search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
locking: make "sometimes locked" messages depend on --spammy
[smatch.git] / check_locking.c
blob42e58757016a17ed3453b9f2850ab4defa78f5bf
1 /*
2 * sparse/check_locking.c
3 *
4 * Copyright (C) 2009 Dan Carpenter.
5 *
6 * Licensed under the Open Software License version 1.1
7 *
8 */
9
10 /*
11 * This test checks that locks are held the same across all returns.
12 *
13 * Of course, some functions are designed to only hold the locks on success.
14 * Oh well... We can rewrite it later if we want.
15 *
16 * The list of wine locking functions came from an earlier script written
17 * by Michael Stefaniuc.
18 *
19 */
20
21 #include "parse.h"
22 #include "smatch.h"
23 #include "smatch_slist.h"
24
25 static int my_id;
26
27 STATE(locked);
28 STATE(start_state);
29 STATE(unlocked);
30
31 enum action {
32 LOCK,
33 UNLOCK,
34 };
35
36 enum return_type {
37 ret_any,
38 ret_non_zero,
39 ret_zero,
40 };
41
42 #define RETURN_VAL -1
43 #define NO_ARG -2
44
45 struct lock_info {
46 const char *function;
47 enum action action;
48 const char *name;
49 int arg;
50 enum return_type return_type;
51 };
52
53 static struct lock_info wine_lock_table[] = {
54 {"create_window_handle", LOCK, "create_window_handle", RETURN_VAL, ret_non_zero},
55 {"WIN_GetPtr", LOCK, "create_window_handle", RETURN_VAL, ret_non_zero},
56 {"WIN_ReleasePtr", UNLOCK, "create_window_handle", 0, ret_any},
57 {"EnterCriticalSection", LOCK, "CriticalSection", 0, ret_any},
58 {"LeaveCriticalSection", UNLOCK, "CriticalSection", 0, ret_any},
59 {"RtlEnterCriticalSection", LOCK, "RtlCriticalSection", 0, ret_any},
60 {"RtlLeaveCriticalSection", UNLOCK, "RtlCriticalSection", 0, ret_any},
61 {"GDI_GetObjPtr", LOCK, "GDI_Get", 0, ret_non_zero},
62 {"GDI_ReleaseObj", UNLOCK, "GDI_Get", 0, ret_any},
63 {"LdrLockLoaderLock", LOCK, "LdrLockLoaderLock", 2, ret_any},
64 {"LdrUnlockLoaderLock", UNLOCK, "LdrLockLoaderLock", 1, ret_any},
65 {"_lock", LOCK, "_lock", 0, ret_any},
66 {"_unlock", UNLOCK, "_lock", 0, ret_any},
67 {"msiobj_lock", LOCK, "msiobj_lock", 0, ret_any},
68 {"msiobj_unlock", UNLOCK, "msiobj_lock", 0, ret_any},
69 {"RtlAcquirePebLock", LOCK, "PebLock", NO_ARG, ret_any},
70 {"RtlReleasePebLock", UNLOCK, "PebLock", NO_ARG, ret_any},
71 {"server_enter_uninterrupted_section", LOCK, "server_uninterrupted_section", 0, ret_any},
72 {"server_leave_uninterrupted_section", UNLOCK, "server_uninterrupted_section", 0, ret_any},
73 {"RtlLockHeap", LOCK, "RtlLockHeap", 0, ret_any},
74 {"RtlUnlockHeap", UNLOCK, "RtlLockHeap", 0, ret_any},
75 {"_EnterSysLevel", LOCK, "SysLevel", 0, ret_any},
76 {"_LeaveSysLevel", UNLOCK, "SysLevel", 0, ret_any},
77 {"USER_Lock", LOCK, "USER_Lock", NO_ARG, ret_any},
78 {"USER_Unlock", UNLOCK, "USER_Lock", NO_ARG, ret_any},
79 {"wine_tsx11_lock", LOCK, "wine_tsx11_lock", NO_ARG, ret_any},
80 {"wine_tsx11_unlock", UNLOCK, "wine_tsx11_lock", NO_ARG, ret_any},
81 {"wine_tsx11_lock_ptr", LOCK, "wine_tsx11_lock_ptr", NO_ARG, ret_any},
82 {"wine_tsx11_unlock_ptr", UNLOCK, "wine_tsx11_lock_ptr", NO_ARG, ret_any},
83 {"wined3d_mutex_lock", LOCK, "wined3d_mutex_lock", NO_ARG, ret_any},
84 {"wined3d_mutex_unlock", UNLOCK, "wined3d_mutex_lock", NO_ARG, ret_any},
85 {"X11DRV_DIB_Lock", LOCK, "X11DRV_DIB_Lock", 0, ret_any},
86 {"X11DRV_DIB_Unlock", UNLOCK, "X11DRV_DIB_Lock", 0, ret_any},
87 };
88
89 static struct lock_info kernel_lock_table[] = {
90 {"lock_kernel", LOCK, "BKL", NO_ARG, ret_any},
91 {"unlock_kernel", UNLOCK, "BKL", NO_ARG, ret_any},
92
93 {"spin_lock", LOCK, "spin_lock", 0, ret_any},
94 {"spin_unlock", UNLOCK, "spin_lock", 0, ret_any},
95 {"spin_lock_nested", LOCK, "spin_lock", 0, ret_any},
96 {"_spin_lock", LOCK, "spin_lock", 0, ret_any},
97 {"_spin_unlock", UNLOCK, "spin_lock", 0, ret_any},
98 {"_spin_lock_nested", LOCK, "spin_lock", 0, ret_any},
99 {"__spin_lock", LOCK, "spin_lock", 0, ret_any},
100 {"__spin_unlock", UNLOCK, "spin_lock", 0, ret_any},
101 {"__spin_lock_nested", LOCK, "spin_lock", 0, ret_any},
102 {"raw_spin_lock", LOCK, "spin_lock", 0, ret_any},
103 {"raw_spin_unlock", UNLOCK, "spin_lock", 0, ret_any},
104 {"_raw_spin_lock", LOCK, "spin_lock", 0, ret_any},
105 {"_raw_spin_unlock", UNLOCK, "spin_lock", 0, ret_any},
106 {"__raw_spin_lock", LOCK, "spin_lock", 0, ret_any},
107 {"__raw_spin_unlock", UNLOCK, "spin_lock", 0, ret_any},
108
109 {"spin_lock_irq", LOCK, "spin_lock", 0, ret_any},
110 {"spin_unlock_irq", UNLOCK, "spin_lock", 0, ret_any},
111 {"_spin_lock_irq", LOCK, "spin_lock", 0, ret_any},
112 {"_spin_unlock_irq", UNLOCK, "spin_lock", 0, ret_any},
113 {"__spin_lock_irq", LOCK, "spin_lock", 0, ret_any},
114 {"__spin_unlock_irq", UNLOCK, "spin_lock", 0, ret_any},
115 {"spin_lock_irqsave", LOCK, "spin_lock", 0, ret_any},
116 {"spin_unlock_irqrestore", UNLOCK, "spin_lock", 0, ret_any},
117 {"_spin_lock_irqsave", LOCK, "spin_lock", 0, ret_any},
118 {"_spin_unlock_irqrestore", UNLOCK, "spin_lock", 0, ret_any},
119 {"__spin_lock_irqsave", LOCK, "spin_lock", 0, ret_any},
120 {"__spin_unlock_irqrestore", UNLOCK, "spin_lock", 0, ret_any},
121 {"_raw_spin_lock_irqsave", LOCK, "spin_lock", 0, ret_any},
122 {"__raw_spin_lock_irqsave", LOCK, "spin_lock", 0, ret_any},
123 {"spin_lock_irqsave_nested", LOCK, "spin_lock", 0, ret_any},
124 {"_spin_lock_irqsave_nested", LOCK, "spin_lock", 0, ret_any},
125 {"__spin_lock_irqsave_nested", LOCK, "spin_lock", 0, ret_any},
126 {"spin_lock_bh", LOCK, "spin_lock", 0, ret_any},
127 {"spin_unlock_bh", UNLOCK, "spin_lock", 0, ret_any},
128 {"_spin_lock_bh", LOCK, "spin_lock", 0, ret_any},
129 {"_spin_unlock_bh", UNLOCK, "spin_lock", 0, ret_any},
130 {"__spin_lock_bh", LOCK, "spin_lock", 0, ret_any},
131 {"__spin_unlock_bh", UNLOCK, "spin_lock", 0, ret_any},
132
133 {"spin_trylock", LOCK, "spin_lock", 0, ret_non_zero},
134 {"_spin_trylock", LOCK, "spin_lock", 0, ret_non_zero},
135 {"__spin_trylock", LOCK, "spin_lock", 0, ret_non_zero},
136 {"raw_spin_trylock", LOCK, "spin_lock", 0, ret_non_zero},
137 {"_raw_spin_trylock", LOCK, "spin_lock", 0, ret_non_zero},
138 {"spin_trylock_bh", LOCK, "spin_lock", 0, ret_non_zero},
139 {"_spin_trylock_bh", LOCK, "spin_lock", 0, ret_non_zero},
140 {"__spin_trylock_bh", LOCK, "spin_lock", 0, ret_non_zero},
141 {"__raw_spin_trylock", LOCK, "spin_lock", 0, ret_non_zero},
142
143 {"read_lock", LOCK, "read_lock", 0, ret_any},
144 {"read_unlock", UNLOCK, "read_lock", 0, ret_any},
145 {"_read_lock", LOCK, "read_lock", 0, ret_any},
146 {"_read_unlock", UNLOCK, "read_lock", 0, ret_any},
147 {"__read_lock", LOCK, "read_lock", 0, ret_any},
148 {"__read_unlock", UNLOCK, "read_lock", 0, ret_any},
149 {"read_lock_irq", LOCK, "read_lock", 0, ret_any},
150 {"read_unlock_irq" , UNLOCK, "read_lock", 0, ret_any},
151 {"_read_lock_irq", LOCK, "read_lock", 0, ret_any},
152 {"_read_unlock_irq", UNLOCK, "read_lock", 0, ret_any},
153 {"__read_lock_irq", LOCK, "read_lock", 0, ret_any},
154 {"__read_unlock_irq", UNLOCK, "read_lock", 0, ret_any},
155 {"read_lock_irqsave", LOCK, "read_lock", 0, ret_any},
156 {"read_unlock_irqrestore", UNLOCK, "read_lock", 0, ret_any},
157 {"_read_lock_irqsave", LOCK, "read_lock", 0, ret_any},
158 {"_read_unlock_irqrestore", UNLOCK, "read_lock", 0, ret_any},
159 {"__read_lock_irqsave", LOCK, "read_lock", 0, ret_any},
160 {"__read_unlock_irqrestore", UNLOCK, "read_lock", 0, ret_any},
161 {"read_lock_bh", LOCK, "read_lock", 0, ret_any},
162 {"read_unlock_bh", UNLOCK, "read_lock", 0, ret_any},
163 {"_read_lock_bh", LOCK, "read_lock", 0, ret_any},
164 {"_read_unlock_bh", UNLOCK, "read_lock", 0, ret_any},
165 {"__read_lock_bh", LOCK, "read_lock", 0, ret_any},
166 {"__read_unlock_bh", UNLOCK, "read_lock", 0, ret_any},
167
168 {"generic__raw_read_trylock", LOCK, "read_lock", 0, ret_non_zero},
169 {"read_trylock", LOCK, "read_lock", 0, ret_non_zero},
170 {"_read_trylock", LOCK, "read_lock", 0, ret_non_zero},
171 {"raw_read_trylock", LOCK, "read_lock", 0, ret_non_zero},
172 {"_raw_read_trylock", LOCK, "read_lock", 0, ret_non_zero},
173 {"__raw_read_trylock", LOCK, "read_lock", 0, ret_non_zero},
174 {"__read_trylock", LOCK, "read_lock", 0, ret_non_zero},
175
176 {"write_lock", LOCK, "write_lock", 0, ret_any},
177 {"write_unlock", UNLOCK, "write_lock", 0, ret_any},
178 {"_write_lock", LOCK, "write_lock", 0, ret_any},
179 {"_write_unlock", UNLOCK, "write_lock", 0, ret_any},
180 {"__write_lock", LOCK, "write_lock", 0, ret_any},
181 {"__write_unlock", UNLOCK, "write_lock", 0, ret_any},
182 {"write_lock_irq", LOCK, "write_lock", 0, ret_any},
183 {"write_unlock_irq", UNLOCK, "write_lock", 0, ret_any},
184 {"_write_lock_irq", LOCK, "write_lock", 0, ret_any},
185 {"_write_unlock_irq", UNLOCK, "write_lock", 0, ret_any},
186 {"__write_lock_irq", LOCK, "write_lock", 0, ret_any},
187 {"__write_unlock_irq", UNLOCK, "write_lock", 0, ret_any},
188 {"write_lock_irqsave", LOCK, "write_lock", 0, ret_any},
189 {"write_unlock_irqrestore", UNLOCK, "write_lock", 0, ret_any},
190 {"_write_lock_irqsave", LOCK, "write_lock", 0, ret_any},
191 {"_write_unlock_irqrestore", UNLOCK, "write_lock", 0, ret_any},
192 {"__write_lock_irqsave", LOCK, "write_lock", 0, ret_any},
193 {"__write_unlock_irqrestore", UNLOCK, "write_lock", 0, ret_any},
194 {"write_lock_bh", LOCK, "write_lock", 0, ret_any},
195 {"write_unlock_bh", UNLOCK, "write_lock", 0, ret_any},
196 {"_write_lock_bh", LOCK, "write_lock", 0, ret_any},
197 {"_write_unlock_bh", UNLOCK, "write_lock", 0, ret_any},
198 {"__write_lock_bh", LOCK, "write_lock", 0, ret_any},
199 {"__write_unlock_bh", UNLOCK, "write_lock", 0, ret_any},
200
201 {"write_trylock", LOCK, "write_lock", 0, ret_non_zero},
202 {"_write_trylock", LOCK, "write_lock", 0, ret_non_zero},
203 {"raw_write_trylock", LOCK, "write_lock", 0, ret_non_zero},
204 {"_raw_write_trylock", LOCK, "write_lock", 0, ret_non_zero},
205 {"__write_trylock", LOCK, "write_lock", 0, ret_non_zero},
206 {"__raw_write_trylock", LOCK, "write_lock", 0, ret_non_zero},
207
208 {"down", LOCK, "sem", 0, ret_any},
209 {"up", UNLOCK, "sem", 0, ret_any},
210 {"down_trylock", LOCK, "sem", 0, ret_zero},
211 {"down_interruptible", LOCK, "sem", 0, ret_zero},
212
213 {"mutex_lock", LOCK, "mutex", 0, ret_any},
214 {"mutex_unlock", UNLOCK, "mutex", 0, ret_any},
215 {"mutex_lock_nested", LOCK, "mutex", 0, ret_any},
216
217 {"mutex_lock_interruptible", LOCK, "mutex", 0, ret_zero},
218 {"mutex_lock_interruptible_nested", LOCK, "mutex", 0, ret_zero},
219 {"mutex_lock_killable", LOCK, "mutex", 0, ret_zero},
220 {"mutex_lock_killable_nested", LOCK, "mutex", 0, ret_zero},
221
222 {"mutex_trylock", LOCK, "mutex", 0, ret_non_zero},
223
224 {"raw_local_irq_disable", LOCK, "irq", NO_ARG, ret_any},
225 {"raw_local_irq_enable", UNLOCK, "irq", NO_ARG, ret_any},
226 {"spin_lock_irq", LOCK, "irq", NO_ARG, ret_any},
227 {"spin_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
228 {"_spin_lock_irq", LOCK, "irq", NO_ARG, ret_any},
229 {"_spin_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
230 {"__spin_lock_irq", LOCK, "irq", NO_ARG, ret_any},
231 {"__spin_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
232 {"read_lock_irq", LOCK, "irq", NO_ARG, ret_any},
233 {"read_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
234 {"_read_lock_irq", LOCK, "irq", NO_ARG, ret_any},
235 {"_read_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
236 {"__read_lock_irq", LOCK, "irq", NO_ARG, ret_any},
237 {"__read_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
238 {"write_lock_irq", LOCK, "irq", NO_ARG, ret_any},
239 {"write_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
240 {"_write_lock_irq", LOCK, "irq", NO_ARG, ret_any},
241 {"_write_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
242 {"__write_lock_irq", LOCK, "irq", NO_ARG, ret_any},
243 {"__write_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
244
245 {"__raw_local_irq_save", LOCK, "irqsave", RETURN_VAL, ret_any},
246 {"raw_local_irq_restore", UNLOCK, "irqsave", 0, ret_any},
247 {"spin_lock_irqsave_nested", LOCK, "irqsave", RETURN_VAL, ret_any},
248 {"spin_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
249 {"spin_lock_irqsave", LOCK, "irqsave", 1, ret_any},
250 {"spin_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
251 {"_spin_lock_irqsave_nested", LOCK, "irqsave", RETURN_VAL, ret_any},
252 {"_spin_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
253 {"_spin_lock_irqsave", LOCK, "irqsave", 1, ret_any},
254 {"_spin_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
255 {"__spin_lock_irqsave_nested", LOCK, "irqsave", 1, ret_any},
256 {"__spin_lock_irqsave", LOCK, "irqsave", 1, ret_any},
257 {"__spin_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
258 {"_raw_spin_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
259 {"_raw_spin_lock_irqsave", LOCK, "irqsave", 1, ret_any},
260 {"__raw_spin_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
261 {"read_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
262 {"read_lock_irqsave", LOCK, "irqsave", 1, ret_any},
263 {"read_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
264 {"_read_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
265 {"_read_lock_irqsave", LOCK, "irqsave", 1, ret_any},
266 {"_read_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
267 {"__read_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
268 {"__read_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
269 {"write_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
270 {"write_lock_irqsave", LOCK, "irqsave", 1, ret_any},
271 {"write_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
272 {"_write_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
273 {"_write_lock_irqsave", LOCK, "irqsave", 1, ret_any},
274 {"_write_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
275 {"__write_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
276 {"__write_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
277
278 {"spin_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
279 {"spin_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
280 {"_spin_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
281 {"_spin_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
282 {"__spin_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
283 {"__spin_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
284 {"read_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
285 {"read_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
286 {"_read_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
287 {"_read_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
288 {"__read_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
289 {"__read_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
290 {"write_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
291 {"write_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
292 {"_write_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
293 {"_write_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
294 {"__write_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
295 {"__write_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
296 {"spin_trylock_bh", LOCK, "bottom_half", NO_ARG, ret_non_zero},
297 {"_spin_trylock_bh", LOCK, "bottom_half", NO_ARG, ret_non_zero},
298 {"__spin_trylock_bh", LOCK, "bottom_half", NO_ARG, ret_non_zero},
299 };
300
301 static struct lock_info *lock_table;
302
303 static struct tracker_list *starts_locked;
304 static struct tracker_list *starts_unlocked;
305
306 struct locks_on_return {
307 int line;
308 struct tracker_list *locked;
309 struct tracker_list *unlocked;
310 };
311 DECLARE_PTR_LIST(return_list, struct locks_on_return);
312 static struct return_list *all_returns;
313
314 static char *make_full_name(const char *lock, const char *var)
315 {
316 static char tmp_buf[512];
317
318 snprintf(tmp_buf, 512, "%s:%s", lock, var);
319 tmp_buf[511] = '\0';
320 return alloc_string(tmp_buf);
321 }
322
323 static struct expression *remove_spinlock_check(struct expression *expr)
324 {
325 if (expr->type != EXPR_CALL)
326 return expr;
327 if (expr->fn->type != EXPR_SYMBOL)
328 return expr;
329 if (strcmp(expr->fn->symbol_name->name, "spinlock_check"))
330 return expr;
331 expr = get_argument_from_call_expr(expr->args, 0);
332 return expr;
333 }
334
335 static char *get_full_name(struct expression *expr, int index)
336 {
337 struct expression *arg;
338 char *name = NULL;
339 char *full_name = NULL;
340 struct lock_info *lock = &lock_table[index];
341
342 if (lock->arg == RETURN_VAL) {
343 name = get_variable_from_expr(expr->left, NULL);
344 full_name = make_full_name(lock->name, name);
345 } else if (lock->arg == NO_ARG) {
346 full_name = make_full_name(lock->name, "");
347 } else {
348 arg = get_argument_from_call_expr(expr->args, lock->arg);
349 if (!arg)
350 goto free;
351 arg = remove_spinlock_check(arg);
352 name = get_variable_from_expr(arg, NULL);
353 if (!name)
354 goto free;
355 full_name = make_full_name(lock->name, name);
356 }
357 free:
358 free_string(name);
359 return full_name;
360 }
361
362 static struct smatch_state *get_start_state(struct sm_state *sm)
363 {
364 int is_locked = 0;
365 int is_unlocked = 0;
366
367 if (in_tracker_list(starts_locked, my_id, sm->name, sm->sym))
368 is_locked = 1;
369 if (in_tracker_list(starts_unlocked, my_id, sm->name, sm->sym))
370 is_unlocked = 1;
371 if (is_locked && is_unlocked)
372 return &undefined;
373 if (is_locked)
374 return &locked;
375 if (is_unlocked)
376 return &unlocked;
377 return &undefined;
378 }
379
380 static struct smatch_state *unmatched_state(struct sm_state *sm)
381 {
382 return &start_state;
383 }
384
385 static void do_lock(const char *name)
386 {
387 struct sm_state *sm;
388
389 sm = get_sm_state(my_id, name, NULL);
390 if (!sm)
391 add_tracker(&starts_unlocked, my_id, name, NULL);
392 if (sm && slist_has_state(sm->possible, &locked))
393 sm_msg("error: double lock '%s'", name);
394 set_state(my_id, name, NULL, &locked);
395 }
396
397 static void do_lock_failed(const char *name)
398 {
399 struct sm_state *sm;
400
401 sm = get_sm_state(my_id, name, NULL);
402 if (!sm)
403 add_tracker(&starts_unlocked, my_id, name, NULL);
404 set_state(my_id, name, NULL, &unlocked);
405 }
406
407 static void do_unlock(const char *name)
408 {
409 struct sm_state *sm;
410
411 sm = get_sm_state(my_id, name, NULL);
412 if (!sm)
413 add_tracker(&starts_locked, my_id, name, NULL);
414 if (sm && slist_has_state(sm->possible, &unlocked))
415 sm_msg("error: double unlock '%s'", name);
416 set_state(my_id, name, NULL, &unlocked);
417
418 }
419
420 static void match_lock_held(const char *fn, struct expression *call_expr,
421 struct expression *assign_expr, void *_index)
422 {
423 int index = (int)_index;
424 char *lock_name;
425 struct lock_info *lock = &lock_table[index];
426
427 if (lock->arg == NO_ARG) {
428 lock_name = get_full_name(NULL, index);
429 } else if (lock->arg == RETURN_VAL) {
430 if (!assign_expr)
431 return;
432 lock_name = get_full_name(assign_expr, index);
433 } else {
434 lock_name = get_full_name(call_expr, index);
435 }
436 if (!lock_name)
437 return;
438 do_lock(lock_name);
439 free_string(lock_name);
440 }
441
442 static void match_lock_failed(const char *fn, struct expression *call_expr,
443 struct expression *assign_expr, void *_index)
444 {
445 int index = (int)_index;
446 char *lock_name;
447 struct lock_info *lock = &lock_table[index];
448
449 if (lock->arg == NO_ARG) {
450 lock_name = get_full_name(NULL, index);
451 } else if (lock->arg == RETURN_VAL) {
452 if (!assign_expr)
453 return;
454 lock_name = get_full_name(assign_expr, index);
455 } else {
456 lock_name = get_full_name(call_expr, index);
457 }
458 if (!lock_name)
459 return;
460 do_lock_failed(lock_name);
461 free_string(lock_name);
462 }
463
464 static void match_returns_locked(const char *fn, struct expression *expr,
465 void *_index)
466 {
467 char *full_name = NULL;
468 int index = (int)_index;
469 struct lock_info *lock = &lock_table[index];
470
471 if (lock->arg != RETURN_VAL)
472 return;
473 full_name = get_full_name(expr, index);
474 do_lock(full_name);
475 }
476
477 static void match_lock_unlock(const char *fn, struct expression *expr, void *_index)
478 {
479 char *full_name = NULL;
480 int index = (int)_index;
481 struct lock_info *lock = &lock_table[index];
482
483 full_name = get_full_name(expr, index);
484 if (!full_name)
485 return;
486 if (lock->action == LOCK)
487 do_lock(full_name);
488 else
489 do_unlock(full_name);
490 free_string(full_name);
491 }
492
493 static struct locks_on_return *alloc_return(int line)
494 {
495 struct locks_on_return *ret;
496
497 ret = malloc(sizeof(*ret));
498 ret->line = line;
499 ret->locked = NULL;
500 ret->unlocked = NULL;
501 return ret;
502 }
503
504 static void check_possible(struct sm_state *sm)
505 {
506 struct sm_state *tmp;
507 int islocked = 0;
508 int isunlocked = 0;
509 int undef = 0;
510
511 if (!option_spammy)
512 return;
513
514 FOR_EACH_PTR(sm->possible, tmp) {
515 if (tmp->state == &locked)
516 islocked = 1;
517 if (tmp->state == &unlocked)
518 isunlocked = 1;
519 if (tmp->state == &start_state) {
520 struct smatch_state *s;
521
522 s = get_start_state(tmp);
523 if (s == &locked)
524 islocked = 1;
525 else if (s == &unlocked)
526 isunlocked = 1;
527 else
528 undef = 1;
529 }
530 if (tmp->state == &undefined)
531 undef = 1; // i don't think this is possible any more.
532 } END_FOR_EACH_PTR(tmp);
533 if ((islocked && isunlocked) || undef)
534 sm_msg("warn: '%s' is sometimes locked here and sometimes unlocked.", sm->name);
535 }
536
537 static void match_return(struct expression *ret_value)
538 {
539 struct locks_on_return *ret;
540 struct state_list *slist;
541 struct sm_state *tmp;
542
543 if (!final_pass)
544 return;
545
546 ret = alloc_return(get_lineno());
547
548 slist = get_all_states(my_id);
549 FOR_EACH_PTR(slist, tmp) {
550 if (tmp->state == &locked) {
551 add_tracker(&ret->locked, tmp->owner, tmp->name,
552 tmp->sym);
553 } else if (tmp->state == &unlocked) {
554 add_tracker(&ret->unlocked, tmp->owner, tmp->name,
555 tmp->sym);
556 } else if (tmp->state == &start_state) {
557 struct smatch_state *s;
558
559 s = get_start_state(tmp);
560 if (s == &locked)
561 add_tracker(&ret->locked, tmp->owner, tmp->name,
562 tmp->sym);
563 if (s == &unlocked)
564 add_tracker(&ret->unlocked, tmp->owner,tmp->name,
565 tmp->sym);
566 }else {
567 check_possible(tmp);
568 }
569 } END_FOR_EACH_PTR(tmp);
570 free_slist(&slist);
571 add_ptr_list(&all_returns, ret);
572 }
573
574 static void print_inconsistent_returns(struct tracker *lock,
575 struct smatch_state *start)
576 {
577 struct locks_on_return *tmp;
578 int i;
579
580 sm_printf("%s +%d %s(%d) ", get_filename(), get_lineno(), get_function(), get_func_pos());
581 sm_printf("warn: inconsistent returns %s:", lock->name);
582 sm_printf(" locked (");
583 i = 0;
584 FOR_EACH_PTR(all_returns, tmp) {
585 if (in_tracker_list(tmp->unlocked, lock->owner, lock->name, lock->sym))
586 continue;
587 if (in_tracker_list(tmp->locked, lock->owner, lock->name, lock->sym)) {
588 if (i++)
589 sm_printf(",");
590 sm_printf("%d", tmp->line);
591 continue;
592 }
593 if (start == &locked) {
594 if (i++)
595 sm_printf(",");
596 sm_printf("%d", tmp->line);
597 }
598 } END_FOR_EACH_PTR(tmp);
599
600 sm_printf(") unlocked (");
601 i = 0;
602 FOR_EACH_PTR(all_returns, tmp) {
603 if (in_tracker_list(tmp->unlocked, lock->owner, lock->name, lock->sym)) {
604 if (i++)
605 sm_printf(",");
606 sm_printf("%d", tmp->line);
607 continue;
608 }
609 if (in_tracker_list(tmp->locked, lock->owner, lock->name, lock->sym)) {
610 continue;
611 }
612 if (start == &unlocked) {
613 if (i++)
614 sm_printf(",");
615 sm_printf("%d", tmp->line);
616 }
617 } END_FOR_EACH_PTR(tmp);
618 sm_printf(")\n");
619 }
620
621 static void check_returns_consistently(struct tracker *lock,
622 struct smatch_state *start)
623 {
624 int returns_locked = 0;
625 int returns_unlocked = 0;
626 struct locks_on_return *tmp;
627
628 FOR_EACH_PTR(all_returns, tmp) {
629 if (in_tracker_list(tmp->unlocked, lock->owner, lock->name,
630 lock->sym))
631 returns_unlocked = tmp->line;
632 else if (in_tracker_list(tmp->locked, lock->owner, lock->name,
633 lock->sym))
634 returns_locked = tmp->line;
635 else if (start == &locked)
636 returns_locked = tmp->line;
637 else if (start == &unlocked)
