1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * Copyright (c) 2014, STMicroelectronics International N.V. 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions are met: 8 * 9 * 1. Redistributions of source code must retain the above copyright notice, 10 * this list of conditions and the following disclaimer. 11 * 12 * 2. Redistributions in binary form must reproduce the above copyright notice, 13 * this list of conditions and the following disclaimer in the documentation 14 * and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 * POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 #ifndef COMPILER_H 30 #define COMPILER_H 31 32 /* 33 * Macros that should be used instead of using __attribute__ directly to 34 * ease portability and make the code easier to read. 35 * 36 * Some of the defines below is known to sometimes cause conflicts when 37 * this file is included from xtest in normal world. It is assumed that 38 * the conflicting defines has the same meaning in that environment. 39 * Surrounding the troublesome defines with #ifndef should be enough. 40 */ 41 #define __deprecated __attribute__((deprecated)) 42 #ifndef __packed 43 #define __packed __attribute__((packed)) 44 #endif 45 #define __weak __attribute__((weak)) 46 #ifndef __noreturn 47 #define __noreturn __attribute__((noreturn)) 48 #endif 49 #define __pure __attribute__((pure)) 50 #define __aligned(x) __attribute__((aligned(x))) 51 #define __printf(a, b) __attribute__((format(printf, a, b))) 52 #define __noinline __attribute__((noinline)) 53 #define __attr_const __attribute__((__const__)) 54 #ifndef __unused 55 #define __unused __attribute__((unused)) 56 #endif 57 #define __maybe_unused __attribute__((unused)) 58 #ifndef __used 59 #define __used __attribute__((__used__)) 60 #endif 61 #define __must_check __attribute__((warn_unused_result)) 62 #define __cold __attribute__((__cold__)) 63 #define __section(x) __attribute__((section(x))) 64 #define __data __section(".data") 65 #define __bss __section(".bss") 66 #define __rodata __section(".rodata") 67 #define __rodata_unpaged __section(".rodata.__unpaged") 68 #define __early_ta __section(".rodata.early_ta") 69 #define __noprof __attribute__((no_instrument_function)) 70 71 #define __compiler_bswap64(x) __builtin_bswap64((x)) 72 #define __compiler_bswap32(x) __builtin_bswap32((x)) 73 #define __compiler_bswap16(x) __builtin_bswap16((x)) 74 75 #define __GCC_VERSION (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + \ 76 __GNUC_PATCHLEVEL__) 77 78 #if __GCC_VERSION >= 50100 && !defined(__CHECKER__) 79 #define __HAVE_BUILTIN_OVERFLOW 1 80 #endif 81 82 #ifdef __HAVE_BUILTIN_OVERFLOW 83 #define __compiler_add_overflow(a, b, res) \ 84 __builtin_add_overflow((a), (b), (res)) 85 86 #define __compiler_sub_overflow(a, b, res) \ 87 __builtin_sub_overflow((a), (b), (res)) 88 89 #define __compiler_mul_overflow(a, b, res) \ 90 __builtin_mul_overflow((a), (b), (res)) 91 #else /*!__HAVE_BUILTIN_OVERFLOW*/ 92 93 /* 94 * Copied/inspired from https://www.fefe.de/intof.html 95 */ 96 #define __INTOF_HALF_MAX_SIGNED(type) ((type)1 << (sizeof(type)*8-2)) 97 #define __INTOF_MAX_SIGNED(type) (__INTOF_HALF_MAX_SIGNED(type) - 1 + \ 98 __INTOF_HALF_MAX_SIGNED(type)) 99 #define __INTOF_MIN_SIGNED(type) (-1 - __INTOF_MAX_SIGNED(type)) 100 101 #define __INTOF_MIN(type) ((type)-1 < 1?