2 * sparse/smatch_slist.c
4 * Copyright (C) 2008,2009 Dan Carpenter.
6 * Licensed under the Open Software License version 1.1
13 #include "smatch_slist.h"
18 ALLOCATOR(sm_state
, "smatch state");
19 ALLOCATOR(named_slist
, "named slist");
20 __DO_ALLOCATOR(char, 0, 1, "state names", sname
);
22 void __print_slist(struct state_list
*slist
)
24 struct sm_state
*state
;
25 struct sm_state
*poss
;
28 printf("dumping slist at %d\n", get_lineno());
29 FOR_EACH_PTR(slist
, state
) {
30 printf("%d '%s'=%s (", state
->owner
, state
->name
,
31 show_state(state
->state
));
33 FOR_EACH_PTR(state
->possible
, poss
) {
36 printf("%s", show_state(poss
->state
));
37 } END_FOR_EACH_PTR(poss
);
39 } END_FOR_EACH_PTR(state
);
44 /* NULL states go at the end to simplify merge_slist */
45 int cmp_tracker(const struct sm_state
*a
, const struct sm_state
*b
)
56 if (a
->owner
> b
->owner
)
58 if (a
->owner
< b
->owner
)
61 ret
= strcmp(a
->name
, b
->name
);
65 if (!b
->sym
&& a
->sym
)
67 if (!a
->sym
&& b
->sym
)
77 static int cmp_sm_states(const struct sm_state
*a
, const struct sm_state
*b
)
81 ret
= cmp_tracker(a
, b
);
85 /* todo: add hook for smatch_extra.c */
86 if (a
->state
> b
->state
)
88 if (a
->state
< b
->state
)
93 static struct sm_state
*alloc_state_no_name(const char *name
, int owner
,
95 struct smatch_state
*state
)
99 tmp
= alloc_state(NULL
, owner
, sym
, state
);
104 void add_sm_state_slist(struct state_list
**slist
, struct sm_state
*new)
106 struct sm_state
*tmp
;
108 FOR_EACH_PTR(*slist
, tmp
) {
109 if (cmp_sm_states(tmp
, new) < 0)
111 else if (cmp_sm_states(tmp
, new) == 0) {
114 INSERT_CURRENT(new, tmp
);
117 } END_FOR_EACH_PTR(tmp
);
118 add_ptr_list(slist
, new);
121 static void add_possible(struct sm_state
*sm
, struct sm_state
*new)
123 struct sm_state
*tmp
;
124 struct sm_state
*tmp2
;
127 struct smatch_state
*s
;
129 s
= merge_states(sm
->name
, sm
->owner
, sm
->sym
, sm
->state
, NULL
);
130 tmp
= alloc_state_no_name(sm
->name
, sm
->owner
, sm
->sym
, s
);
131 add_sm_state_slist(&sm
->possible
, tmp
);
135 FOR_EACH_PTR(new->possible
, tmp
) {
136 tmp2
= alloc_state_no_name(tmp
->name
, tmp
->owner
, tmp
->sym
,
138 add_sm_state_slist(&sm
->possible
, tmp2
);
139 } END_FOR_EACH_PTR(tmp
);
142 char *alloc_sname(const char *str
)
148 tmp
= __alloc_sname(strlen(str
) + 1);
153 struct sm_state
*alloc_state(const char *name
, int owner
,
154 struct symbol
*sym
, struct smatch_state
*state
)
156 struct sm_state
*sm_state
= __alloc_sm_state(0);
158 sm_state
->name
= alloc_sname(name
);
159 sm_state
->owner
= owner
;
161 sm_state
->state
= state
;
162 sm_state
->line
= get_lineno();
163 sm_state
->my_pools
= NULL
;
164 sm_state
->all_pools
= NULL
;
165 sm_state
->possible
= NULL
;
166 add_ptr_list(&sm_state
->possible
, sm_state
);
170 static void free_sm_state(struct sm_state
*sm
)
172 free_slist(&sm
->possible
);
173 free_stack(&sm
->my_pools
);
174 free_stack(&sm
->all_pools
);
176 * fixme. Free the actual state.
