Print this page
11506 smatch resync
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/tools/smatch/src/smatch.h
+++ new/usr/src/tools/smatch/src/smatch.h
1 1 /*
2 2 * Copyright (C) 2006 Dan Carpenter.
3 3 *
4 4 * This program is free software; you can redistribute it and/or
5 5 * modify it under the terms of the GNU General Public License
6 6 * as published by the Free Software Foundation; either version 2
7 7 * of the License, or (at your option) any later version.
8 8 *
9 9 * This program is distributed in the hope that it will be useful,
10 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 * GNU General Public License for more details.
13 13 *
14 14 * You should have received a copy of the GNU General Public License
15 15 * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt
16 16 *
17 17 * Copyright 2019 Joyent, Inc.
18 18 */
19 19
20 20 #ifndef SMATCH_H_
21 21 # define SMATCH_H_
22 22
23 23 #include <stdio.h>
24 24 #include <string.h>
25 25 #include <limits.h>
26 26 #include <sys/time.h>
27 27 #include <sqlite3.h>
28 28 #include "lib.h"
29 29 #include "allocate.h"
30 30 #include "scope.h"
31 31 #include "parse.h"
32 32 #include "expression.h"
33 33 #include "avl.h"
34 34
35 35 typedef struct {
36 36 struct symbol *type;
37 37 union {
38 38 long long value;
39 39 unsigned long long uvalue;
40 40 };
41 41 } sval_t;
42 42
43 43 typedef long long mtag_t;
44 44
45 45 struct smatch_state {
46 46 const char *name;
47 47 void *data;
48 48 };
49 49 #define STATE(_x) static struct smatch_state _x = { .name = #_x }
50 50 extern struct smatch_state undefined;
51 51 extern struct smatch_state ghost;
52 52 extern struct smatch_state merged;
53 53 extern struct smatch_state true_state;
54 54 extern struct smatch_state false_state;
55 55 DECLARE_ALLOCATOR(smatch_state);
56 56
57 57 static inline void *INT_PTR(int i)
58 58 {
59 59 return (void *)(long)i;
60 60 }
61 61
62 62 static inline int PTR_INT(void *p)
63 63 {
64 64 return (int)(long)p;
65 65 }
66 66
67 67 struct tracker {
68 68 char *name;
69 69 struct symbol *sym;
70 70 unsigned short owner;
71 71 };
|
↓ open down ↓ |
71 lines elided |
↑ open up ↑ |
72 72 DECLARE_ALLOCATOR(tracker);
73 73 DECLARE_PTR_LIST(tracker_list, struct tracker);
74 74 DECLARE_PTR_LIST(stree_stack, struct stree);
75 75
76 76 /* The first 3 struct members must match struct tracker */
77 77 struct sm_state {
78 78 const char *name;
79 79 struct symbol *sym;
80 80 unsigned short owner;
81 81 unsigned short merged:1;
82 - unsigned short skip_implications:1;
83 - unsigned int nr_children;
84 82 unsigned int line;
85 83 struct smatch_state *state;
86 84 struct stree *pool;
87 85 struct sm_state *left;
88 86 struct sm_state *right;
89 87 struct state_list *possible;
90 88 };
91 89
92 90 struct var_sym {
93 91 char *var;
94 92 struct symbol *sym;
|
↓ open down ↓ |
1 lines elided |
↑ open up ↑ |
95 93 };
96 94 DECLARE_ALLOCATOR(var_sym);
97 95 DECLARE_PTR_LIST(var_sym_list, struct var_sym);
98 96
99 97 struct constraint {
100 98 int op;
101 99 int id;
102 100 };
103 101 DECLARE_PTR_LIST(constraint_list, struct constraint);
104 102
103 +struct bit_info {
104 + unsigned long long set;
105 + unsigned long long possible;
106 +};
107 +
105 108 enum hook_type {
106 109 EXPR_HOOK,
107 110 STMT_HOOK,
108 111 STMT_HOOK_AFTER,
109 112 SYM_HOOK,
110 113 STRING_HOOK,
111 114 DECLARATION_HOOK,
112 115 ASSIGNMENT_HOOK,
113 116 ASSIGNMENT_HOOK_AFTER,
114 117 RAW_ASSIGNMENT_HOOK,
115 118 GLOBAL_ASSIGNMENT_HOOK,
116 119 LOGIC_HOOK,
117 120 CONDITION_HOOK,
118 121 PRELOOP_HOOK,
119 122 SELECT_HOOK,
120 123 WHOLE_CONDITION_HOOK,
121 124 FUNCTION_CALL_HOOK_BEFORE,
122 125 FUNCTION_CALL_HOOK,
123 126 CALL_HOOK_AFTER_INLINE,
124 127 FUNCTION_CALL_HOOK_AFTER_DB,
125 128 CALL_ASSIGNMENT_HOOK,
126 129 MACRO_ASSIGNMENT_HOOK,
127 130 BINOP_HOOK,
128 131 OP_HOOK,
129 132 DEREF_HOOK,
130 133 CASE_HOOK,
131 134 ASM_HOOK,
132 135 CAST_HOOK,
133 136 SIZEOF_HOOK,
134 137 BASE_HOOK,
135 138 FUNC_DEF_HOOK,
136 139 AFTER_DEF_HOOK,
137 140 END_FUNC_HOOK,
138 141 AFTER_FUNC_HOOK,
139 142 RETURN_HOOK,
140 143 INLINE_FN_START,
141 144 INLINE_FN_END,
142 145 END_FILE_HOOK,
143 146 NUM_HOOKS,
144 147 };
145 148
146 149 #define TRUE 1
147 150 #define FALSE 0
148 151
149 152 struct range_list;
150 153
151 154 void add_hook(void *func, enum hook_type type);
152 155 typedef struct smatch_state *(merge_func_t)(struct smatch_state *s1, struct smatch_state *s2);
153 156 typedef struct smatch_state *(unmatched_func_t)(struct sm_state *state);
154 157 void add_merge_hook(int client_id, merge_func_t *func);
155 158 void add_unmatched_state_hook(int client_id, unmatched_func_t *func);
156 159 void add_pre_merge_hook(int client_id, void (*hook)(struct sm_state *sm));
157 160 typedef void (scope_hook)(void *data);
158 161 void add_scope_hook(scope_hook *hook, void *data);
159 162 typedef void (func_hook)(const char *fn, struct expression *expr, void *data);
160 163 typedef void (implication_hook)(const char *fn, struct expression *call_expr,
161 164 struct expression *assign_expr, void *data);
162 165 typedef void (return_implies_hook)(struct expression *call_expr,
163 166 int param, char *key, char *value);
164 167 typedef int (implied_return_hook)(struct expression *call_expr, void *info, struct range_list **rl);
165 168 void add_function_hook(const char *look_for, func_hook *call_back, void *data);
166 169
167 170 void add_function_assign_hook(const char *look_for, func_hook *call_back,
|
↓ open down ↓ |
53 lines elided |
↑ open up ↑ |
168 171 void *info);
169 172 void add_implied_return_hook(const char *look_for,
170 173 implied_return_hook *call_back,
171 174 void *info);
172 175 void add_macro_assign_hook(const char *look_for, func_hook *call_back,
173 176 void *info);
174 177 void add_macro_assign_hook_extra(const char *look_for, func_hook *call_back,
175 178 void *info);
176 179 void return_implies_state(const char *look_for, long long start, long long end,
177 180 implication_hook *call_back, void *info);
181 +void return_implies_state_sval(const char *look_for, sval_t start, sval_t end,
182 + implication_hook *call_back, void *info);
178 183 void select_return_states_hook(int type, return_implies_hook *callback);
179 184 void select_return_states_before(void (*fn)(void));
180 185 void select_return_states_after(void (*fn)(void));
181 186 int get_implied_return(struct expression *expr, struct range_list **rl);
182 187 void allocate_hook_memory(void);
183 188
184 189 struct modification_data {
185 190 struct smatch_state *prev;
186 191 struct expression *cur;
187 192 };
188 193
189 194 typedef void (modification_hook)(struct sm_state *sm, struct expression *mod_expr);
190 195 void add_modification_hook(int owner, modification_hook *call_back);
191 196 void add_modification_hook_late(int owner, modification_hook *call_back);
192 197 struct smatch_state *get_modification_state(struct expression *expr);
193 198
194 199 int outside_of_function(void);
195 200 const char *get_filename(void);
196 201 const char *get_base_file(void);
197 202 char *get_function(void);
198 203 int get_lineno(void);
199 204 extern int final_pass;
|
↓ open down ↓ |
12 lines elided |
↑ open up ↑ |
200 205 extern struct symbol *cur_func_sym;
201 206 extern int option_debug;
202 207 extern int local_debug;
203 208 extern int option_info;
204 209 extern int option_spammy;
205 210 extern int option_timeout;
206 211 extern char *trace_variable;
207 212 extern struct stree *global_states;