__INTOF_MIN_SIGNED(type):(type)0) 102 #define __INTOF_MAX(type) ((type)~__INTOF_MIN(type)) 103 104 #define __INTOF_ASSIGN(dest, src) (__extension__({ \ 105 typeof(src) __intof_x = (src); \ 106 typeof(dest) __intof_y = __intof_x; \ 107 (((uintmax_t)__intof_x == (uintmax_t)__intof_y) && \ 108 ((__intof_x < 1) == (__intof_y < 1)) ? \ 109 (void)((dest) = __intof_y) , 0 : 1); \ 110 })) 111 112 #define __INTOF_ADD(c, a, b) (__extension__({ \ 113 typeof(a) __intofa_a = (a); \ 114 typeof(b) __intofa_b = (b); \ 115 intmax_t __intofa_a_signed = __intofa_a; \ 116 uintmax_t __intofa_a_unsigned = __intofa_a; \ 117 intmax_t __intofa_b_signed = __intofa_b; \ 118 uintmax_t __intofa_b_unsigned = __intofa_b; \ 119 \ 120 __intofa_b < 1 ? \ 121 __intofa_a < 1 ? \ 122 ((INTMAX_MIN - __intofa_b_signed <= \ 123 __intofa_a_signed)) ? \ 124 __INTOF_ASSIGN((c), __intofa_a_signed + \ 125 __intofa_b_signed) : 1 \ 126 : \ 127 ((__intofa_a_unsigned >= (uintmax_t)-__intofa_b) ? \ 128 __INTOF_ASSIGN((c), __intofa_a_unsigned + \ 129 __intofa_b_signed) \ 130 : \ 131 __INTOF_ASSIGN((c), \ 132 (intmax_t)(__intofa_a_unsigned + \ 133 __intofa_b_signed))) \ 134 : \ 135 __intofa_a < 1 ? \ 136 ((__intofa_b_unsigned >= (uintmax_t)-__intofa_a) ? \ 137 __INTOF_ASSIGN((c), __intofa_a_signed + \ 138 __intofa_b_unsigned) \ 139 : \ 140 __INTOF_ASSIGN((c), \ 141 (intmax_t)(__intofa_a_signed + \ 142 __intofa_b_unsigned))) \ 143 : \ 144 ((UINTMAX_MAX - __intofa_b_unsigned >= \ 145 __intofa_a_unsigned) ? \ 146 __INTOF_ASSIGN((c), __intofa_a_unsigned + \ 147 __intofa_b_unsigned) : 1); \ 148 })) 149 150 #define __INTOF_SUB(c, a, b) (__extension__({ \ 151 typeof(a) __intofs_a = a; \ 152 typeof(b) __intofs_b = b; \ 153 intmax_t __intofs_a_signed = __intofs_a; \ 154 uintmax_t __intofs_a_unsigned = __intofs_a; \ 155 intmax_t __intofs_b_signed = __intofs_b; \ 156 uintmax_t __intofs_b_unsigned = __intofs_b; \ 157 \ 158 __intofs_b < 1 ? \ 159 __intofs_a < 1 ? \ 160 ((INTMAX_MAX + __intofs_b >= __intofs_a) ? \ 161 __INTOF_ASSIGN((c), __intofs_a_signed - \ 162 __intofs_b_signed) : 1) \ 163 : \ 164 (((uintmax_t)(UINTMAX_MAX + __intofs_b_signed) >= \ 165 __intofs_a_unsigned) ? \ 166 __INTOF_ASSIGN((c), __intofs_a - \ 167 __intofs_b) : 1) \ 168 : \ 169 __intofs_a < 1 ? \ 170 (((INTMAX_MIN + __intofs_b <= __intofs_a)) ? \ 171 __INTOF_ASSIGN((c), \ 172 (intmax_t)(__intofs_a_signed - \ 173 __intofs_b_unsigned)) : 1) \ 174 : \ 175 ((__intofs_b_unsigned <= __intofs_a_unsigned) ? \ 176 __INTOF_ASSIGN((c), __intofs_a_unsigned - \ 177 __intofs_b_unsigned) \ 178 : \ 179 __INTOF_ASSIGN((c), \ 180 (intmax_t)(__intofs_a_unsigned - \ 181 __intofs_b_unsigned))); \ 182 })) 183 184 /* 185 * Dealing with detecting overflow in multiplication of integers. 186 * 187 * First step is to remove two corner cases with the minum signed integer 188 * which can't be represented as a positive integer + sign. 189 * Multiply with 0 or 1 can't overflow, no checking needed of the operation, 190 * only if it can be assigned to the result. 