Print this page
12724 update smatch to 0.6.1-rc1-il-5
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/tools/smatch/src/smatch.h
+++ new/usr/src/tools/smatch/src/smatch.h
1 1 /*
2 2 * Copyright (C) 2006 Dan Carpenter.
3 3 *
4 4 * This program is free software; you can redistribute it and/or
5 5 * modify it under the terms of the GNU General Public License
6 6 * as published by the Free Software Foundation; either version 2
7 7 * of the License, or (at your option) any later version.
8 8 *
9 9 * This program is distributed in the hope that it will be useful,
10 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 * GNU General Public License for more details.
13 13 *
14 14 * You should have received a copy of the GNU General Public License
15 15 * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt
16 16 *
17 17 * Copyright 2019 Joyent, Inc.
18 18 */
19 19
20 20 #ifndef SMATCH_H_
21 21 # define SMATCH_H_
22 22
23 23 #include <stdio.h>
24 24 #include <string.h>
25 25 #include <limits.h>
26 26 #include <float.h>
27 27 #include <sys/time.h>
28 28 #include <sqlite3.h>
29 29 #include "lib.h"
30 30 #include "allocate.h"
31 31 #include "scope.h"
32 32 #include "parse.h"
33 33 #include "expression.h"
34 34 #include "avl.h"
35 35
36 36 typedef struct {
37 37 struct symbol *type;
38 38 union {
39 39 long long value;
40 40 unsigned long long uvalue;
41 41 float fvalue;
42 42 double dvalue;
43 43 long double ldvalue;
44 44 };
45 45 } sval_t;
46 46
47 47 typedef long long mtag_t;
48 48
49 49 struct smatch_state {
50 50 const char *name;
51 51 void *data;
52 52 };
53 53 #define STATE(_x) static struct smatch_state _x = { .name = #_x }
54 54 extern struct smatch_state undefined;
55 55 extern struct smatch_state ghost;
56 56 extern struct smatch_state merged;
57 57 extern struct smatch_state true_state;
58 58 extern struct smatch_state false_state;
59 59 DECLARE_ALLOCATOR(smatch_state);
60 60
61 61 static inline void *INT_PTR(int i)
62 62 {
63 63 return (void *)(long)i;
64 64 }
65 65
66 66 static inline int PTR_INT(void *p)
67 67 {
68 68 return (int)(long)p;
69 69 }
70 70
71 71 struct tracker {
72 72 char *name;
73 73 struct symbol *sym;
74 74 unsigned short owner;
75 75 };
76 76 DECLARE_ALLOCATOR(tracker);
77 77 DECLARE_PTR_LIST(tracker_list, struct tracker);
78 78 DECLARE_PTR_LIST(stree_stack, struct stree);
79 79
80 80 /* The first 3 struct members must match struct tracker */
81 81 struct sm_state {
82 82 const char *name;
83 83 struct symbol *sym;
84 84 unsigned short owner;
85 85 unsigned short merged:1;
86 86 unsigned int line;
87 87 struct smatch_state *state;
88 88 struct stree *pool;
89 89 struct sm_state *left;
90 90 struct sm_state *right;
91 91 struct state_list *possible;
92 92 };
93 93
94 94 struct var_sym {
95 95 char *var;
96 96 struct symbol *sym;
97 97 };
98 98 DECLARE_ALLOCATOR(var_sym);
99 99 DECLARE_PTR_LIST(var_sym_list, struct var_sym);
100 100
101 101 struct constraint {
102 102 int op;
103 103 int id;
104 104 };
105 105 DECLARE_PTR_LIST(constraint_list, struct constraint);
106 106
107 107 struct alloc_info {
108 108 const char *fn;
109 109 int size_param, nr;
110 110 };
111 111 extern struct alloc_info *alloc_funcs;
112 112
113 113 struct bit_info {
114 114 unsigned long long set;
115 115 unsigned long long possible;
116 116 };
117 117
118 118 enum hook_type {
119 119 EXPR_HOOK,
120 120 EXPR_HOOK_AFTER,
121 121 STMT_HOOK,
122 122 STMT_HOOK_AFTER,
123 123 SYM_HOOK,
124 124 STRING_HOOK,
125 125 DECLARATION_HOOK,
126 126 ASSIGNMENT_HOOK,
127 127 ASSIGNMENT_HOOK_AFTER,
128 128 RAW_ASSIGNMENT_HOOK,
129 129 GLOBAL_ASSIGNMENT_HOOK,
130 130 LOGIC_HOOK,
131 131 CONDITION_HOOK,
132 132 PRELOOP_HOOK,
133 133 SELECT_HOOK,
134 134 WHOLE_CONDITION_HOOK,
135 135 FUNCTION_CALL_HOOK_BEFORE,
136 136 FUNCTION_CALL_HOOK,
137 137 CALL_HOOK_AFTER_INLINE,
138 138 FUNCTION_CALL_HOOK_AFTER_DB,
139 139 CALL_ASSIGNMENT_HOOK,
140 140 MACRO_ASSIGNMENT_HOOK,
141 141 BINOP_HOOK,
142 142 OP_HOOK,
143 143 DEREF_HOOK,
144 144 CASE_HOOK,
145 145 ASM_HOOK,
146 146 CAST_HOOK,
147 147 SIZEOF_HOOK,
148 148 BASE_HOOK,
149 149 FUNC_DEF_HOOK,
150 150 AFTER_DEF_HOOK,
151 151 END_FUNC_HOOK,
152 152 AFTER_FUNC_HOOK,
153 153 RETURN_HOOK,
154 154 INLINE_FN_START,
155 155 INLINE_FN_END,
156 156 END_FILE_HOOK,
157 157 NUM_HOOKS,
158 158 };
159 159
160 160 #define TRUE 1
161 161 #define FALSE 0
162 162
163 163 struct range_list;
164 164
165 165 void add_hook(void *func, enum hook_type type);
166 166 typedef struct smatch_state *(merge_func_t)(struct smatch_state *s1, struct smatch_state *s2);
167 167 typedef struct smatch_state *(unmatched_func_t)(struct sm_state *state);
168 168 void add_merge_hook(int client_id, merge_func_t *func);
169 169 void add_unmatched_state_hook(int client_id, unmatched_func_t *func);
170 170 void add_pre_merge_hook(int client_id, void (*hook)(struct sm_state *cur, struct sm_state *other));
171 171 typedef void (scope_hook)(void *data);
172 172 void add_scope_hook(scope_hook *hook, void *data);
173 173 typedef void (func_hook)(const char *fn, struct expression *expr, void *data);
174 174 typedef void (implication_hook)(const char *fn, struct expression *call_expr,
175 175 struct expression *assign_expr, void *data);
176 176 typedef void (return_implies_hook)(struct expression *call_expr,
177 177 int param, char *key, char *value);
178 178 typedef int (implied_return_hook)(struct expression *call_expr, void *info, struct range_list **rl);
179 179 void add_function_hook(const char *look_for, func_hook *call_back, void *data);
180 180
181 181 void add_function_assign_hook(const char *look_for, func_hook *call_back,
182 182 void *info);
183 183 void add_implied_return_hook(const char *look_for,
184 184 implied_return_hook *call_back,
185 185 void *info);
186 186 void add_macro_assign_hook(const char *look_for, func_hook *call_back,
187 187 void *info);
188 188 void add_macro_assign_hook_extra(const char *look_for, func_hook *call_back,
|
↓ open down ↓ |
188 lines elided |
↑ open up ↑ |
189 189 void *info);
190 190 void return_implies_state(const char *look_for, long long start, long long end,
191 191 implication_hook *call_back, void *info);
192 192 void return_implies_state_sval(const char *look_for, sval_t start, sval_t end,
193 193 implication_hook *call_back, void *info);
194 194 void select_return_states_hook(int type, return_implies_hook *callback);
195 195 void select_return_states_before(void (*fn)(void));
196 196 void select_return_states_after(void (*fn)(void));
197 197 int get_implied_return(struct expression *expr, struct range_list **rl);
198 198 void allocate_hook_memory(void);
199 +void allocate_tracker_array(int num_checks);
199 200
200 201 struct modification_data {
201 202 struct smatch_state *prev;
202 203 struct expression *cur;
203 204 };
204 205
205 206 typedef void (modification_hook)(struct sm_state *sm, struct expression *mod_expr);
206 207 void add_modification_hook(int owner, modification_hook *call_back);
207 208 void add_modification_hook_late(int owner, modification_hook *call_back);
208 209 struct smatch_state *get_modification_state(struct expression *expr);
209 210
210 211 int outside_of_function(void);
211 212 const char *get_filename(void);
212 213 const char *get_base_file(void);
213 214 char *get_function(void);
214 215 int get_lineno(void);
215 216 extern int final_pass;
216 217 extern struct symbol *cur_func_sym;
217 218 extern int option_debug;
218 219 extern int local_debug;
219 220 extern int debug_db;
220 221 bool debug_implied(void);
221 222 extern int option_info;
222 223 extern int option_spammy;
223 224 extern int option_timeout;
224 225 extern char *trace_variable;
225 226 extern struct stree *global_states;
226 227 int is_skipped_function(void);
227 228 int is_silenced_function(void);
228 229 extern bool implications_off;
229 230
230 231 /* smatch_impossible.c */
231 232 int is_impossible_path(void);
232 233 void set_path_impossible(void);
233 234
234 235 extern FILE *sm_outfd;
235 236 extern FILE *sql_outfd;
236 237 extern FILE *caller_info_fd;
237 238 extern int sm_nr_checks;
238 239 extern int sm_nr_errors;
239 240 extern const char *progname;
240 241
241 242 /*
242 243 * How to use these routines:
243 244 *
244 245 * sm_fatal(): an internal error of some kind that should immediately exit
245 246 * sm_ierror(): an internal error
246 247 * sm_perror(): an internal error from parsing input source
247 248 * sm_error(): an error from input source
248 249 * sm_warning(): a warning from input source
249 250 * sm_info(): info message (from option_info)
250 251 * sm_debug(): debug message
251 252 * sm_msg(): other message (please avoid using this)
252 253 */
253 254
254 255 #define sm_printf(msg...) do { \
255 256 if (final_pass || option_debug || local_debug || debug_db) \
256 257 fprintf(sm_outfd, msg); \
257 258 } while (0)
258 259
259 260 static inline void sm_prefix(void)
260 261 {
261 262 sm_printf("%s: %s:%d %s() ", progname, get_filename(), get_lineno(), get_function());
262 263 }
263 264
264 265 static inline void print_implied_debug_msg();
265 266
266 267 extern bool __silence_warnings_for_stmt;
267 268
268 269 #define sm_print_msg(type, msg...) \
269 270 do { \
270 271 print_implied_debug_msg(); \
271 272 if (!final_pass && !option_debug && !local_debug && !debug_db) \
272 273 break; \
273 274 if (__silence_warnings_for_stmt && !option_debug && !local_debug) \
274 275 break; \
275 276 if (!option_info && is_silenced_function()) \
276 277 break; \
277 278 sm_prefix(); \
278 279 if (type == 1) { \
279 280 sm_printf("warn: "); \
280 281 sm_nr_checks++; \
281 282 } else if (type == 2) { \
282 283 sm_printf("error: "); \
283 284 sm_nr_checks++; \
284 285 } else if (type == 3) { \
285 286 sm_printf("parse error: "); \
286 287 sm_nr_errors++; \
287 288 } \
288 289 sm_printf(msg); \
289 290 sm_printf("\n"); \
290 291 } while (0)
291 292
292 293 #define sm_msg(msg...) do { sm_print_msg(0, msg); } while (0)
293 294
294 295 extern char *implied_debug_msg;
295 296 static inline void print_implied_debug_msg(void)
296 297 {
297 298 static struct symbol *last_printed = NULL;
298 299
299 300 if (!implied_debug_msg)
300 301 return;
301 302 if (last_printed == cur_func_sym)
302 303 return;
303 304 last_printed = cur_func_sym;
304 305 sm_msg("%s", implied_debug_msg);
305 306 }
306 307
307 308 #define sm_debug(msg...) do { if (option_debug) sm_printf(msg); } while (0)
308 309 #define db_debug(msg...) do { if (option_debug || debug_db) sm_printf(msg); } while (0)
309 310
310 311 #define sm_info(msg...) do { \
311 312 if (option_debug || (option_info && final_pass)) { \
312 313 sm_prefix(); \
313 314 sm_printf("info: "); \
314 315 sm_printf(msg); \
315 316 sm_printf("\n"); \
316 317 } \
317 318 } while(0)
318 319
319 320 #define sm_warning(msg...) do { sm_print_msg(1, msg); } while (0)
320 321 #define sm_error(msg...) do { sm_print_msg(2, msg); } while (0)
321 322 #define sm_perror(msg...) do { sm_print_msg(3, msg); } while (0)
322 323
323 324 static inline void sm_fatal(const char *fmt, ...)
324 325 {
325 326 va_list args;
326 327
327 328 va_start(args, fmt);
328 329 vfprintf(sm_outfd, fmt, args);
329 330 va_end(args);
330 331
331 332 fprintf(sm_outfd, "\n");
332 333
333 334 exit(1);
334 335 }
335 336
336 337 static inline void sm_ierror(const char *fmt, ...)
337 338 {
338 339 va_list args;
339 340
340 341 sm_nr_errors++;
341 342
342 343 fprintf(sm_outfd, "internal error: ");
343 344
344 345 va_start(args, fmt);
345 346 vfprintf(sm_outfd, fmt, args);
346 347 va_end(args);
347 348
348 349 fprintf(sm_outfd, "\n");
349 350 }
350 351 #define ALIGN(x, a) (((x) + (a) - 1) & ~((a) - 1))
351 352
352 353 struct smatch_state *__get_state(int owner, const char *name, struct symbol *sym);
353 354 struct smatch_state *get_state(int owner, const char *name, struct symbol *sym);
354 355 struct smatch_state *get_state_expr(int owner, struct expression *expr);
355 356 struct state_list *get_possible_states(int owner, const char *name,
356 357 struct symbol *sym);
357 358 struct state_list *get_possible_states_expr(int owner, struct expression *expr);
358 359 struct sm_state *set_state(int owner, const char *name, struct symbol *sym,
359 360 struct smatch_state *state);
360 361 struct sm_state *set_state_expr(int owner, struct expression *expr,
361 362 struct smatch_state *state);
362 363 void delete_state(int owner, const char *name, struct symbol *sym);
363 364 void delete_state_expr(int owner, struct expression *expr);
364 365 void __delete_all_states_sym(struct symbol *sym);
365 366 void set_true_false_states(int owner, const char *name, struct symbol *sym,
366 367 struct smatch_state *true_state,
367 368 struct smatch_state *false_state);
368 369 void set_true_false_states_expr(int owner, struct expression *expr,
369 370 struct smatch_state *true_state,
370 371 struct smatch_state *false_state);
371 372
372 373 struct stree *get_all_states_from_stree(int owner, struct stree *source);
373 374 struct stree *get_all_states_stree(int id);
374 375 struct stree *__get_cur_stree(void);
375 376 int is_reachable(void);
376 377 void add_get_state_hook(void (*fn)(int owner, const char *name, struct symbol *sym));
377 378
378 379 /* smatch_helper.c */
379 380 DECLARE_PTR_LIST(int_stack, int);
380 381 char *alloc_string(const char *str);
|
↓ open down ↓ |
172 lines elided |
↑ open up ↑ |
381 382 char *alloc_string_newline(const char *str);
382 383 void free_string(char *str);
383 384 void append(char *dest, const char *data, int buff_len);
384 385 void remove_parens(char *str);
385 386 struct smatch_state *alloc_state_num(int num);
386 387 struct smatch_state *alloc_state_str(const char *name);
387 388 struct smatch_state *merge_str_state(struct smatch_state *s1, struct smatch_state *s2);
388 389 struct smatch_state *alloc_state_expr(struct expression *expr);
389 390 struct expression *get_argument_from_call_expr(struct expression_list *args,
390 391 int num);
392 +struct expression *get_array_expr(struct expression *expr);
391 393
392 394 char *expr_to_var(struct expression *expr);
393 395 struct symbol *expr_to_sym(struct expression *expr);
394 396 char *expr_to_str(struct expression *expr);
395 397 char *expr_to_str_sym(struct expression *expr,
396 398 struct symbol **sym_ptr);
397 399 char *expr_to_var_sym(struct expression *expr,
398 400 struct symbol **sym_ptr);
399 401 char *expr_to_known_chunk_sym(struct expression *expr, struct symbol **sym);
400 402 char *expr_to_chunk_sym_vsl(struct expression *expr, struct symbol **sym, struct var_sym_list **vsl);
401 403 int get_complication_score(struct expression *expr);
402 404
403 405 int sym_name_is(const char *name, struct expression *expr);
404 406 int get_const_value(struct expression *expr, sval_t *sval);
405 407 int get_value(struct expression *expr, sval_t *val);
406 408 int get_implied_value(struct expression *expr, sval_t *val);
407 409 int get_implied_value_fast(struct expression *expr, sval_t *sval);
408 410 int get_implied_min(struct expression *expr, sval_t *sval);
409 411 int get_implied_max(struct expression *expr, sval_t *val);
410 412 int get_hard_max(struct expression *expr, sval_t *sval);
411 413 int get_fuzzy_min(struct expression *expr, sval_t *min);
412 414 int get_fuzzy_max(struct expression *expr, sval_t *max);
413 415 int get_absolute_min(struct expression *expr, sval_t *sval);
414 416 int get_absolute_max(struct expression *expr, sval_t *sval);
415 417 int parse_call_math(struct expression *expr, char *math, sval_t *val);
416 418 int parse_call_math_rl(struct expression *call, const char *math, struct range_list **rl);
417 419 const char *get_allocation_math(struct expression *expr);
418 420 char *get_value_in_terms_of_parameter_math(struct expression *expr);
419 421 char *get_value_in_terms_of_parameter_math_var_sym(const char *var, struct symbol *sym);
420 422 int expr_is_zero(struct expression *expr);
421 423 int known_condition_true(struct expression *expr);
422 424 int known_condition_false(struct expression *expr);
423 425 int implied_condition_true(struct expression *expr);
424 426 int implied_condition_false(struct expression *expr);
425 427 int can_integer_overflow(struct symbol *type, struct expression *expr);
426 428 void clear_math_cache(void);
427 429 void set_fast_math_only(void);
428 430 void clear_fast_math_only(void);
429 431
430 432 int is_array(struct expression *expr);
431 433 struct expression *get_array_base(struct expression *expr);
432 434 struct expression *get_array_offset(struct expression *expr);
433 435 const char *show_state(struct smatch_state *state);
434 436 struct statement *get_expression_statement(struct expression *expr);
435 437 struct expression *strip_parens(struct expression *expr);
436 438 struct expression *strip_expr(struct expression *expr);
437 439 struct expression *strip_expr_set_parent(struct expression *expr);
438 440 void scoped_state(int my_id, const char *name, struct symbol *sym);
|
↓ open down ↓ |
38 lines elided |
↑ open up ↑ |
439 441 int is_error_return(struct expression *expr);
440 442 int getting_address(struct expression *expr);
441 443 int get_struct_and_member(struct expression *expr, const char **type, const char **member);
442 444 char *get_member_name(struct expression *expr);
443 445 char *get_fnptr_name(struct expression *expr);
444 446 int cmp_pos(struct position pos1, struct position pos2);
445 447 int positions_eq(struct position pos1, struct position pos2);
446 448 struct statement *get_current_statement(void);
447 449 struct statement *get_prev_statement(void);
448 450 struct expression *get_last_expr_from_expression_stmt(struct expression *expr);
451 +
452 +#define RETURN_VAR -1
453 +#define LOCAL_SCOPE -2
454 +#define FILE_SCOPE -3
455 +#define GLOBAL_SCOPE -4
456 +#define UNKNOWN_SCOPE -5
449 457 int get_param_num_from_sym(struct symbol *sym);
450 458 int get_param_num(struct expression *expr);
451 459 struct symbol *get_param_sym_from_num(int num);
460 +
452 461 int ms_since(struct timeval *start);
453 462 int parent_is_gone_var_sym(const char *name, struct symbol *sym);
454 463 int parent_is_gone(struct expression *expr);
455 464 int invert_op(int op);
456 465 int op_remove_assign(int op);
457 466 int expr_equiv(struct expression *one, struct expression *two);
458 467 void push_int(struct int_stack **stack, int num);
459 468 int pop_int(struct int_stack **stack);
460 469
461 470 /* smatch_type.c */
462 471 struct symbol *get_real_base_type(struct symbol *sym);
463 472 int type_bytes(struct symbol *type);
464 473 int array_bytes(struct symbol *type);
465 474 struct symbol *get_pointer_type(struct expression *expr);
466 475 struct symbol *get_type(struct expression *expr);
467 476 struct symbol *get_final_type(struct expression *expr);
468 477 struct symbol *get_promoted_type(struct symbol *left, struct symbol *right);
469 478 int type_signed(struct symbol *base_type);
470 479 int expr_unsigned(struct expression *expr);
|
↓ open down ↓ |
9 lines elided |
↑ open up ↑ |
471 480 int expr_signed(struct expression *expr);
472 481 int returns_unsigned(struct symbol *base_type);
473 482 int is_pointer(struct expression *expr);
474 483 int returns_pointer(struct symbol *base_type);
475 484 sval_t sval_type_max(struct symbol *base_type);
476 485 sval_t sval_type_min(struct symbol *base_type);
477 486 int nr_bits(struct expression *expr);
478 487 int is_void_pointer(struct expression *expr);
479 488 int is_char_pointer(struct expression *expr);
480 489 int is_string(struct expression *expr);
490 +bool is_struct_ptr(struct symbol *type);
481 491 int is_static(struct expression *expr);
482 492 bool is_local_variable(struct expression *expr);
483 493 int types_equiv(struct symbol *one, struct symbol *two);
494 +bool type_fits(struct symbol *type, struct symbol *test);
484 495 int fn_static(void);
485 496 const char *global_static();
486 497 struct symbol *cur_func_return_type(void);
487 498 struct symbol *get_arg_type(struct expression *fn, int arg);
488 499 struct symbol *get_member_type_from_key(struct expression *expr, const char *key);
489 500 struct symbol *get_arg_type_from_key(struct expression *fn, int param, struct expression *arg, const char *key);
490 501 int is_struct(struct expression *expr);
491 502 char *type_to_str(struct symbol *type);
492 503
493 504 /* smatch_ignore.c */
494 505 void add_ignore(int owner, const char *name, struct symbol *sym);
495 506 int is_ignored(int owner, const char *name, struct symbol *sym);
496 507 void add_ignore_expr(int owner, struct expression *expr);
497 508 int is_ignored_expr(int owner, struct expression *expr);
498 509
499 510 /* smatch_var_sym */
500 511 struct var_sym *alloc_var_sym(const char *var, struct symbol *sym);
501 512 struct var_sym_list *expr_to_vsl(struct expression *expr);
502 513 void add_var_sym(struct var_sym_list **list, const char *var, struct symbol *sym);
503 514 void add_var_sym_expr(struct var_sym_list **list, struct expression *expr);
504 515 void del_var_sym(struct var_sym_list **list, const char *var, struct symbol *sym);
505 516 int in_var_sym_list(struct var_sym_list *list, const char *var, struct symbol *sym);
506 517 struct var_sym_list *clone_var_sym_list(struct var_sym_list *from_vsl);
507 518 void merge_var_sym_list(struct var_sym_list **dest, struct var_sym_list *src);
508 519 struct var_sym_list *combine_var_sym_lists(struct var_sym_list *one, struct var_sym_list *two);
509 520 int var_sym_lists_equiv(struct var_sym_list *one, struct var_sym_list *two);
510 521 void free_var_sym_list(struct var_sym_list **list);
511 522 void free_var_syms_and_list(struct var_sym_list **list);
512 523
513 524 /* smatch_tracker */
514 525 struct tracker *alloc_tracker(int owner, const char *name, struct symbol *sym);
515 526 void add_tracker(struct tracker_list **list, int owner, const char *name,
516 527 struct symbol *sym);
517 528 void add_tracker_expr(struct tracker_list **list, int owner, struct expression *expr);
518 529 void del_tracker(struct tracker_list **list, int owner, const char *name,
519 530 struct symbol *sym);
520 531 int in_tracker_list(struct tracker_list *list, int owner, const char *name,
521 532 struct symbol *sym);
522 533 void free_tracker_list(struct tracker_list **list);
523 534 void free_trackers_and_list(struct tracker_list **list);
524 535
525 536 /* smatch_conditions */
526 537 int in_condition(void);
527 538
528 539 /* smatch_flow.c */
529 540
530 541 extern int __in_fake_assign;
531 542 extern int __in_fake_parameter_assign;
532 543 extern int __in_fake_struct_assign;
533 544 extern int in_fake_env;
534 545 void smatch (struct string_list *filelist);
535 546 int inside_loop(void);
536 547 int definitely_inside_loop(void);
537 548 struct expression *get_switch_expr(void);
538 549 int in_expression_statement(void);
539 550 void __process_post_op_stack(void);
540 551 void __split_expr(struct expression *expr);
541 552 void __split_label_stmt(struct statement *stmt);
542 553 void __split_stmt(struct statement *stmt);
543 554 extern int __in_function_def;
544 555 extern int __in_unmatched_hook;
545 556 extern int option_assume_loops;
546 557 extern int option_two_passes;
547 558 extern int option_no_db;
548 559 extern int option_file_output;
549 560 extern int option_time;
550 561 extern struct expression_list *big_expression_stack;
551 562 extern struct expression_list *big_condition_stack;
552 563 extern struct statement_list *big_statement_stack;
553 564 int is_assigned_call(struct expression *expr);
554 565 int inlinable(struct expression *expr);
555 566 extern int __inline_call;
556 567 extern struct expression *__inline_fn;
557 568 extern int __in_pre_condition;
558 569 extern int __bail_on_rest_of_function;
559 570 extern struct statement *__prev_stmt;
560 571 extern struct statement *__cur_stmt;
561 572 extern struct statement *__next_stmt;
562 573 void init_fake_env(void);
563 574 void end_fake_env(void);
564 575 int time_parsing_function(void);
565 576 bool taking_too_long(void);
566 577
567 578 /* smatch_struct_assignment.c */
568 579 struct expression *get_faked_expression(void);
569 580 void __fake_struct_member_assignments(struct expression *expr);
570 581
571 582 /* smatch_project.c */
572 583 int is_no_inline_function(const char *function);
573 584
|
↓ open down ↓ |
80 lines elided |
↑ open up ↑ |
574 585 /* smatch_conditions */
575 586 void __split_whole_condition(struct expression *expr);
576 587 void __handle_logic(struct expression *expr);
577 588 int is_condition(struct expression *expr);
578 589 int __handle_condition_assigns(struct expression *expr);
579 590 int __handle_select_assigns(struct expression *expr);
580 591 int __handle_expr_statement_assigns(struct expression *expr);
581 592
582 593 /* smatch_implied.c */
583 594 struct range_list_stack;
584 -void param_limit_implications(struct expression *expr, int param, char *key, char *value);
595 +void param_limit_implications(struct expression *expr, int param, char *key, char *value, struct stree **implied);
585 596 struct stree *__implied_case_stree(struct expression *switch_expr,
586 597 struct range_list *case_rl,
587 598 struct range_list_stack **remaining_cases,
588 599 struct stree **raw_stree);
589 600 void overwrite_states_using_pool(struct sm_state *gate_sm, struct sm_state *pool_sm);
590 601 int assume(struct expression *expr);
591 602 void end_assume(void);
592 603 int impossible_assumption(struct expression *left, int op, sval_t sval);
593 604
594 605 /* smatch_slist.h */
595 606 bool has_dynamic_states(unsigned short owner);
596 607 void set_dynamic_states(unsigned short owner);
597 608
598 609 /* smatch_extras.c */
599 610 int in_warn_on_macro(void);
600 611 #define SMATCH_EXTRA 5 /* this is my_id from smatch extra set in smatch.c */
601 612 extern int RETURN_ID;
602 613
603 614 struct data_range {
604 615 sval_t min;
605 616 sval_t max;
606 617 };
607 618
608 619 #define MTAG_ALIAS_BIT (1ULL << 63)
609 620 #define MTAG_OFFSET_MASK 0xfffULL
610 621 #define MTAG_SEED 0xdead << 12
611 622
612 623 const extern unsigned long valid_ptr_min;
613 624 extern unsigned long valid_ptr_max;
614 625 extern const sval_t valid_ptr_min_sval;
615 626 extern sval_t valid_ptr_max_sval;
616 627 extern struct range_list *valid_ptr_rl;
617 628 void alloc_valid_ptr_rl(void);
618 629
619 630 static const sval_t array_min_sval = {
620 631 .type = &ptr_ctype,
621 632 {.value = 100000},
622 633 };
623 634 static const sval_t array_max_sval = {
624 635 .type = &ptr_ctype,
625 636 {.value = ULONG_MAX - 4095},
626 637 };
627 638 static const sval_t text_seg_min = {
628 639 .type = &ptr_ctype,
629 640 {.value = 4096},
630 641 };
631 642 static const sval_t text_seg_max = {
632 643 .type = &ptr_ctype,
633 644 {.value = ULONG_MAX - 4095},
634 645 };
635 646 static const sval_t data_seg_min = {
636 647 .type = &ptr_ctype,
637 648 {.value = 4096},
638 649 };
639 650 static const sval_t data_seg_max = {
640 651 .type = &ptr_ctype,
641 652 {.value = ULONG_MAX - 4095},
642 653 };
643 654 static const sval_t bss_seg_min = {
644 655 .type = &ptr_ctype,
645 656 {.value = 4096},
646 657 };
647 658 static const sval_t bss_seg_max = {
648 659 .type = &ptr_ctype,
649 660 {.value = ULONG_MAX - 4095},
650 661 };
651 662 static const sval_t stack_seg_min = {
652 663 .type = &ptr_ctype,
653 664 {.value = 4096},
654 665 };
655 666 static const sval_t stack_seg_max = {
656 667 .type = &ptr_ctype,
657 668 {.value = ULONG_MAX - 4095},
658 669 };
659 670 static const sval_t kmalloc_seg_min = {
660 671 .type = &ptr_ctype,
661 672 {.value = 4096},
662 673 };
663 674 static const sval_t kmalloc_seg_max = {
664 675 .type = &ptr_ctype,
665 676 {.value = ULONG_MAX - 4095},
666 677 };
667 678 static const sval_t vmalloc_seg_min = {
668 679 .type = &ptr_ctype,
669 680 {.value = 4096},
670 681 };
671 682 static const sval_t vmalloc_seg_max = {
672 683 .type = &ptr_ctype,
673 684 {.value = ULONG_MAX - 4095},
674 685 };
675 686 static const sval_t fn_ptr_min = {
676 687 .type = &ptr_ctype,
677 688 {.value = 4096},
678 689 };
679 690 static const sval_t fn_ptr_max = {
680 691 .type = &ptr_ctype,
681 692 {.value = ULONG_MAX - 4095},
682 693 };
683 694
684 695 char *get_other_name_sym(const char *name, struct symbol *sym, struct symbol **new_sym);
685 696 char *map_call_to_other_name_sym(const char *name, struct symbol *sym, struct symbol **new_sym);
686 697 char *map_long_to_short_name_sym(const char *name, struct symbol *sym, struct symbol **new_sym, bool use_stack);
687 698
688 699 #define STRLEN_MAX_RET 1010101
689 700
690 701 /* smatch_absolute.c */
691 702 int get_absolute_min_helper(struct expression *expr, sval_t *sval);
692 703 int get_absolute_max_helper(struct expression *expr, sval_t *sval);
693 704
694 705 /* smatch_type_value.c */
695 706 int get_db_type_rl(struct expression *expr, struct range_list **rl);
696 707 /* smatch_data_val.c */
697 708 int get_mtag_rl(struct expression *expr, struct range_list **rl);
698 709 /* smatch_array_values.c */
699 710 int get_array_rl(struct expression *expr, struct range_list **rl);
700 711
701 712 /* smatch_states.c */
702 713 struct stree *__swap_cur_stree(struct stree *stree);
703 714 void __push_fake_cur_stree();
704 715 struct stree *__pop_fake_cur_stree();
705 716 void __free_fake_cur_stree();
706 717 void __set_fake_cur_stree_fast(struct stree *stree);
707 718 void __pop_fake_cur_stree_fast(void);
708 719 void __merge_stree_into_cur(struct stree *stree);
709 720
710 721 int unreachable(void);
711 722 void __set_cur_stree_readonly(void);
712 723 void __set_cur_stree_writable(void);
713 724 void __set_sm(struct sm_state *sm);
714 725 void __set_sm_cur_stree(struct sm_state *sm);
715 726 void __set_sm_fake_stree(struct sm_state *sm);
716 727 void __set_true_false_sm(struct sm_state *true_state,
717 728 struct sm_state *false_state);
718 729 void nullify_path(void);
719 730 void __match_nullify_path_hook(const char *fn, struct expression *expr,
720 731 void *unused);
721 732 void __unnullify_path(void);
722 733 int __path_is_null(void);
723 734 void save_all_states(void);
724 735 void restore_all_states(void);
725 736 void free_goto_stack(void);
726 737 void clear_all_states(void);
727 738
728 739 struct sm_state *get_sm_state(int owner, const char *name,
729 740 struct symbol *sym);
730 741 struct sm_state *get_sm_state_expr(int owner, struct expression *expr);
731 742 void __push_true_states(void);
732 743 void __use_false_states(void);
733 744 void __discard_false_states(void);
734 745 void __merge_false_states(void);
735 746 void __merge_true_states(void);
736 747
737 748 void __negate_cond_stacks(void);
738 749 void __use_pre_cond_states(void);
739 750 void __use_cond_true_states(void);
740 751 void __use_cond_false_states(void);
741 752 void __push_cond_stacks(void);
742 753 void __fold_in_set_states(void);
743 754 void __free_set_states(void);
744 755 struct stree *__copy_cond_true_states(void);
745 756 struct stree *__copy_cond_false_states(void);
746 757 struct stree *__pop_cond_true_stack(void);
747 758 struct stree *__pop_cond_false_stack(void);
748 759 void __and_cond_states(void);
749 760 void __or_cond_states(void);
750 761 void __save_pre_cond_states(void);
751 762 void __discard_pre_cond_states(void);
752 763 struct stree *__get_true_states(void);
753 764 struct stree *__get_false_states(void);
754 765 void __use_cond_states(void);
755 766 extern struct state_list *__last_base_slist;
756 767
757 768 void __push_continues(void);
758 769 void __discard_continues(void);
759 770 void __process_continues(void);
760 771 void __merge_continues(void);
761 772
762 773 void __push_breaks(void);
763 774 void __process_breaks(void);
764 775 int __has_breaks(void);
765 776 void __merge_breaks(void);
766 777 void __use_breaks(void);
767 778
768 779 void __save_switch_states(struct expression *switch_expr);
769 780 void __discard_switches(void);
770 781 int have_remaining_cases(void);
771 782 void __merge_switches(struct expression *switch_expr, struct range_list *case_rl);
772 783 void __push_default(void);
|
↓ open down ↓ |
178 lines elided |
↑ open up ↑ |
773 784 void __set_default(void);
774 785 int __pop_default(void);
775 786
776 787 void __push_conditions(void);
777 788 void __discard_conditions(void);
778 789
779 790 void __save_gotos(const char *name, struct symbol *sym);
780 791 void __merge_gotos(const char *name, struct symbol *sym);
781 792
782 793 void __print_cur_stree(void);
794 +bool __print_states(const char *owner);
795 +typedef void (check_tracker_hook)(int owner, const char *name, struct symbol *sym, struct smatch_state *state);
796 +void add_check_tracker(const char *check_name, check_tracker_hook *fn);
783 797
784 798 /* smatch_hooks.c */
785 799 void __pass_to_client(void *data, enum hook_type type);
786 800 void __pass_case_to_client(struct expression *switch_expr,
787 801 struct range_list *rl);
788 802 int __has_merge_function(int client_id);
789 803 struct smatch_state *__client_merge_function(int owner,
790 804 struct smatch_state *s1,
791 805 struct smatch_state *s2);
792 806 struct smatch_state *__client_unmatched_state_function(struct sm_state *sm);
793 807 void call_pre_merge_hook(struct sm_state *cur, struct sm_state *other);
794 808 void __push_scope_hooks(void);
795 809 void __call_scope_hooks(void);
796 810
797 811 /* smatch_function_hooks.c */
798 812 void create_function_hook_hash(void);
799 813 void __match_initializer_call(struct symbol *sym);
800 814
801 815 /* smatch_db.c */
802 816 enum info_type {
803 817 INTERNAL = 0,
804 818 /*
805 819 * Changing these numbers is a pain. Don't do it. If you ever use a
806 820 * number it can't be re-used right away so there may be gaps.
807 821 * We select these in order by type so if the order matters, then give
808 822 * it a number below 100-999,9000-9999 ranges. */
809 823
810 824 PARAM_CLEARED = 101,
811 825 PARAM_LIMIT = 103,
812 826 PARAM_FILTER = 104,
813 827
814 828 PARAM_VALUE = 1001,
815 829 BUF_SIZE = 1002,
816 830 CAPPED_DATA = 1004,
817 831 RETURN_VALUE = 1005,
818 832 DEREFERENCE = 1006,
819 833 RANGE_CAP = 1007,
820 834 ABSOLUTE_LIMITS = 1010,
821 835 PARAM_ADD = 1012,
822 836 PARAM_FREED = 1013,
823 837 DATA_SOURCE = 1014,
824 838 FUZZY_MAX = 1015,
825 839 HARD_MAX = 2015,
826 840 STR_LEN = 1016,
827 841 ARRAY_LEN = 1017,
828 842 CAPABLE = 1018,
829 843 NS_CAPABLE = 1019,
830 844 CONTAINER = 1020,
831 845 CASTED_CALL = 1021,
832 846 TYPE_LINK = 1022,
833 847 UNTRACKED_PARAM = 1023,
834 848 LOST_PARAM = 2023,
835 849 CULL_PATH = 1024,
836 850 PARAM_SET = 1025,
837 851 PARAM_USED = 1026,
838 852 BYTE_UNITS = 1027,
839 853 COMPARE_LIMIT = 1028,
|
↓ open down ↓ |
47 lines elided |
↑ open up ↑ |
840 854 PARAM_COMPARE = 1029,
841 855 CONSTRAINT = 1031,
842 856 PASSES_TYPE = 1032,
843 857 CONSTRAINT_REQUIRED = 1033,
844 858 BIT_INFO = 1034,
845 859 NOSPEC = 1035,
846 860 NOSPEC_WB = 1036,
847 861 STMT_CNT = 1037,
848 862 TERMINATED = 1038,
849 863 FRESH_ALLOC = 1044,
864 + ALLOCATOR = 1045,
850 865
851 866 /* put random temporary stuff in the 7000-7999 range for testing */
852 867 USER_DATA = 8017,
853 868 USER_DATA_SET = 9017,
854 869 NO_OVERFLOW = 8018,
855 870 NO_OVERFLOW_SIMPLE = 8019,
856 871 LOCKED = 8020,
857 872 UNLOCKED = 8021,
858 873 HALF_LOCKED = 9022,
859 874 LOCK_RESTORED = 9023,
860 875 KNOWN_LOCKED = 9024,
861 876 KNOWN_UNLOCKED = 9025,
862 877 SET_FS = 8022,
863 878 ATOMIC_INC = 8023,
864 879 ATOMIC_DEC = 8024,
880 + REFCOUNT = 9025,
865 881 NO_SIDE_EFFECT = 8025,
866 882 FN_ARG_LINK = 8028,
867 883 DATA_VALUE = 8029,
868 884 ARRAYSIZE_ARG = 8033,
869 885 SIZEOF_ARG = 8034,
870 886 MEMORY_TAG = 8036,
871 887 MTAG_ASSIGN = 8035,
872 888 STRING_VALUE = 8041,
873 889
874 890 BYTE_COUNT = 8050,
875 891 ELEM_COUNT = 8051,
876 892 ELEM_LAST = 8052,
877 893 USED_LAST = 8053,
|
↓ open down ↓ |
3 lines elided |
↑ open up ↑ |
878 894 USED_COUNT = 8054,
879 895 };
880 896
881 897 extern struct sqlite3 *smatch_db;
882 898 extern struct sqlite3 *mem_db;
883 899 extern struct sqlite3 *cache_db;
884 900
885 901 void db_ignore_states(int id);
886 902 void select_caller_info_hook(void (*callback)(const char *name, struct symbol *sym, char *key, char *value), int type);
887 903 void add_member_info_callback(int owner, void (*callback)(struct expression *call, int param, char *printed_name, struct sm_state *sm));
904 +void add_caller_info_callback(int owner, void (*callback)(struct expression *call, int param, char *printed_name, struct sm_state *sm));
888 905 void add_split_return_callback(void (*fn)(int return_id, char *return_ranges, struct expression *returned_expr));
889 906 void add_returned_member_callback(int owner, void (*callback)(int return_id, char *return_ranges, struct expression *expr, char *printed_name, struct smatch_state *state));
890 907 void select_call_implies_hook(int type, void (*callback)(struct expression *call, struct expression *arg, char *key, char *value));
891 908 void select_return_implies_hook(int type, void (*callback)(struct expression *call, struct expression *arg, char *key, char *value));
892 909 struct range_list *db_return_vals(struct expression *expr);
893 910 struct range_list *db_return_vals_from_str(const char *fn_name);
894 911 struct range_list *db_return_vals_no_args(struct expression *expr);
895 912 char *return_state_to_var_sym(struct expression *expr, int param, const char *key, struct symbol **sym);
896 913 char *get_chunk_from_key(struct expression *arg, char *key, struct symbol **sym, struct var_sym_list **vsl);
897 914 char *get_variable_from_key(struct expression *arg, const char *key, struct symbol **sym);
898 915 const char *state_name_to_param_name(const char *state_name, const char *param_name);
899 916 const char *get_param_name_var_sym(const char *name, struct symbol *sym);
900 917 const char *get_param_name(struct sm_state *sm);
901 918 const char *get_mtag_name_var_sym(const char *state_name, struct symbol *sym);
902 919 const char *get_mtag_name_expr(struct expression *expr);
903 920 char *get_data_info_name(struct expression *expr);
904 921 char *sm_to_arg_name(struct expression *expr, struct sm_state *sm);
905 922 int is_recursive_member(const char *param_name);
906 923
907 924 char *escape_newlines(const char *str);
908 925 void sql_exec(struct sqlite3 *db, int (*callback)(void*, int, char**, char**), void *data, const char *sql);
909 926
910 927 #define sql_helper(db, call_back, data, sql...) \
911 928 do { \
912 929 char sql_txt[1024]; \
913 930 \
914 931 sqlite3_snprintf(sizeof(sql_txt), sql_txt, sql); \
915 932 db_debug("debug: %s\n", sql_txt); \
916 933 sql_exec(db, call_back, data, sql_txt); \
917 934 } while (0)
918 935
919 936
920 937 #define run_sql(call_back, data, sql...) \
921 938 do { \
922 939 if (option_no_db) \
923 940 break; \
924 941 sql_helper(smatch_db, call_back, data, sql); \
925 942 } while (0)
926 943
927 944 #define mem_sql(call_back, data, sql...) \
928 945 sql_helper(mem_db, call_back, data, sql)
929 946
930 947 #define cache_sql(call_back, data, sql...) \
931 948 sql_helper(cache_db, call_back, data, sql)
932 949
933 950 #define sql_insert_helper(table, db, ignore, late, values...) \
934 951 do { \
935 952 struct sqlite3 *_db = db; \
936 953 \
937 954 if (__inline_fn && !_db) \
938 955 _db = mem_db; \
939 956 if (_db) { \
940 957 char buf[1024]; \
941 958 char *err, *p = buf; \
942 959 int rc; \
943 960 \
944 961 p += snprintf(p, buf + sizeof(buf) - p, \
945 962 "insert %sinto %s values (", \
946 963 ignore ? "or ignore " : "", #table); \
947 964 p += snprintf(p, buf + sizeof(buf) - p, values); \
948 965 p += snprintf(p, buf + sizeof(buf) - p, ");"); \
949 966 db_debug("mem-db: %s\n", buf); \
950 967 rc = sqlite3_exec(_db, buf, NULL, NULL, &err); \
951 968 if (rc != SQLITE_OK) { \
952 969 sm_ierror("SQL error #2: %s", err); \
953 970 sm_ierror("SQL: '%s'", buf); \
954 971 parse_error = 1; \
955 972 } \
956 973 break; \
957 974 } \
958 975 if (option_info) { \
959 976 FILE *tmp_fd = sm_outfd; \
960 977 sm_outfd = sql_outfd; \
961 978 sm_prefix(); \
962 979 sm_printf("SQL%s: insert %sinto " #table " values(", \
963 980 late ? "_late" : "", ignore ? "or ignore " : ""); \
964 981 sm_printf(values); \
965 982 sm_printf(");\n"); \
966 983 sm_outfd = tmp_fd; \
967 984 } \
968 985 } while (0)
969 986
970 987 #define sql_insert(table, values...) sql_insert_helper(table, 0, 0, 0, values);
971 988 #define sql_insert_or_ignore(table, values...) sql_insert_helper(table, 0, 1, 0, values);
972 989 #define sql_insert_late(table, values...) sql_insert_helper(table, 0, 0, 1, values);
973 990 #define sql_insert_cache(table, values...) sql_insert_helper(table, cache_db, 1, 0, values);
974 991
975 992 char *get_static_filter(struct symbol *sym);
976 993
977 994 void sql_insert_return_states(int return_id, const char *return_ranges,
978 995 int type, int param, const char *key, const char *value);
979 996 void sql_insert_caller_info(struct expression *call, int type, int param,
