flow, conditions: handle label statements correctly
[smatch.git] / smatch_capped.c
blob25dfa2d5866a26b12178380ed82d76897948a6c4
1 /*
2 * Copyright (C) 2011 Oracle. All rights reserved.
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version 2
7 * of the License, or (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt
19 * This is trying to make a list of the variables which
20 * have capped values. Sometimes we don't know what the
21 * cap is, for example if we are comparing variables but
22 * we don't know the values of the variables. In that
23 * case we only know that our variable is capped and we
24 * sort that information here.
27 #include "smatch.h"
28 #include "smatch_slist.h"
29 #include "smatch_extra.h"
31 static int my_id;
33 STATE(capped);
34 STATE(uncapped);
36 static struct smatch_state *unmatched_state(struct sm_state *sm)
38 struct smatch_state *state;
40 state = get_state(SMATCH_EXTRA, sm->name, sm->sym);
41 if (state && !estate_is_whole(state))
42 return &capped;
43 return &uncapped;
46 static int is_capped_macro(struct expression *expr)
48 char *name;
50 name = get_macro_name(expr->pos);
51 if (!name)
52 return 0;
54 if (strcmp(name, "min") == 0)
55 return 1;
56 if (strcmp(name, "MIN") == 0)
57 return 1;
58 if (strcmp(name, "min_t") == 0)
59 return 1;
61 return 0;
64 int is_capped(struct expression *expr)
66 sval_t dummy;
68 expr = strip_expr(expr);
69 while (expr && expr->type == EXPR_POSTOP) {
70 expr = strip_expr(expr->unop);
72 if (!expr)
73 return 0;
75 if (get_hard_max(expr, &dummy))
76 return 1;
78 if (is_capped_macro(expr))
79 return 1;
81 if (expr->type == EXPR_BINOP) {
82 struct range_list *left_rl, *right_rl;
84 if (expr->op == '&')
85 return 1;
86 if (expr->op == SPECIAL_RIGHTSHIFT)
87 return 1;
88 if (expr->op == '%')
89 return is_capped(expr->right);
90 if (!is_capped(expr->left))
91 return 0;
92 if (expr->op == '/')
93 return 1;
94 if (!is_capped(expr->right))
95 return 0;
96 if (expr->op == '*') {
97 get_absolute_rl(expr->left, &left_rl);
98 get_absolute_rl(expr->right, &right_rl);
99 if (sval_is_negative(rl_min(left_rl)) ||
100 sval_is_negative(rl_min(right_rl)))
101 return 0;
103 return 1;
105 if (get_state_expr(my_id, expr) == &capped)
106 return 1;
107 return 0;
110 int is_capped_var_sym(const char *name, struct symbol *sym)
112 if (get_state(my_id, name, sym) == &capped)
113 return 1;
114 return 0;
117 void set_param_capped_data(const char *name, struct symbol *sym, char *key, char *value)
119 char fullname[256];
121 if (strncmp(key, "$", 1))
122 return;
123 snprintf(fullname, 256, "%s%s", name, key + 1);
124 set_state(my_id, fullname, sym, &capped);
127 static void match_condition(struct expression *expr)
129 struct smatch_state *left_true = NULL;
130 struct smatch_state *left_false = NULL;
131 struct smatch_state *right_true = NULL;
132 struct smatch_state *right_false = NULL;
135 if (expr->type != EXPR_COMPARE)
136 return;
138 switch (expr->op) {
139 case '<':
140 case SPECIAL_LTE:
141 case SPECIAL_UNSIGNED_LT:
142 case SPECIAL_UNSIGNED_LTE:
143 left_true = &capped;
144 right_false = &capped;
145 break;
146 case '>':
147 case SPECIAL_GTE:
148 case SPECIAL_UNSIGNED_GT:
149 case SPECIAL_UNSIGNED_GTE:
150 left_false = &capped;
151 right_true = &capped;
152 break;
153 case SPECIAL_EQUAL:
154 left_true = &capped;
155 right_true = &capped;
156 break;
157 case SPECIAL_NOTEQUAL:
158 left_false = &capped;
159 right_false = &capped;
160 break;
162 default:
163 return;
166 set_true_false_states_expr(my_id, expr->left, left_true, left_false);
167 set_true_false_states_expr(my_id, expr->right, right_true, right_false);
170 static void match_assign(struct expression *expr)
172 if (is_capped(expr->right)) {
173 set_state_expr(my_id, expr->left, &capped);
174 } else {
175 if (get_state_expr(my_id, expr->left))
176 set_state_expr(my_id, expr->left, &uncapped);
180 static void match_caller_info(struct expression *expr)
182 struct expression *tmp;
183 sval_t sval;
184 int i;
186 i = -1;
187 FOR_EACH_PTR(expr->args, tmp) {
188 i++;
189 if (get_implied_value(tmp, &sval))
190 continue;
191 if (!is_capped(tmp))
192 continue;
193 sql_insert_caller_info(expr, CAPPED_DATA, i, "$", "1");
194 } END_FOR_EACH_PTR(tmp);
197 static void struct_member_callback(struct expression *call, int param, char *printed_name, struct sm_state *sm)
199 struct smatch_state *estate;
200 sval_t sval;
202 if (sm->state != &capped)
203 return;
204 estate = get_state(SMATCH_EXTRA, sm->name, sm->sym);
205 if (estate_get_single_value(estate, &sval))
206 return;
207 sql_insert_caller_info(call, CAPPED_DATA, param, printed_name, "1");
210 static void print_return_implies_capped(int return_id, char *return_ranges, struct expression *expr)
212 struct smatch_state *orig, *estate;
213 struct sm_state *sm;
214 const char *param_name;
215 int param;
216 sval_t sval;
218 FOR_EACH_MY_SM(my_id, __get_cur_stree(), sm) {
219 if (sm->state != &capped)
220 continue;
222 param = get_param_num_from_sym(sm->sym);
223 if (param < 0)
224 continue;
226 estate = get_state(SMATCH_EXTRA, sm->name, sm->sym);
227 if (estate_get_single_value(estate, &sval))
228 continue;
230 orig = get_state_stree(get_start_states(), my_id, sm->name, sm->sym);
231 if (orig == &capped)
232 continue;
234 param_name = get_param_name(sm);
235 if (!param_name)
236 continue;
238 sql_insert_return_states(return_id, return_ranges, CAPPED_DATA,
239 param, param_name, "1");
240 } END_FOR_EACH_SM(sm);
243 static void db_return_states_capped(struct expression *expr, int param, char *key, char *value)
245 char *name;
246 struct symbol *sym;
248 name = return_state_to_var_sym(expr, param, key, &sym);
249 if (!name || !sym)
250 goto free;
252 set_state(my_id, name, sym, &capped);
253 free:
254 free_string(name);
257 void register_capped(int id)
259 my_id = id;
261 add_unmatched_state_hook(my_id, &unmatched_state);
262 select_caller_info_hook(set_param_capped_data, CAPPED_DATA);
263 add_hook(&match_condition, CONDITION_HOOK);
264 add_hook(&match_assign, ASSIGNMENT_HOOK);
266 add_hook(&match_caller_info, FUNCTION_CALL_HOOK);
267 add_member_info_callback(my_id, struct_member_callback);
269 add_split_return_callback(print_return_implies_capped);
270 select_return_states_hook(CAPPED_DATA, &db_return_states_capped);