208 213 int is_skipped_function(void);
209 214 int is_silenced_function(void);
215 +extern bool implications_off;
210 216
211 217 /* smatch_impossible.c */
212 218 int is_impossible_path(void);
213 219 void set_path_impossible(void);
214 220
215 221 extern FILE *sm_outfd;
216 222 extern FILE *sql_outfd;
217 223 extern FILE *caller_info_fd;
218 224 extern int sm_nr_checks;
219 225 extern int sm_nr_errors;
220 226 extern const char *progname;
221 227
222 228 /*
223 229 * How to use these routines:
224 230 *
225 231 * sm_fatal(): an internal error of some kind that should immediately exit
226 232 * sm_ierror(): an internal error
227 233 * sm_perror(): an internal error from parsing input source
228 234 * sm_error(): an error from input source
229 235 * sm_warning(): a warning from input source
230 236 * sm_info(): info message (from option_info)
231 237 * sm_debug(): debug message
232 238 * sm_msg(): other message (please avoid using this)
233 239 */
234 240
235 241 #define sm_printf(msg...) do { if (final_pass || option_debug || local_debug) fprintf(sm_outfd, msg); } while (0)
236 242
237 243 static inline void sm_prefix(void)
238 244 {
239 245 sm_printf("%s: %s:%d %s() ", progname, get_filename(), get_lineno(), get_function());
240 246 }
241 247
242 248 static inline void print_implied_debug_msg();
243 249
244 250 extern bool __silence_warnings_for_stmt;
245 251
246 252 #define sm_print_msg(type, msg...) \
247 253 do { \
248 254 print_implied_debug_msg(); \
249 255 if (!final_pass && !option_debug && !local_debug) \
250 256 break; \
251 257 if (__silence_warnings_for_stmt && !option_debug && !local_debug) \
252 258 break; \
253 259 if (!option_info && is_silenced_function()) \
254 260 break; \
255 261 sm_prefix(); \
256 262 if (type == 1) { \
257 263 sm_printf("warn: "); \
258 264 sm_nr_checks++; \
259 265 } else if (type == 2) { \
260 266 sm_printf("error: "); \
261 267 sm_nr_checks++; \
262 268 } else if (type == 3) { \
263 269 sm_printf("parse error: "); \
264 270 sm_nr_errors++; \
265 271 } \
266 272 sm_printf(msg); \
267 273 sm_printf("\n"); \
268 274 } while (0)
269 275
270 276 #define sm_msg(msg...) do { sm_print_msg(0, msg); } while (0)
271 277
272 278 #define local_debug(msg...) \
273 279 do { \
274 280 if (local_debug) \
275 281 sm_msg(msg); \
276 282 } while (0)
277 283
278 284 extern char *implied_debug_msg;
279 285 static inline void print_implied_debug_msg(void)
280 286 {
281 287 static struct symbol *last_printed = NULL;
282 288
283 289 if (!implied_debug_msg)
284 290 return;
285 291 if (last_printed == cur_func_sym)
286 292 return;
287 293 last_printed = cur_func_sym;
288 294 sm_msg("%s", implied_debug_msg);
289 295 }
290 296
291 297 #define sm_debug(msg...) do { if (option_debug) sm_printf(msg); } while (0)
292 298
293 299 #define sm_info(msg...) do { \
294 300 if (option_debug || (option_info && final_pass)) { \
295 301 sm_prefix(); \
296 302 sm_printf("info: "); \
297 303 sm_printf(msg); \
298 304 sm_printf("\n"); \
299 305 } \
300 306 } while(0)
301 307
302 308 #define sm_warning(msg...) do { sm_print_msg(1, msg); } while (0)
303 309 #define sm_error(msg...) do { sm_print_msg(2, msg); } while (0)
304 310 #define sm_perror(msg...) do { sm_print_msg(3, msg); } while (0)
305 311
306 312 static inline void sm_fatal(const char *fmt, ...)
307 313 {
308 314 va_list args;
309 315
310 316 va_start(args, fmt);
311 317 vfprintf(sm_outfd, fmt, args);
312 318 va_end(args);
313 319
314 320 fprintf(sm_outfd, "\n");
315 321
316 322 exit(1);
317 323 }
318 324
319 325 static inline void sm_ierror(const char *fmt, ...)
320 326 {
321 327 va_list args;
322 328
323 329 sm_nr_errors++;
324 330
325 331 fprintf(sm_outfd, "internal error: ");
326 332
327 333 va_start(args, fmt);
328 334 vfprintf(sm_outfd, fmt, args);
329 335 va_end(args);
330 336
331 337 fprintf(sm_outfd, "\n");
332 338 }
333 339 #define ALIGN(x, a) (((x) + (a) - 1) & ~((a) - 1))
334 340
335 341 struct smatch_state *__get_state(int owner, const char *name, struct symbol *sym);
336 342 struct smatch_state *get_state(int owner, const char *name, struct symbol *sym);
337 343 struct smatch_state *get_state_expr(int owner, struct expression *expr);
338 344 struct state_list *get_possible_states(int owner, const char *name,
339 345 struct symbol *sym);
340 346 struct state_list *get_possible_states_expr(int owner, struct expression *expr);
341 347 struct sm_state *set_state(int owner, const char *name, struct symbol *sym,
342 348 struct smatch_state *state);
343 349 struct sm_state *set_state_expr(int owner, struct expression *expr,
344 350 struct smatch_state *state);
345 351 void delete_state(int owner, const char *name, struct symbol *sym);
346 352 void delete_state_expr(int owner, struct expression *expr);
347 353 void __delete_all_states_sym(struct symbol *sym);
348 354 void set_true_false_states(int owner, const char *name, struct symbol *sym,
349 355 struct smatch_state *true_state,
350 356 struct smatch_state *false_state);
351 357 void set_true_false_states_expr(int owner, struct expression *expr,
352 358 struct smatch_state *true_state,
353 359 struct smatch_state *false_state);
354 360
355 361 struct stree *get_all_states_from_stree(int owner, struct stree *source);
356 362 struct stree *get_all_states_stree(int id);
357 363 struct stree *__get_cur_stree(void);
358 364 int is_reachable(void);
|
↓ open down ↓ |
139 lines elided |
↑ open up ↑ |
359 365 void add_get_state_hook(void (*fn)(int owner, const char *name, struct symbol *sym));
360 366
361 367 /* smatch_helper.c */
362 368 DECLARE_PTR_LIST(int_stack, int);
363 369 char *alloc_string(const char *str);
364 370 void free_string(char *str);
365 371 void append(char *dest, const char *data, int buff_len);
366 372 void remove_parens(char *str);
367 373 struct smatch_state *alloc_state_num(int num);
368 374 struct smatch_state *alloc_state_str(const char *name);
375 +struct smatch_state *merge_str_state(struct smatch_state *s1, struct smatch_state *s2);
369 376 struct smatch_state *alloc_state_expr(struct expression *expr);
370 377 struct expression *get_argument_from_call_expr(struct expression_list *args,
371 378 int num);
372 379
373 380 char *expr_to_var(struct expression *expr);
374 381 struct symbol *expr_to_sym(struct expression *expr);
375 382 char *expr_to_str(struct expression *expr);
376 383 char *expr_to_str_sym(struct expression *expr,
377 384 struct symbol **sym_ptr);
378 385 char *expr_to_var_sym(struct expression *expr,
379 386 struct symbol **sym_ptr);
380 387 char *expr_to_known_chunk_sym(struct expression *expr, struct symbol **sym);
381 388 char *expr_to_chunk_sym_vsl(struct expression *expr, struct symbol **sym, struct var_sym_list **vsl);
382 389 int get_complication_score(struct expression *expr);
383 390
384 391 int sym_name_is(const char *name, struct expression *expr);
385 392 int get_const_value(struct expression *expr, sval_t *sval);
|
↓ open down ↓ |
7 lines elided |
↑ open up ↑ |
386 393 int get_value(struct expression *expr, sval_t *val);
387 394 int get_implied_value(struct expression *expr, sval_t *val);
388 395 int get_implied_min(struct expression *expr, sval_t *sval);
389 396 int get_implied_max(struct expression *expr, sval_t *val);
390 397 int get_hard_max(struct expression *expr, sval_t *sval);
391 398 int get_fuzzy_min(struct expression *expr, sval_t *min);
392 399 int get_fuzzy_max(struct expression *expr, sval_t *max);
393 400 int get_absolute_min(struct expression *expr, sval_t *sval);
