flow: set a flag insidehandle_builtin_overflow_func()
[smatch.git] / smatch_points_to_container.c
blob1b72ea84c39e2da2a054c830147259b676109c13
1 /*
2 * Copyright (C) 2022 Oracle.
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version 2
7 * of the License, or (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt
18 #include "ctype.h"
19 #include "smatch.h"
20 #include "smatch_slist.h"
21 #include "smatch_extra.h"
23 static int my_id;
25 static void undef(struct sm_state *sm, struct expression *mod_expr)
27 set_state(my_id, sm->name, sm->sym, &undefined);
30 static char *handle_container_of_assign(struct expression *expr, struct expression **ptr)
32 struct expression *right, *orig;
33 struct symbol *type;
34 sval_t sval;
35 char buf[64];
37 type = get_type(expr->left);
38 if (!type || type->type != SYM_PTR)
39 return NULL;
41 right = strip_expr(expr->right);
42 if (right->type != EXPR_BINOP || right->op != '-')
43 return NULL;
45 if (!get_value(right->right, &sval) ||
46 sval.value < 0 || sval.value > MTAG_OFFSET_MASK)
47 return NULL;
49 orig = get_assigned_expr(right->left);
50 if (!orig)
51 return NULL;
53 snprintf(buf, sizeof(buf), "(%lld<~$)", sval.value);
54 *ptr = orig;
55 return alloc_string(buf);
59 static void match_assign(struct expression *expr)
61 struct expression *ptr = NULL;
62 char *container_str, *name;
63 struct symbol *sym;
64 char buf[64];
66 if (expr->op != '=')
67 return;
69 if (is_fake_call(expr->right) || __in_fake_parameter_assign ||
70 __in_fake_struct_assign)
71 return;
73 container_str = handle_container_of_assign(expr, &ptr);
74 if (!container_str || !ptr)
75 return;
76 name = expr_to_var_sym(ptr, &sym);
77 if (!name || !sym)
78 goto free;
80 snprintf(buf, sizeof(buf), "%s %s", name, container_str);
81 set_state(my_id, buf, sym, alloc_state_expr(expr->left));
83 free:
84 free_string(name);
85 free_string(container_str);
88 static void return_str_hook(struct expression *expr, const char *ret_str)
90 struct expression *call, *arg;
91 struct symbol *sym;
92 int offset, param;
93 char buf[32];
94 char *name;
96 if (!expr || expr->type != EXPR_ASSIGNMENT)
97 return;
98 call = expr;
99 while (call && call->type == EXPR_ASSIGNMENT)
100 call = strip_expr(call->right);
101 if (!call || call->type != EXPR_CALL)
102 return;
104 if (!get_offset_param(ret_str, &offset, &param))
105 return;
107 arg = get_argument_from_call_expr(call->args, param);
108 arg = strip_expr(arg);
109 if (!arg)
110 return;
112 name = expr_to_var_sym(arg, &sym);
113 if (!name || !sym)
114 return;
116 snprintf(buf, sizeof(buf), "%s (%d<~$)", name, offset);
117 set_state(my_id, buf, sym, alloc_state_expr(expr->left));
120 struct expression *get_stored_container(struct expression *expr, int offset)
122 struct smatch_state *state;
123 struct symbol *sym;
124 char buf[64];
125 char *name;
127 name = expr_to_var_sym(expr, &sym);
128 if (!name || !sym)
129 return NULL;
131 snprintf(buf, sizeof(buf), "%s (%d<~$)", name, offset);
132 free_string(name);
133 state = get_state(my_id, buf, sym);
134 if (!state)
135 return NULL;
136 return state->data;
139 void register_points_to_container(int id)
141 my_id = id;
143 set_dynamic_states(my_id);
144 add_hook(&match_assign, ASSIGNMENT_HOOK_AFTER);
145 add_return_string_hook(return_str_hook);
146 add_modification_hook(my_id, &undef);