980 997 const char *key, const char *value);
981 998 void sql_insert_function_ptr(const char *fn, const char *struct_name);
982 999 void sql_insert_return_values(const char *return_values);
983 1000 void sql_insert_return_implies(int type, int param, const char *key, const char *value);
984 1001 void sql_insert_function_type_size(const char *member, const char *ranges);
985 1002 void sql_insert_function_type_info(int type, const char *struct_type, const char *member, const char *value);
986 1003 void sql_insert_type_info(int type, const char *member, const char *value);
987 1004 void sql_insert_local_values(const char *name, const char *value);
988 1005 void sql_insert_function_type_value(const char *type, const char *value);
|
↓ open down ↓ |
91 lines elided |
↑ open up ↑ |
989 1006 void sql_insert_function_type(int param, const char *value);
990 1007 void sql_insert_parameter_name(int param, const char *value);
991 1008 void sql_insert_data_info(struct expression *data, int type, const char *value);
992 1009 void sql_insert_data_info_var_sym(const char *var, struct symbol *sym, int type, const char *value);
993 1010 void sql_save_constraint(const char *con);
994 1011 void sql_save_constraint_required(const char *data, int op, const char *limit);
995 1012 void sql_copy_constraint_required(const char *new_limit, const char *old_limit);
996 1013 void sql_insert_fn_ptr_data_link(const char *ptr, const char *data);
997 1014 void sql_insert_fn_data_link(struct expression *fn, int type, int param, const char *key, const char *value);
998 1015 void sql_insert_mtag_about(mtag_t tag, const char *left_name, const char *right_name);
999 -void sql_insert_mtag_map(mtag_t tag, int offset, mtag_t container);
1016 +void sql_insert_mtag_info(mtag_t tag, int type, const char *value);
1017 +void sql_insert_mtag_map(mtag_t container, int container_offset, mtag_t tag, int tag_offset);
1000 1018 void sql_insert_mtag_alias(mtag_t orig, mtag_t alias);
1001 -int mtag_map_select_container(mtag_t tag, int offset, mtag_t *container);
1019 +int mtag_map_select_container(mtag_t tag, int container_offset, mtag_t *container);
1002 1020 int mtag_map_select_tag(mtag_t container, int offset, mtag_t *tag);
1003 -struct smatch_state *swap_mtag_return(struct expression *expr, struct smatch_state *state);
1021 +struct smatch_state *get_mtag_return(struct expression *expr, struct smatch_state *state);
1004 1022 struct range_list *swap_mtag_seed(struct expression *expr, struct range_list *rl);
1005 1023
1006 1024 void sql_select_return_states(const char *cols, struct expression *call,
1007 1025 int (*callback)(void*, int, char**, char**), void *info);
1008 1026 void sql_select_call_implies(const char *cols, struct expression *call,
1009 1027 int (*callback)(void*, int, char**, char**));
1010 1028
1011 1029 void open_smatch_db(char *db_file);
1012 1030
1013 1031 /* smatch_files.c */
1014 1032 int open_data_file(const char *filename);
1015 1033 int open_schema_file(const char *schema);
1016 1034 struct token *get_tokens_file(const char *filename);
1017 1035
1018 1036 /* smatch.c */
1019 1037 extern char *option_debug_check;
1020 1038 extern char *option_project_str;
1021 1039 extern char *bin_dir;
1022 1040 extern char *data_dir;
1023 1041 extern int option_no_data;
1024 1042 extern int option_full_path;
1025 1043 extern int option_call_tree;
1026 1044 extern int num_checks;
1027 1045
1028 1046 enum project_type {
1029 1047 PROJ_NONE,
1030 1048 PROJ_KERNEL,
1031 1049 PROJ_WINE,
1032 1050 PROJ_ILLUMOS_KERNEL,
1033 1051 PROJ_ILLUMOS_USER,
1034 1052 PROJ_UNKNOWN,
1035 1053 };
1036 1054 extern enum project_type option_project;
1037 1055 const char *check_name(unsigned short id);
1038 1056 int id_from_name(const char *name);
1039 1057
1040 1058
1041 1059 /* smatch_buf_size.c */
1042 1060 int get_array_size(struct expression *expr);
1043 1061 int get_array_size_bytes(struct expression *expr);
1044 1062 int get_array_size_bytes_min(struct expression *expr);
1045 1063 int get_array_size_bytes_max(struct expression *expr);
1046 1064 struct range_list *get_array_size_bytes_rl(struct expression *expr);
1047 1065 int get_real_array_size(struct expression *expr);
1048 1066 int last_member_is_resizable(struct symbol *type);
1049 1067 /* smatch_strlen.c */
1050 1068 int get_implied_strlen(struct expression *expr, struct range_list **rl);
1051 1069 int get_size_from_strlen(struct expression *expr);
1052 1070
1053 1071 /* smatch_capped.c */
1054 1072 int is_capped(struct expression *expr);
1055 1073 int is_capped_var_sym(const char *name, struct symbol *sym);
1056 1074
1057 1075 /* check_user_data.c */
1058 1076 int is_user_macro(struct expression *expr);
1059 1077 int is_capped_user_data(struct expression *expr);
1060 1078 int implied_user_data(struct expression *expr, struct range_list **rl);
1061 1079 struct stree *get_user_stree(void);
|
↓ open down ↓ |
48 lines elided |
↑ open up ↑ |
1062 1080 int get_user_rl(struct expression *expr, struct range_list **rl);
1063 1081 int is_user_rl(struct expression *expr);
1064 1082 int get_user_rl_var_sym(const char *name, struct symbol *sym, struct range_list **rl);
1065 1083 bool user_rl_capped(struct expression *expr);
1066 1084 struct range_list *var_user_rl(struct expression *expr);
1067 1085
1068 1086 /* check_locking.c */
1069 1087 void print_held_locks();
1070 1088
1071 1089 /* check_assigned_expr.c */
1090 +extern int check_assigned_expr_id;
1072 1091 struct expression *get_assigned_expr(struct expression *expr);
1073 1092 struct expression *get_assigned_expr_name_sym(const char *name, struct symbol *sym);
1074 1093 /* smatch_return_to_param.c */
1075 1094 void __add_return_to_param_mapping(struct expression *assign, const char *return_string);
1076 1095 char *map_call_to_param_name_sym(struct expression *expr, struct symbol **sym);
1077 1096
1078 1097 /* smatch_comparison.c */
1079 1098 extern int comparison_id;
1080 1099 #define UNKNOWN_COMPARISON 0
1081 1100 #define IMPOSSIBLE_COMPARISON -1
1082 1101 struct compare_data {
1083 1102 /* The ->left and ->right expression pointers might be NULL (I'm lazy) */
1084 1103 struct expression *left;
1085 1104 const char *left_var;
1086 1105 struct var_sym_list *left_vsl;
1087 1106 int comparison;
1088 1107 struct expression *right;
1089 1108 const char *right_var;
1090 1109 struct var_sym_list *right_vsl;
1091 1110 };
1092 1111 DECLARE_ALLOCATOR(compare_data);
1093 1112 struct smatch_state *alloc_compare_state(
1094 1113 struct expression *left,
1095 1114 const char *left_var, struct var_sym_list *left_vsl,
1096 1115 int comparison,
1097 1116 struct expression *right,
1098 1117 const char *right_var, struct var_sym_list *right_vsl);
1099 1118 int comparison_intersection(int orig, int op);
1100 1119 int merge_comparisons(int one, int two);
1101 1120 int combine_comparisons(int left_compare, int right_compare);
1102 1121 int state_to_comparison(struct smatch_state *state);
1103 1122 struct smatch_state *merge_compare_states(struct smatch_state *s1, struct smatch_state *s2);
1104 1123 int get_comparison(struct expression *left, struct expression *right);
1105 1124 int get_comparison_no_extra(struct expression *a, struct expression *b);
1106 1125 int get_comparison_strings(const char *one, const char *two);
