search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
extra, db: don't use PARAM_VALUE for return states
[smatch.git] / smatch_capped.c
blobab8a0d39a47d56863116e10b73f5e8212933a6bd
1 /*
2 * Copyright (C) 2011 Oracle. All rights reserved.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version 2
7 * of the License, or (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt
16 */
17
18 /*
19 * This is trying to make a list of the variables which
20 * have capped values. Sometimes we don't know what the
21 * cap is, for example if we are comparing variables but
22 * we don't know the values of the variables. In that
23 * case we only know that our variable is capped and we
24 * sort that information here.
25 */
26
27 #include "smatch.h"
28 #include "smatch_slist.h"
29
30 static int my_id;
31
32 STATE(capped);
33 STATE(uncapped);
34
35 static int is_capped_macro(struct expression *expr)
36 {
37 char *name;
38
39 name = get_macro_name(expr->pos);
40 if (!name)
41 return 0;
42
43 if (strcmp(name, "min") == 0)
44 return 1;
45 if (strcmp(name, "MIN") == 0)
46 return 1;
47 if (strcmp(name, "min_t") == 0)
48 return 1;
49
50 return 0;
51 }
52
53 int is_capped(struct expression *expr)
54 {
55 sval_t dummy;
56
57 expr = strip_expr(expr);
58 while (expr && expr->type == EXPR_POSTOP) {
59 expr = strip_expr(expr->unop);
60 }
61 if (!expr)
62 return 0;
63
64 if (get_hard_max(expr, &dummy))
65 return 1;
66
67 if (is_capped_macro(expr))
68 return 1;
69
70 if (expr->type == EXPR_BINOP) {
71 if (expr->op == '&')
72 return 1;
73 if (expr->op == SPECIAL_RIGHTSHIFT)
74 return 1;
75 if (expr->op == '%')
76 return is_capped(expr->right);
77 if (!is_capped(expr->left))
78 return 0;
79 if (expr->op == '/')
80 return 1;
81 if (!is_capped(expr->right))
82 return 0;
83 return 1;
84 }
85 if (get_state_expr(my_id, expr) == &capped)
86 return 1;
87 return 0;
88 }
89
90 int is_capped_var_sym(const char *name, struct symbol *sym)
91 {
92 if (get_state(my_id, name, sym) == &capped)
93 return 1;
94 return 0;
95 }
96
97 void set_param_capped_data(const char *name, struct symbol *sym, char *key, char *value)
98 {
99 char fullname[256];
100
101 if (strncmp(key, "$", 1))
102 return;
103 snprintf(fullname, 256, "%s%s", name, key + 1);
104 set_state(my_id, fullname, sym, &capped);
105 }
106
107 static void match_condition(struct expression *expr)
108 {
109 struct smatch_state *left_true = NULL;
110 struct smatch_state *left_false = NULL;
111 struct smatch_state *right_true = NULL;
112 struct smatch_state *right_false = NULL;
113
114
115 if (expr->type != EXPR_COMPARE)
116 return;
117
118 switch (expr->op) {
119 case '<':
120 case SPECIAL_LTE:
121 case SPECIAL_UNSIGNED_LT:
122 case SPECIAL_UNSIGNED_LTE:
123 left_true = &capped;
124 right_false = &capped;
125 break;
126 case '>':
127 case SPECIAL_GTE:
128 case SPECIAL_UNSIGNED_GT:
129 case SPECIAL_UNSIGNED_GTE:
130 left_false = &capped;
131 right_true = &capped;
132 break;
133 case SPECIAL_EQUAL:
134 left_true = &capped;
135 right_true = &capped;
136 break;
137 case SPECIAL_NOTEQUAL:
138 left_false = &capped;
139 right_false = &capped;
140 break;
141
142 default:
143 return;
144 }
145
146 set_true_false_states_expr(my_id, expr->right, right_true, right_false);
147 set_true_false_states_expr(my_id, expr->left, left_true, left_false);
148 }
149
150 static void match_assign(struct expression *expr)
151 {
152 if (is_capped(expr->right)) {
153 set_state_expr(my_id, expr->left, &capped);
154 } else {
155 if (get_state_expr(my_id, expr->left))
156 set_state_expr(my_id, expr->left, &uncapped);
157 }
158 }
159
160 static void match_caller_info(struct expression *expr)
161 {
162 struct expression *tmp;
163 sval_t sval;
164 int i;
165
166 i = -1;
167 FOR_EACH_PTR(expr->args, tmp) {
168 i++;
169 if (get_implied_value(tmp, &sval))
170 continue;
171 if (!is_capped(tmp))
172 continue;
173 sql_insert_caller_info(expr, CAPPED_DATA, i, "$", "1");
174 } END_FOR_EACH_PTR(tmp);
175 }
176
177 static void struct_member_callback(struct expression *call, int param, char *printed_name, struct sm_state *sm)
178 {
179 struct smatch_state *estate;
180 sval_t sval;
181
182 if (sm->state != &capped)
183 return;
184 estate = get_state(SMATCH_EXTRA, sm->name, sm->sym);
185 if (estate_get_single_value(estate, &sval))
186 return;
187 sql_insert_caller_info(call, CAPPED_DATA, param, printed_name, "1");
188 }
189
190 static int is_unmodified(const char *name)
191 {
192 char orig[256];
193
194 snprintf(orig, sizeof(orig), "%s orig", name);
195
196 if (get_comparison_strings(name, orig) == SPECIAL_EQUAL)
197 return 1;
198 return 0;
199 }
200
201 static void print_return_implies_capped(int return_id, char *return_ranges, struct expression *expr)
202 {
203 struct smatch_state *orig, *estate;
204 struct sm_state *sm;
205 const char *param_name;
206 int param;
207 sval_t sval;
208
209 FOR_EACH_MY_SM(my_id, __get_cur_stree(), sm) {
210 if (sm->state != &capped)
211 continue;
212
213 param = get_param_num_from_sym(sm->sym);
214 if (param < 0)
215 continue;
216
217 estate = get_state(SMATCH_EXTRA, sm->name, sm->sym);
218 if (estate_get_single_value(estate, &sval))
219 continue;
220
221 orig = get_state_stree(get_start_states(), my_id, sm->name, sm->sym);
222 if (orig == &capped)
223 continue;
224
225 if (!is_unmodified(sm->name))
226 continue;
227
228 param_name = get_param_name(sm);
229 if (!param_name)
230 continue;
231
232 sql_insert_return_states(return_id, return_ranges, CAPPED_DATA,
233 param, param_name, "1");
234 } END_FOR_EACH_SM(sm);
235 }
236
237 static void db_return_states_capped(struct expression *expr, int param, char *key, char *value)
238 {
239 char *name;
240 struct symbol *sym;
241
242 name = return_state_to_var_sym(expr, param, key, &sym);
243 if (!name || !sym)
244 goto free;
245
246 set_state(my_id, name, sym, &capped);
247 free:
248 free_string(name);
249 }
250
251 void register_capped(int id)
252 {
253 my_id = id;
254
255 select_caller_info_hook(set_param_capped_data, CAPPED_DATA);
256 add_hook(&match_condition, CONDITION_HOOK);
257 add_hook(&match_assign, ASSIGNMENT_HOOK);
258
259 add_hook(&match_caller_info, FUNCTION_CALL_HOOK);
260 add_member_info_callback(my_id, struct_member_callback);
261
262 add_split_return_callback(print_return_implies_capped);
263 select_return_states_hook(CAPPED_DATA, &db_return_states_capped);
264 }
Static analysis for C