user_data: serious bug in handling modifications (missed errors)
[smatch.git] / check_locking.c
blob484e630a88b31088bf0a94e03d0aea7026fe5cbe
1 /*
2 * sparse/check_locking.c
4 * Copyright (C) 2009 Dan Carpenter.
6 * Licensed under the Open Software License version 1.1
8 */
11 * This test checks that locks are held the same across all returns.
13 * Of course, some functions are designed to only hold the locks on success.
14 * Oh well... We can rewrite it later if we want.
16 * The list of wine locking functions came from an earlier script written
17 * by Michael Stefaniuc.
21 #include "parse.h"
22 #include "smatch.h"
23 #include "smatch_extra.h"
24 #include "smatch_slist.h"
26 static int my_id;
28 static int func_has_transition;
30 STATE(locked);
31 STATE(start_state);
32 STATE(unlocked);
34 enum action {
35 LOCK,
36 UNLOCK,
39 enum return_type {
40 ret_any,
41 ret_non_zero,
42 ret_zero,
43 ret_negative,
44 ret_positive,
47 #define RETURN_VAL -1
48 #define NO_ARG -2
50 struct lock_info {
51 const char *function;
52 enum action action;
53 const char *name;
54 int arg;
55 enum return_type return_type;
58 static struct lock_info wine_lock_table[] = {
59 {"create_window_handle", LOCK, "create_window_handle", RETURN_VAL, ret_non_zero},
60 {"WIN_GetPtr", LOCK, "create_window_handle", RETURN_VAL, ret_non_zero},
61 {"WIN_ReleasePtr", UNLOCK, "create_window_handle", 0, ret_any},
62 {"EnterCriticalSection", LOCK, "CriticalSection", 0, ret_any},
63 {"LeaveCriticalSection", UNLOCK, "CriticalSection", 0, ret_any},
64 {"RtlEnterCriticalSection", LOCK, "RtlCriticalSection", 0, ret_any},
65 {"RtlLeaveCriticalSection", UNLOCK, "RtlCriticalSection", 0, ret_any},
66 {"GDI_GetObjPtr", LOCK, "GDI_Get", 0, ret_non_zero},
67 {"GDI_ReleaseObj", UNLOCK, "GDI_Get", 0, ret_any},
68 {"LdrLockLoaderLock", LOCK, "LdrLockLoaderLock", 2, ret_any},
69 {"LdrUnlockLoaderLock", UNLOCK, "LdrLockLoaderLock", 1, ret_any},
70 {"_lock", LOCK, "_lock", 0, ret_any},
71 {"_unlock", UNLOCK, "_lock", 0, ret_any},
72 {"msiobj_lock", LOCK, "msiobj_lock", 0, ret_any},
73 {"msiobj_unlock", UNLOCK, "msiobj_lock", 0, ret_any},
74 {"RtlAcquirePebLock", LOCK, "PebLock", NO_ARG, ret_any},
75 {"RtlReleasePebLock", UNLOCK, "PebLock", NO_ARG, ret_any},
76 {"server_enter_uninterrupted_section", LOCK, "server_uninterrupted_section", 0, ret_any},
77 {"server_leave_uninterrupted_section", UNLOCK, "server_uninterrupted_section", 0, ret_any},
78 {"RtlLockHeap", LOCK, "RtlLockHeap", 0, ret_any},
79 {"RtlUnlockHeap", UNLOCK, "RtlLockHeap", 0, ret_any},
80 {"_EnterSysLevel", LOCK, "SysLevel", 0, ret_any},
81 {"_LeaveSysLevel", UNLOCK, "SysLevel", 0, ret_any},
82 {"USER_Lock", LOCK, "USER_Lock", NO_ARG, ret_any},
83 {"USER_Unlock", UNLOCK, "USER_Lock", NO_ARG, ret_any},
84 {"wine_tsx11_lock", LOCK, "wine_tsx11_lock", NO_ARG, ret_any},
85 {"wine_tsx11_unlock", UNLOCK, "wine_tsx11_lock", NO_ARG, ret_any},
86 {"wine_tsx11_lock_ptr", LOCK, "wine_tsx11_lock_ptr", NO_ARG, ret_any},
87 {"wine_tsx11_unlock_ptr", UNLOCK, "wine_tsx11_lock_ptr", NO_ARG, ret_any},
88 {"wined3d_mutex_lock", LOCK, "wined3d_mutex_lock", NO_ARG, ret_any},
89 {"wined3d_mutex_unlock", UNLOCK, "wined3d_mutex_lock", NO_ARG, ret_any},
90 {"X11DRV_DIB_Lock", LOCK, "X11DRV_DIB_Lock", 0, ret_any},
91 {"X11DRV_DIB_Unlock", UNLOCK, "X11DRV_DIB_Lock", 0, ret_any},
94 static struct lock_info kernel_lock_table[] = {
95 {"lock_kernel", LOCK, "BKL", NO_ARG, ret_any},
96 {"unlock_kernel", UNLOCK, "BKL", NO_ARG, ret_any},
98 {"spin_lock", LOCK, "spin_lock", 0, ret_any},
99 {"spin_unlock", UNLOCK, "spin_lock", 0, ret_any},
100 {"spin_lock_nested", LOCK, "spin_lock", 0, ret_any},
101 {"_spin_lock", LOCK, "spin_lock", 0, ret_any},
102 {"_spin_unlock", UNLOCK, "spin_lock", 0, ret_any},
103 {"_spin_lock_nested", LOCK, "spin_lock", 0, ret_any},
104 {"__spin_lock", LOCK, "spin_lock", 0, ret_any},
105 {"__spin_unlock", UNLOCK, "spin_lock", 0, ret_any},
106 {"__spin_lock_nested", LOCK, "spin_lock", 0, ret_any},
107 {"raw_spin_lock", LOCK, "spin_lock", 0, ret_any},
108 {"raw_spin_unlock", UNLOCK, "spin_lock", 0, ret_any},
109 {"_raw_spin_lock", LOCK, "spin_lock", 0, ret_any},
110 {"_raw_spin_lock_nested", LOCK, "spin_lock", 0, ret_any},
111 {"_raw_spin_unlock", UNLOCK, "spin_lock", 0, ret_any},
112 {"__raw_spin_lock", LOCK, "spin_lock", 0, ret_any},
113 {"__raw_spin_unlock", UNLOCK, "spin_lock", 0, ret_any},
115 {"spin_lock_irq", LOCK, "spin_lock", 0, ret_any},
116 {"spin_unlock_irq", UNLOCK, "spin_lock", 0, ret_any},
117 {"_spin_lock_irq", LOCK, "spin_lock", 0, ret_any},
118 {"_spin_unlock_irq", UNLOCK, "spin_lock", 0, ret_any},
119 {"__spin_lock_irq", LOCK, "spin_lock", 0, ret_any},
120 {"__spin_unlock_irq", UNLOCK, "spin_lock", 0, ret_any},
121 {"_raw_spin_lock_irq", LOCK, "spin_lock", 0, ret_any},
122 {"_raw_spin_unlock_irq", UNLOCK, "spin_lock", 0, ret_any},
123 {"__raw_spin_unlock_irq", UNLOCK, "spin_lock", 0, ret_any},
124 {"spin_lock_irqsave", LOCK, "spin_lock", 0, ret_any},
125 {"spin_unlock_irqrestore", UNLOCK, "spin_lock", 0, ret_any},
126 {"_spin_lock_irqsave", LOCK, "spin_lock", 0, ret_any},
127 {"_spin_unlock_irqrestore", UNLOCK, "spin_lock", 0, ret_any},
128 {"__spin_lock_irqsave", LOCK, "spin_lock", 0, ret_any},
129 {"__spin_unlock_irqrestore", UNLOCK, "spin_lock", 0, ret_any},
130 {"_raw_spin_lock_irqsave", LOCK, "spin_lock", 0, ret_any},
131 {"_raw_spin_unlock_irqrestore", UNLOCK, "spin_lock", 0, ret_any},
132 {"__raw_spin_lock_irqsave", LOCK, "spin_lock", 0, ret_any},
133 {"__raw_spin_unlock_irqrestore", UNLOCK, "spin_lock", 0, ret_any},
134 {"spin_lock_irqsave_nested", LOCK, "spin_lock", 0, ret_any},
135 {"_spin_lock_irqsave_nested", LOCK, "spin_lock", 0, ret_any},
136 {"__spin_lock_irqsave_nested", LOCK, "spin_lock", 0, ret_any},
137 {"_raw_spin_lock_irqsave_nested", LOCK, "spin_lock", 0, ret_any},
138 {"spin_lock_bh", LOCK, "spin_lock", 0, ret_any},
139 {"spin_unlock_bh", UNLOCK, "spin_lock", 0, ret_any},
140 {"_spin_lock_bh", LOCK, "spin_lock", 0, ret_any},
141 {"_spin_unlock_bh", UNLOCK, "spin_lock", 0, ret_any},
142 {"__spin_lock_bh", LOCK, "spin_lock", 0, ret_any},
143 {"__spin_unlock_bh", UNLOCK, "spin_lock", 0, ret_any},
145 {"spin_trylock", LOCK, "spin_lock", 0, ret_non_zero},
146 {"_spin_trylock", LOCK, "spin_lock", 0, ret_non_zero},
147 {"__spin_trylock", LOCK, "spin_lock", 0, ret_non_zero},
148 {"raw_spin_trylock", LOCK, "spin_lock", 0, ret_non_zero},
149 {"_raw_spin_trylock", LOCK, "spin_lock", 0, ret_non_zero},
150 {"spin_trylock_irq", LOCK, "spin_lock", 0, ret_non_zero},
151 {"spin_trylock_irqsave", LOCK, "spin_lock", 0, ret_non_zero},
152 {"spin_trylock_bh", LOCK, "spin_lock", 0, ret_non_zero},
153 {"_spin_trylock_bh", LOCK, "spin_lock", 0, ret_non_zero},
154 {"__spin_trylock_bh", LOCK, "spin_lock", 0, ret_non_zero},
155 {"__raw_spin_trylock", LOCK, "spin_lock", 0, ret_non_zero},
156 {"_atomic_dec_and_lock", LOCK, "spin_lock", 1, ret_non_zero},
158 {"read_lock", LOCK, "read_lock", 0, ret_any},
159 {"read_unlock", UNLOCK, "read_lock", 0, ret_any},
160 {"_read_lock", LOCK, "read_lock", 0, ret_any},
161 {"_read_unlock", UNLOCK, "read_lock", 0, ret_any},
162 {"__read_lock", LOCK, "read_lock", 0, ret_any},
163 {"__read_unlock", UNLOCK, "read_lock", 0, ret_any},
164 {"_raw_read_lock", LOCK, "read_lock", 0, ret_any},
165 {"_raw_read_unlock", UNLOCK, "read_lock", 0, ret_any},
166 {"read_lock_irq", LOCK, "read_lock", 0, ret_any},
167 {"read_unlock_irq" , UNLOCK, "read_lock", 0, ret_any},
168 {"_read_lock_irq", LOCK, "read_lock", 0, ret_any},
169 {"_read_unlock_irq", UNLOCK, "read_lock", 0, ret_any},
170 {"__read_lock_irq", LOCK, "read_lock", 0, ret_any},
171 {"__read_unlock_irq", UNLOCK, "read_lock", 0, ret_any},
172 {"read_lock_irqsave", LOCK, "read_lock", 0, ret_any},
173 {"read_unlock_irqrestore", UNLOCK, "read_lock", 0, ret_any},
174 {"_read_lock_irqsave", LOCK, "read_lock", 0, ret_any},