638 returns_unlocked = tmp->line;
639 } END_FOR_EACH_PTR(tmp);
640
641 if (returns_locked && returns_unlocked)
642 print_inconsistent_returns(lock, start);
643 }
644
645 static void check_consistency(struct symbol *sym)
646 {
647 struct tracker *tmp;
648
649 if (is_reachable())
650 match_return(NULL);
651
652 FOR_EACH_PTR(starts_locked, tmp) {
653 if (in_tracker_list(starts_unlocked, tmp->owner, tmp->name,
654 tmp->sym))
655 sm_msg("error: locking inconsistency. We assume "
656 "'%s' is both locked and unlocked at the "
657 "start.",
658 tmp->name);
659 } END_FOR_EACH_PTR(tmp);
660
661 FOR_EACH_PTR(starts_locked, tmp) {
662 check_returns_consistently(tmp, &locked);
663 } END_FOR_EACH_PTR(tmp);
664
665 FOR_EACH_PTR(starts_unlocked, tmp) {
666 check_returns_consistently(tmp, &unlocked);
667 } END_FOR_EACH_PTR(tmp);
668
669 }
670
671 static void clear_lists(void)
672 {
673 struct locks_on_return *tmp;
674
675 free_trackers_and_list(&starts_locked);
676 free_trackers_and_list(&starts_unlocked);
677
678 FOR_EACH_PTR(all_returns, tmp) {
679 free_trackers_and_list(&tmp->locked);
680 free_trackers_and_list(&tmp->unlocked);
681 free(tmp);
682 } END_FOR_EACH_PTR(tmp);
683 __free_ptr_list((struct ptr_list **)&all_returns);
684 }
685
686 static void match_func_end(struct symbol *sym)
687 {
688 check_consistency(sym);
689 clear_lists();
690 }
691
692 static void register_lock(int index)
693 {
694 struct lock_info *lock = &lock_table[index];
695 void *idx = (void *)index;
696
697 if (lock->return_type == ret_non_zero) {
698 return_implies_state(lock->function, 1, POINTER_MAX, &match_lock_held, idx);
699 return_implies_state(lock->function, 0, 0, &match_lock_failed, idx);
700 } else if (lock->return_type == ret_any && lock->arg == RETURN_VAL) {
701 add_function_assign_hook(lock->function, &match_returns_locked, idx);
702 } else if (lock->return_type == ret_any) {
703 add_function_hook(lock->function, &match_lock_unlock, idx);
704 } else if (lock->return_type == ret_zero) {
705 return_implies_state(lock->function, 0, 0, &match_lock_held, idx);
706 return_implies_state(lock->function, whole_range.min, -1, &match_lock_failed, idx);
707 }
708 }
709
710 static void load_table(struct lock_info *_lock_table, int size)
711 {
712 int i;
713
714 lock_table = _lock_table;
715
716 for (i = 0; i < size; i++) {
717 if (lock_table[i].action == LOCK)
718 register_lock(i);
719 else
720 add_function_hook(lock_table[i].function, &match_lock_unlock, (void *)i);
721 }
722 }
723
724 void check_locking(int id)
725 {
726 my_id = id;
727
728 if (option_project == PROJ_WINE)
729 load_table(wine_lock_table, ARRAY_SIZE(wine_lock_table));
730 else if (option_project == PROJ_KERNEL)
731 load_table(kernel_lock_table, ARRAY_SIZE(kernel_lock_table));
732 else
733 return;
734
735 add_unmatched_state_hook(my_id, &unmatched_state);
736 add_hook(&match_return, RETURN_HOOK);
737 add_hook(&match_func_end, END_FUNC_HOOK);
738 }
Static analysis for C