1107 1126 int possible_comparison(struct expression *a, int comparison, struct expression *b);
1108 1127 struct state_list *get_all_comparisons(struct expression *expr);
1109 1128 struct state_list *get_all_possible_equal_comparisons(struct expression *expr);
1110 1129 void __add_return_comparison(struct expression *call, const char *range);
1111 1130 void __add_comparison_info(struct expression *expr, struct expression *call, const char *range);
|
↓ open down ↓ |
30 lines elided |
↑ open up ↑ |
1112 1131 char *get_printed_param_name(struct expression *call, const char *param_name, struct symbol *param_sym);
1113 1132 char *name_sym_to_param_comparison(const char *name, struct symbol *sym);
1114 1133 char *expr_equal_to_param(struct expression *expr, int ignore);
1115 1134 char *expr_lte_to_param(struct expression *expr, int ignore);
1116 1135 char *expr_param_comparison(struct expression *expr, int ignore);
1117 1136 int flip_comparison(int op);
1118 1137 int negate_comparison(int op);
1119 1138 int remove_unsigned_from_comparison(int op);
1120 1139 int param_compare_limit_is_impossible(struct expression *expr, int left_param, char *left_key, char *value);
1121 1140 void filter_by_comparison(struct range_list **rl, int comparison, struct range_list *right);
1122 -struct sm_state *comparison_implication_hook(struct expression *expr,
1123 - struct state_list **true_stack,
1124 - struct state_list **false_stack);
1125 1141 void __compare_param_limit_hook(struct expression *left_expr, struct expression *right_expr,
1126 1142 const char *state_name,
1127 1143 struct smatch_state *true_state, struct smatch_state *false_state);
1128 1144 int impossibly_high_comparison(struct expression *expr);
1129 1145
1130 1146 /* smatch_sval.c */
1131 1147 sval_t *sval_alloc(sval_t sval);
1132 1148 sval_t *sval_alloc_permanent(sval_t sval);
1133 1149 sval_t sval_blank(struct expression *expr);
1134 1150 sval_t sval_type_val(struct symbol *type, long long val);
1135 1151 sval_t sval_type_fval(struct symbol *type, long double fval);
1136 1152 sval_t sval_from_val(struct expression *expr, long long val);
1137 1153 sval_t sval_from_fval(struct expression *expr, long double fval);
1138 1154 int sval_is_ptr(sval_t sval);
1139 1155 bool sval_is_fp(sval_t sval);
1140 1156 int sval_unsigned(sval_t sval);
1141 1157 int sval_signed(sval_t sval);
1142 1158 int sval_bits(sval_t sval);
1143 1159 int sval_bits_used(sval_t sval);
1144 1160 int sval_is_negative(sval_t sval);
1145 1161 int sval_is_positive(sval_t sval);
1146 1162 int sval_is_min(sval_t sval);
1147 1163 int sval_is_max(sval_t sval);
1148 1164 int sval_is_a_min(sval_t sval);
1149 1165 int sval_is_a_max(sval_t sval);
1150 1166 int sval_is_negative_min(sval_t sval);
1151 1167 int sval_cmp_t(struct symbol *type, sval_t one, sval_t two);
1152 1168 int sval_cmp_val(sval_t one, long long val);
1153 1169 sval_t sval_min(sval_t one, sval_t two);
1154 1170 sval_t sval_max(sval_t one, sval_t two);
1155 1171 int sval_too_low(struct symbol *type, sval_t sval);
1156 1172 int sval_too_high(struct symbol *type, sval_t sval);
1157 1173 int sval_fits(struct symbol *type, sval_t sval);
1158 1174 sval_t sval_cast(struct symbol *type, sval_t sval);
1159 1175 sval_t sval_preop(sval_t sval, int op);
1160 1176 sval_t sval_binop(sval_t left, int op, sval_t right);
1161 1177 int sval_binop_overflows(sval_t left, int op, sval_t right);
1162 1178 int sval_binop_overflows_no_sign(sval_t left, int op, sval_t right);
1163 1179 int find_first_zero_bit(unsigned long long uvalue);
1164 1180 int sm_fls64(unsigned long long uvalue);
1165 1181 unsigned long long fls_mask(unsigned long long uvalue);
1166 1182 unsigned long long sval_fls_mask(sval_t sval);
1167 1183 const char *sval_to_str(sval_t sval);
1168 1184 const char *sval_to_str_or_err_ptr(sval_t sval);
1169 1185 const char *sval_to_numstr(sval_t sval);
1170 1186 sval_t ll_to_sval(long long val);
1171 1187
1172 1188 /* smatch_string_list.c */
1173 1189 int list_has_string(struct string_list *str_list, const char *str);
1174 1190 int insert_string(struct string_list **str_list, const char *str);
1175 1191 struct string_list *clone_str_list(struct string_list *orig);
1176 1192 struct string_list *combine_string_lists(struct string_list *one, struct string_list *two);
1177 1193
1178 1194 /* smatch_start_states.c */
1179 1195 struct stree *get_start_states(void);
1180 1196
1181 1197 /* smatch_recurse.c */
1182 1198 int has_symbol(struct expression *expr, struct symbol *sym);
1183 1199 int has_variable(struct expression *expr, struct expression *var);
1184 1200 int has_inc_dec(struct expression *expr);
1185 1201
|
↓ open down ↓ |
51 lines elided |
↑ open up ↑ |
1186 1202 /* smatch_stored_conditions.c */
1187 1203 struct smatch_state *get_stored_condition(struct expression *expr);
1188 1204 struct expression_list *get_conditions(struct expression *expr);
1189 1205 struct sm_state *stored_condition_implication_hook(struct expression *expr,
1190 1206 struct state_list **true_stack,
1191 1207 struct state_list **false_stack);
1192 1208 /* smatch_parsed_conditions.c */
1193 1209 struct sm_state *parsed_condition_implication_hook(struct expression *expr,
1194 1210 struct state_list **true_stack,
1195 1211 struct state_list **false_stack);
1212 +/* smatch_comparison.c */
1213 +struct sm_state *comparison_implication_hook(struct expression *expr,
1214 + struct state_list **true_stack,
1215 + struct state_list **false_stack);
1196 1216
1197 1217 /* check_string_len.c */
1198 1218 int get_formatted_string_size(struct expression *call, int arg);
1199 1219 int get_formatted_string_min_size(struct expression *call, int arg);
1200 1220
1201 1221 /* smatch_param_set.c */
1202 1222 int param_was_set(struct expression *expr);
1203 1223 int param_was_set_var_sym(const char *name, struct symbol *sym);
1204 1224 void print_limited_param_set(int return_id, char *return_ranges, struct expression *expr);
1205 1225 /* smatch_param_filter.c */
1206 1226 int param_has_filter_data(struct sm_state *sm);
1207 1227
1208 1228 /* smatch_links.c */
1209 1229 void set_up_link_functions(int id, int linkid);
1210 1230 struct smatch_state *merge_link_states(struct smatch_state *s1, struct smatch_state *s2);
1211 1231 void store_link(int link_id, const char *name, struct symbol *sym, const char *link_name, struct symbol *link_sym);
1212 1232
1213 1233 /* check_buf_comparison */
1214 1234 const char *limit_type_str(unsigned int limit_type);
1215 1235 struct expression *get_size_variable(struct expression *buf, int *limit_type);
1216 1236 struct expression *get_array_variable(struct expression *size);
1217 1237 int buf_comparison_index_ok(struct expression *expr);
1218 1238
1219 1239 /* smatch_untracked_param.c */
1220 1240 void mark_untracked(struct expression *expr, int param, const char *key, const char *value);
1221 1241 void add_untracked_param_hook(void (func)(struct expression *call, int param));
1222 1242 void add_lost_param_hook(void (func)(struct expression *call, int param));
1223 1243 void mark_all_params_untracked(int return_id, char *return_ranges, struct expression *expr);
1224 1244
1225 1245 /* smatch_strings.c */
1226 1246 struct state_list *get_strings(struct expression *expr);
