Print this page
smatch: check libld_* allocation functions
Split |
Close |
Expand all |
Collapse all |
--- old/usr/src/tools/smatch/src/check_frees_argument.c
+++ new/usr/src/tools/smatch/src/check_frees_argument.c
1 1 /*
2 2 * Copyright (C) 2009 Dan Carpenter.
3 3 *
4 4 * This program is free software; you can redistribute it and/or
5 5 * modify it under the terms of the GNU General Public License
6 6 * as published by the Free Software Foundation; either version 2
7 7 * of the License, or (at your option) any later version.
8 8 *
9 9 * This program is distributed in the hope that it will be useful,
10 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 * GNU General Public License for more details.
13 13 *
14 14 * You should have received a copy of the GNU General Public License
15 15 * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt
16 16 */
17 17
18 18 /*
19 19 * This script is for finding functions like hcd_buffer_free() which free
20 20 * their arguments. After running it, add those functions to check_memory.c
21 21 */
22 22
23 23 #include "smatch.h"
24 24 #include "smatch_slist.h"
25 25
26 26 static int my_id;
27 27
28 28 STATE(freed);
29 29
30 30 static struct symbol *this_func;
31 31 static struct tracker_list *freed_args = NULL;
32 32
33 33 static void match_function_def(struct symbol *sym)
34 34 {
35 35 this_func = sym;
36 36 }
37 37
38 38 static int is_arg(char *name, struct symbol *sym)
39 39 {
40 40 struct symbol *arg;
41 41 const char *arg_name;
42 42
43 43 FOR_EACH_PTR(this_func->ctype.base_type->arguments, arg) {
44 44 arg_name = (arg->ident?arg->ident->name:"-");
45 45 if (sym == arg && !strcmp(name, arg_name))
46 46 return 1;
47 47 } END_FOR_EACH_PTR(arg);
48 48 return 0;
49 49 }
50 50
51 51 static void match_kfree(const char *fn, struct expression *expr, void *info)
52 52 {
53 53 struct expression *tmp;
54 54 struct symbol *sym;
55 55 char *name;
56 56
57 57 tmp = get_argument_from_call_expr(expr->args, 0);
58 58 tmp = strip_expr(tmp);
59 59 name = expr_to_var_sym(tmp, &sym);
60 60 if (is_arg(name, sym)) {
61 61 set_state(my_id, name, sym, &freed);
62 62 }
63 63 free_string(name);
64 64 }
65 65
66 66 static int return_count = 0;
67 67 static void match_return(struct expression *ret_value)
68 68 {
69 69 struct stree *stree;
70 70 struct sm_state *tmp;
71 71 struct tracker *tracker;
72 72
73 73 if (__inline_fn)
74 74 return;
75 75
76 76 if (!return_count) {
77 77 stree = __get_cur_stree();
78 78 FOR_EACH_MY_SM(my_id, stree, tmp) {
79 79 if (tmp->state == &freed)
80 80 add_tracker(&freed_args, my_id, tmp->name,
81 81 tmp->sym);
82 82 } END_FOR_EACH_SM(tmp);
83 83 } else {
84 84 FOR_EACH_PTR(freed_args, tracker) {
85 85 tmp = get_sm_state(my_id, tracker->name, tracker->sym);
86 86 if (tmp && tmp->state != &freed)
87 87 del_tracker(&freed_args, my_id, tracker->name,
88 88 tracker->sym);
89 89 } END_FOR_EACH_PTR(tracker);
90 90 }
91 91 }
92 92
93 93 static void print_arg(struct symbol *sym)
94 94 {
95 95 struct symbol *arg;
96 96 int i = 0;
97 97
98 98 FOR_EACH_PTR(this_func->ctype.base_type->arguments, arg) {
99 99 if (sym == arg) {
100 100 sm_info("free_arg %s %d", get_function(), i);
101 101 return;
102 102 }
103 103 i++;
104 104 } END_FOR_EACH_PTR(arg);
105 105 }
106 106
107 107 static void match_end_func(struct symbol *sym)
108 108 {
109 109 if (__inline_fn)
110 110 return;
111 111 if (is_reachable())
112 112 match_return(NULL);
113 113 }
114 114
115 115 static void match_after_func(struct symbol *sym)
116 116 {
117 117 struct tracker *tracker;
118 118
119 119 if (__inline_fn)
120 120 return;
121 121
122 122 FOR_EACH_PTR(freed_args, tracker) {
123 123 print_arg(tracker->sym);
124 124 } END_FOR_EACH_PTR(tracker);
125 125
126 126 free_trackers_and_list(&freed_args);
127 127 return_count = 0;
128 128 }
129 129
130 130 void check_frees_argument(int id)
↓ open down ↓ |
130 lines elided |
↑ open up ↑ |
131 131 {
132 132 if (!option_info)
133 133 return;
134 134
135 135 my_id = id;
136 136 add_hook(&match_function_def, FUNC_DEF_HOOK);
137 137 if (option_project == PROJ_KERNEL)
138 138 add_function_hook("kfree", &match_kfree, NULL);
139 139 else
140 140 add_function_hook("free", &match_kfree, NULL);
141 +
142 + if (option_project == PROJ_ILLUMOS_USER)
143 + add_function_hook("libld_free", &match_kfree, NULL);
144 +
141 145 add_hook(&match_return, RETURN_HOOK);
142 146 add_hook(&match_end_func, END_FUNC_HOOK);
143 147 add_hook(&match_after_func, AFTER_FUNC_HOOK);
144 148 }
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX