smatch_points_to_container.c

   1 /*
   2  * Copyright (C) 2022 Oracle.
   3  *
   4  * This program is free software; you can redistribute it and/or
   5  * modify it under the terms of the GNU General Public License
   6  * as published by the Free Software Foundation; either version 2
   7  * of the License, or (at your option) any later version.
   8  *
   9  * This program is distributed in the hope that it will be useful,
  10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  * GNU General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU General Public License
  15  * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt
  16  */
  17
  18 #include "ctype.h"
  19 #include "smatch.h"
  20 #include "smatch_slist.h"
  21 #include "smatch_extra.h"
  22
  23 static int my_id;
  24
  25 static void undef(struct sm_state *sm, struct expression *mod_expr)
  26 {
  27         set_state(my_id, sm->name, sm->sym, &undefined);
  28 }
  29
  30 static char *handle_container_of_assign(struct expression *expr, struct expression **ptr)
  31 {
  32         struct expression *right, *orig;
  33         struct symbol *type;
  34         sval_t sval;
  35         char buf[64];
  36
  37         type = get_type(expr->left);
  38         if (!type || type->type != SYM_PTR)
  39                 return NULL;
  40
  41         right = strip_expr(expr->right);
  42         if (right->type != EXPR_BINOP || right->op != '-')
  43                 return NULL;
  44
  45         if (!get_value(right->right, &sval) ||
  46            sval.value < 0 || sval.value > MTAG_OFFSET_MASK)
  47                 return NULL;
  48
  49         orig = get_assigned_expr(right->left);
  50         if (!orig)
  51                 return NULL;
  52
  53         snprintf(buf, sizeof(buf), "(%lld<~$)", sval.value);
  54         *ptr = orig;
  55         return alloc_string(buf);
  56 }
  57
  58
  59 static void match_assign(struct expression *expr)
  60 {
  61         struct expression *ptr = NULL;
  62         char *container_str, *name;
  63         struct symbol *sym;
  64         char buf[64];
  65
  66         if (expr->op != '=')
  67                 return;
  68
  69         if (is_fake_call(expr->right) || __in_fake_parameter_assign ||
  70             __in_fake_struct_assign)
  71                 return;
  72
  73         container_str = handle_container_of_assign(expr, &ptr);
  74         if (!container_str || !ptr)
  75                 return;
  76         name = expr_to_var_sym(ptr, &sym);
  77         if (!name || !sym)
  78                 goto free;
  79
  80         snprintf(buf, sizeof(buf), "%s %s", name, container_str);
  81         set_state(my_id, buf, sym, alloc_state_expr(expr->left));
  82
  83 free:
  84         free_string(name);
  85         free_string(container_str);
  86 }
  87
  88 static void return_str_hook(struct expression *expr, const char *ret_str)
  89 {
  90         struct expression *call, *arg;
  91         struct symbol *sym;
  92         int offset, param;
  93         char buf[32];
  94         char *name;
  95
  96         if (!expr || expr->type != EXPR_ASSIGNMENT)
  97                 return;
  98         call = expr;
  99         while (call && call->type == EXPR_ASSIGNMENT)
 100                 call = strip_expr(call->right);
 101         if (!call || call->type != EXPR_CALL)
 102                 return;
 103
 104         if (!get_offset_param(ret_str, &offset, &param))
 105                 return;
 106
 107         arg = get_argument_from_call_expr(call->args, param);
 108         arg = strip_expr(arg);
 109         if (!arg)
 110                 return;
 111
 112         name = expr_to_var_sym(arg, &sym);
 113         if (!name || !sym)
 114                 return;
 115
 116         snprintf(buf, sizeof(buf), "%s (%d<~$)", name, offset);
 117         set_state(my_id, buf, sym, alloc_state_expr(expr->left));
 118 }
 119
 120 struct expression *get_stored_container(struct expression *expr, int offset)
 121 {
 122         struct smatch_state *state;
 123         struct symbol *sym;
 124         char buf[64];
 125         char *name;
 126
 127         name = expr_to_var_sym(expr, &sym);
 128         if (!name || !sym)
 129                 return NULL;
 130
 131         snprintf(buf, sizeof(buf), "%s (%d<~$)", name, offset);
 132         free_string(name);
 133         state = get_state(my_id, buf, sym);
 134         if (!state)
 135                 return NULL;
 136         return state->data;
 137 }
 138
 139 void register_points_to_container(int id)
 140 {
 141         my_id = id;
 142
 143         set_dynamic_states(my_id);
 144         add_hook(&match_assign, ASSIGNMENT_HOOK_AFTER);
 145         add_return_string_hook(return_str_hook);
 146         add_modification_hook(my_id, &undef);
 147 }
 148