longer get isolated into separate subprograms.
* sem_ch6.adb
(Analyze_Generic_Subprogram_Body): Modify expansion of generic
subprogram bodies so that contracts (and their associated pragmas)
get analyzed first.
(Analyze_Subprogram_Body_Helper): Remove global HSS variable due
to the HSS of the body potentially changing during the expansion
of contracts. In cases where it was used instead directly call
Handled_Statement_Sequence. Modify expansion of subprogram bodies
so that contracts (and their associated pragmas) get analyzed
first.
(Check_Missing_Return): Create local HSS variable instead of using
a global one.
(Move_Pragmas): Use new pragma table instead of an explicit list.
* sem_elab.adb
(Is_Postconditions_Proc): Deleted since the new scheme of
expansion no longer divides postcondition checks to a separate
subprogram and so cannot be easily identified (similar to
pre-condition checks).
(Info_Call): Remove info printing for _Postconditions subprograms.
(Is_Assertion_Pragma_Target): Remove check for postconditions
procedure
(Is_Bridge_Target): Remove check for postconditions procedure.
(Get_Invocation_Attributes): Remove unneeded local variables and
check for postconditions procedure.
(Output_Call): Remove info printing for _Postconditions
subprograms.
* sem_prag.adb, sem_prag.ads: Add new Pragma table for pragmas
significant to subprograms, along with tech-debt comment.
(Check_Arg_Is_Local_Name): Modified to recognize the new
_Wrapped_Statements internal subprogram and the new expansion
model.
(Relocate_Pragmas_To_Body): Replace Name_uPostconditions with
Name_uWrapped_Statements.
* sem_res.adb
(Resolve_Entry_Call): Add conditional to detect both contract
based wrappers of entries, but also wrappers generated as part of
general contract expansion (e.g. local postconditions
subprograms).
* sem_util.adb
(Accessibility_Level): Verify 'Access is not taken based on a
component of a function result.
(Has_Significant_Contracts): Replace Name_uPostconditions with
Name_uWrapped_Statements.
(Same_Or_Aliased_Subprogram): Add conditional to detect and obtain
the original subprogram based on the new concept of
"postcondition" wrappers.
* sinfo.ads: Add documentation for new flag
Comes_From_Check_Or_Contract.
* snames.ads-tmpl: Remove Name_uPostconditions and add
Name_uWrapped_Statements
|
|
The pass would traverse generic subprogram bodies, which are not expanded,
thus stumbling on unexpected nodes.
gcc/ada/
* exp_unst.adb (Unnest_Subprograms.Search_Subprograms): Skip the
subprogram bodies that are not to be unnested.
|
|
Check for the case where a user writes "in" instead of "of" in an
aggregate like "[for E in Some_Array when Some_Filter (E) => E]".
gcc/ada/
* sem_aggr.adb
(Resolve_Array_Aggregate): Generate an appropriate error message
in the case where an error in the source code leads to an
N_Iterated_Element_Association node in a bad context.
|
|
gcc/ada/
* sem_ch4.adb
(Analyze_Selected_Component): Initialize the local variable Comp
to avoid having CodePeer generate an uninitialized variable
warning.
|
|
The -gnatX switch enables naming a prefixed view of a subprogram with an
untagged prefix. Compiling such a reference where the prefix is of a modular
type could result in an internal compiler error.
gcc/ada/
* sem_ch4.adb
(Analyze_Selected_Component): Avoid initializing the local
variable Comp if the variable is not going to be subsequently
referenced. This is a correctness issue because the call to
First_Entity can fail.
|
|
Allow the Lock_Free aspect of a protected type to be True (but only by
explicit specification) if Ceiling_Locking locking policy has been specified.
Clarify that the Lock_Free aspect takes precedence over the Ceiling_Locking
policy in that case.
gcc/ada/
* sem_ch9.adb
(Satisfies_Lock_Free_Requirements): If Ceiling_Locking locking
policy has been specified, then either return False (if Lock_Free
was not explicitly specified) or generate a warning that ceiling
locking will not be implemented for this protected unit (if
Lock_Free was explicitly specified). Generate an error message (in
addition to returning False) if an explicit Lock_Free aspect
specification is rejected because atomic primitives are not
supported on the given target.
* doc/gnat_rm/implementation_defined_pragmas.rst: Clarify that the
Lock_Free aspect for a protected unit takes precedence over the
Ceiling_Locking locking policy in the case where both apply.
* gnat_rm.texi: Regenerate.
|
|
This occurs because protected subprograms are not translated directly into
object code but first rewritten as a pair of subprograms by the front-end.
gcc/ada/
* exp_ch9.adb (Build_Protected_Spec): Tidy up and propagate the
Comes_From_Source flag onto the new formal parameters.
* sem_ch6.adb (Analyze_Subprogram_Body_Helper): Do not check
references for subprograms generated for protected subprograms.
|
|
The draft ACATS test (which we developed) for the Ada 2022 feature of
user-defined literals has compile-time problems that are fixed with this
set of changes. Two of these involve the resolution of named numbers
in the context where an implicit literal conversion can occur, and for
equality when a literal or named number is an operand. Furthermore,
the compiler can hang in some cases when a numeric literal is used
in a context where the expected type is a type derived two levels
down from a tagged type that specifies a literal aspect.
gcc/ada/
* sem_res.adb
(Resolve_Equality_Op): Add handling for equality ops with
user-defined literal operands.
* sem_util.ads
(Is_User_Defined_Literal): Update spec comment to indicate
inclusion of named number cases.
* sem_util.adb
(Corresponding_Primitive_Op): Rather than following the chain of
ancestor subprograms via Alias and Overridden_Operation links, we
check for matching profiles between primitive subprograms of the
descendant type and the ancestor subprogram (by calling a new
nested function Profile_Matches_Ancestor). This prevents the
compiler from hanging due to circular linkages via those fields
that can occur between inherited and overriding subprograms
(which might indicate a latent bug, but one that may be rather
delicate to resolve).
(Profile_Matches_Ancestor): New nested subprogram to compare the
profile of a primitive subprogram with the profile of a candidate
ancestor subprogram.
(Is_User_Defined_Literal): Also return True in cases where the
node N denotes a named number (E_Name_Integer and E_Named_Real).
|
|
Remove a comment about the former use of the -gnatd9 switch (that switch is
now unused).
gcc/ada/
* debug.adb: remove a comment.
|
|
Make sure warnings about wrong-length aggregates don't get
suppressed. Such a warning (in a with-ed unit) can be the only
explanation for an error about No_Elaboration_Code violations.
Avoid passing a bogus "#" to Error_Msg. We really should never
construct message templates by concatenating strings that can
come from input data, but there are too many cases of that to
clean up. The message template parameters should really be
of a type other than String, to avoid these kinds of bugs,
but again, that's too much work to clean up now.
gcc/ada/
* checks.adb
(Selected_Length_Checks): In the message for an aggregate that has
too few or too many elements, add "!!" to make sure the warning
gets printed in with'ed units. Note that we have to put "!!"
before the "??", because Compile_Time_Constraint_Error detects
warnings by comparing the last character of the message with '?'
(which is bit dubious, but we're not changing that here).
(Length_Mismatch_Info_Message): Use Unat for some things that
can't be negative. Specify Decimal instead of Auto in calls to
UI_Image.
* sem_util.adb
(Compile_Time_Constraint_Error): Minor.
* uintp.adb
(Image_Uint): It's always better to initialize objects on their
declaration.
|
|
The current configuration of the x86-64 VxWorks runtimes does not support
atomic primitives. x86-64 VxWorks was missed from the previous patch.
gcc/ada/
* libgnat/system-vxworks7-x86_64-kernel.ads: Set
Support_Atomic_Primitives to false.
* libgnat/system-vxworks7-x86_64-rtp-smp.ads: Ditto.
|
|
The current configuration of the QNX and VxWorks runtimes does not support
atomic primitives.
gcc/ada/
* libgnat/system-qnx-arm.ads: Set Support_Atomic_Primitives to
false.
* libgnat/system-vxworks7-aarch64.ads: Ditto.
* libgnat/system-vxworks7-aarch64-rtp-smp.ads: Ditto.
* libgnat/system-vxworks7-arm.ads: Ditto.
* libgnat/system-vxworks7-arm-rtp-smp.ads: Ditto.
* libgnat/system-vxworks7-x86-kernel.ads: Ditto.
* libgnat/system-vxworks7-x86-rtp-smp.ads: Ditto.
|
|
This patch makes various minor cleanup changes to the parser.
No change in behavior.
gcc/ada/
* par-tchk.adb, par-util.adb, prep.adb, prepcomp.adb, scng.adb:
Use "in" instead of chains of "=" connected with "or else".
Likewise for "not in", "/=", "and then". Misc cleanup.
* par-ch10.adb, par-ch12.adb, par-ch13.adb, par-ch4.adb: Likewise.
* par-ch8.adb, par-ch9.adb, par-endh.adb, par-sync.adb: Likewise.
* par.adb
(Pf_Rec): Remove filler, which was added August 25, 1993 to get
around a compiler limitation that no longer exists. Minor cleanup.
Remove useless qualfications.
* par-ch3.adb: Remove redundant return statements.
(Component_Scan_Loop): Remove loop name; there are no nested
loops, so it's unnecessary and possibly misleading, and it causes
too-long lines.
* par-ch5.adb: DRY: Remove comments that repeat the comments in
par.adb.
(P_Sequence_Of_Statements): It is better to initialize things on
the declaration. And constants are better than variables.
(Test_Statement_Required): Remove unnecessary insertion of a null
statement.
* par-ch6.adb, par-ch7.adb: DRY: Remove comments that repeat the
comments in par.adb.
|
|
This reverts commit 51abc0cc8691daecd7cec8372e4988e9f3f1913c.
|
|
gcc/testsuite/ChangeLog:
* ChangeLog: Fix PR reference.
|
|
Fixes:
gcc/analyzer/region-model.cc:5918:8: warning: private field 'm_record_type' is not used [-Wunused-private-field]
gcc/analyzer/region-model.cc:6305:25: warning: private field 'm_mgr' is not used [-Wunused-private-field]
gcc/analyzer/ChangeLog:
* region-model.cc (region_model::maybe_complain_about_infoleak):
Remove unused fields.
|
|
|
|
This patch adds handling of empty ranges in bit_range and byte_range and
adds an assertion to member functions that assume a positive size.
Further, the patch fixes an ICE caused by an empty byte_range passed to
byte_range::exceeds_p.
Regression-tested on Linux x86_64.
2022-09-10 Tim Lange <mail@tim-lange.me>
gcc/analyzer/ChangeLog:
PR analyzer/106845
* region-model.cc (region_model::check_region_bounds):
Bail out if 0 bytes were accessed.
* store.cc (byte_range::dump_to_pp):
Add special case for empty ranges.
(byte_range::exceeds_p): Restrict to non-empty ranges.
(byte_range::falls_short_of_p): Restrict to non-empty ranges.
* store.h (bit_range::empty_p): New function.
(bit_range::get_last_byte_offset): Restrict to non-empty ranges.
(byte_range::empty_p): New function.
(byte_range::get_last_byte_offset): Restrict to non-empty ranges.
gcc/testsuite/ChangeLog:
PR analyzer/106845
* gcc.dg/analyzer/out-of-bounds-zero.c: New test.
* gcc.dg/analyzer/pr106845.c: New test.
|
|
|
|
This patch adds a new 3-instructions constant synthesis pattern:
- A value that can fit into a signed 12-bit after a number of either bitwise
left or right rotations:
=> "MOVI(.N) Ax, simm12" + "SSAI (1 ... 11) or (21 ... 31)"
+ "SRC Ax, Ax, Ax"
gcc/ChangeLog:
* config/xtensa/xtensa.cc (xtensa_constantsynth):
Add new pattern for the abovementioned case.
gcc/testsuite/ChangeLog:
* gcc.target/xtensa/constsynth_3insns.c (test_4):
Add new test function.
|
|
As Akari noticed, we have an unusual "if" statement without parentheses
around the condition. The condition is a macro that expands to
something with parentheses in the right spot, but, let's make the code a
little less surprising :-)
2022-09-10 Akari Takahashi <akaritakahashioss@gmail.com>
Segher Boessenkool <segher@kernel.crashing.org>
* config/rs6000/rs6000.cc (get_memref_parts): Regularize some code.
|
|
The functions are added to the IEEE_ARITHMETIC module, but
are entirely expanded in the front-end, using GCC built-ins.
2022-08-31 Francois-Xavier Coudert <fxcoudert@gcc.gnu.org>
PR fortran/95644
gcc/fortran/
* f95-lang.cc (gfc_init_builtin_functions): Declare FMA
built-ins.
* mathbuiltins.def: Declare FMA built-ins.
* trans-intrinsic.cc (conv_intrinsic_ieee_fma): New function.
(conv_intrinsic_ieee_signbit): New function.
(gfc_build_intrinsic_lib_fndecls): Add cases for FMA and
SIGNBIT.
gcc/testsuite/
* gfortran.dg/ieee/fma_1.f90: New test.
* gfortran.dg/ieee/signbit_1.f90: New test.
libgfortran/
* ieee/ieee_arithmetic.F90: Add IEEE_SIGNBIT and IEEE_FMA.
|
|
|
|
This patch eliminates all clobbers for complex hard registers that will
be overwritten entirely afterwards (supersedence of
3867d414bd7d9e5b6fb2a51b1fb3d9e9e1eae9).
gcc/ChangeLog:
* config/xtensa/xtensa.md: Rewrite the split pattern that performs
the abovementioned process so that insns that overwrite clobbered
register no longer need to be contiguous.
(DSC): Remove as no longer needed.
|
|
In the example below, 'x' is once placed on the stack frame and then read
into registers as the argument value of bar():
/* example */
struct foo {
int a, b;
};
extern struct foo bar(struct foo);
struct foo test(void) {
struct foo x = { 0, 1 };
return bar(x);
}
Thanks to the dead store elimination, the initialization of 'x' turns into
merely loading the immediates to registers, but corresponding stack frame
growth is not rolled back. As a result:
;; prereq: the CALL0 ABI
;; before
test:
addi sp, sp, -16 // unused stack frame allocation/freeing
movi.n a2, 0
movi.n a3, 1
addi sp, sp, 16 // because no instructions that refer to
j.l bar, a9 // the stack pointer between the two
This patch eliminates such unused stack frame allocation/freeing:
;; after
test:
movi.n a2, 0
movi.n a3, 1
j.l bar, a9
gcc/ChangeLog:
* config/xtensa/xtensa.cc (machine_function): New boolean member as
a flag that controls whether to emit the insns for stack pointer
adjustment inside of the pro/epilogue.
(xtensa_emit_adjust_stack_ptr): New function to share the common
codes and to emit insns if not inhibited.
(xtensa_expand_epilogue): Change to use the function mentioned
above when using the CALL0 ABI.
(xtensa_expand_prologue): Ditto.
And also change to set the inhibit flag used by
xtensa_emit_adjust_stack_ptr() to true if the stack pointer is only
used for its own adjustment.
|
|
This is a less ambitious version of:
[PATCH 0/6] RFC: adding support to GCC for detecting trust boundaries
https://gcc.gnu.org/pipermail/gcc-patches/2021-November/584372.html
Earlier versions of this patch attempted:
(a) various ways of identifying "untrusted" memory regions
(b) providing a way to support the Linux kernel's "__user" annotation,
either via type attributes, or via custom address spaces
(c) enough attributes to identify "copy_from_user" and "copy_to_user",
(d) wiring all of the above together to detect infoleaks and taint
This patch adds a new -Wanalyzer-exposure-through-uninit-copy, emitted
by -fanalyzer if it detects copying of uninitialized data through
a pointer to an untrusted region, but requires a plugin to tell it when
a copy crosses a trust boundary.
This patch adds a proof-of-concept gcc plugin for the analyzer for use
with the Linux kernel that special-cases calls to "copy_from_user" and
calls to "copy_to_user": calls to copy_to_user are checked for
-Wanalyzer-exposure-through-uninit-copy, and data copied via
copy_from_user is marked as tainted when -fanalyzer-checker=taint is
active.
This is very much just a proof-of-concept. A big limitation is that the
copy_{from,to}_user special-casing only happens if these functions have
no body in the TU being analyzed, which isn't the case for a normal
kernel build. I'd much prefer to provide a more general mechanism for
handling such behavior without resorting to plugins (e.g. via attributes
or custom address spaces), but in the interest of not "letting perfect
be the enemy of the good" this patch at least allows parts of this
"trust boundaries" code to be merged for experimentation with the idea.
The -Wanalyzer-exposure-through-uninit-copy diagnostic uses notes to
express what fields and padding within a struct have not been initialized.
For example:
infoleak-CVE-2011-1078-2.c: In function 'test_1':
infoleak-CVE-2011-1078-2.c:32:9: warning: potential exposure of sensitive
information by copying uninitialized data from stack across trust
boundary [CWE-200] [-Wanalyzer-exposure-through-uninit-copy]
32 | copy_to_user(optval, &cinfo, sizeof(cinfo));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'test_1': events 1-3
|
| 25 | struct sco_conninfo cinfo;
| | ^~~~~
| | |
| | (1) region created on stack here
| | (2) capacity: 6 bytes
|......
| 32 | copy_to_user(optval, &cinfo, sizeof(cinfo));
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (3) uninitialized data copied from stack here
|
infoleak-CVE-2011-1078-2.c:32:9: note: 1 byte is uninitialized
32 | copy_to_user(optval, &cinfo, sizeof(cinfo));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
infoleak-CVE-2011-1078-2.c:18:15: note: padding after field 'dev_class'
is uninitialized (1 byte)
18 | __u8 dev_class[3];
| ^~~~~~~~~
infoleak-CVE-2011-1078-2.c:25:29: note: suggest forcing
zero-initialization by providing a '{0}' initializer
25 | struct sco_conninfo cinfo;
| ^~~~~
| = {0}
For taint-detection, the patch includes a series of reproducers for
detecting CVE-2011-0521. Unfortunately the analyzer doesn't yet detect
the issue until the code has been significantly simplified from its
original form: currently only in -5.c and -6.c in the series of test
(see notes in the individual cases), such as:
taint-CVE-2011-0521-6.c:33:48: warning: use of attacker-controlled value
'*info.num' in array lookup without bounds checking [CWE-129]
[-Wanalyzer-tainted-array-index]
33 | av7110->ci_slot[info->num].num = info->num;
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~
'test_1': events 1-3
|
| 19 | if (copy_from_user(&sbuf, (void __user *)arg, sizeof(sbuf)) != 0)
| | ^
| | |
| | (1) following 'false' branch...
|......
| 23 | struct dvb_device *dvbdev = file->private_data;
| | ~~~~~~
| | |
| | (2) ...to here
|......
| 33 | av7110->ci_slot[info->num].num = info->num;
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (3) use of attacker-controlled value '*info.num' in array lookup without bounds checking
|
The patch also includes various infoleak and taint cases from my
antipatterns.ko kernel module:
https://github.com/davidmalcolm/antipatterns.ko
gcc/analyzer/ChangeLog:
* analyzer.opt (Wanalyzer-exposure-through-uninit-copy): New.
* checker-path.cc (region_creation_event::region_creation_event):
Add "capacity" and "kind" params.
(region_creation_event::get_desc): Generalize to different kinds
of event.
(checker_path::add_region_creation_event): Convert to...
(checker_path::add_region_creation_events): ...this.
* checker-path.h (enum rce_kind): New.
(region_creation_event::region_creation_event): Add "capacity" and
"kind" params.
(region_creation_event::m_capacity): New field.
(region_creation_event::m_rce_kind): New field.
(checker_path::add_region_creation_event): Convert to...
(checker_path::add_region_creation_events): ...this.
* diagnostic-manager.cc (diagnostic_manager::build_emission_path):
Update for multiple region creation events.
(diagnostic_manager::add_event_on_final_node): Likewise.
(diagnostic_manager::add_events_for_eedge): Likewise.
* region-model-impl-calls.cc (call_details::get_logger): New.
* region-model.cc: Define INCLUDE_MEMORY before including
"system.h". Include "gcc-rich-location.h".
(class record_layout): New.
(class exposure_through_uninit_copy): New.
(contains_uninit_p): New.
(region_model::maybe_complain_about_infoleak): New.
* region-model.h (call_details::get_logger): New decl.
(region_model::maybe_complain_about_infoleak): New decl.
(region_model::mark_as_tainted): New decl.
* sm-taint.cc (region_model::mark_as_tainted): New.
gcc/ChangeLog:
* doc/invoke.texi (Static Analyzer Options): Add
-Wanalyzer-exposure-through-uninit-copy.
gcc/testsuite/ChangeLog:
* gcc.dg/plugin/analyzer_kernel_plugin.c: New test.
* gcc.dg/plugin/copy_from_user-1.c: New test.
* gcc.dg/plugin/infoleak-1.c: New test.
* gcc.dg/plugin/infoleak-2.c: New test.
* gcc.dg/plugin/infoleak-3.c: New test.
* gcc.dg/plugin/infoleak-CVE-2011-1078-1.c: New test.
* gcc.dg/plugin/infoleak-CVE-2011-1078-2.c: New test.
* gcc.dg/plugin/infoleak-CVE-2014-1446-1.c: New test.
* gcc.dg/plugin/infoleak-CVE-2017-18549-1.c: New test.
* gcc.dg/plugin/infoleak-CVE-2017-18550-1.c: New test.
* gcc.dg/plugin/infoleak-antipatterns-1.c: New test.
* gcc.dg/plugin/infoleak-fixit-1.c: New test.
* gcc.dg/plugin/infoleak-net-ethtool-ioctl.c: New test.
* gcc.dg/plugin/infoleak-vfio_iommu_type1.c: New test.
* gcc.dg/plugin/plugin.exp (plugin_test_list): Add
analyzer_kernel_plugin.c and the new test cases.
* gcc.dg/plugin/taint-CVE-2011-0521-1-fixed.c: New test.
* gcc.dg/plugin/taint-CVE-2011-0521-1.c: New test.
* gcc.dg/plugin/taint-CVE-2011-0521-2-fixed.c: New test.
* gcc.dg/plugin/taint-CVE-2011-0521-2.c: New test.
* gcc.dg/plugin/taint-CVE-2011-0521-3-fixed.c: New test.
* gcc.dg/plugin/taint-CVE-2011-0521-3.c: New test.
* gcc.dg/plugin/taint-CVE-2011-0521-4.c: New test.
* gcc.dg/plugin/taint-CVE-2011-0521-5-fixed.c: New test.
* gcc.dg/plugin/taint-CVE-2011-0521-5.c: New test.
* gcc.dg/plugin/taint-CVE-2011-0521-6.c: New test.
* gcc.dg/plugin/taint-CVE-2011-0521.h: New test.
* gcc.dg/plugin/taint-antipatterns-1.c: New test.
* gcc.dg/plugin/test-uaccess.h: New header for tests.
Signed-off-by: David Malcolm <dmalcolm@redhat.com>
|
|
This patch adds the ability for plugins to register "known functions"
with the analyzer, identified by name. If -fanalyzer sees a call to
such a function (with no body), it will use a plugin-provided subclass
of the new known_function abstract base class to model the possible
outcomes of the function call.
gcc/ChangeLog:
* Makefile.in (ANALYZER_OBJS): Add
analyzer/known-function-manager.o.
gcc/analyzer/ChangeLog:
* analyzer.h (class known_function_manager): New forward decl.
(class known_function): New.
(plugin_analyzer_init_iface::register_known_function): New.
* engine.cc: Include "analyzer/known-function-manager.h".
(plugin_analyzer_init_impl::plugin_analyzer_init_impl): Add
known_fn_mgr param.
(plugin_analyzer_init_impl::register_state_machine): Add
LOC_SCOPE.
(plugin_analyzer_init_impl::register_known_function): New.
(plugin_analyzer_init_impl::m_known_fn_mgr): New.
(impl_run_checkers): Update plugin callback invocation to use
eng's known_function_manager.
* known-function-manager.cc: New file.
* known-function-manager.h: New file.
* region-model-manager.cc
(region_model_manager::region_model_manager): Pass logger to
m_known_fn_mgr's ctor.
* region-model.cc (region_model::update_for_zero_return): New.
(region_model::update_for_nonzero_return): New.
(maybe_simplify_upper_bound): New.
(region_model::maybe_get_copy_bounds): New.
(region_model::get_known_function): New.
(region_model::on_call_pre): Handle plugin-supplied known
functions.
* region-model.h: Include "analyzer/known-function-manager.h".
(region_model_manager::get_known_function_manager): New.
(region_model_manager::m_known_fn_mgr): New.
(call_details::get_model): New accessor.
(region_model::maybe_get_copy_bounds): New decl.
(region_model::update_for_zero_return): New decl.
(region_model::update_for_nonzero_return): New decl.
(region_model::get_known_function): New decl.
(region_model::get_known_function_manager): New.
gcc/testsuite/ChangeLog:
* gcc.dg/plugin/analyzer_known_fns_plugin.c: New test plugin.
* gcc.dg/plugin/known-fns-1.c: New test.
* gcc.dg/plugin/plugin.exp (plugin_test_list): Add the new plugin
and test.
Signed-off-by: David Malcolm <dmalcolm@redhat.com>
|
|
gcc/testsuite/ChangeLog:
PR analyzer/98247
* gcc.dg/analyzer/flexible-array-member-1.c: New test.
Signed-off-by: David Malcolm <dmalcolm@redhat.com>
|
|
Add support to nvptx for reverse lookup of function name to prepare for
'omp target device(ancestor:1)'.
gcc/ChangeLog:
* config/nvptx/mkoffload.cc (struct id_map): Add 'dim' member.
(record_id): Store func name without quotes, store dim separately.
(process): For GOMP_REQUIRES_REVERSE_OFFLOAD, check that -march is
at least sm_35, create '$offload_func_table' global array and init
with reverse-offload function addresses.
* config/nvptx/nvptx.cc (write_fn_proto_1, write_fn_proto): New
force_public attribute to force .visible.