191 * 192 * After the corner cases are eliminated we convert the two factors to 193 * positive unsigned values, keeping track of the original in another 194 * variable which is used at the end to determine the sign of the product. 195 * 196 * The two terms (a and b) are divided into upper and lower half (x1 upper 197 * and x0 lower), so the product is: 198 * ((a1 << hshift) + a0) * ((b1 << hshift) + b0) 199 * which also is: 200 * ((a1 * b1) << (hshift * 2)) + (T1) 201 * ((a1 * b0 + a0 * b1) << hshift) + (T2) 202 * (a0 * b0) (T3) 203 * 204 * From this we can tell and (a1 * b1) has to be 0 or we'll overflow, that 205 * is, at least one of a1 or b1 has to be 0. Once this has been checked the 206 * addition: ((a1 * b0) << hshift) + ((a0 * b1) << hshift) 207 * isn't an addition as one of the terms will be 0. 208 * 209 * Since each factor in: (a0 * b0) 210 * only uses half the capicity of the underlaying type it can't overflow 211 * 212 * The addition of T2 and T3 can overflow so we use __INTOF_ADD() to 213 * perform that addition. If the addition succeeds without overflow the 214 * result is assigned the required sign and checked for overflow again. 215 */ 216 217 #define __intof_mul_negate ((__intof_oa < 1) != (__intof_ob < 1)) 218 #define __intof_mul_hshift (sizeof(uintmax_t) * 8 / 2) 219 #define __intof_mul_hmask (UINTMAX_MAX >> __intof_mul_hshift) 220 #define __intof_mul_a0 ((uintmax_t)(__intof_a) >> __intof_mul_hshift) 221 #define __intof_mul_b0 ((uintmax_t)(__intof_b) >> __intof_mul_hshift) 222 #define __intof_mul_a1 ((uintmax_t)(__intof_a) & __intof_mul_hmask) 223 #define __intof_mul_b1 ((uintmax_t)(__intof_b) & __intof_mul_hmask) 224 #define __intof_mul_t (__intof_mul_a1 * __intof_mul_b0 + \ 225 __intof_mul_a0 * __intof_mul_b1) 226 227 #define __INTOF_MUL(c, a, b) (__extension__({ \ 228 typeof(a) __intof_oa = (a); \ 229 typeof(a) __intof_a = __intof_oa < 1 ? -__intof_oa : __intof_oa; \ 230 typeof(b) __intof_ob = (b); \ 231 typeof(b) __intof_b = __intof_ob < 1 ? -__intof_ob : __intof_ob; \ 232 typeof(c) __intof_c; \ 233 \ 234 __intof_oa == 0 || __intof_ob == 0 || \ 235 __intof_oa == 1 || __intof_ob == 1 ? \ 236 __INTOF_ASSIGN((c), __intof_oa * __intof_ob) : \ 237 (__intof_mul_a0 && __intof_mul_b0) || \ 238 __intof_mul_t > __intof_mul_hmask ? 1 : \ 239 __INTOF_ADD((__intof_c), __intof_mul_t << __intof_mul_hshift, \ 240 __intof_mul_a1 * __intof_mul_b1) ? 1 : \ 241 __intof_mul_negate ? __INTOF_ASSIGN((c), -__intof_c) : \ 242 __INTOF_ASSIGN((c), __intof_c); \ 243 })) 244 245 #define __compiler_add_overflow(a, b, res) __INTOF_ADD(*(res), (a), (b)) 246 #define __compiler_sub_overflow(a, b, res) __INTOF_SUB(*(res), (a), (b)) 247 #define __compiler_mul_overflow(a, b, res) __INTOF_MUL(*(res), (a), (b)) 248 249 #endif /*!__HAVE_BUILTIN_OVERFLOW*/ 250 251 #define __compiler_compare_and_swap(p, oval, nval) \ 252 __atomic_compare_exchange_n((p), (oval), (nval), true, \ 253 __ATOMIC_ACQUIRE, __ATOMIC_RELAXED) \ 254 255 #define __compiler_atomic_load(p) __atomic_load_n((p), __ATOMIC_RELAXED) 256 #define __compiler_atomic_store(p, val) \ 257 __atomic_store_n((p), (val), __ATOMIC_RELAXED) 258 259 #endif /*COMPILER_H*/ 260