1227 1247 struct expression *fake_string_from_mtag(mtag_t tag);
1228 1248
1229 1249 /* smatch_estate.c */
1230 1250 int estate_get_single_value(struct smatch_state *state, sval_t *sval);
1231 1251
1232 1252 /* smatch_address.c */
|
↓ open down ↓ |
27 lines elided |
↑ open up ↑ |
1233 1253 int get_address_rl(struct expression *expr, struct range_list **rl);
1234 1254 int get_member_offset(struct symbol *type, const char *member_name);
1235 1255 int get_member_offset_from_deref(struct expression *expr);
1236 1256
1237 1257 /* for now this is in smatch_used_parameter.c */
1238 1258 void __get_state_hook(int owner, const char *name, struct symbol *sym);
1239 1259
1240 1260 /* smatch_buf_comparison.c */
1241 1261 int db_var_is_array_limit(struct expression *array, const char *name, struct var_sym_list *vsl);
1242 1262
1263 +struct range_list *get_fs(void);
1264 +
1243 1265 struct stree *get_all_return_states(void);
1244 1266 struct stree_stack *get_all_return_strees(void);
1245 1267 int on_atomic_dec_path(void);
1246 1268 int was_inced(const char *name, struct symbol *sym);
1269 +void set_refcount_inc(char *name, struct symbol *sym);
1270 +void set_refcount_dec(char *name, struct symbol *sym);
1247 1271
1248 1272 /* smatch_constraints.c */
1249 1273 char *get_constraint_str(struct expression *expr);
1250 1274 struct constraint_list *get_constraints(struct expression *expr);
1251 1275 char *unmet_constraint(struct expression *data, struct expression *offset);
1252 1276 char *get_required_constraint(const char *data_str);
1253 1277
1254 1278 /* smatch_container_of.c */
1255 1279 int get_param_from_container_of(struct expression *expr);
1256 1280 int get_offset_from_container_of(struct expression *expr);
1257 1281 char *get_container_name(struct expression *container, struct expression *expr);
1258 1282
1259 1283 /* smatch_mtag.c */
1260 1284 mtag_t str_to_mtag(const char *str);
1261 1285 int get_string_mtag(struct expression *expr, mtag_t *tag);
1262 1286 int get_toplevel_mtag(struct symbol *sym, mtag_t *tag);
1263 1287 int create_mtag_alias(mtag_t tag, struct expression *expr, mtag_t *new);
1264 1288 int expr_to_mtag_offset(struct expression *expr, mtag_t *tag, int *offset);
1265 1289 void update_mtag_data(struct expression *expr, struct smatch_state *state);
1266 1290 int get_mtag_sval(struct expression *expr, sval_t *sval);
1267 1291
1268 1292 /* Trinity fuzzer stuff */
1269 1293 const char *get_syscall_arg_type(struct symbol *sym);
1270 1294
1271 1295 /* smatch_bit_info.c */
1272 1296 struct bit_info *rl_to_binfo(struct range_list *rl);
1273 1297 struct bit_info *get_bit_info(struct expression *expr);
1274 1298 struct bit_info *get_bit_info_var_sym(const char *name, struct symbol *sym);
1275 1299 /* smatch_mem_tracker.c */
1276 1300 extern int option_mem;
1277 1301 unsigned long get_mem_kb(void);
1278 1302 unsigned long get_max_memory(void);
1279 1303
1280 1304 /* check_is_nospec.c */
1281 1305 bool is_nospec(struct expression *expr);
1282 1306 long get_stmt_cnt(void);
1283 1307
1284 1308 /* smatch_nul_terminator.c */
1285 1309 bool is_nul_terminated_var_sym(const char *name, struct symbol *sym);
1286 1310 bool is_nul_terminated(struct expression *expr);
1287 1311 /* check_kernel.c */
1288 1312 bool is_ignored_kernel_data(const char *name);
1289 1313
1290 1314 bool is_fresh_alloc_var_sym(const char *var, struct symbol *sym);
1291 1315 bool is_fresh_alloc(struct expression *expr);
1292 1316 static inline bool type_is_ptr(struct symbol *type)
1293 1317 {
1294 1318 return type &&
1295 1319 (type->type == SYM_PTR ||
1296 1320 type->type == SYM_ARRAY ||
1297 1321 type->type == SYM_FN);
1298 1322 }
1299 1323
1300 1324 static inline bool type_is_fp(struct symbol *type)
1301 1325 {
1302 1326 return type &&
1303 1327 (type == &float_ctype ||
1304 1328 type == &double_ctype ||
1305 1329 type == &ldouble_ctype);
1306 1330 }
1307 1331
1308 1332 static inline int type_bits(struct symbol *type)
1309 1333 {
1310 1334 if (!type)
1311 1335 return 0;
1312 1336 if (type_is_ptr(type))
1313 1337 return bits_in_pointer;
1314 1338 if (!type->examined)
1315 1339 examine_symbol_type(type);
1316 1340 return type->bit_size;
1317 1341 }
1318 1342
1319 1343 static inline int type_unsigned(struct symbol *base_type)
1320 1344 {
1321 1345 if (!base_type)
1322 1346 return 0;
1323 1347 if (is_ptr_type(base_type))
1324 1348 return 1;
1325 1349 if (base_type->ctype.modifiers & MOD_UNSIGNED)
1326 1350 return 1;
1327 1351 return 0;
1328 1352 }
1329 1353
1330 1354 static inline int type_positive_bits(struct symbol *type)
1331 1355 {
1332 1356 if (!type)
1333 1357 return 0;
1334 1358 if (is_ptr_type(type))
1335 1359 return bits_in_pointer;
1336 1360 if (type_unsigned(type))
1337 1361 return type_bits(type);
1338 1362 return type_bits(type) - 1;
1339 1363 }
1340 1364
1341 1365 static inline int sval_positive_bits(sval_t sval)
1342 1366 {
1343 1367 return type_positive_bits(sval.type);
1344 1368 }
1345 1369
1346 1370 /*
1347 1371 * Returns -1 if one is smaller, 0 if they are the same and 1 if two is larger.
1348 1372 */
1349 1373
1350 1374 static inline int fp_cmp(sval_t one, sval_t two)
1351 1375 {
1352 1376 struct symbol *type;
1353 1377
1354 1378 if (sval_is_fp(one) && sval_is_fp(two))
1355 1379 type = type_bits(one.type) > type_bits(two.type) ? one.type : two.type;
1356 1380 else if (sval_is_fp(one))
1357 1381 type = one.type;
1358 1382 else
1359 1383 type = two.type;
1360 1384
1361 1385 one = sval_cast(type, one);
1362 1386 two = sval_cast(type, two);
1363 1387
1364 1388 if (one.type == &float_ctype) {
1365 1389 if (one.fvalue < two.fvalue)
1366 1390 return -1;
1367 1391 if (one.fvalue == two.fvalue)
1368 1392 return 0;
1369 1393 return 1;
1370 1394 }
1371 1395 if (one.type == &double_ctype) {
1372 1396 if (one.dvalue < two.dvalue)
1373 1397 return -1;
1374 1398 if (one.dvalue == two.dvalue)
1375 1399 return 0;
1376 1400 return 1;
1377 1401 }
1378 1402 if (one.type == &ldouble_ctype) {
1379 1403 if (one.ldvalue < two.ldvalue)
1380 1404 return -1;
1381 1405 if (one.ldvalue == two.ldvalue)
1382 1406 return 0;
1383 1407 return 1;
1384 1408 }
1385 1409 sm_perror("bad type in fp_cmp(): %s", type_to_str(type));
1386 1410 return 1;
1387 1411 }
1388 1412
1389 1413 static inline int sval_cmp(sval_t one, sval_t two)
1390 1414 {
1391 1415 struct symbol *type;
1392 1416
1393 1417 if (sval_is_fp(one) || sval_is_fp(two))
1394 1418 return fp_cmp(one, two);
1395 1419
1396 1420 type = one.type;
1397 1421 if (sval_positive_bits(two) > sval_positive_bits(one))
1398 1422 type = two.type;
1399 1423 if (type_bits(type) < 31)
1400 1424 type = &int_ctype;
1401 1425
1402 1426 one = sval_cast(type, one);
1403 1427 two = sval_cast(type, two);
1404 1428
1405 1429 if (type_unsigned(type)) {
1406 1430 if (one.uvalue < two.uvalue)
1407 1431 return -1;
1408 1432 if (one.uvalue == two.uvalue)
1409 1433 return 0;
1410 1434 return 1;
1411 1435 }
1412 1436 /* fix me handle type promotion and unsigned values */
1413 1437 if (one.value < two.value)
1414 1438 return -1;
1415 1439 if (one.value == two.value)
1416 1440 return 0;
1417 1441 return 1;
1418 1442 }
1419 1443
1420 1444 #endif /* !SMATCH_H_ */
|
↓ open down ↓ |
164 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX