search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
sval: delete unused filter_range_list() function
[smatch.git] / smatch_math.c
blob85299105eea78d7de216b811ff6cb054af6be138
1 /*
2 * smatch/smatch_math.c
3 *
4 * Copyright (C) 2010 Dan Carpenter.
5 *
6 * Licensed under the Open Software License version 1.1
7 *
8 */
9
10 #include "smatch.h"
11 #include "smatch_slist.h"
12 #include "smatch_extra.h"
13
14 static sval_t _get_value(struct expression *expr, int *undefined, int implied);
15 static sval_t _get_implied_value(struct expression *expr, int *undefined, int implied);
16
17 #define BOGUS 12345
18
19 static sval_t zero = {.type = &int_ctype, .value = 0};
20 static sval_t one = {.type = &int_ctype, .value = 1};
21 static sval_t bogus = {.type = &int_ctype, .value = BOGUS};
22
23 #define NOTIMPLIED 0
24 #define IMPLIED 1
25 #define IMPLIED_MIN 2
26 #define IMPLIED_MAX 3
27 #define FUZZYMAX 4
28 #define FUZZYMIN 5
29 #define ABSOLUTE_MIN 6
30 #define ABSOLUTE_MAX 7
31
32 static int opposite_implied(int implied)
33 {
34 if (implied == IMPLIED_MIN)
35 return IMPLIED_MAX;
36 if (implied == IMPLIED_MAX)
37 return IMPLIED_MIN;
38 if (implied == ABSOLUTE_MIN)
39 return ABSOLUTE_MAX;
40 if (implied == ABSOLUTE_MAX)
41 return ABSOLUTE_MIN;
42 return implied;
43 }
44
45 static int last_stmt_sval(struct statement *stmt, sval_t *sval)
46 {
47 struct expression *expr;
48
49 if (!stmt)
50 return 0;
51
52 stmt = last_ptr_list((struct ptr_list *)stmt->stmts);
53 if (stmt->type != STMT_EXPRESSION)
54 return 0;
55 expr = stmt->expression;
56 if (!get_value_sval(expr, sval))
57 return 0;
58 return 1;
59 }
60
61 static sval_t handle_expression_statement(struct expression *expr, int *undefined, int implied)
62 {
63 struct statement *stmt;
64 sval_t ret;
65
66 stmt = get_expression_statement(expr);
67 if (!last_stmt_sval(stmt, &ret)) {
68 *undefined = 1;
69 ret.value = BOGUS;
70 }
71
72 return ret;
73 }
74
75 static sval_t handle_ampersand(int *undefined, int implied)
76 {
77 sval_t ret;
78
79 ret.type = &ptr_ctype;
80 ret.value = BOGUS;
81
82 if (implied == IMPLIED_MIN || implied == FUZZYMIN || implied == ABSOLUTE_MIN)
83 return valid_ptr_min_sval;
84 if (implied == IMPLIED_MAX || implied == FUZZYMAX || implied == ABSOLUTE_MAX)
85 return valid_ptr_max_sval;
86
87 *undefined = 1;
88 return ret;
89 }
90
91 static sval_t handle_preop(struct expression *expr, int *undefined, int implied)
92 {
93 sval_t ret;
94
95 switch (expr->op) {
96 case '&':
97 ret = handle_ampersand(undefined, implied);
98 break;
99 case '!':
100 ret = _get_value(expr->unop, undefined, implied);
101 ret = sval_preop(ret, '!');
102 break;
103 case '~':
104 ret = _get_value(expr->unop, undefined, implied);
105 ret = sval_preop(ret, '~');
106 ret = sval_cast(ret, get_type(expr->unop));
107 break;
108 case '-':
109 ret = _get_value(expr->unop, undefined, implied);
110 ret = sval_preop(ret, '-');
111 break;
112 case '*':
113 ret = _get_implied_value(expr, undefined, implied);
114 break;
115 case '(':
116 ret = handle_expression_statement(expr, undefined, implied);
117 break;
118 default:
119 *undefined = 1;
120 ret = sval_blank(expr);
121 }
122 ret = sval_cast(ret, get_type(expr));
123 return ret;
124 }
125
126 static sval_t handle_divide(struct expression *expr, int *undefined, int implied)
127 {
128 sval_t left, right;
129
130 left = _get_value(expr->left, undefined, implied);
131 right = _get_value(expr->right, undefined, opposite_implied(implied));
132
133 if (right.value == 0)
134 *undefined = 1;
135
136 return sval_binop(left, '/', right);
137 }
138
139 static sval_t handle_subtract(struct expression *expr, int *undefined, int implied)
140 {
141 sval_t left, right;
142
143 left = _get_value(expr->left, undefined, implied);
144 right = _get_value(expr->right, undefined, opposite_implied(implied));
145
146 return sval_binop(left, '-', right);
147 }
148
149 static sval_t handle_binop(struct expression *expr, int *undefined, int implied)
150 {
151 sval_t left, right;
152 sval_t ret = {.type = &int_ctype, .value = 123456};
153 int local_undef = 0;
154
155 switch (expr->op) {
156 case '%':
157 left = _get_value(expr->left, &local_undef, implied);
158 if (local_undef) {
159 if (implied == ABSOLUTE_MIN) {
160 ret = sval_blank(expr->left);
161 ret.value = 0;
162 return ret;
163 }
164 if (implied != ABSOLUTE_MAX)
165 *undefined = 1;
166 if (!get_absolute_max_sval(expr->left, &left))
167 *undefined = 1;
168 }
169 right = _get_value(expr->right, undefined, implied);
170 if (right.value == 0)
171 *undefined = 1;
172 else
173 ret = sval_binop(left, '%', right);
174 return ret;
175
176 case '&':
177 left = _get_value(expr->left, &local_undef, implied);
178 if (local_undef) {
179 if (implied == ABSOLUTE_MIN) {
180 ret = sval_blank(expr->left);
181 ret.value = 0;
182 return ret;
183 }
184 if (implied != ABSOLUTE_MAX)
185 *undefined = 1;
186 if (!get_absolute_max_sval(expr->left, &left))
187 *undefined = 1;
188 }
189 right = _get_value(expr->right, undefined, implied);
190 return sval_binop(left, '&', right);
191
192 case SPECIAL_RIGHTSHIFT:
193 left = _get_value(expr->left, &local_undef, implied);
194 if (local_undef) {
195 if (implied == ABSOLUTE_MIN) {
196 ret = sval_blank(expr->left);
197 ret.value = 0;
198 return ret;
199 }
200 if (implied != ABSOLUTE_MAX)
201 *undefined = 1;
202 if (!get_absolute_max_sval(expr->left, &left))
203 *undefined = 1;
204 }
205 right = _get_value(expr->right, undefined, implied);
206 return sval_binop(left, SPECIAL_RIGHTSHIFT, right);
207 }
208
209 left = _get_value(expr->left, undefined, implied);
210 right = _get_value(expr->right, undefined, implied);
211
212 switch (expr->op) {
213 case '/':
214 return handle_divide(expr, undefined, implied);
215 case '%':
216 if (right.value == 0)
217 *undefined = 1;
218 else
219 ret = sval_binop(left, '%', right);
220 break;
221 case '-':
222 ret = handle_subtract(expr, undefined, implied);
223 break;
224 default:
225 ret = sval_binop(left, expr->op, right);
226 }
227 return ret;
228 }
229
230 static int do_comparison(struct expression *expr)
231 {
232 struct range_list_sval *left_ranges = NULL;
233 struct range_list_sval *right_ranges = NULL;
234 int poss_true, poss_false;
235
236 get_implied_range_list_sval(expr->left, &left_ranges);
237 get_implied_range_list_sval(expr->right, &right_ranges);
238
239 poss_true = possibly_true_range_lists_sval(left_ranges, expr->op, right_ranges);
240 poss_false = possibly_false_range_lists_sval(left_ranges, expr->op, right_ranges);
241
242 free_range_list_sval(&left_ranges);
243 free_range_list_sval(&right_ranges);
244
245 if (!poss_true && !poss_false)
246 return 0;
247 if (poss_true && !poss_false)
248 return 1;
249 if (!poss_true && poss_false)
250 return 2;
251 return 3;
252 }
253
254 static sval_t handle_comparison(struct expression *expr, int *undefined, int implied)
255 {
256 sval_t left, right;
257 int res;
258
259 if (get_value_sval(expr->left, &left) && get_value_sval(expr->right, &right)) {
260 struct data_range_sval tmp_left, tmp_right;
261
262 tmp_left.min = left;
263 tmp_left.max = left;
264 tmp_right.min = right;
265 tmp_right.max = right;
266 if (true_comparison_range_sval(&tmp_left, expr->op, &tmp_right))
267 return one;
268 return zero;
269 }
270
271 if (implied == NOTIMPLIED) {
272 *undefined = 1;
273 return bogus;
274 }
275
276 res = do_comparison(expr);
277 if (res == 1)
278 return one;
279 if (res == 2)
280 return zero;
281
282 if (implied == IMPLIED_MIN || implied == FUZZYMIN || implied == ABSOLUTE_MIN)
283 return zero;
284 if (implied == IMPLIED_MAX || implied == FUZZYMAX || implied == ABSOLUTE_MAX)
285 return one;
286
287 *undefined = 1;
288 return bogus;
289 }
290
291 static sval_t handle_logical(struct expression *expr, int *undefined, int implied)
292 {
293 sval_t left, right;
294
295 if ((implied == NOTIMPLIED && get_value_sval(expr->left, &left) &&
296 get_value_sval(expr->right, &right)) ||
297 (implied != NOTIMPLIED && get_implied_value_sval(expr->left, &left) &&
298 get_implied_value_sval(expr->right, &right))) {
299 switch (expr->op) {
300 case SPECIAL_LOGICAL_OR:
301 if (left.value || right.value)
302 return one;
303 return zero;
304 case SPECIAL_LOGICAL_AND:
305 if (left.value && right.value)
306 return one;
307 return zero;
308 default:
309 *undefined = 1;
310 return bogus;
311 }
312 }
313
314 if (implied == IMPLIED_MIN || implied == FUZZYMIN || implied == ABSOLUTE_MIN)
315 return zero;
316 if (implied == IMPLIED_MAX || implied == FUZZYMAX || implied == ABSOLUTE_MAX)
317 return one;
318
319 *undefined = 1;
320 return bogus;
321 }
322
323 static sval_t handle_conditional(struct expression *expr, int *undefined, int implied)
324 {
325 if (known_condition_true(expr->conditional))
326 return _get_value(expr->cond_true, undefined, implied);
327 if (known_condition_false(expr->conditional))
328 return _get_value(expr->cond_false, undefined, implied);
329
330 if (implied == NOTIMPLIED) {
331 *undefined = 1;
332 return bogus;
333 }
334
335 if (implied_condition_true(expr->conditional))
336 return _get_value(expr->cond_true, undefined, implied);
337 if (implied_condition_false(expr->conditional))
338 return _get_value(expr->cond_false, undefined, implied);
339
340 *undefined = 1;
341 return bogus;
342 }
343
344 static int get_implied_value_helper(struct expression *expr, sval_t *sval, int implied)
345 {
346 struct smatch_state *state;
347 struct symbol *sym;
348 char *name;
349
350 /* fixme: this should return the casted value */
351
352 expr = strip_expr(expr);
353
354 if (get_value_sval(expr, sval))
355 return 1;
356
357 name = get_variable_from_expr(expr, &sym);
358 if (!name)
359 return 0;
360 *sval = sval_blank(expr);
361 state = get_state(SMATCH_EXTRA, name, sym);
362 free_string(name);
363 if (!state || !state->data)
364 return 0;
365 if (implied == IMPLIED) {
366 if (estate_get_single_value_sval(state, sval))
367 return 1;
368 return 0;
369 }
370 if (implied == IMPLIED_MAX || implied == ABSOLUTE_MAX) {
371 *sval = estate_max_sval(state);
372 if (sval_is_max(*sval)) /* this means just guessing. fixme. not really */
373 return 0;
374 return 1;
375 }
376 *sval = estate_min_sval(state);
377 if (sval_is_min(*sval)) /* fixme */
378 return 0;
379 return 1;
380 }
381
382 static int get_fuzzy_max_helper(struct expression *expr, sval_t *max)
383 {
384 struct sm_state *sm;
385 struct sm_state *tmp;
386 sval_t sval;
387
388 if (get_implied_max_sval(expr, max))
389 return 1;
390
391 sm = get_sm_state_expr(SMATCH_EXTRA, expr);
392 if (!sm)
393 return 0;
394
395 sval = sval_type_min(&llong_ctype);
396 FOR_EACH_PTR(sm->possible, tmp) {
397 sval_t new_min;
398
399 new_min = estate_min_sval(tmp->state);
400 if (sval_cmp(new_min, sval) > 0)
401 sval = new_min;
402 } END_FOR_EACH_PTR(tmp);
403
404 if (sval_is_min(sval))
405 return 0;
406
407 *max = sval_cast(sval, get_type(expr));
408 return 1;
409 }
410
411 static int get_fuzzy_min_helper(struct expression *expr, sval_t *min)
412 {
413 struct sm_state *sm;
414 struct sm_state *tmp;
415 sval_t sval;
416
417 if (get_implied_min_sval(expr, min))
418 return 1;
419
420 sm = get_sm_state_expr(SMATCH_EXTRA, expr);
421 if (!sm)
422 return 0;
423
424 sval = sval_type_max(&llong_ctype);
425 FOR_EACH_PTR(sm->possible, tmp) {
426 sval_t new_max;
427
428 new_max = estate_max_sval(tmp->state);
429 if (sval_cmp(new_max, sval) < 0)
430 sval = new_max;
431 } END_FOR_EACH_PTR(tmp);
432
433 if (sval_is_max(sval))
434 return 0;
435 *min = sval_cast(sval, get_type(expr));
436 return 1;
437 }
438
439 static sval_t _get_implied_value(struct expression *expr, int *undefined, int implied)
440 {
441 sval_t ret;
442
443 ret = sval_blank(expr);
444
445 switch (implied) {
446 case IMPLIED:
447 case IMPLIED_MAX:
448 case IMPLIED_MIN:
449 if (!get_implied_value_helper(expr, &ret, implied))
450 *undefined = 1;
451 break;
452 case ABSOLUTE_MIN:
453 if (!get_absolute_min_helper(expr, &ret))
454 *undefined = 1;
455 break;
456 case ABSOLUTE_MAX:
457 if (!get_absolute_max_helper(expr, &ret))
458 *undefined = 1;
459 break;
460 case FUZZYMAX:
461 if (!get_fuzzy_max_helper(expr, &ret))
462 *undefined = 1;
463 break;
464 case FUZZYMIN:
465 if (!get_fuzzy_min_helper(expr, &ret))
466 *undefined = 1;
467 break;
468 default:
469 *undefined = 1;
470 }
471 return ret;
472 }
473
474 static int get_const_value(struct expression *expr, sval_t *sval)
475 {
476 struct symbol *sym;
477 sval_t right;
478
479 if (expr->type != EXPR_SYMBOL || !expr->symbol)
480 return 0;
481 sym = expr->symbol;
482 if (!(sym->ctype.modifiers & MOD_CONST))
483 return 0;
484 if (get_value_sval(sym->initializer, &right)) {
485 *sval = sval_cast(right, get_type(expr));
486 return 1;
487 }
488 return 0;
489 }
490
491 static sval_t _get_value(struct expression *expr, int *undefined, int implied)
492 {
493 sval_t tmp_ret;
494
495 if (!expr) {
496 *undefined = 1;
497 return bogus;
498 }
499 if (*undefined)
500 return bogus;
501
502 expr = strip_parens(expr);
503
504 switch (expr->type) {
505 case EXPR_VALUE:
506 tmp_ret = sval_from_val(expr, expr->value);
507 break;
508 case EXPR_PREOP:
509 tmp_ret = handle_preop(expr, undefined, implied);
510 break;
511 case EXPR_POSTOP:
512 tmp_ret = _get_value(expr->unop, undefined, implied);
513 break;
514 case EXPR_CAST:
515 case EXPR_FORCE_CAST:
516 case EXPR_IMPLIED_CAST:
517 tmp_ret = _get_value(expr->cast_expression, undefined, implied);
518 tmp_ret = sval_cast(tmp_ret, get_type(expr));
519 break;
520 case EXPR_BINOP:
521 tmp_ret = handle_binop(expr, undefined, implied);
522 break;
523 case EXPR_COMPARE:
524 tmp_ret = handle_comparison(expr, undefined, implied);
525 break;
526 case EXPR_LOGICAL:
527 tmp_ret = handle_logical(expr, undefined, implied);
528 break;
529 case EXPR_PTRSIZEOF:
530 case EXPR_SIZEOF:
531 tmp_ret = sval_blank(expr);
532 tmp_ret.value = get_expression_value_nomod(expr);
533 break;
534 case EXPR_SYMBOL:
535 if (get_const_value(expr, &tmp_ret)) {
536 break;
537 }
538 tmp_ret = _get_implied_value(expr, undefined, implied);
539 break;
540 case EXPR_SELECT:
541 case EXPR_CONDITIONAL:
542 tmp_ret = handle_conditional(expr, undefined, implied);
543 break;
544 default:
545 tmp_ret = _get_implied_value(expr, undefined, implied);
546 }
547 if (*undefined)
548 return bogus;
549 return tmp_ret;
550 }
551
552 /* returns 1 if it can get a value literal or else returns 0 */
553 int get_value_sval(struct expression *expr, sval_t *sval)
554 {
555 int undefined = 0;
556 sval_t ret;
557
558 ret = _get_value(expr, &undefined, NOTIMPLIED);
559 if (undefined)
560 return 0;
561 *sval = ret;
562 return 1;
563 }
564
565 int get_implied_value_sval(struct expression *expr, sval_t *sval)
566 {
567 int undefined = 0;
568 sval_t ret;
569
570 ret = _get_value(expr, &undefined, IMPLIED);
571 if (undefined)
572 return 0;
573 *sval = ret;
574 return 1;
575 }
576
577 int get_implied_min_sval(struct expression *expr, sval_t *sval)
578 {
579 int undefined = 0;
580 sval_t ret;
581
582 ret = _get_value(expr, &undefined, IMPLIED_MIN);
583 if (undefined)
584 return 0;
585 *sval = ret;
586 return 1;
587 }
588
589 int get_implied_max_sval(struct expression *expr, sval_t *sval)
590 {
591 int undefined = 0;
592 sval_t ret;
593
594 ret = _get_value(expr, &undefined, IMPLIED_MAX);
595 if (undefined)
596 return 0;
597 *sval = ret;
598 return 1;
599 }
600
601 int get_fuzzy_min_sval(struct expression *expr, sval_t *sval)
602 {
603 int undefined = 0;
604 sval_t ret;
605
606 ret = _get_value(expr, &undefined, FUZZYMIN);
607 if (undefined)
608 return 0;
609 *sval = ret;
610 return 1;
611 }
612
613 int get_fuzzy_max_sval(struct expression *expr, sval_t *sval)
614 {
615 int undefined = 0;
616 sval_t ret;
617
618 ret = _get_value(expr, &undefined, FUZZYMAX);
619 if (undefined)
620 return 0;
621 *sval = ret;
622 return 1;
623 }
624
625 int get_absolute_min_sval(struct expression *expr, sval_t *sval)
626 {
627 int undefined = 0;
628 struct symbol *type;
629
630 type = get_type(expr);
631 *sval = _get_value(expr, &undefined, ABSOLUTE_MIN);
632 if (undefined) {
633 *sval = sval_type_min(type);
634 return 1;
635 }
636
637 if (sval_cmp(*sval, sval_type_min(type)) < 0)
638 *sval = sval_type_min(type);
639 return 1;
640 }
641
642 int get_absolute_max_sval(struct expression *expr, sval_t *sval)
643 {
644 int undefined = 0;
645 struct symbol *type;
646
647 type = get_type(expr);
648 *sval = _get_value(expr, &undefined, ABSOLUTE_MAX);
649 if (undefined) {
650 *sval = sval_type_max(type);
651 return 1;
652 }
653
654 if (sval_cmp(sval_type_max(type), *sval) < 0)
655 *sval = sval_type_max(type);
656 return 1;
657 }
658
659 int known_condition_true(struct expression *expr)
660 {
661 sval_t tmp;
662
663 if (!expr)
664 return 0;
665
666 if (get_value_sval(expr, &tmp) && tmp.value)
667 return 1;
668
669 return 0;
670 }
671
672 int known_condition_false(struct expression *expr)
673 {
674 if (!expr)
675 return 0;
676
677 if (is_zero(expr))
678 return 1;
679
680 if (expr->type == EXPR_CALL) {
681 if (sym_name_is("__builtin_constant_p", expr->fn))
682 return 1;
683 }
684 return 0;
685 }
686
687 int implied_condition_true(struct expression *expr)
688 {
689 sval_t tmp;
690
691 if (!expr)
692 return 0;
693
694 if (known_condition_true(expr))
695 return 1;
696 if (get_implied_value_sval(expr, &tmp) && tmp.value)
697 return 1;
698
699 if (expr->type == EXPR_POSTOP)
700 return implied_condition_true(expr->unop);
701
702 if (expr->type == EXPR_PREOP && expr->op == SPECIAL_DECREMENT)
703 return implied_not_equal(expr->unop, 1);
704 if (expr->type == EXPR_PREOP && expr->op == SPECIAL_INCREMENT)
705 return implied_not_equal(expr->unop, -1);
706
707 expr = strip_expr(expr);
708 switch (expr->type) {
709 case EXPR_COMPARE:
710 if (do_comparison(expr) == 1)
711 return 1;
712 break;
713 case EXPR_PREOP:
714 if (expr->op == '!') {
715 if (implied_condition_false(expr->unop))
716 return 1;
717 break;
718 }
719 break;
720 default:
721 if (implied_not_equal(expr, 0) == 1)
722 return 1;
723 break;
724 }
725 return 0;
726 }
727
728 int implied_condition_false(struct expression *expr)
729 {
730 struct expression *tmp;
731 sval_t sval;
732
733 if (!expr)
734 return 0;
735
736 if (known_condition_false(expr))
737 return 1;
738
739 switch (expr->type) {
740 case EXPR_COMPARE:
741 if (do_comparison(expr) == 2)
742 return 1;
743 case EXPR_PREOP:
744 if (expr->op == '!') {
745 if (implied_condition_true(expr->unop))
746 return 1;
747 break;
748 }
749 tmp = strip_expr(expr);
750 if (tmp != expr)
751 return implied_condition_false(tmp);
752 break;
753 default:
754 if (get_implied_value_sval(expr, &sval) && sval.value == 0)
755 return 1;
756 break;
757 }
758 return 0;
759 }
Static analysis for C