394 401 int get_absolute_max(struct expression *expr, sval_t *sval);
395 402 int parse_call_math(struct expression *expr, char *math, sval_t *val);
396 -int parse_call_math_rl(struct expression *call, char *math, struct range_list **rl);
403 +int parse_call_math_rl(struct expression *call, const char *math, struct range_list **rl);
397 404 char *get_value_in_terms_of_parameter_math(struct expression *expr);
398 405 char *get_value_in_terms_of_parameter_math_var_sym(const char *var, struct symbol *sym);
399 406 int is_zero(struct expression *expr);
400 407 int known_condition_true(struct expression *expr);
401 408 int known_condition_false(struct expression *expr);
402 409 int implied_condition_true(struct expression *expr);
403 410 int implied_condition_false(struct expression *expr);
404 411 int can_integer_overflow(struct symbol *type, struct expression *expr);
405 412 void clear_math_cache(void);
406 413
407 414 int is_array(struct expression *expr);
408 415 struct expression *get_array_base(struct expression *expr);
409 416 struct expression *get_array_offset(struct expression *expr);
410 417 const char *show_state(struct smatch_state *state);
411 418 struct statement *get_expression_statement(struct expression *expr);
412 419 struct expression *strip_parens(struct expression *expr);
413 420 struct expression *strip_expr(struct expression *expr);
414 421 struct expression *strip_expr_set_parent(struct expression *expr);
415 422 void scoped_state(int my_id, const char *name, struct symbol *sym);
416 423 int is_error_return(struct expression *expr);
417 424 int getting_address(void);
418 425 int get_struct_and_member(struct expression *expr, const char **type, const char **member);
419 426 char *get_member_name(struct expression *expr);
420 427 char *get_fnptr_name(struct expression *expr);
421 428 int cmp_pos(struct position pos1, struct position pos2);
|
↓ open down ↓ |
15 lines elided |
↑ open up ↑ |
422 429 int positions_eq(struct position pos1, struct position pos2);
423 430 struct statement *get_current_statement(void);
424 431 struct statement *get_prev_statement(void);
425 432 struct expression *get_last_expr_from_expression_stmt(struct expression *expr);
426 433 int get_param_num_from_sym(struct symbol *sym);
427 434 int get_param_num(struct expression *expr);
428 435 int ms_since(struct timeval *start);
429 436 int parent_is_gone_var_sym(const char *name, struct symbol *sym);
430 437 int parent_is_gone(struct expression *expr);
431 438 int invert_op(int op);
439 +int op_remove_assign(int op);
432 440 int expr_equiv(struct expression *one, struct expression *two);
433 441 void push_int(struct int_stack **stack, int num);
434 442 int pop_int(struct int_stack **stack);
435 443
436 444 /* smatch_type.c */
437 445 struct symbol *get_real_base_type(struct symbol *sym);
438 446 int type_bytes(struct symbol *type);
439 447 int array_bytes(struct symbol *type);
440 448 struct symbol *get_pointer_type(struct expression *expr);
441 449 struct symbol *get_type(struct expression *expr);
442 450 struct symbol *get_final_type(struct expression *expr);
443 451 struct symbol *get_promoted_type(struct symbol *left, struct symbol *right);
444 452 int type_signed(struct symbol *base_type);
445 453 int expr_unsigned(struct expression *expr);
446 454 int expr_signed(struct expression *expr);
447 455 int returns_unsigned(struct symbol *base_type);
448 456 int is_pointer(struct expression *expr);
449 457 int returns_pointer(struct symbol *base_type);
450 458 sval_t sval_type_max(struct symbol *base_type);
451 459 sval_t sval_type_min(struct symbol *base_type);
452 460 int nr_bits(struct expression *expr);
453 461 int is_void_pointer(struct expression *expr);
454 462 int is_char_pointer(struct expression *expr);
455 463 int is_string(struct expression *expr);
456 464 int is_static(struct expression *expr);
457 465 int is_local_variable(struct expression *expr);
458 466 int types_equiv(struct symbol *one, struct symbol *two);
459 467 int fn_static(void);
460 468 const char *global_static();
461 469 struct symbol *cur_func_return_type(void);
462 470 struct symbol *get_arg_type(struct expression *fn, int arg);
463 471 struct symbol *get_member_type_from_key(struct expression *expr, const char *key);
464 472 struct symbol *get_arg_type_from_key(struct expression *fn, int param, struct expression *arg, const char *key);
465 473 int is_struct(struct expression *expr);
466 474 char *type_to_str(struct symbol *type);
467 475
468 476 /* smatch_ignore.c */
469 477 void add_ignore(int owner, const char *name, struct symbol *sym);
470 478 int is_ignored(int owner, const char *name, struct symbol *sym);
471 479 void add_ignore_expr(int owner, struct expression *expr);
472 480 int is_ignored_expr(int owner, struct expression *expr);
473 481
474 482 /* smatch_var_sym */
475 483 struct var_sym *alloc_var_sym(const char *var, struct symbol *sym);
476 484 struct var_sym_list *expr_to_vsl(struct expression *expr);
477 485 void add_var_sym(struct var_sym_list **list, const char *var, struct symbol *sym);
478 486 void add_var_sym_expr(struct var_sym_list **list, struct expression *expr);
479 487 void del_var_sym(struct var_sym_list **list, const char *var, struct symbol *sym);
480 488 int in_var_sym_list(struct var_sym_list *list, const char *var, struct symbol *sym);
481 489 struct var_sym_list *clone_var_sym_list(struct var_sym_list *from_vsl);
482 490 void merge_var_sym_list(struct var_sym_list **dest, struct var_sym_list *src);
483 491 struct var_sym_list *combine_var_sym_lists(struct var_sym_list *one, struct var_sym_list *two);
484 492 int var_sym_lists_equiv(struct var_sym_list *one, struct var_sym_list *two);
485 493 void free_var_sym_list(struct var_sym_list **list);
486 494 void free_var_syms_and_list(struct var_sym_list **list);
487 495
488 496 /* smatch_tracker */
489 497 struct tracker *alloc_tracker(int owner, const char *name, struct symbol *sym);
490 498 void add_tracker(struct tracker_list **list, int owner, const char *name,
491 499 struct symbol *sym);
492 500 void add_tracker_expr(struct tracker_list **list, int owner, struct expression *expr);
493 501 void del_tracker(struct tracker_list **list, int owner, const char *name,
494 502 struct symbol *sym);
495 503 int in_tracker_list(struct tracker_list *list, int owner, const char *name,
496 504 struct symbol *sym);
497 505 void free_tracker_list(struct tracker_list **list);
498 506 void free_trackers_and_list(struct tracker_list **list);
|
↓ open down ↓ |
57 lines elided |
↑ open up ↑ |
499 507
500 508 /* smatch_conditions */
501 509 int in_condition(void);
502 510
503 511 /* smatch_flow.c */
504 512
505 513 extern int __in_fake_assign;
506 514 extern int __in_fake_parameter_assign;
507 515 extern int __in_fake_struct_assign;
508 516 extern int in_fake_env;
509 -void smatch (int argc, char **argv);
517 +void smatch (struct string_list *filelist);
510 518 int inside_loop(void);
511 519 int definitely_inside_loop(void);
512 520 struct expression *get_switch_expr(void);
513 521 int in_expression_statement(void);
514 522 void __process_post_op_stack(void);
515 523 void __split_expr(struct expression *expr);
516 524 void __split_label_stmt(struct statement *stmt);
517 525 void __split_stmt(struct statement *stmt);
518 526 extern int __in_function_def;
519 527 extern int option_assume_loops;
520 528 extern int option_two_passes;
521 529 extern int option_no_db;
522 530 extern int option_file_output;
523 531 extern int option_time;
524 532 extern struct expression_list *big_expression_stack;
525 533 extern struct expression_list *big_condition_stack;
526 534 extern struct statement_list *big_statement_stack;
527 535 int is_assigned_call(struct expression *expr);
528 536 int inlinable(struct expression *expr);
|
↓ open down ↓ |
9 lines elided |
↑ open up ↑ |
529 537 extern int __inline_call;
530 538 extern struct expression *__inline_fn;
531 539 extern int __in_pre_condition;
532 540 extern int __bail_on_rest_of_function;
533 541 extern struct statement *__prev_stmt;
534 542 extern struct statement *__cur_stmt;
535 543 extern struct statement *__next_stmt;
536 544 void init_fake_env(void);
537 545 void end_fake_env(void);
538 546 int time_parsing_function(void);
547 +bool taking_too_long(void);
539 548
540 549 /* smatch_struct_assignment.c */
541 550 struct expression *get_faked_expression(void);
542 551 void __fake_struct_member_assignments(struct expression *expr);
543 552
544 553 /* smatch_project.c */
545 554 int is_no_inline_function(const char *function);
546 555
547 556 /* smatch_conditions */
548 557 void __split_whole_condition(struct expression *expr);
549 558 void __handle_logic(struct expression *expr);
550 559 int is_condition(struct expression *expr);
551 560 int __handle_condition_assigns(struct expression *expr);
552 561 int __handle_select_assigns(struct expression *expr);
553 562 int __handle_expr_statement_assigns(struct expression *expr);
554 563
555 564 /* smatch_implied.c */
556 -extern int option_debug_implied;
557 -extern int option_debug_related;
558 565 struct range_list_stack;
559 566 void param_limit_implications(struct expression *expr, int param, char *key, char *value);
560 567 struct stree *__implied_case_stree(struct expression *switch_expr,
561 568 struct range_list *case_rl,
562 569 struct range_list_stack **remaining_cases,
563 570 struct stree **raw_stree);
564 571 void overwrite_states_using_pool(struct sm_state *gate_sm, struct sm_state *pool_sm);
565 572 int assume(struct expression *expr);
566 573 void end_assume(void);
567 574 int impossible_assumption(struct expression *left, int op, sval_t sval);
568 575
576 +/* smatch_slist.h */
577 +bool has_dynamic_states(unsigned short owner);
578 +void set_dynamic_states(unsigned short owner);
579 +
569 580 /* smatch_extras.c */
581 +int in_warn_on_macro(void);
570 582 #define SMATCH_EXTRA 5 /* this is my_id from smatch extra set in smatch.c */
571 583 extern int RETURN_ID;
572 584
573 585 struct data_range {
574 586 sval_t min;
575 587 sval_t max;
576 588 };
577 589
578 590 #define MTAG_ALIAS_BIT (1ULL << 63)
579 591 #define MTAG_OFFSET_MASK 0xfffULL
592 +#define MTAG_SEED 0xdead << 12
580 593
581 -extern long long valid_ptr_min, valid_ptr_max;
582 -extern sval_t valid_ptr_min_sval, valid_ptr_max_sval;
594 +const extern unsigned long valid_ptr_min;
595 +extern unsigned long valid_ptr_max;
596 +extern const sval_t valid_ptr_min_sval;
597 +extern sval_t valid_ptr_max_sval;
583 598 extern struct range_list *valid_ptr_rl;
599 +void alloc_valid_ptr_rl(void);
600 +
584 601 static const sval_t array_min_sval = {
585 602 .type = &ptr_ctype,
586 603 {.value = 100000},
587 604 };
588 605 static const sval_t array_max_sval = {
589 606 .type = &ptr_ctype,
590 - {.value = 199999},
607 + {.value = ULONG_MAX - 4095},
591 608 };
592 609 static const sval_t text_seg_min = {
593 610 .type = &ptr_ctype,
594 - {.value = 100000000},
611 + {.value = 4096},
595 612 };
596 613 static const sval_t text_seg_max = {
597 614 .type = &ptr_ctype,
598 - {.value = 177777777},
615 + {.value = ULONG_MAX - 4095},
599 616 };
600 617 static const sval_t data_seg_min = {
601 618 .type = &ptr_ctype,
602 - {.value = 200000000},
619 + {.value = 4096},
603 620 };
604 621 static const sval_t data_seg_max = {
605 622 .type = &ptr_ctype,
606 - {.value = 277777777},
623 + {.value = ULONG_MAX - 4095},
607 624 };
608 625 static const sval_t bss_seg_min = {
609 626 .type = &ptr_ctype,
610 - {.value = 300000000},
627 + {.value = 4096},
611 628 };
612 629 static const sval_t bss_seg_max = {
613 630 .type = &ptr_ctype,
614 - {.value = 377777777},
631 + {.value = ULONG_MAX - 4095},
615 632 };
616 633 static const sval_t stack_seg_min = {
617 634 .type = &ptr_ctype,
618 - {.value = 400000000},
635 + {.value = 4096},
619 636 };
620 637 static const sval_t stack_seg_max = {
621 638 .type = &ptr_ctype,
622 - {.value = 477777777},
639 + {.value = ULONG_MAX - 4095},
623 640 };
624 641 static const sval_t kmalloc_seg_min = {
625 642 .type = &ptr_ctype,
626 - {.value = 500000000},
643 + {.value = 4096},
627 644 };
628 645 static const sval_t kmalloc_seg_max = {
629 646 .type = &ptr_ctype,
630 - {.value = 577777777},
647 + {.value = ULONG_MAX - 4095},
631 648 };
632 649 static const sval_t vmalloc_seg_min = {
633 650 .type = &ptr_ctype,
634 - {.value = 600000000},
651 + {.value = 4096},
635 652 };
636 653 static const sval_t vmalloc_seg_max = {
637 654 .type = &ptr_ctype,
638 - {.value = 677777777},
655 + {.value = ULONG_MAX - 4095},
639 656 };
640 657 static const sval_t fn_ptr_min = {
641 658 .type = &ptr_ctype,
642 - {.value = 700000000},
659 + {.value = 4096},
643 660 };
644 661 static const sval_t fn_ptr_max = {
645 662 .type = &ptr_ctype,
646 - {.value = 777777777},
663 + {.value = ULONG_MAX - 4095},
647 664 };
648 665
649 666 char *get_other_name_sym(const char *name, struct symbol *sym, struct symbol **new_sym);
650 667 char *map_call_to_other_name_sym(const char *name, struct symbol *sym, struct symbol **new_sym);
651 -char *map_long_to_short_name_sym(const char *name, struct symbol *sym, struct symbol **new_sym);
652 -char *map_long_to_short_name_sym_nostack(const char *name, struct symbol *sym, struct symbol **new_sym);
668 +char *map_long_to_short_name_sym(const char *name, struct symbol *sym, struct symbol **new_sym, bool use_stack);
653 669
654 670 #define STRLEN_MAX_RET 1010101
655 671
656 672 /* smatch_absolute.c */
657 673 int get_absolute_min_helper(struct expression *expr, sval_t *sval);
658 674 int get_absolute_max_helper(struct expression *expr, sval_t *sval);
659 675
660 676 /* smatch_local_values.c */
661 677 int get_local_rl(struct expression *expr, struct range_list **rl);
662 678 int get_local_max_helper(struct expression *expr, sval_t *sval);
663 679 int get_local_min_helper(struct expression *expr, sval_t *sval);
664 680
665 681 /* smatch_type_value.c */
666 682 int get_db_type_rl(struct expression *expr, struct range_list **rl);
667 683 /* smatch_data_val.c */
668 684 int get_mtag_rl(struct expression *expr, struct range_list **rl);
669 685 /* smatch_array_values.c */
670 686 int get_array_rl(struct expression *expr, struct range_list **rl);
671 687
672 688 /* smatch_states.c */
673 689 void __swap_cur_stree(struct stree *stree);
674 690 void __push_fake_cur_stree();
675 691 struct stree *__pop_fake_cur_stree();
676 692 void __free_fake_cur_stree();
677 693 void __set_fake_cur_stree_fast(struct stree *stree);
678 694 void __pop_fake_cur_stree_fast(void);
679 695 void __merge_stree_into_cur(struct stree *stree);
680 696
681 697 int unreachable(void);
682 698 void __set_sm(struct sm_state *sm);
683 699 void __set_sm_cur_stree(struct sm_state *sm);
684 700 void __set_sm_fake_stree(struct sm_state *sm);
685 701 void __set_true_false_sm(struct sm_state *true_state,
686 702 struct sm_state *false_state);
687 703 void nullify_path(void);