175 {"_read_unlock_irqrestore", UNLOCK, "read_lock", 0, ret_any},
176 {"__read_lock_irqsave", LOCK, "read_lock", 0, ret_any},
177 {"__read_unlock_irqrestore", UNLOCK, "read_lock", 0, ret_any},
178 {"read_lock_bh", LOCK, "read_lock", 0, ret_any},
179 {"read_unlock_bh", UNLOCK, "read_lock", 0, ret_any},
180 {"_read_lock_bh", LOCK, "read_lock", 0, ret_any},
181 {"_read_unlock_bh", UNLOCK, "read_lock", 0, ret_any},
182 {"__read_lock_bh", LOCK, "read_lock", 0, ret_any},
183 {"__read_unlock_bh", UNLOCK, "read_lock", 0, ret_any},
184 {"_raw_read_lock_bh", LOCK, "read_lock", 0, ret_any},
185 {"_raw_read_unlock_bh", UNLOCK, "read_lock", 0, ret_any},
187 {"generic__raw_read_trylock", LOCK, "read_lock", 0, ret_non_zero},
188 {"read_trylock", LOCK, "read_lock", 0, ret_non_zero},
189 {"_read_trylock", LOCK, "read_lock", 0, ret_non_zero},
190 {"raw_read_trylock", LOCK, "read_lock", 0, ret_non_zero},
191 {"_raw_read_trylock", LOCK, "read_lock", 0, ret_non_zero},
192 {"__raw_read_trylock", LOCK, "read_lock", 0, ret_non_zero},
193 {"__read_trylock", LOCK, "read_lock", 0, ret_non_zero},
195 {"write_lock", LOCK, "write_lock", 0, ret_any},
196 {"write_unlock", UNLOCK, "write_lock", 0, ret_any},
197 {"_write_lock", LOCK, "write_lock", 0, ret_any},
198 {"_write_unlock", UNLOCK, "write_lock", 0, ret_any},
199 {"__write_lock", LOCK, "write_lock", 0, ret_any},
200 {"__write_unlock", UNLOCK, "write_lock", 0, ret_any},
201 {"write_lock_irq", LOCK, "write_lock", 0, ret_any},
202 {"write_unlock_irq", UNLOCK, "write_lock", 0, ret_any},
203 {"_write_lock_irq", LOCK, "write_lock", 0, ret_any},
204 {"_write_unlock_irq", UNLOCK, "write_lock", 0, ret_any},
205 {"__write_lock_irq", LOCK, "write_lock", 0, ret_any},
206 {"__write_unlock_irq", UNLOCK, "write_lock", 0, ret_any},
207 {"write_lock_irqsave", LOCK, "write_lock", 0, ret_any},
208 {"write_unlock_irqrestore", UNLOCK, "write_lock", 0, ret_any},
209 {"_write_lock_irqsave", LOCK, "write_lock", 0, ret_any},
210 {"_write_unlock_irqrestore", UNLOCK, "write_lock", 0, ret_any},
211 {"__write_lock_irqsave", LOCK, "write_lock", 0, ret_any},
212 {"__write_unlock_irqrestore", UNLOCK, "write_lock", 0, ret_any},
213 {"write_lock_bh", LOCK, "write_lock", 0, ret_any},
214 {"write_unlock_bh", UNLOCK, "write_lock", 0, ret_any},
215 {"_write_lock_bh", LOCK, "write_lock", 0, ret_any},
216 {"_write_unlock_bh", UNLOCK, "write_lock", 0, ret_any},
217 {"__write_lock_bh", LOCK, "write_lock", 0, ret_any},
218 {"__write_unlock_bh", UNLOCK, "write_lock", 0, ret_any},
220 {"write_trylock", LOCK, "write_lock", 0, ret_non_zero},
221 {"_write_trylock", LOCK, "write_lock", 0, ret_non_zero},
222 {"raw_write_trylock", LOCK, "write_lock", 0, ret_non_zero},
223 {"_raw_write_trylock", LOCK, "write_lock", 0, ret_non_zero},
224 {"__write_trylock", LOCK, "write_lock", 0, ret_non_zero},
225 {"__raw_write_trylock", LOCK, "write_lock", 0, ret_non_zero},
227 {"down", LOCK, "sem", 0, ret_any},
228 {"up", UNLOCK, "sem", 0, ret_any},
229 {"down_trylock", LOCK, "sem", 0, ret_zero},
230 {"down_interruptible", LOCK, "sem", 0, ret_zero},
232 {"mutex_lock", LOCK, "mutex", 0, ret_any},
233 {"mutex_unlock", UNLOCK, "mutex", 0, ret_any},
234 {"mutex_lock_nested", LOCK, "mutex", 0, ret_any},
236 {"mutex_lock_interruptible", LOCK, "mutex", 0, ret_zero},
237 {"mutex_lock_interruptible_nested", LOCK, "mutex", 0, ret_zero},
238 {"mutex_lock_killable", LOCK, "mutex", 0, ret_zero},
239 {"mutex_lock_killable_nested", LOCK, "mutex", 0, ret_zero},
241 {"mutex_trylock", LOCK, "mutex", 0, ret_non_zero},
243 {"raw_local_irq_disable", LOCK, "irq", NO_ARG, ret_any},
244 {"raw_local_irq_enable", UNLOCK, "irq", NO_ARG, ret_any},
245 {"spin_lock_irq", LOCK, "irq", NO_ARG, ret_any},
246 {"spin_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
247 {"_spin_lock_irq", LOCK, "irq", NO_ARG, ret_any},
248 {"_spin_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