177 * Right now we leave it until the end of the function
178 * because we don't want to double free it.
179 * Use the freelist to not double free things
183 static void free_all_sm_states(struct allocation_blob
*blob
)
185 unsigned int size
= sizeof(struct sm_state
);
186 unsigned int offset
= 0;
188 while (offset
< blob
->offset
) {
189 free_sm_state((struct sm_state
*)(blob
->data
+ offset
));
194 /* At the end of every function we free all the sm_states */
195 void free_every_single_sm_state(void)
197 struct allocator_struct
*desc
= &sm_state_allocator
;
198 struct allocation_blob
*blob
= desc
->blobs
;
201 desc
->allocations
= 0;
202 desc
->total_bytes
= 0;
203 desc
->useful_bytes
= 0;
204 desc
->freelist
= NULL
;
206 struct allocation_blob
*next
= blob
->next
;
207 free_all_sm_states(blob
);
208 blob_free(blob
, desc
->chunking
);
214 struct sm_state
*clone_state(struct sm_state
*s
)
216 struct sm_state
*ret
;
217 struct sm_state
*poss
;
219 ret
= alloc_state_no_name(s
->name
, s
->owner
, s
->sym
, s
->state
);
221 ret
->my_pools
= clone_stack(s
->my_pools
);
222 ret
->all_pools
= clone_stack(s
->all_pools
);
223 FOR_EACH_PTR(s
->possible
, poss
) {
224 add_sm_state_slist(&ret
->possible
, poss
);
225 } END_FOR_EACH_PTR(poss
);
229 int slist_has_state(struct state_list
*slist
, struct smatch_state
*state
)
231 struct sm_state
*tmp
;
233 FOR_EACH_PTR(slist
, tmp
) {
234 if (tmp
->state
== state
)
236 } END_FOR_EACH_PTR(tmp
);
240 static void check_order(struct state_list
*slist
)
243 struct sm_state
*state
;
244 struct sm_state
*last
= NULL
;
247 FOR_EACH_PTR(slist
, state
) {
248 if (last
&& cmp_tracker(state
, last
) <= 0) {
249 printf("Error. Unsorted slist %d vs %d, %p vs %p, "
250 "%s vs %s\n", last
->owner
, state
->owner
,
251 last
->sym
, state
->sym
, last
->name
, state
->name
);
255 } END_FOR_EACH_PTR(state
);
262 static void check_my_pools(struct sm_state
*sm
)
264 struct sm_state
*poss
;
265 struct state_list
*slist
;
267 if (sm
->state
!= &merged
)
270 FOR_EACH_PTR(sm
->possible
, poss
) {
271 if (poss
->state
== &merged
)
273 FOR_EACH_PTR(sm
->my_pools
, slist
) {
274 if (get_state_slist(slist
, sm
->name
, sm
->owner
, sm
->sym
)
277 } END_FOR_EACH_PTR(slist
);
278 printf("%d pool not found for '%s' possible state \"%s\".\n",
279 get_lineno(), sm
->name
, show_state(poss
->state
));
283 } END_FOR_EACH_PTR(poss
);
287 static void sanity_check_pools(struct state_list
*slist
)
290 struct sm_state
*tmp
;
292 FOR_EACH_PTR(slist
, tmp
) {
294 } END_FOR_EACH_PTR(tmp
);
298 struct state_list
*clone_slist(struct state_list
*from_slist
)
300 struct sm_state
*state
;
301 struct state_list
*to_slist
= NULL
;
303 FOR_EACH_PTR(from_slist
, state
) {
304 add_ptr_list(&to_slist
, state
);
305 } END_FOR_EACH_PTR(state
);
306 check_order(to_slist
);
310 struct state_list_stack
*clone_stack(struct state_list_stack
*from_stack
)
312 struct state_list
*slist
;
313 struct state_list_stack
*to_stack
= NULL
;
315 FOR_EACH_PTR(from_stack
, slist
) {
316 push_slist(&to_stack
, slist
);
317 } END_FOR_EACH_PTR(slist
);
321 struct smatch_state
*merge_states(const char *name
, int owner
,
323 struct smatch_state
*state1
,
324 struct smatch_state
*state2
)
326 struct smatch_state
*ret
;
328 if (state1
== state2
)
330 else if (__has_merge_function(owner
))
331 ret
= __client_merge_function(owner
, name
, sym
, state1
, state2
);
332 else if (!state1
|| !state2
)
340 * add_pool() adds a slist to ->pools. If the slist has already been
341 * added earlier then it doesn't get added a second time.
343 static void add_pool(struct state_list_stack
**pools
, struct state_list
*new)
345 struct state_list
*tmp
;
347 FOR_EACH_PTR(*pools
, tmp
) {
350 else if (tmp
== new) {
353 INSERT_CURRENT(new, tmp
);
356 } END_FOR_EACH_PTR(tmp
);
357 add_ptr_list(pools
, new);
360 static void copy_pools(struct sm_state
*to
, struct sm_state
*sm
)
362 struct state_list
*tmp
;
367 FOR_EACH_PTR(sm
->my_pools
, tmp
) {
368 add_pool(&to
->my_pools
, tmp
);
369 } END_FOR_EACH_PTR(tmp
);
371 FOR_EACH_PTR(sm
->all_pools
, tmp
) {
372 add_pool(&to
->all_pools
, tmp
);
373 } END_FOR_EACH_PTR(tmp
);
376 struct sm_state
*merge_sm_states(struct sm_state
*one
, struct sm_state
*two
)
378 struct smatch_state
*s
;
379 struct sm_state
*result
;
383 s
= merge_states(one
->name
, one
->owner
, one
->sym
, one
->state
,
384 (two
?two
->state
:NULL
));
385 result
= alloc_state_no_name(one
->name
, one
->owner
, one
->sym
, s
);
386 if (two
&& one
->line
== two
->line
)
387 result
->line
= one
->line
;
388 add_possible(result
, one
);
389 add_possible(result
, two
);
390 copy_pools(result
, one
);
391 copy_pools(result
, two
);
394 struct sm_state
*tmp
;
397 printf("%d merge name='%s' owner=%d: %s + %s => %s (",
398 get_lineno(), one
->name
, one
->owner
,
399 show_state(one
->state
), show_state(two
?two
->state
:NULL
),
402 FOR_EACH_PTR(result
->possible
, tmp
) {
406 printf("%s", show_state(tmp
->state
));
407 } END_FOR_EACH_PTR(tmp
);
414 struct sm_state
*get_sm_state_slist(struct state_list
*slist
, const char *name
,
415 int owner
, struct symbol
*sym
)
417 struct sm_state
*state
;
422 FOR_EACH_PTR(slist
, state
) {
423 if (state
->owner
== owner
&& state
->sym
== sym
424 && !strcmp(state
->name
, name
))
426 } END_FOR_EACH_PTR(state
);
430 struct smatch_state
*get_state_slist(struct state_list
*slist
,
431 const char *name
, int owner
,
434 struct sm_state
*state
;
436 state
= get_sm_state_slist(slist
, name
, owner
, sym
);
442 void overwrite_sm_state(struct state_list
**slist
, struct sm_state
*new)
444 struct sm_state
*tmp
;
446 FOR_EACH_PTR(*slist
, tmp
) {
447 if (cmp_tracker(tmp
, new) < 0)
449 else if (cmp_tracker(tmp
, new) == 0) {
450 REPLACE_CURRENT_PTR(tmp
, new);
453 INSERT_CURRENT(new, tmp
);
456 } END_FOR_EACH_PTR(tmp
);
457 add_ptr_list(slist
, new);
460 void overwrite_sm_state_stack(struct state_list_stack
**stack
,
461 struct sm_state
*state
)
463 struct state_list
*slist
;
465 slist
= pop_slist(stack
);
466 overwrite_sm_state(&slist
, state
);
467 push_slist(stack
, slist
);
470 void set_state_slist(struct state_list
**slist
, const char *name
, int owner
,
471 struct symbol
*sym
, struct smatch_state
*state
)
473 struct sm_state
*tmp
;
474 struct sm_state
*new = alloc_state(name
, owner
, sym
, state
);
476 FOR_EACH_PTR(*slist
, tmp
) {
477 if (cmp_tracker(tmp
, new) < 0)
479 else if (cmp_tracker(tmp
, new) == 0) {
480 REPLACE_CURRENT_PTR(tmp
, new);
483 INSERT_CURRENT(new, tmp
);
486 } END_FOR_EACH_PTR(tmp
);
487 add_ptr_list(slist
, new);
490 void delete_state_slist(struct state_list
**slist
, const char *name
, int owner
,
493 struct sm_state
*state
;
495 FOR_EACH_PTR(*slist
, state
) {
496 if (state
->owner
== owner
&& state
->sym
== sym
497 && !strcmp(state
->name
, name
)){
498 delete_ptr_list_entry((struct ptr_list
**)slist
,
502 } END_FOR_EACH_PTR(state
);
506 void push_slist(struct state_list_stack
**list_stack
, struct state_list
*slist
)
508 add_ptr_list(list_stack
, slist
);
511 struct state_list
*pop_slist(struct state_list_stack
**list_stack
)
513 struct state_list
*slist
;
515 slist
= last_ptr_list((struct ptr_list
*)*list_stack
);
516 delete_ptr_list_last((struct ptr_list
**)list_stack
);
520 void free_slist(struct state_list
**slist
)
522 __free_ptr_list((struct ptr_list
**)slist
);
525 void free_stack(struct state_list_stack
**stack
)
527 __free_ptr_list((struct ptr_list
**)stack
);
530 void free_stack_and_slists(struct state_list_stack
**slist_stack
)
532 struct state_list
*slist
;
534 FOR_EACH_PTR(*slist_stack
, slist
) {
536 } END_FOR_EACH_PTR(slist
);
537 free_stack(slist_stack
);
541 * set_state_stack() sets the state for the top slist on the stack.
543 void set_state_stack(struct state_list_stack
**stack
, const char *name
,
544 int owner
, struct symbol
*sym
, struct smatch_state
*state
)
546 struct state_list
*slist
;
548 slist
= pop_slist(stack
);
549 set_state_slist(&slist
, name
, owner
, sym
, state
);
550 push_slist(stack
, slist
);
554 * get_sm_state_stack() gets the state for the top slist on the stack.
556 struct sm_state
*get_sm_state_stack(struct state_list_stack
*stack
,
557 const char *name
, int owner
,
560 struct state_list
*slist
;
561 struct sm_state
*ret
;
563 slist
= pop_slist(&stack
);
564 ret
= get_sm_state_slist(slist
, name
, owner
, sym
);
565 push_slist(&stack
, slist
);
570 struct smatch_state
*get_state_stack(struct state_list_stack
*stack
,
571 const char *name
, int owner
,
574 struct sm_state
*state
;
576 state
= get_sm_state_stack(stack
, name
, owner
, sym
);
582 static void match_states(struct state_list
**one
, struct state_list
**two
)
584 struct sm_state
*one_state
;
585 struct sm_state
*two_state
;
586 struct sm_state
*tmp
;
587 struct smatch_state
*tmp_state
;
588 struct state_list
*add_to_one
= NULL
;
589 struct state_list
*add_to_two
= NULL
;
591 PREPARE_PTR_LIST(*one
, one_state
);
592 PREPARE_PTR_LIST(*two
, two_state
);
594 if (!one_state
&& !two_state
)
596 if (cmp_tracker(one_state
, two_state
) < 0) {
597 tmp_state
= __client_unmatched_state_function(one_state
);
598 tmp
= alloc_state_no_name(one_state
->name
,
600 one_state
->sym
, tmp_state
);
601 add_ptr_list(&add_to_two
, tmp
);
602 NEXT_PTR_LIST(one_state
);
603 } else if (cmp_tracker(one_state
, two_state
) == 0) {
604 NEXT_PTR_LIST(one_state
);
605 NEXT_PTR_LIST(two_state
);
607 tmp_state
= __client_unmatched_state_function(two_state
);
608 tmp
= alloc_state_no_name(two_state
->name
,
610 two_state
->sym
, tmp_state
);
611 add_ptr_list(&add_to_one
, tmp
);
612 NEXT_PTR_LIST(two_state
);
615 FINISH_PTR_LIST(two_state
);
616 FINISH_PTR_LIST(one_state
);
618 overwrite_slist(add_to_one
, one
);
619 overwrite_slist(add_to_two
, two
);
623 * merge_slist() is called whenever paths merge, such as after
624 * an if statement. It takes the two slists and creates one.
626 void merge_slist(struct state_list
**to
, struct state_list
*slist
)
628 struct sm_state
*to_state
, *state
, *tmp
;
629 struct state_list
*results
= NULL
;
630 struct state_list
*implied_to
= NULL
;
631 struct state_list
*implied_from
= NULL
;
635 sanity_check_pools(*to
);
636 sanity_check_pools(slist
);
638 /* merging a null and nonnull path gives you only the nonnull path */
643 *to
= clone_slist(slist
);
647 implied_to
= clone_slist(*to
);
648 implied_from
= clone_slist(slist
);
650 match_states(&implied_to
, &implied_from
);
652 PREPARE_PTR_LIST(implied_to
, to_state
);
653 PREPARE_PTR_LIST(implied_from
, state
);
655 if (!to_state
&& !state
)
657 if (cmp_tracker(to_state
, state
) < 0) {
658 smatch_msg("error: Internal smatch error.");
659 NEXT_PTR_LIST(to_state
);
660 } else if (cmp_tracker(to_state
, state
) == 0) {
661 if (to_state
->state
!= &merged
)
662 free_stack(&to_state
->my_pools
);
663 if (state
->state
!= &merged
)
664 free_stack(&state
->my_pools
);
666 if (to_state
== state
&& !state
->my_pools
) {
667 add_pool(&state
->my_pools
, implied_to
);
668 add_pool(&state
->my_pools
, implied_from
);
670 if (!to_state
->my_pools
)
671 add_pool(&to_state
->my_pools
, implied_to
);
672 if (!state
->my_pools
)
673 add_pool(&state
->my_pools
, implied_from
);
676 add_pool(&to_state
->all_pools
, implied_to
);
677 add_pool(&state
->all_pools
, implied_from
);
679 tmp
= merge_sm_states(to_state
, state
);
680 add_ptr_list(&results
, tmp
);
681 NEXT_PTR_LIST(to_state
);
682 NEXT_PTR_LIST(state
);
684 smatch_msg("error: Internal smatch error.");
685 NEXT_PTR_LIST(state
);
688 FINISH_PTR_LIST(state
);
689 FINISH_PTR_LIST(to_state
);
695 static struct sm_state
*find_intersection(struct sm_state
*one
,
696 struct sm_state
*two
)
698 struct state_list
*tmp1
, *tmp2
;
699 struct state_list_stack
*stack
= NULL
;
700 struct sm_state
*tmp_state
;
701 struct sm_state
*ret
;
705 if (one
->state
!= &merged
) {
706 if (one
->state
== two
->state
)
708 if (two
->state
!= &merged
) {
709 smatch_msg("mutually exclusive 'and' conditions states "
710 "'%s': %s + %s", one
->name
,
711 show_state(one
->state
),
712 show_state(two
->state
));
717 PREPARE_PTR_LIST(one
->my_pools
, tmp1
);
718 PREPARE_PTR_LIST(two
->my_pools
, tmp2
);
722 if (!tmp2
|| (tmp1
&& tmp1
< tmp2
)) {
724 } else if (tmp1
== tmp2
) {
725 push_slist(&stack
, tmp1
);
732 FINISH_PTR_LIST(tmp2
);
733 FINISH_PTR_LIST(tmp1
);
736 smatch_msg("mutually eXclusive 'and' conditions states "
737 "'%s': %s + %s", one
->name
, show_state(one
->state
),
738 show_state(two
->state
));
742 ret
= alloc_state_no_name(one
->name
, one
->owner
, one
->sym
, &merged
);
743 FOR_EACH_PTR(stack
, tmp1
) {
744 tmp_state
= get_sm_state_slist(tmp1
, one
->name
, one
->owner
,
746 add_possible(ret
, tmp_state
);
747 } END_FOR_EACH_PTR(tmp1
);
748 ret
->my_pools
= stack
;
749 ret
->all_pools
= clone_stack(stack
);
754 * and_slist_stack() is basically the same as popping the top two slists,
755 * overwriting the one with the other and pushing it back on the stack.
756 * The difference is that it checks to see that a mutually exclusive
757 * state isn't included in both stacks. If smatch sees something like
758 * "if (a && !a)" it prints a warning.
760 void and_slist_stack(struct state_list_stack
**slist_stack
)
762 struct sm_state
*tmp
;
763 struct sm_state
*left_state
;
764 struct sm_state
*res
;
765 struct state_list
*right_slist
= pop_slist(slist_stack
);
767 FOR_EACH_PTR(right_slist
, tmp
) {
768 left_state
= get_sm_state_stack(*slist_stack
, tmp
->name
,
769 tmp
->owner
, tmp
->sym
);
770 res
= find_intersection(left_state
, tmp
);
771 overwrite_sm_state_stack(slist_stack
, res
);
772 } END_FOR_EACH_PTR(tmp
);
773 free_slist(&right_slist
);
777 * or_slist_stack() is for if we have: if (foo || bar) { foo->baz;
778 * It pops the two slists from the top of the stack and merges them
779 * together in a way that preserves the things they have in common
780 * but creates a merged state for most of the rest.
781 * You could have code that had: if (foo || foo) { foo->baz;
782 * It's this function which ensures smatch does the right thing.
784 void or_slist_stack(struct state_list_stack
**pre_conds
,
785 struct state_list
*cur_slist
,
786 struct state_list_stack
**slist_stack
)
788 struct state_list
*new;
789 struct state_list
*old
;
790 struct state_list
*res
= NULL
;
791 struct state_list
*tmp_slist
;
793 new = pop_slist(slist_stack
);
794 old
= pop_slist(slist_stack
);
796 tmp_slist
= pop_slist(pre_conds
);
797 res
= clone_slist(tmp_slist
);
798 push_slist(pre_conds
, tmp_slist
);
799 overwrite_slist(old
, &res
);
801 tmp_slist
= clone_slist(cur_slist
);
802 overwrite_slist(new, &tmp_slist
);
804 merge_slist(&res
, tmp_slist
);
806 push_slist(slist_stack
, res
);
807 free_slist(&tmp_slist
);
813 * get_slist_from_named_stack() is only used for gotos.
815 struct state_list
**get_slist_from_named_stack(struct named_stack
*stack
,
818 struct named_slist
*tmp
;
820 FOR_EACH_PTR(stack
, tmp
) {
821 if (!strcmp(tmp
->name
, name
))
823 } END_FOR_EACH_PTR(tmp
);
827 void overwrite_slist(struct state_list
*from
, struct state_list
**to
)
829 struct sm_state
*tmp
;
831 FOR_EACH_PTR(from
, tmp
) {
832 overwrite_sm_state(to
, tmp
);
833 } END_FOR_EACH_PTR(tmp
);
836 unsigned int __get_allocations()
838 return sm_state_allocator
.allocations
;