(nvptx_declare_function_name): For "omp target
device_ancestor_nohost" attribut, force .visible/TREE_PUBLIC.
libgomp/ChangeLog:
* plugin/plugin-nvptx.c (GOMP_OFFLOAD_load_image): Read offload
function address table '$offload_func_table' if rev_fn_table
is not NULL.
|
|
Add support to GCN for reverse lookup of function name to prepare for
'omp target device(ancestor:1)'.
gcc/ChangeLog:
* config/gcn/mkoffload.cc (process_asm): Create .offload_func_table,
similar to pre-existing .offload_var_table.
libgomp/ChangeLog:
* plugin/plugin-gcn.c (GOMP_OFFLOAD_load_image): Read
.offload_func_table to populate rev_fn_table when requested.
|
|
C2x adds a macro unreachable to stddef.h, with the same semantics as
__builtin_unreachable. Define this macro accordingly.
Bootstrapped with no regressions for x86_64-pc-linux-gnu.
gcc/
* ginclude/stddef.h [__STDC_VERSION__ > 201710L] (unreachable):
New macro.
gcc/testsuite/
* gcc.dg/c11-unreachable-1.c, gcc.dg/c2x-unreachable-1.c: New
tests.
|
|
As PR106833 shows, cv-qualified opaque type can cause ICE
during LTO. It exposes that we missd to handle OPAQUE_TYPE
well in type verification. As Richi pointed out, also
assuming that target will always define TYPE_MAIN_VARIANT
TYPE_CANONICAL for opaque type, this patch is to check
both are OPAQUE_TYPE_P and their modes are of MODE_OPAQUE
class. Besides, it also checks the only available size
and alignment information.
PR middle-end/106833
gcc/ChangeLog:
* tree.cc (verify_opaque_type): New function.
(verify_type): Call verify_opaque_type for OPAQUE_TYPE.
gcc/testsuite/ChangeLog:
* gcc.target/powerpc/pr106833.c: New test.
|
|
This adds support for the following natively supported floating-point
operations, in scalar and vectorized modes:
floor, ceil, exp2*, log2*, sin*, cos*, ldexp, frexp
* These operations are single-precision float only and are only active
if unsafe_math_optimizations are enabled (due to potential numerical
precision issues).
2022-09-09 Kwok Cheung Yeung <kcy@codesourcery.com>
gcc/
* config/gcn/gcn-builtins.def (FABSVF, LDEXPVF, LDEXPV, FREXPVF_EXP,
FREXPVF_MANT, FREXPV_EXP, FREXPV_MANT): Add new builtins.
* config/gcn/gcn-protos.h (gcn_dconst1over2pi): New prototype.
* config/gcn/gcn-valu.md (MATH_UNOP_1OR2REG, MATH_UNOP_1REG,
MATH_UNOP_TRIG): New iterators.
(math_unop): New attributes.
(<math_unop><mode>2, <math_unop><mode>2<exec>,
<math_unop><mode>2, <math_unop><mode>2<exec>,
*<math_unop><mode>2_insn, *<math_unop><mode>2<exec>_insn,
ldexp<mode>3, ldexp<mode>3<exec>,
frexp<mode>_exp2, frexp<mode>_mant2,
frexp<mode>_exp2<exec>, frexp<mode>_mant2<exec>): New instructions.
(<math_unop><mode>2, <math_unop><mode>2<exec>): New expanders.
* config/gcn/gcn.cc (init_ext_gcn_constants): Update definition of
dconst1over2pi.
(gcn_dconst1over2pi): New.
(gcn_builtin_type_index): Add entry for v64df type.
(v64df_type_node): New.
(gcn_init_builtin_types): Initialize v64df_type_node.
(gcn_expand_builtin_1): Expand new builtins to instructions.
(print_operand): Fix assembler output for 1/(2*PI) constant.
* config/gcn/gcn.md (unspec): Add new entries.
|
|
When predictive commoning builds a reference for iteration N it
prematurely associates a constant offset into the MEM_REF offset
operand which can be invalid if the base pointer then points
outside of an object which alias-analysis does not consider valid.
PR tree-optimization/106722
* tree-predcom.cc (ref_at_iteration): Do not associate the
constant part of the offset into the MEM_REF offset
operand, across a non-zero offset.
* gcc.dg/torture/pr106892.c: New testcase.
|