249 {"__spin_lock_irq", LOCK, "irq", NO_ARG, ret_any},
250 {"__spin_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
251 {"_raw_spin_lock_irq", LOCK, "irq", NO_ARG, ret_any},
252 {"_raw_spin_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
253 {"__raw_spin_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
254 {"spin_trylock_irq", LOCK, "irq", NO_ARG, ret_non_zero},
255 {"read_lock_irq", LOCK, "irq", NO_ARG, ret_any},
256 {"read_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
257 {"_read_lock_irq", LOCK, "irq", NO_ARG, ret_any},
258 {"_read_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
259 {"__read_lock_irq", LOCK, "irq", NO_ARG, ret_any},
260 {"__read_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
261 {"write_lock_irq", LOCK, "irq", NO_ARG, ret_any},
262 {"write_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
263 {"_write_lock_irq", LOCK, "irq", NO_ARG, ret_any},
264 {"_write_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
265 {"__write_lock_irq", LOCK, "irq", NO_ARG, ret_any},
266 {"__write_unlock_irq", UNLOCK, "irq", NO_ARG, ret_any},
268 {"arch_local_irq_save", LOCK, "irqsave", RETURN_VAL, ret_any},
269 {"arch_local_irq_restore", UNLOCK, "irqsave", 0, ret_any},
270 {"__raw_local_irq_save", LOCK, "irqsave", RETURN_VAL, ret_any},
271 {"raw_local_irq_restore", UNLOCK, "irqsave", 0, ret_any},
272 {"spin_lock_irqsave_nested", LOCK, "irqsave", RETURN_VAL, ret_any},
273 {"spin_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
274 {"spin_lock_irqsave", LOCK, "irqsave", 1, ret_any},
275 {"spin_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
276 {"_spin_lock_irqsave_nested", LOCK, "irqsave", RETURN_VAL, ret_any},
277 {"_spin_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
278 {"_spin_lock_irqsave", LOCK, "irqsave", 1, ret_any},
279 {"_spin_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
280 {"__spin_lock_irqsave_nested", LOCK, "irqsave", 1, ret_any},
281 {"__spin_lock_irqsave", LOCK, "irqsave", 1, ret_any},
282 {"__spin_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
283 {"_raw_spin_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
284 {"_raw_spin_lock_irqsave", LOCK, "irqsave", 1, ret_any},
285 {"_raw_spin_unlock_irqrestore",UNLOCK, "irqsave", 1, ret_any},
286 {"__raw_spin_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
287 {"__raw_spin_unlock_irqrestore",UNLOCK, "irqsave", 1, ret_any},
288 {"_raw_spin_lock_irqsave_nested", LOCK, "irqsave", RETURN_VAL, ret_any},
289 {"spin_trylock_irqsave", LOCK, "irqsave", 1, ret_non_zero},
290 {"read_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
291 {"read_lock_irqsave", LOCK, "irqsave", 1, ret_any},
292 {"read_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
293 {"_read_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
294 {"_read_lock_irqsave", LOCK, "irqsave", 1, ret_any},
295 {"_read_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
296 {"__read_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
297 {"__read_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
298 {"write_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
299 {"write_lock_irqsave", LOCK, "irqsave", 1, ret_any},
300 {"write_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
301 {"_write_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
302 {"_write_lock_irqsave", LOCK, "irqsave", 1, ret_any},
303 {"_write_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
304 {"__write_lock_irqsave", LOCK, "irqsave", RETURN_VAL, ret_any},
305 {"__write_unlock_irqrestore", UNLOCK, "irqsave", 1, ret_any},
307 {"local_bh_disable", LOCK, "bottom_half", NO_ARG, ret_any},
308 {"_local_bh_disable", LOCK, "bottom_half", NO_ARG, ret_any},
309 {"__local_bh_disable", LOCK, "bottom_half", NO_ARG, ret_any},
310 {"local_bh_enable", UNLOCK, "bottom_half", NO_ARG, ret_any},
311 {"_local_bh_enable", UNLOCK, "bottom_half", NO_ARG, ret_any},
312 {"__local_bh_enable", UNLOCK, "bottom_half", NO_ARG, ret_any},
313 {"spin_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
314 {"spin_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
315 {"_spin_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
316 {"_spin_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
317 {"__spin_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
318 {"__spin_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
319 {"read_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
320 {"read_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
321 {"_read_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
322 {"_read_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
323 {"__read_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
324 {"__read_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
325 {"_raw_read_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
326 {"_raw_read_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
327 {"write_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
328 {"write_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
329 {"_write_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
330 {"_write_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
331 {"__write_lock_bh", LOCK, "bottom_half", NO_ARG, ret_any},
332 {"__write_unlock_bh", UNLOCK, "bottom_half", NO_ARG, ret_any},
333 {"spin_trylock_bh", LOCK, "bottom_half", NO_ARG, ret_non_zero},
334 {"_spin_trylock_bh", LOCK, "bottom_half", NO_ARG, ret_non_zero},
335 {"__spin_trylock_bh", LOCK, "bottom_half", NO_ARG, ret_non_zero},
338 static struct lock_info *lock_table;
340 static struct tracker_list *starts_locked;
341 static struct tracker_list *starts_unlocked;
343 struct locks_on_return {
344 int line;
345 struct tracker_list *locked;
346 struct tracker_list *unlocked;
347 struct range_list *return_values;
349 DECLARE_PTR_LIST(return_list, struct locks_on_return);
350 static struct return_list *all_returns;
352 static char *make_full_name(const char *lock, const char *var)
354 static char tmp_buf[512];
356 snprintf(tmp_buf, sizeof(tmp_buf), "%s:%s", lock, var);
357 remove_parens(tmp_buf);
358 return alloc_string(tmp_buf);
361 static struct expression *remove_spinlock_check(struct expression *expr)
363 if (expr->type != EXPR_CALL)
364 return expr;
365 if (expr->fn->type != EXPR_SYMBOL)
366 return expr;
367 if (strcmp(expr->fn->symbol_name->name, "spinlock_check"))
368 return expr;
369 expr = get_argument_from_call_expr(expr->args, 0);
370 return expr;
373 static char *get_full_name(struct expression *expr, int index)
375 struct expression *arg;
376 char *name = NULL;
377 char *full_name = NULL;
378 struct lock_info *lock = &lock_table[index];
380 if (lock->arg == RETURN_VAL) {
381 name = expr_to_var(expr->left);
382 full_name = make_full_name(lock->name, name);
383 } else if (lock->arg == NO_ARG) {
384 full_name = make_full_name(lock->name, "");
385 } else {
386 arg = get_argument_from_call_expr(expr->args, lock->arg);
387 if (!arg)
388 goto free;
389 arg = remove_spinlock_check(arg);
390 name = expr_to_str(arg);
391 if (!name)
392 goto free;
393 full_name = make_full_name(lock->name, name);
395 free:
396 free_string(name);
397 return full_name;
400 static struct smatch_state *get_start_state(struct sm_state *sm)
402 int is_locked = 0;
403 int is_unlocked = 0;
405 if (in_tracker_list(starts_locked, my_id, sm->name, sm->sym))
406 is_locked = 1;
407 if (in_tracker_list(starts_unlocked, my_id, sm->name, sm->sym))
408 is_unlocked = 1;
409 if (is_locked && is_unlocked)
410 return &undefined;
411 if (is_locked)
412 return &locked;
413 if (is_unlocked)
414 return &unlocked;
415 return &undefined;
418 static struct smatch_state *unmatched_state(struct sm_state *sm)
420 return &start_state;
423 static void do_lock(const char *name)
425 struct sm_state *sm;
427 if (__inline_fn)
428 return;
430 sm = get_sm_state(my_id, name, NULL);
431 if (!sm)
432 add_tracker(&starts_unlocked, my_id, name, NULL);
433 if (sm && slist_has_state(sm->possible, &locked) &&
434 strcmp(name, "bottom_half:") != 0)
435 sm_msg("error: double lock '%s'", name);
436 if (sm)
437 func_has_transition = TRUE;
438 set_state(my_id, name, NULL, &locked);
441 static void do_lock_failed(const char *name)
443 struct sm_state *sm;
445 if (__inline_fn)
446 return;
448 sm = get_sm_state(my_id, name, NULL);
449 if (!sm)
450 add_tracker(&starts_unlocked, my_id, name, NULL);
451 set_state(my_id, name, NULL, &unlocked);
454 static void do_unlock(const char *name)
456 struct sm_state *sm;
458 if (__inline_fn)
459 return;
460 if (__path_is_null())
461 return;
462 sm = get_sm_state(my_id, name, NULL);
463 if (!sm)
464 add_tracker(&starts_locked, my_id, name, NULL);
465 if (sm && slist_has_state(sm->possible, &unlocked) &&
466 strcmp(name, "bottom_half:") != 0)
467 sm_msg("error: double unlock '%s'", name);
468 if (sm)
469 func_has_transition = TRUE;
470 set_state(my_id, name, NULL, &unlocked);
473 static void match_lock_held(const char *fn, struct expression *call_expr,
474 struct expression *assign_expr, void *_index)
476 int index = PTR_INT(_index);
477 char *lock_name;
478 struct lock_info *lock = &lock_table[index];
480 if (lock->arg == NO_ARG) {
481 lock_name = get_full_name(NULL, index);
482 } else if (lock->arg == RETURN_VAL) {
483 if (!assign_expr)
484 return;
485 lock_name = get_full_name(assign_expr, index);
486 } else {
487 lock_name = get_full_name(call_expr, index);
489 if (!lock_name)
490 return;
491 do_lock(lock_name);
492 free_string(lock_name);
495 static void match_lock_failed(const char *fn, struct expression *call_expr,
496 struct expression *assign_expr, void *_index)
498 int index = PTR_INT(_index);
499 char *lock_name;
500 struct lock_info *lock = &lock_table[index];
502 if (lock->arg == NO_ARG) {
503 lock_name = get_full_name(NULL, index);
504 } else if (lock->arg == RETURN_VAL) {
505 if (!assign_expr)
506 return;
507 lock_name = get_full_name(assign_expr, index);
508 } else {
509 lock_name = get_full_name(call_expr, index);
511 if (!lock_name)
512 return;
513 do_lock_failed(lock_name);
514 free_string(lock_name);
517 static void match_returns_locked(const char *fn, struct expression *expr,
518 void *_index)
520 char *full_name = NULL;
521 int index = PTR_INT(_index);
522 struct lock_info *lock = &lock_table[index];
524 if (lock->arg != RETURN_VAL)
525 return;
526 full_name = get_full_name(expr, index);
527 do_lock(full_name);
530 static void match_lock_unlock(const char *fn, struct expression *expr, void *_index)
532 char *full_name = NULL;
533 int index = PTR_INT(_index);
534 struct lock_info *lock = &lock_table[index];
536 if (__inline_fn)
537 return;
539 full_name = get_full_name(expr, index);
540 if (!full_name)
541 return;
542 if (lock->action == LOCK)
543 do_lock(full_name);
544 else
545 do_unlock(full_name);
546 free_string(full_name);
549 static struct locks_on_return *alloc_return(struct expression *expr)
551 struct locks_on_return *ret;
553 ret = malloc(sizeof(*ret));
554 if (!get_implied_rl(expr, &ret->return_values))
555 ret->return_values = NULL;
556 ret->line = get_lineno();
557 ret->locked = NULL;
558 ret->unlocked = NULL;
559 return ret;
562 static void check_possible(struct sm_state *sm)
564 struct sm_state *tmp;
565 int islocked = 0;
566 int isunlocked = 0;
567 int undef = 0;
569 if (!option_spammy)
570 return;
572 FOR_EACH_PTR(sm->possible, tmp) {
573 if (tmp->state == &locked)
574 islocked = 1;
575 if (tmp->state == &unlocked)
576 isunlocked = 1;
577 if (tmp->state == &start_state) {
578 struct smatch_state *s;
580 s = get_start_state(tmp);
581 if (s == &locked)
582 islocked = 1;
583 else if (s == &unlocked)
584 isunlocked = 1;
585 else
586 undef = 1;
588 if (tmp->state == &undefined)
589 undef = 1; // i don't think this is possible any more.
590 } END_FOR_EACH_PTR(tmp);
591 if ((islocked && isunlocked) || undef)
592 sm_msg("warn: '%s' is sometimes locked here and sometimes unlocked.", sm->name);
595 static void match_return(int return_id, char *return_ranges, struct expression *expr)
597 struct locks_on_return *ret;
598 struct state_list *slist;
599 struct sm_state *tmp;
601 if (!final_pass)
602 return;
603 if (__inline_fn)
604 return;
606 ret = alloc_return(expr);
608 slist = get_all_states(my_id);
609 FOR_EACH_PTR(slist, tmp) {
610 if (tmp->state == &locked) {
611 add_tracker(&ret->locked, tmp->owner, tmp->name,
612 tmp->sym);
613 } else if (tmp->state == &unlocked) {
614 add_tracker(&ret->unlocked, tmp->owner, tmp->name,
615 tmp->sym);
616 } else if (tmp->state == &start_state) {
617 struct smatch_state *s;
619 s = get_start_state(tmp);
620 if (s == &locked)
621 add_tracker(&ret->locked, tmp->owner, tmp->name,
622 tmp->sym);
623 if (s == &unlocked)
624 add_tracker(&ret->unlocked, tmp->owner,tmp->name,
625 tmp->sym);
626 } else {
627 check_possible(tmp);
629 } END_FOR_EACH_PTR(tmp);
630 free_slist(&slist);
631 add_ptr_list(&all_returns, ret);
634 static void print_inconsistent_returns(struct tracker *lock,
635 struct smatch_state *start)
637 struct locks_on_return *tmp;
638 int i;
640 sm_prefix();
641 sm_printf("warn: inconsistent returns %s:", lock->name);
642 sm_printf(" locked (");
643 i = 0;
644 FOR_EACH_PTR(all_returns, tmp) {
645 if (in_tracker_list(tmp->unlocked, lock->owner, lock->name, lock->sym))
646 continue;
647 if (in_tracker_list(tmp->locked, lock->owner, lock->name, lock->sym)) {
648 if (i++)
649 sm_printf(", ");
650 sm_printf("%d", tmp->line);
651 if (tmp->return_values)
652 sm_printf(" [%s]", show_rl(tmp->return_values));
653 continue;
655 if (start == &locked) {
656 if (i++)
657 sm_printf(", ");
658 sm_printf("%d", tmp->line);
659 if (tmp->return_values)
660 sm_printf(" [%s]", show_rl(tmp->return_values));
662 } END_FOR_EACH_PTR(tmp);
664 sm_printf(") unlocked (");
665 i = 0;
666 FOR_EACH_PTR(all_returns, tmp) {
667 if (in_tracker_list(tmp->unlocked, lock->owner, lock->name, lock->sym)) {
668 if (i++)
669 sm_printf(", ");
670 sm_printf("%d", tmp->line);
671 if (tmp->return_values)
672 sm_printf(" [%s]", show_rl(tmp->return_values));
673 continue;
675 if (in_tracker_list(tmp->locked, lock->owner, lock->name, lock->sym))
676 continue;
677 if (start == &unlocked) {
678 if (i++)
679 sm_printf(", ");
680 sm_printf("%d", tmp->line);
681 if (tmp->return_values)
682 sm_printf(" [%s]", show_rl(tmp->return_values));
684 } END_FOR_EACH_PTR(tmp);
685 sm_printf(")\n");
688 static int matches_return_type(struct range_list *rl, enum return_type type)
690 sval_t zero_sval = ll_to_sval(0);
692 /* All these double negatives are super ugly! */
694 switch (type) {
695 case ret_zero:
696 return !possibly_true_rl(rl, SPECIAL_NOTEQUAL, alloc_rl(zero_sval, zero_sval));
697 case ret_non_zero:
698 return !possibly_true_rl(rl, SPECIAL_EQUAL, alloc_rl(zero_sval, zero_sval));
699 case ret_negative:
700 return !possibly_true_rl(rl, SPECIAL_GTE, alloc_rl(zero_sval, zero_sval));
701 case ret_positive:
702 return !possibly_true_rl(rl, '<', alloc_rl(zero_sval, zero_sval));
703 case ret_any:
704 default:
705 return 1;
709 static int match_held(struct tracker *lock, struct locks_on_return *this_return, struct smatch_state *start)
711 if (in_tracker_list(this_return->unlocked, lock->owner, lock->name, lock->sym))
712 return 0;
713 if (in_tracker_list(this_return->locked, lock->owner, lock->name, lock->sym))
714 return 1;
715 if (start == &unlocked)
716 return 0;
717 return 1;
720 static int match_released(struct tracker *lock, struct locks_on_return *this_return, struct smatch_state *start)
722 if (in_tracker_list(this_return->unlocked, lock->owner, lock->name, lock->sym))
723 return 1;
724 if (in_tracker_list(this_return->locked, lock->owner, lock->name, lock->sym))
725 return 0;
726 if (start == &unlocked)
727 return 1;
728 return 0;
731 static int held_on_return(struct tracker *lock, struct smatch_state *start, enum return_type type)
733 struct locks_on_return *tmp;
735 FOR_EACH_PTR(all_returns, tmp) {
736 if (!matches_return_type(tmp->return_values, type))
737 continue;
738 if (match_held(lock, tmp, start))
739 return 1;
740 } END_FOR_EACH_PTR(tmp);
741 return 0;
744 static int released_on_return(struct tracker *lock, struct smatch_state *start, enum return_type type)
746 struct locks_on_return *tmp;
748 FOR_EACH_PTR(all_returns, tmp) {
749 if (!matches_return_type(tmp->return_values, type))
750 continue;
751 if (match_released(lock, tmp, start))
752 return 1;
753 } END_FOR_EACH_PTR(tmp);
754 return 0;
757 static void check_returns_consistently(struct tracker *lock,
758 struct smatch_state *start)
760 struct symbol *type;
762 if (!held_on_return(lock, start, ret_any) ||
763 !released_on_return(lock, start, ret_any))
764 return;
766 if (held_on_return(lock, start, ret_zero) &&
767 !held_on_return(lock, start, ret_non_zero))
768 return;
770 if (held_on_return(lock, start, ret_positive) &&
771 !held_on_return(lock, start, ret_zero))
772 return;
774 if (held_on_return(lock, start, ret_positive) &&
775 !held_on_return(lock, start, ret_negative))
776 return;
778 type = cur_func_return_type();
779 if (type && type->type == SYM_PTR) {
780 if (held_on_return(lock, start, ret_non_zero) &&
781 !held_on_return(lock, start, ret_zero))
782 return;
785 print_inconsistent_returns(lock, start);
788 static void check_consistency(struct symbol *sym)
790 struct tracker *tmp;
792 FOR_EACH_PTR(starts_locked, tmp) {
793 if (in_tracker_list(starts_unlocked, tmp->owner, tmp->name,
794 tmp->sym))
795 sm_msg("error: locking inconsistency. We assume "
796 "'%s' is both locked and unlocked at the "
797 "start.",
798 tmp->name);
799 } END_FOR_EACH_PTR(tmp);
801 FOR_EACH_PTR(starts_locked, tmp) {
802 check_returns_consistently(tmp, &locked);
803 } END_FOR_EACH_PTR(tmp);
805 FOR_EACH_PTR(starts_unlocked, tmp) {
806 check_returns_consistently(tmp, &unlocked);
807 } END_FOR_EACH_PTR(tmp);
810 static void clear_lists(void)
812 struct locks_on_return *tmp;
814 func_has_transition = FALSE;
816 free_trackers_and_list(&starts_locked);
817 free_trackers_and_list(&starts_unlocked);
819 FOR_EACH_PTR(all_returns, tmp) {
820 free_trackers_and_list(&tmp->locked);
821 free_trackers_and_list(&tmp->unlocked);
822 free(tmp);
823 } END_FOR_EACH_PTR(tmp);
824 __free_ptr_list((struct ptr_list **)&all_returns);
827 static void match_func_end(struct symbol *sym)
829 if (__inline_fn)
830 return;
832 if (func_has_transition)
833 check_consistency(sym);
834 clear_lists();
837 static void register_lock(int index)
839 struct lock_info *lock = &lock_table[index];
840 void *idx = INT_PTR(index);
842 if (lock->return_type == ret_non_zero) {
843 return_implies_state(lock->function, valid_ptr_min, valid_ptr_max, &match_lock_held, idx);
844 return_implies_state(lock->function, 0, 0, &match_lock_failed, idx);
845 } else if (lock->return_type == ret_any && lock->arg == RETURN_VAL) {
846 add_function_assign_hook(lock->function, &match_returns_locked, idx);
847 } else if (lock->return_type == ret_any) {
848 add_function_hook(lock->function, &match_lock_unlock, idx);
849 } else if (lock->return_type == ret_zero) {
850 return_implies_state(lock->function, 0, 0, &match_lock_held, idx);
851 return_implies_state(lock->function, -4095, -1, &match_lock_failed, idx);
855 static void load_table(struct lock_info *_lock_table, int size)
857 int i;
859 lock_table = _lock_table;
861 for (i = 0; i < size; i++) {
862 if (lock_table[i].action == LOCK)
863 register_lock(i);
864 else
865 add_function_hook(lock_table[i].function, &match_lock_unlock, INT_PTR(i));
869 /* print_held_locks() is used in check_call_tree.c */
870 void print_held_locks()
872 struct state_list *slist;
873 struct sm_state *sm;
874 int i = 0;
876 slist = get_all_states(my_id);
877 FOR_EACH_PTR(slist, sm) {
878 if (sm->state != &locked)
879 continue;
880 if (i++)
881 sm_printf(" ");
882 sm_printf("'%s'", sm->name);
883 } END_FOR_EACH_PTR(sm);
884 free_slist(&slist);
887 void check_locking(int id)
889 my_id = id;
891 if (option_project == PROJ_WINE)
892 load_table(wine_lock_table, ARRAY_SIZE(wine_lock_table));
893 else if (option_project == PROJ_KERNEL)
894 load_table(kernel_lock_table, ARRAY_SIZE(kernel_lock_table));
895 else
896 return;
898 add_unmatched_state_hook(my_id, &unmatched_state);
899 add_split_return_callback(match_return);
900 add_hook(&match_func_end, END_FUNC_HOOK);