688 704 void __match_nullify_path_hook(const char *fn, struct expression *expr,
689 705 void *unused);
690 706 void __unnullify_path(void);
691 707 int __path_is_null(void);
692 708 void save_all_states(void);
693 709 void restore_all_states(void);
694 710 void free_goto_stack(void);
695 711 void clear_all_states(void);
696 712
697 713 struct sm_state *get_sm_state(int owner, const char *name,
698 714 struct symbol *sym);
699 715 struct sm_state *get_sm_state_expr(int owner, struct expression *expr);
700 716 void __push_true_states(void);
701 717 void __use_false_states(void);
702 718 void __discard_false_states(void);
703 719 void __merge_false_states(void);
704 720 void __merge_true_states(void);
705 721
706 722 void __negate_cond_stacks(void);
707 723 void __use_pre_cond_states(void);
708 724 void __use_cond_true_states(void);
709 725 void __use_cond_false_states(void);
710 726 void __push_cond_stacks(void);
711 727 void __fold_in_set_states(void);
712 728 void __free_set_states(void);
713 729 struct stree *__copy_cond_true_states(void);
714 730 struct stree *__copy_cond_false_states(void);
715 731 struct stree *__pop_cond_true_stack(void);
716 732 struct stree *__pop_cond_false_stack(void);
717 733 void __and_cond_states(void);
718 734 void __or_cond_states(void);
719 735 void __save_pre_cond_states(void);
720 736 void __discard_pre_cond_states(void);
721 737 struct stree *__get_true_states(void);
722 738 struct stree *__get_false_states(void);
723 739 void __use_cond_states(void);
724 740 extern struct state_list *__last_base_slist;
725 741
726 742 void __push_continues(void);
727 743 void __discard_continues(void);
728 744 void __process_continues(void);
729 745 void __merge_continues(void);
730 746
731 747 void __push_breaks(void);
732 748 void __process_breaks(void);
733 749 int __has_breaks(void);
734 750 void __merge_breaks(void);
735 751 void __use_breaks(void);
736 752
737 753 void __save_switch_states(struct expression *switch_expr);
738 754 void __discard_switches(void);
739 755 int have_remaining_cases(void);
740 756 void __merge_switches(struct expression *switch_expr, struct range_list *case_rl);
741 757 void __push_default(void);
742 758 void __set_default(void);
743 759 int __pop_default(void);
744 760
745 761 void __push_conditions(void);
746 762 void __discard_conditions(void);
747 763
748 764 void __save_gotos(const char *name, struct symbol *sym);
749 765 void __merge_gotos(const char *name, struct symbol *sym);
750 766
751 767 void __print_cur_stree(void);
752 768
753 769 /* smatch_hooks.c */
754 770 void __pass_to_client(void *data, enum hook_type type);
755 771 void __pass_to_client_no_data(enum hook_type type);
756 772 void __pass_case_to_client(struct expression *switch_expr,
757 773 struct range_list *rl);
758 774 int __has_merge_function(int client_id);
759 775 struct smatch_state *__client_merge_function(int owner,
760 776 struct smatch_state *s1,
761 777 struct smatch_state *s2);
762 778 struct smatch_state *__client_unmatched_state_function(struct sm_state *sm);
763 779 void call_pre_merge_hook(struct sm_state *sm);
764 780 void __push_scope_hooks(void);
765 781 void __call_scope_hooks(void);
766 782
767 783 /* smatch_function_hooks.c */
768 784 void create_function_hook_hash(void);
769 785 void __match_initializer_call(struct symbol *sym);
770 786
771 787 /* smatch_db.c */
772 788 enum info_type {
773 789 INTERNAL = 0,
774 790 /*
775 791 * Changing these numbers is a pain. Don't do it. If you ever use a
|
↓ open down ↓ |
113 lines elided |
↑ open up ↑ |
776 792 * number it can't be re-used right away so there may be gaps.
777 793 * We select these in order by type so if the order matters, then give
778 794 * it a number below 100-999,9000-9999 ranges. */
779 795
780 796 PARAM_CLEARED = 101,
781 797 PARAM_LIMIT = 103,
782 798 PARAM_FILTER = 104,
783 799
784 800 PARAM_VALUE = 1001,
785 801 BUF_SIZE = 1002,
786 - USER_DATA = 1003,
787 802 CAPPED_DATA = 1004,
788 803 RETURN_VALUE = 1005,
789 804 DEREFERENCE = 1006,
790 805 RANGE_CAP = 1007,
791 806 LOCK_HELD = 1008,
792 807 LOCK_RELEASED = 1009,
793 808 ABSOLUTE_LIMITS = 1010,
794 809 PARAM_ADD = 1012,
795 810 PARAM_FREED = 1013,
796 811 DATA_SOURCE = 1014,
797 812 FUZZY_MAX = 1015,
813 + HARD_MAX = 2015,
798 814 STR_LEN = 1016,
799 815 ARRAY_LEN = 1017,
800 816 CAPABLE = 1018,
801 817 NS_CAPABLE = 1019,
802 818 CONTAINER = 1020,
803 819 CASTED_CALL = 1021,
804 820 TYPE_LINK = 1022,
805 821 UNTRACKED_PARAM = 1023,
822 + LOST_PARAM = 2023,
806 823 CULL_PATH = 1024,
807 824 PARAM_SET = 1025,
808 825 PARAM_USED = 1026,
809 826 BYTE_UNITS = 1027,
810 827 COMPARE_LIMIT = 1028,
811 828 PARAM_COMPARE = 1029,
812 829 CONSTRAINT = 1031,
813 830 PASSES_TYPE = 1032,
814 831 CONSTRAINT_REQUIRED = 1033,
832 + BIT_INFO = 1034,
815 833 NOSPEC = 1035,
816 834 NOSPEC_WB = 1036,
817 835 STMT_CNT = 1037,
818 836 TERMINATED = 1038,
819 837
820 838 /* put random temporary stuff in the 7000-7999 range for testing */
821 - USER_DATA3 = 8017,
822 - USER_DATA3_SET = 9017,
839 + USER_DATA = 8017,
840 + USER_DATA_SET = 9017,
823 841 NO_OVERFLOW = 8018,
824 842 NO_OVERFLOW_SIMPLE = 8019,
825 843 LOCKED = 8020,
826 844 UNLOCKED = 8021,
827 845 SET_FS = 8022,
828 846 ATOMIC_INC = 8023,
829 847 ATOMIC_DEC = 8024,
830 848 NO_SIDE_EFFECT = 8025,
831 849 FN_ARG_LINK = 8028,
832 850 DATA_VALUE = 8029,
833 851 ARRAYSIZE_ARG = 8033,
834 852 SIZEOF_ARG = 8034,
835 853 MEMORY_TAG = 8036,
836 854 MTAG_ASSIGN = 8035,
837 855 STRING_VALUE = 8041,
856 +
857 + BYTE_COUNT = 8050,
858 + ELEM_COUNT = 8051,
859 + ELEM_LAST = 8052,
860 + USED_LAST = 8053,
861 + USED_COUNT = 8054,
838 862 };
839 863
840 864 extern struct sqlite3 *smatch_db;
841 865 extern struct sqlite3 *mem_db;
842 866 extern struct sqlite3 *cache_db;
843 867
844 868 void db_ignore_states(int id);
845 869 void select_caller_info_hook(void (*callback)(const char *name, struct symbol *sym, char *key, char *value), int type);
846 870 void add_member_info_callback(int owner, void (*callback)(struct expression *call, int param, char *printed_name, struct sm_state *sm));
847 871 void add_split_return_callback(void (*fn)(int return_id, char *return_ranges, struct expression *returned_expr));
848 872 void add_returned_member_callback(int owner, void (*callback)(int return_id, char *return_ranges, struct expression *expr, char *printed_name, struct smatch_state *state));
849 873 void select_call_implies_hook(int type, void (*callback)(struct expression *call, struct expression *arg, char *key, char *value));
850 874 void select_return_implies_hook(int type, void (*callback)(struct expression *call, struct expression *arg, char *key, char *value));
851 875 struct range_list *db_return_vals(struct expression *expr);
|
↓ open down ↓ |
4 lines elided |
↑ open up ↑ |
852 876 struct range_list *db_return_vals_from_str(const char *fn_name);
853 877 char *return_state_to_var_sym(struct expression *expr, int param, const char *key, struct symbol **sym);
854 878 char *get_chunk_from_key(struct expression *arg, char *key, struct symbol **sym, struct var_sym_list **vsl);
855 879 char *get_variable_from_key(struct expression *arg, const char *key, struct symbol **sym);
856 880 const char *state_name_to_param_name(const char *state_name, const char *param_name);
857 881 const char *get_param_name_var_sym(const char *name, struct symbol *sym);
858 882 const char *get_param_name(struct sm_state *sm);
859 883 const char *get_mtag_name_var_sym(const char *state_name, struct symbol *sym);
860 884 const char *get_mtag_name_expr(struct expression *expr);
861 885 char *get_data_info_name(struct expression *expr);
886 +int is_recursive_member(const char *param_name);
862 887
863 888 char *escape_newlines(const char *str);
864 889 void sql_exec(struct sqlite3 *db, int (*callback)(void*, int, char**, char**), void *data, const char *sql);
865 890
866 891 #define sql_helper(db, call_back, data, sql...) \
867 892 do { \
868 893 char sql_txt[1024]; \
869 894 \
870 895 sqlite3_snprintf(sizeof(sql_txt), sql_txt, sql); \
871 896 sm_debug("debug: %s\n", sql_txt); \
872 897 sql_exec(db, call_back, data, sql_txt); \
873 898 } while (0)
874 899
875 900
876 901 #define run_sql(call_back, data, sql...) \
877 902 do { \
878 903 if (option_no_db) \
879 904 break; \
880 905 sql_helper(smatch_db, call_back, data, sql); \
881 906 } while (0)
882 907
883 908 #define mem_sql(call_back, data, sql...) \
884 909 sql_helper(mem_db, call_back, data, sql)
885 910
886 911 #define cache_sql(call_back, data, sql...) \
887 912 sql_helper(cache_db, call_back, data, sql)
888 913
889 914 #define sql_insert_helper(table, db, ignore, late, values...) \
890 915 do { \
891 916 struct sqlite3 *_db = db; \
892 917 \
893 918 if (__inline_fn && !_db) \
894 919 _db = mem_db; \
895 920 if (_db) { \
896 921 char buf[1024]; \
897 922 char *err, *p = buf; \
898 923 int rc; \
899 924 \
900 925 p += snprintf(p, buf + sizeof(buf) - p, \
901 926 "insert %sinto %s values (", \
902 927 ignore ? "or ignore " : "", #table); \
903 928 p += snprintf(p, buf + sizeof(buf) - p, values); \
904 929 p += snprintf(p, buf + sizeof(buf) - p, ");"); \
905 930 sm_debug("mem-db: %s\n", buf); \
906 931 rc = sqlite3_exec(_db, buf, NULL, NULL, &err); \
907 932 if (rc != SQLITE_OK) { \
908 933 sm_ierror("SQL error #2: %s", err); \
909 934 sm_ierror("SQL: '%s'", buf); \
910 935 parse_error = 1; \
911 936 } \
912 937 break; \
913 938 } \
914 939 if (option_info) { \
915 940 FILE *tmp_fd = sm_outfd; \
916 941 sm_outfd = sql_outfd; \
917 942 sm_prefix(); \
918 943 sm_printf("SQL%s: insert %sinto " #table " values(", \
919 944 late ? "_late" : "", ignore ? "or ignore " : ""); \
920 945 sm_printf(values); \
921 946 sm_printf(");\n"); \
922 947 sm_outfd = tmp_fd; \
923 948 } \
924 949 } while (0)
925 950
926 951 #define sql_insert(table, values...) sql_insert_helper(table, 0, 0, 0, values);
927 952 #define sql_insert_or_ignore(table, values...) sql_insert_helper(table, 0, 1, 0, values);
928 953 #define sql_insert_late(table, values...) sql_insert_helper(table, 0, 0, 1, values);
929 954 #define sql_insert_cache(table, values...) sql_insert_helper(table, cache_db, 1, 0, values);
930 955
931 956 char *get_static_filter(struct symbol *sym);
932 957
933 958 void sql_insert_return_states(int return_id, const char *return_ranges,
934 959 int type, int param, const char *key, const char *value);
935 960 void sql_insert_caller_info(struct expression *call, int type, int param,
936 961 const char *key, const char *value);
937 962 void sql_insert_function_ptr(const char *fn, const char *struct_name);
938 963 void sql_insert_return_values(const char *return_values);
939 964 void sql_insert_return_implies(int type, int param, const char *key, const char *value);
940 965 void sql_insert_function_type_size(const char *member, const char *ranges);
941 966 void sql_insert_function_type_info(int type, const char *struct_type, const char *member, const char *value);
942 967 void sql_insert_type_info(int type, const char *member, const char *value);
943 968 void sql_insert_local_values(const char *name, const char *value);
944 969 void sql_insert_function_type_value(const char *type, const char *value);
|
↓ open down ↓ |
73 lines elided |
↑ open up ↑ |
945 970 void sql_insert_function_type(int param, const char *value);
946 971 void sql_insert_parameter_name(int param, const char *value);
947 972 void sql_insert_data_info(struct expression *data, int type, const char *value);
948 973 void sql_insert_data_info_var_sym(const char *var, struct symbol *sym, int type, const char *value);
949 974 void sql_save_constraint(const char *con);
950 975 void sql_save_constraint_required(const char *data, int op, const char *limit);
951 976 void sql_copy_constraint_required(const char *new_limit, const char *old_limit);
952 977 void sql_insert_fn_ptr_data_link(const char *ptr, const char *data);
953 978 void sql_insert_fn_data_link(struct expression *fn, int type, int param, const char *key, const char *value);
954 979 void sql_insert_mtag_about(mtag_t tag, const char *left_name, const char *right_name);
955 -void insert_mtag_data(sval_t sval, struct range_list *rl);
956 980 void sql_insert_mtag_map(mtag_t tag, int offset, mtag_t container);
957 981 void sql_insert_mtag_alias(mtag_t orig, mtag_t alias);
958 982 int mtag_map_select_container(mtag_t tag, int offset, mtag_t *container);
959 983 int mtag_map_select_tag(mtag_t container, int offset, mtag_t *tag);
984 +struct smatch_state *swap_mtag_return(struct expression *expr, struct smatch_state *state);
985 +struct range_list *swap_mtag_seed(struct expression *expr, struct range_list *rl);
960 986
961 987 void sql_select_return_states(const char *cols, struct expression *call,
962 988 int (*callback)(void*, int, char**, char**), void *info);
963 989 void sql_select_call_implies(const char *cols, struct expression *call,
964 990 int (*callback)(void*, int, char**, char**));
965 991
966 992 void open_smatch_db(char *db_file);
967 993
968 994 /* smatch_files.c */
969 995 int open_data_file(const char *filename);
970 996 int open_schema_file(const char *schema);
971 997 struct token *get_tokens_file(const char *filename);
972 998
973 999 /* smatch.c */
974 1000 extern char *option_debug_check;
975 1001 extern char *option_project_str;
976 1002 extern char *bin_dir;
977 1003 extern char *data_dir;
978 1004 extern int option_no_data;
979 1005 extern int option_full_path;
980 1006 extern int option_param_mapper;
981 1007 extern int option_call_tree;
982 1008 extern int num_checks;
983 1009
984 1010 enum project_type {
985 1011 PROJ_NONE,
986 1012 PROJ_KERNEL,
987 1013 PROJ_WINE,
988 1014 PROJ_ILLUMOS_KERNEL,
989 1015 PROJ_ILLUMOS_USER,
990 1016 PROJ_UNKNOWN,
991 1017 };
992 1018 extern enum project_type option_project;
993 1019 const char *check_name(unsigned short id);
994 1020 int id_from_name(const char *name);
995 1021
996 1022
997 1023 /* smatch_buf_size.c */
998 1024 int get_array_size(struct expression *expr);
999 1025 int get_array_size_bytes(struct expression *expr);
1000 1026 int get_array_size_bytes_min(struct expression *expr);
1001 1027 int get_array_size_bytes_max(struct expression *expr);
1002 1028 struct range_list *get_array_size_bytes_rl(struct expression *expr);
1003 1029 int get_real_array_size(struct expression *expr);
1004 1030 int last_member_is_resizable(struct symbol *type);
|
↓ open down ↓ |
35 lines elided |
↑ open up ↑ |
1005 1031 /* smatch_strlen.c */
1006 1032 int get_implied_strlen(struct expression *expr, struct range_list **rl);
1007 1033 int get_size_from_strlen(struct expression *expr);
1008 1034
1009 1035 /* smatch_capped.c */
1010 1036 int is_capped(struct expression *expr);
1011 1037 int is_capped_var_sym(const char *name, struct symbol *sym);
1012 1038
1013 1039 /* check_user_data.c */
1014 1040 int is_user_macro(struct expression *expr);
1015 -int is_user_data(struct expression *expr);
1016 1041 int is_capped_user_data(struct expression *expr);
1017 1042 int implied_user_data(struct expression *expr, struct range_list **rl);
1018 1043 struct stree *get_user_stree(void);
1019 1044 int get_user_rl(struct expression *expr, struct range_list **rl);
1020 -int get_user_rl_spammy(struct expression *expr, struct range_list **rl);
1021 1045 int is_user_rl(struct expression *expr);
1022 1046 int get_user_rl_var_sym(const char *name, struct symbol *sym, struct range_list **rl);
1047 +bool user_rl_capped(struct expression *expr);
1048 +struct range_list *var_user_rl(struct expression *expr);
1023 1049
1024 1050 /* check_locking.c */
1025 1051 void print_held_locks();
1026 1052
1027 1053 /* check_assigned_expr.c */
1028 1054 struct expression *get_assigned_expr(struct expression *expr);
1029 1055 struct expression *get_assigned_expr_name_sym(const char *name, struct symbol *sym);
1030 1056 /* smatch_return_to_param.c */
1031 1057 void __add_return_to_param_mapping(struct expression *assign, const char *return_string);
1032 1058 char *map_call_to_param_name_sym(struct expression *expr, struct symbol **sym);
1033 1059
1034 1060 /* smatch_comparison.c */
1035 1061 struct compare_data {
1036 1062 /* The ->left and ->right expression pointers might be NULL (I'm lazy) */
1037 1063 struct expression *left;
1038 1064 const char *left_var;
1039 1065 struct var_sym_list *left_vsl;
1040 1066 int comparison;
1041 1067 struct expression *right;
1042 1068 const char *right_var;
1043 1069 struct var_sym_list *right_vsl;
1044 1070 };
1045 1071 DECLARE_ALLOCATOR(compare_data);
1046 1072 struct smatch_state *alloc_compare_state(
1047 1073 struct expression *left,
|
↓ open down ↓ |
15 lines elided |
↑ open up ↑ |
1048 1074 const char *left_var, struct var_sym_list *left_vsl,
1049 1075 int comparison,
1050 1076 struct expression *right,
1051 1077 const char *right_var, struct var_sym_list *right_vsl);
1052 1078 int filter_comparison(int orig, int op);
1053 1079 int merge_comparisons(int one, int two);
1054 1080 int combine_comparisons(int left_compare, int right_compare);
1055 1081 int state_to_comparison(struct smatch_state *state);
1056 1082 struct smatch_state *merge_compare_states(struct smatch_state *s1, struct smatch_state *s2);
1057 1083 int get_comparison(struct expression *left, struct expression *right);
1084 +int get_comparison_no_extra(struct expression *a, struct expression *b);
1058 1085 int get_comparison_strings(const char *one, const char *two);
1059 1086 int possible_comparison(struct expression *a, int comparison, struct expression *b);
1060 1087 struct state_list *get_all_comparisons(struct expression *expr);
1061 1088 struct state_list *get_all_possible_equal_comparisons(struct expression *expr);
1062 1089 void __add_return_comparison(struct expression *call, const char *range);
1063 1090 void __add_comparison_info(struct expression *expr, struct expression *call, const char *range);
1064 1091 char *get_printed_param_name(struct expression *call, const char *param_name, struct symbol *param_sym);
1065 1092 char *name_sym_to_param_comparison(const char *name, struct symbol *sym);
1066 1093 char *expr_equal_to_param(struct expression *expr, int ignore);
1067 1094 char *expr_lte_to_param(struct expression *expr, int ignore);
1068 1095 char *expr_param_comparison(struct expression *expr, int ignore);
1069 1096 int flip_comparison(int op);
1070 1097 int negate_comparison(int op);
1071 1098 int remove_unsigned_from_comparison(int op);
1072 1099 int param_compare_limit_is_impossible(struct expression *expr, int left_param, char *left_key, char *value);
1073 1100 void filter_by_comparison(struct range_list **rl, int comparison, struct range_list *right);
1074 1101 struct sm_state *comparison_implication_hook(struct expression *expr,
1075 1102 struct state_list **true_stack,
1076 1103 struct state_list **false_stack);
1077 1104 void __compare_param_limit_hook(struct expression *left_expr, struct expression *right_expr,
1078 1105 const char *state_name,
1079 1106 struct smatch_state *true_state, struct smatch_state *false_state);
1080 1107 int impossibly_high_comparison(struct expression *expr);
1081 1108
1082 1109 /* smatch_sval.c */
1083 1110 sval_t *sval_alloc(sval_t sval);
1084 1111 sval_t *sval_alloc_permanent(sval_t sval);
1085 1112 sval_t sval_blank(struct expression *expr);
1086 1113 sval_t sval_type_val(struct symbol *type, long long val);
1087 1114 sval_t sval_from_val(struct expression *expr, long long val);
1088 1115 int sval_is_ptr(sval_t sval);
1089 1116 int sval_unsigned(sval_t sval);
1090 1117 int sval_signed(sval_t sval);
1091 1118 int sval_bits(sval_t sval);
1092 1119 int sval_bits_used(sval_t sval);
1093 1120 int sval_is_negative(sval_t sval);
1094 1121 int sval_is_positive(sval_t sval);
1095 1122 int sval_is_min(sval_t sval);
1096 1123 int sval_is_max(sval_t sval);
1097 1124 int sval_is_a_min(sval_t sval);
1098 1125 int sval_is_a_max(sval_t sval);
1099 1126 int sval_is_negative_min(sval_t sval);
1100 1127 int sval_cmp_t(struct symbol *type, sval_t one, sval_t two);
1101 1128 int sval_cmp_val(sval_t one, long long val);
|
↓ open down ↓ |
34 lines elided |
↑ open up ↑ |
1102 1129 sval_t sval_min(sval_t one, sval_t two);
1103 1130 sval_t sval_max(sval_t one, sval_t two);
1104 1131 int sval_too_low(struct symbol *type, sval_t sval);
1105 1132 int sval_too_high(struct symbol *type, sval_t sval);
1106 1133 int sval_fits(struct symbol *type, sval_t sval);
1107 1134 sval_t sval_cast(struct symbol *type, sval_t sval);
1108 1135 sval_t sval_preop(sval_t sval, int op);
1109 1136 sval_t sval_binop(sval_t left, int op, sval_t right);
1110 1137 int sval_binop_overflows(sval_t left, int op, sval_t right);
1111 1138 int sval_binop_overflows_no_sign(sval_t left, int op, sval_t right);
1139 +int find_first_zero_bit(unsigned long long uvalue);
1140 +int sm_fls64(unsigned long long uvalue);
1112 1141 unsigned long long fls_mask(unsigned long long uvalue);
1113 1142 unsigned long long sval_fls_mask(sval_t sval);
1114 1143 const char *sval_to_str(sval_t sval);
1144 +const char *sval_to_str_or_err_ptr(sval_t sval);
1115 1145 const char *sval_to_numstr(sval_t sval);
1116 1146 sval_t ll_to_sval(long long val);
1117 1147
1118 1148 /* smatch_string_list.c */
1119 1149 int list_has_string(struct string_list *str_list, const char *str);
1120 -void insert_string(struct string_list **str_list, const char *str);
1150 +int insert_string(struct string_list **str_list, const char *str);
1121 1151 struct string_list *clone_str_list(struct string_list *orig);
1122 1152 struct string_list *combine_string_lists(struct string_list *one, struct string_list *two);
1123 1153
1124 1154 /* smatch_start_states.c */
1125 1155 struct stree *get_start_states(void);
1126 1156
1127 1157 /* smatch_recurse.c */
1128 1158 int has_symbol(struct expression *expr, struct symbol *sym);
1129 1159 int has_variable(struct expression *expr, struct expression *var);
1130 1160 int has_inc_dec(struct expression *expr);
1131 1161
1132 1162 /* smatch_stored_conditions.c */
1133 1163 struct smatch_state *get_stored_condition(struct expression *expr);
1134 1164 struct expression_list *get_conditions(struct expression *expr);
1135 1165 struct sm_state *stored_condition_implication_hook(struct expression *expr,
1136 1166 struct state_list **true_stack,
1137 1167 struct state_list **false_stack);
1138 1168
1139 1169 /* check_string_len.c */
1140 1170 int get_formatted_string_size(struct expression *call, int arg);
1171 +int get_formatted_string_min_size(struct expression *call, int arg);
1141 1172
1142 1173 /* smatch_param_set.c */
1143 1174 int param_was_set(struct expression *expr);
1144 1175 int param_was_set_var_sym(const char *name, struct symbol *sym);
1145 1176 /* smatch_param_filter.c */
1146 1177 int param_has_filter_data(struct sm_state *sm);
1147 1178
1148 1179 /* smatch_links.c */
1149 1180 void set_up_link_functions(int id, int linkid);
1150 1181 struct smatch_state *merge_link_states(struct smatch_state *s1, struct smatch_state *s2);
1151 1182 void store_link(int link_id, const char *name, struct symbol *sym, const char *link_name, struct symbol *link_sym);
1152 1183
1153 1184 /* smatch_auto_copy.c */
1154 1185 void set_auto_copy(int owner);
1155 1186
1156 1187 /* check_buf_comparison */
1157 -struct expression *get_size_variable(struct expression *buf);
1188 +const char *limit_type_str(unsigned int limit_type);
1189 +struct expression *get_size_variable(struct expression *buf, int *limit_type);
1158 1190 struct expression *get_array_variable(struct expression *size);
1191 +int buf_comparison_index_ok(struct expression *expr);
1159 1192
1160 1193 /* smatch_untracked_param.c */
1161 1194 void mark_untracked(struct expression *expr, int param, const char *key, const char *value);
1162 1195 void add_untracked_param_hook(void (func)(struct expression *call, int param));
1196 +void add_lost_param_hook(void (func)(struct expression *call, int param));
1163 1197 void mark_all_params_untracked(int return_id, char *return_ranges, struct expression *expr);
1164 1198
1165 1199 /* smatch_strings.c */
1166 1200 struct state_list *get_strings(struct expression *expr);
1167 1201 struct expression *fake_string_from_mtag(mtag_t tag);
1168 1202
1169 1203 /* smatch_estate.c */
1170 1204 int estate_get_single_value(struct smatch_state *state, sval_t *sval);
1171 1205
1172 1206 /* smatch_address.c */
1173 1207 int get_address_rl(struct expression *expr, struct range_list **rl);
1174 1208 int get_member_offset(struct symbol *type, const char *member_name);
1175 1209 int get_member_offset_from_deref(struct expression *expr);
1176 1210
1177 1211 /* for now this is in smatch_used_parameter.c */
1178 1212 void __get_state_hook(int owner, const char *name, struct symbol *sym);
1179 1213
1180 1214 /* smatch_buf_comparison.c */
1181 1215 int db_var_is_array_limit(struct expression *array, const char *name, struct var_sym_list *vsl);
1182 1216
1183 1217 struct stree *get_all_return_states(void);
1184 1218 struct stree_stack *get_all_return_strees(void);
1185 1219 int on_atomic_dec_path(void);
1186 1220 int was_inced(const char *name, struct symbol *sym);
|
↓ open down ↓ |
14 lines elided |
↑ open up ↑ |
1187 1221
1188 1222 /* smatch_constraints.c */
1189 1223 char *get_constraint_str(struct expression *expr);
1190 1224 struct constraint_list *get_constraints(struct expression *expr);
1191 1225 char *unmet_constraint(struct expression *data, struct expression *offset);
1192 1226 char *get_required_constraint(const char *data_str);
1193 1227
1194 1228 /* smatch_container_of.c */
1195 1229 int get_param_from_container_of(struct expression *expr);
1196 1230 int get_offset_from_container_of(struct expression *expr);
1231 +char *get_container_name(struct expression *container, struct expression *expr);
1197 1232
1198 1233 /* smatch_mtag.c */
1199 1234 int get_string_mtag(struct expression *expr, mtag_t *tag);
1200 1235 int get_toplevel_mtag(struct symbol *sym, mtag_t *tag);
1201 -int get_mtag(struct expression *expr, mtag_t *tag);
1202 -int get_mtag_offset(struct expression *expr, mtag_t *tag, int *offset);
1203 1236 int create_mtag_alias(mtag_t tag, struct expression *expr, mtag_t *new);
1204 1237 int expr_to_mtag_offset(struct expression *expr, mtag_t *tag, int *offset);
1205 1238 void update_mtag_data(struct expression *expr);
1206 1239 int get_mtag_sval(struct expression *expr, sval_t *sval);
1207 -int get_mtag_addr_sval(struct expression *expr, sval_t *sval);
1208 1240
1209 1241 /* Trinity fuzzer stuff */
1210 1242 const char *get_syscall_arg_type(struct symbol *sym);
1211 1243
1244 +/* smatch_bit_info.c */
1245 +struct bit_info *get_bit_info(struct expression *expr);
1246 +struct bit_info *get_bit_info_var_sym(const char *name, struct symbol *sym);
1212 1247 /* smatch_mem_tracker.c */
1213 1248 extern int option_mem;
1249 +unsigned long get_mem_kb(void);
1214 1250 unsigned long get_max_memory(void);
1215 1251
1216 1252 /* check_is_nospec.c */
1217 1253 bool is_nospec(struct expression *expr);
1254 +long get_stmt_cnt(void);
1218 1255
1219 1256 /* smatch_nul_terminator.c */
1220 1257 bool is_nul_terminated(struct expression *expr);
1258 +/* check_kernel.c */
1259 +bool is_ignored_kernel_data(const char *name);
1221 1260
1261 +static inline bool type_is_ptr(struct symbol *type)
1262 +{
1263 + return type &&
1264 + (type->type == SYM_PTR ||
1265 + type->type == SYM_ARRAY ||
1266 + type->type == SYM_FN);
1267 +}
1268 +
1222 1269 static inline int type_bits(struct symbol *type)
1223 1270 {
1224 1271 if (!type)
1225 1272 return 0;
1226 - if (type->type == SYM_PTR) /* Sparse doesn't set this for &pointers */
1273 + if (type_is_ptr(type))
1227 1274 return bits_in_pointer;
1228 - if (type->type == SYM_ARRAY)
1229 - return bits_in_pointer;
1230 1275 if (!type->examined)
1231 1276 examine_symbol_type(type);
1232 1277 return type->bit_size;
1233 1278 }
1234 1279
1235 -static inline bool type_is_ptr(struct symbol *type)
1236 -{
1237 - return type && (type->type == SYM_PTR || type->type == SYM_ARRAY);
1238 -}
1239 -
1240 1280 static inline int type_unsigned(struct symbol *base_type)
1241 1281 {
1242 1282 if (!base_type)
1243 1283 return 0;
1284 + if (is_ptr_type(base_type))
1285 + return 1;
1244 1286 if (base_type->ctype.modifiers & MOD_UNSIGNED)
1245 1287 return 1;
1246 1288 return 0;
1247 1289 }
1248 1290
1249 1291 static inline int type_positive_bits(struct symbol *type)
1250 1292 {
1251 1293 if (!type)
1252 1294 return 0;
1253 - if (type->type == SYM_ARRAY)
1254 - return bits_in_pointer - 1;
1295 + if (is_ptr_type(type))
1296 + return bits_in_pointer;
1255 1297 if (type_unsigned(type))
1256 1298 return type_bits(type);
1257 1299 return type_bits(type) - 1;
1258 1300 }
1259 1301
1260 1302 static inline int sval_positive_bits(sval_t sval)
1261 1303 {
1262 1304 return type_positive_bits(sval.type);
1263 1305 }
1264 1306
1265 1307 /*
1266 1308 * Returns -1 if one is smaller, 0 if they are the same and 1 if two is larger.
1267 1309 */
1268 1310 static inline int sval_cmp(sval_t one, sval_t two)
1269 1311 {
1270 1312 struct symbol *type;
1271 1313
1272 1314 type = one.type;
1273 1315 if (sval_positive_bits(two) > sval_positive_bits(one))
1274 1316 type = two.type;
1275 1317 if (type_bits(type) < 31)
1276 1318 type = &int_ctype;
1277 1319
1278 1320 one = sval_cast(type, one);
1279 1321 two = sval_cast(type, two);
1280 1322
1281 1323 if (type_unsigned(type)) {
1282 1324 if (one.uvalue < two.uvalue)
1283 1325 return -1;
1284 1326 if (one.uvalue == two.uvalue)
1285 1327 return 0;
1286 1328 return 1;
1287 1329 }
1288 1330 /* fix me handle type promotion and unsigned values */
1289 1331 if (one.value < two.value)
1290 1332 return -1;
1291 1333 if (one.value == two.value)
1292 1334 return 0;
1293 1335 return 1;
1294 1336 }
1295 1337
1296 1338 #endif /* !SMATCH_H_ */
|
↓ open down ↓ |
32 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX