search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
core: silence some false positives from parsing invalid code
[smatch.git] / smatch_slist.c
blobc6bc16cd80060559bf8610556be2f0857f57e513
1 /*
2 * Copyright (C) 2008,2009 Dan Carpenter.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version 2
7 * of the License, or (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, see http://www.gnu.org/copyleft/gpl.txt
16 */
17
18 #include <stdlib.h>
19 #include <stdio.h>
20 #include "smatch.h"
21 #include "smatch_slist.h"
22
23 #undef CHECKORDER
24
25 ALLOCATOR(smatch_state, "smatch state");
26 ALLOCATOR(sm_state, "sm state");
27 ALLOCATOR(named_stree, "named slist");
28 __DO_ALLOCATOR(char, 1, 4, "state names", sname);
29
30 static int sm_state_counter;
31
32 static struct stree_stack *all_pools;
33
34 char *show_sm(struct sm_state *sm)
35 {
36 static char buf[256];
37 struct sm_state *tmp;
38 int pos;
39 int i;
40
41 pos = snprintf(buf, sizeof(buf), "[%s] '%s' = '%s'",
42 check_name(sm->owner), sm->name, show_state(sm->state));
43 if (pos > sizeof(buf))
44 goto truncate;
45
46 if (ptr_list_size((struct ptr_list *)sm->possible) == 1)
47 return buf;
48
49 pos += snprintf(buf + pos, sizeof(buf) - pos, " (");
50 if (pos > sizeof(buf))
51 goto truncate;
52 i = 0;
53 FOR_EACH_PTR(sm->possible, tmp) {
54 if (i++)
55 pos += snprintf(buf + pos, sizeof(buf) - pos, ", ");
56 if (pos > sizeof(buf))
57 goto truncate;
58 pos += snprintf(buf + pos, sizeof(buf) - pos, "%s",
59 show_state(tmp->state));
60 if (pos > sizeof(buf))
61 goto truncate;
62 } END_FOR_EACH_PTR(tmp);
63 snprintf(buf + pos, sizeof(buf) - pos, ")");
64
65 return buf;
66
67 truncate:
68 for (i = 0; i < 3; i++)
69 buf[sizeof(buf) - 2 - i] = '.';
70 return buf;
71 }
72
73 void __print_stree(struct stree *stree)
74 {
75 struct sm_state *sm;
76
77 printf("dumping stree at %d [%ld states]\n", get_lineno(), stree_count(stree));
78 FOR_EACH_SM(stree, sm) {
79 printf("%s\n", show_sm(sm));
80 } END_FOR_EACH_SM(sm);
81 printf("---\n");
82 }
83
84 /* NULL states go at the end to simplify merge_slist */
85 int cmp_tracker(const struct sm_state *a, const struct sm_state *b)
86 {
87 int ret;
88
89 if (a == b)
90 return 0;
91 if (!b)
92 return -1;
93 if (!a)
94 return 1;
95
96 if (a->owner > b->owner)
97 return -1;
98 if (a->owner < b->owner)
99 return 1;
100
101 ret = strcmp(a->name, b->name);
102 if (ret < 0)
103 return -1;
104 if (ret > 0)
105 return 1;
106
107 if (!b->sym && a->sym)
108 return -1;
109 if (!a->sym && b->sym)
110 return 1;
111 if (a->sym < b->sym)
112 return -1;
113 if (a->sym > b->sym)
114 return 1;
115
116 return 0;
117 }
118
119 static int cmp_sm_states(const struct sm_state *a, const struct sm_state *b, int preserve)
120 {
121 int ret;
122
123 ret = cmp_tracker(a, b);
124 if (ret)
125 return ret;
126
127 /* todo: add hook for smatch_extra.c */
128 if (a->state > b->state)
129 return -1;
130 if (a->state < b->state)
131 return 1;
132 /* This is obviously a massive disgusting hack but we need to preserve
133 * the unmerged states for smatch extra because we use them in
134 * smatch_db.c. Meanwhile if we preserve all the other unmerged states
135 * then it uses a lot of memory and we don't use it. Hence this hack.
136 *
137 * Also sometimes even just preserving every possible SMATCH_EXTRA state
138 * takes too much resources so we have to cap that. Capping is probably
139 * not often a problem in real life.
140 */
141 if (a->owner == SMATCH_EXTRA && preserve) {
142 if (a == b)
143 return 0;
144 if (a->merged == 1 && b->merged == 0)
145 return -1;
146 if (a->merged == 0)
147 return 1;
148 }
149
150 return 0;
151 }
152
153 struct sm_state *alloc_sm_state(int owner, const char *name,
154 struct symbol *sym, struct smatch_state *state)
155 {
156 struct sm_state *sm_state = __alloc_sm_state(0);
157
158 sm_state_counter++;
159
160 sm_state->name = alloc_sname(name);
161 sm_state->owner = owner;
162 sm_state->sym = sym;
163 sm_state->state = state;
164 sm_state->line = get_lineno();
165 sm_state->merged = 0;
166 sm_state->pool = NULL;
167 sm_state->left = NULL;
168 sm_state->right = NULL;
169 sm_state->nr_children = 1;
170 sm_state->possible = NULL;
171 add_ptr_list(&sm_state->possible, sm_state);
172 return sm_state;
173 }
174
175 static struct sm_state *alloc_state_no_name(int owner, const char *name,
176 struct symbol *sym,
177 struct smatch_state *state)
178 {
179 struct sm_state *tmp;
180
181 tmp = alloc_sm_state(owner, NULL, sym, state);
182 tmp->name = name;
183 return tmp;
184 }
185
186 int too_many_possible(struct sm_state *sm)
187 {
188 if (ptr_list_size((struct ptr_list *)sm->possible) >= 100)
189 return 1;
190 return 0;
191 }
192
193 void add_possible_sm(struct sm_state *to, struct sm_state *new)
194 {
195 struct sm_state *tmp;
196 int preserve = 1;
197
198 if (too_many_possible(to))
199 preserve = 0;
200
201 FOR_EACH_PTR(to->possible, tmp) {
202 if (cmp_sm_states(tmp, new, preserve) < 0)
203 continue;
204 else if (cmp_sm_states(tmp, new, preserve) == 0) {
205 return;
206 } else {
207 INSERT_CURRENT(new, tmp);
208 return;
209 }
210 } END_FOR_EACH_PTR(tmp);
211 add_ptr_list(&to->possible, new);
212 }
213
214 static void copy_possibles(struct sm_state *to, struct sm_state *from)
215 {
216 struct sm_state *tmp;
217
218 FOR_EACH_PTR(from->possible, tmp) {
219 add_possible_sm(to, tmp);
220 } END_FOR_EACH_PTR(tmp);
221 }
222
223 char *alloc_sname(const char *str)
224 {
225 char *tmp;
226
227 if (!str)
228 return NULL;
229 tmp = __alloc_sname(strlen(str) + 1);
230 strcpy(tmp, str);
231 return tmp;
232 }
233
234 int out_of_memory(void)
235 {
236 /*
237 * I decided to use 50M here based on trial and error.
238 * It works out OK for the kernel and so it should work
239 * for most other projects as well.
240 */
241 if (sm_state_counter * sizeof(struct sm_state) >= 100000000)
242 return 1;
243 return 0;
244 }
245
246 int low_on_memory(void)
247 {
248 if (sm_state_counter * sizeof(struct sm_state) >= 25000000)
249 return 1;
250 return 0;
251 }
252
253 static void free_sm_state(struct sm_state *sm)
254 {
255 free_slist(&sm->possible);
256 /*
257 * fixme. Free the actual state.
258 * Right now we leave it until the end of the function
259 * because we don't want to double free it.
260 * Use the freelist to not double free things
261 */
262 }
263
264 static void free_all_sm_states(struct allocation_blob *blob)
265 {
266 unsigned int size = sizeof(struct sm_state);
267 unsigned int offset = 0;
268
269 while (offset < blob->offset) {
270 free_sm_state((struct sm_state *)(blob->data + offset));
271 offset += size;
272 }
273 }
274
275 /* At the end of every function we free all the sm_states */
276 void free_every_single_sm_state(void)
277 {
278 struct allocator_struct *desc = &sm_state_allocator;
279 struct allocation_blob *blob = desc->blobs;
280
281 desc->blobs = NULL;
282 desc->allocations = 0;
283 desc->total_bytes = 0;
284 desc->useful_bytes = 0;
285 desc->freelist = NULL;
286 while (blob) {
287 struct allocation_blob *next = blob->next;
288 free_all_sm_states(blob);
289 blob_free(blob, desc->chunking);
290 blob = next;
291 }
292 clear_sname_alloc();
293 clear_smatch_state_alloc();
294
295 free_stack_and_strees(&all_pools);
296 sm_state_counter = 0;
297 }
298
299 struct sm_state *clone_sm(struct sm_state *s)
300 {
301 struct sm_state *ret;
302
303 ret = alloc_state_no_name(s->owner, s->name, s->sym, s->state);
304 ret->merged = s->merged;
305 ret->line = s->line;
306 /* clone_sm() doesn't copy the pools. Each state needs to have
307 only one pool. */
308 ret->possible = clone_slist(s->possible);
309 ret->left = s->left;
310 ret->right = s->right;
311 ret->nr_children = s->nr_children;
312 return ret;
313 }
314
315 int is_merged(struct sm_state *sm)
316 {
317 return sm->merged;
318 }
319
320 int is_leaf(struct sm_state *sm)
321 {
322 return !sm->merged;
323 }
324
325 int slist_has_state(struct state_list *slist, struct smatch_state *state)
326 {
327 struct sm_state *tmp;
328
329 FOR_EACH_PTR(slist, tmp) {
330 if (tmp->state == state)
331 return 1;
332 } END_FOR_EACH_PTR(tmp);
333 return 0;
334 }
335
336 struct state_list *clone_slist(struct state_list *from_slist)
337 {
338 struct sm_state *sm;
339 struct state_list *to_slist = NULL;
340
341 FOR_EACH_PTR(from_slist, sm) {
342 add_ptr_list(&to_slist, sm);
343 } END_FOR_EACH_PTR(sm);
344 return to_slist;
345 }
346
347 static struct smatch_state *merge_states(int owner, const char *name,
348 struct symbol *sym,
349 struct smatch_state *state1,
350 struct smatch_state *state2)
351 {
352 struct smatch_state *ret;
353
354 if (state1 == state2)
355 ret = state1;
356 else if (__has_merge_function(owner))
357 ret = __client_merge_function(owner, state1, state2);
358 else if (state1 == &ghost)
359 ret = state2;
360 else if (state2 == &ghost)
361 ret = state1;
362 else if (!state1 || !state2)
363 ret = &undefined;
364 else
365 ret = &merged;
366 return ret;
367 }
368
369 struct sm_state *merge_sm_states(struct sm_state *one, struct sm_state *two)
370 {
371 struct smatch_state *s;
372 struct sm_state *result;
373 static int warned;
374
375 if (one == two)
376 return one;
377 if (out_of_memory()) {
378 if (!warned)
379 sm_msg("Function too hairy. No more merges.");
380 warned = 1;
381 return one;
382 }
383 warned = 0;
384 s = merge_states(one->owner, one->name, one->sym, one->state, two->state);
385 result = alloc_state_no_name(one->owner, one->name, one->sym, s);
386 result->merged = 1;
387 result->left = one;
388 result->right = two;
389 result->nr_children = one->nr_children + two->nr_children;
390 copy_possibles(result, one);
391 copy_possibles(result, two);
392
393 /*
394 * The ->line information is used by deref_check where we complain about
395 * checking pointers that have already been dereferenced. Let's say we
396 * dereference a pointer on both the true and false paths and then merge
397 * the states here. The result state is &derefed, but the ->line number
398 * is on the line where the pointer is merged not where it was
399 * dereferenced..
400 *
401 * So in that case, let's just pick one dereference and set the ->line
402 * to point at it.
403 *
404 */
405
406 if (result->state == one->state)
407 result->line = one->line;
408 if (result->state == two->state)
409 result->line = two->line;
410
411 if (option_debug ||
412 strcmp(check_name(one->owner), option_debug_check) == 0) {
413 struct sm_state *tmp;
414 int i = 0;
415
416 printf("%s:%d %s() merge [%s] '%s' %s(L %d) + %s(L %d) => %s (",
417 get_filename(), get_lineno(), get_function(),
418 check_name(one->owner), one->name,
419 show_state(one->state), one->line,
420 show_state(two->state), two->line,
421 show_state(s));
422
423 FOR_EACH_PTR(result->possible, tmp) {
424 if (i++)
425 printf(", ");
426 printf("%s", show_state(tmp->state));
427 } END_FOR_EACH_PTR(tmp);
428 printf(")\n");
429 }
430
431 return result;
432 }
433
434 struct sm_state *get_sm_state_stree(struct stree *stree, int owner, const char *name,
435 struct symbol *sym)
436 {
437 struct tracker tracker = {
438 .owner = owner,
439 .name = (char *)name,
440 .sym = sym,
441 };
442
443 if (!name)
444 return NULL;
445
446
447 return avl_lookup(stree, (struct sm_state *)&tracker);
448 }
449
450 struct smatch_state *get_state_stree(struct stree *stree,
451 int owner, const char *name,
452 struct symbol *sym)
453 {
454 struct sm_state *sm;
455
456 sm = get_sm_state_stree(stree, owner, name, sym);
457 if (sm)
458 return sm->state;
459 return NULL;
460 }
461
462 /* FIXME: this is almost exactly the same as set_sm_state_slist() */
463 void overwrite_sm_state_stree(struct stree **stree, struct sm_state *new)
464 {
465 avl_insert(stree, new);
466 }
467
468 void overwrite_sm_state_stree_stack(struct stree_stack **stack,
469 struct sm_state *sm)
470 {
471 struct stree *stree;
472
473 stree = pop_stree(stack);
474 overwrite_sm_state_stree(&stree, sm);
475 push_stree(stack, stree);
476 }
477
478 struct sm_state *set_state_stree(struct stree **stree, int owner, const char *name,
479 struct symbol *sym, struct smatch_state *state)
480 {
481 struct sm_state *new = alloc_sm_state(owner, name, sym, state);
482
483 avl_insert(stree, new);
484 return new;
485 }
486
487 void set_state_stree_perm(struct stree **stree, int owner, const char *name,
488 struct symbol *sym, struct smatch_state *state)
489 {
490 struct sm_state *sm;
491
492 sm = malloc(sizeof(*sm) + strlen(name) + 1);
493 memset(sm, 0, sizeof(*sm));
494 sm->owner = owner;
495 sm->name = (char *)(sm + 1);
496 strcpy((char *)sm->name, name);
497 sm->sym = sym;
498 sm->state = state;
499
500 overwrite_sm_state_stree(stree, sm);
501 }
502
503 void delete_state_stree(struct stree **stree, int owner, const char *name,
504 struct symbol *sym)
505 {
506 struct tracker tracker = {
507 .owner = owner,
508 .name = (char *)name,
509 .sym = sym,
510 };
511
512 avl_remove(stree, (struct sm_state *)&tracker);
513 }
514
515 void delete_state_stree_stack(struct stree_stack **stack, int owner, const char *name,
516 struct symbol *sym)
517 {
518 struct stree *stree;
519
520 stree = pop_stree(stack);
521 delete_state_stree(&stree, owner, name, sym);
522 push_stree(stack, stree);
523 }
524
525 void push_stree(struct stree_stack **stack, struct stree *stree)
526 {
527 add_ptr_list(stack, stree);
528 }
529
530 struct stree *pop_stree(struct stree_stack **stack)
531 {
532 struct stree *stree;
533
534 stree = last_ptr_list((struct ptr_list *)*stack);
535 delete_ptr_list_last((struct ptr_list **)stack);
536 return stree;
537 }
538
539 struct stree *top_stree(struct stree_stack *stack)
540 {
541 return last_ptr_list((struct ptr_list *)stack);
542 }
543
544 void free_slist(struct state_list **slist)
545 {
546 __free_ptr_list((struct ptr_list **)slist);
547 }
548
549 void free_stree_stack(struct stree_stack **stack)
550 {
551 __free_ptr_list((struct ptr_list **)stack);
552 }
553
554 void free_stack_and_strees(struct stree_stack **stree_stack)
555 {
556 struct stree *stree;
557
558 FOR_EACH_PTR(*stree_stack, stree) {
559 free_stree(&stree);
560 } END_FOR_EACH_PTR(stree);
561 free_stree_stack(stree_stack);
562 }
563
564 struct sm_state *set_state_stree_stack(struct stree_stack **stack, int owner, const char *name,
565 struct symbol *sym, struct smatch_state *state)
566 {
567 struct stree *stree;
568 struct sm_state *sm;
569
570 stree = pop_stree(stack);
571 sm = set_state_stree(&stree, owner, name, sym, state);
572 push_stree(stack, stree);
573
574 return sm;
575 }
576
577 /*
578 * get_sm_state_stack() gets the state for the top slist on the stack.
579 */
580 struct sm_state *get_sm_state_stree_stack(struct stree_stack *stack,
581 int owner, const char *name,
582 struct symbol *sym)
583 {
584 struct stree *stree;
585 struct sm_state *ret;
586
587 stree = pop_stree(&stack);
588 ret = get_sm_state_stree(stree, owner, name, sym);
589 push_stree(&stack, stree);
590 return ret;
591 }
592
593 struct smatch_state *get_state_stree_stack(struct stree_stack *stack,
594 int owner, const char *name,
595 struct symbol *sym)
596 {
597 struct sm_state *sm;
598
599 sm = get_sm_state_stree_stack(stack, owner, name, sym);
600 if (sm)
601 return sm->state;
602 return NULL;
603 }
604
605 static void match_states_stree(struct stree **one, struct stree **two)
606 {
607 struct smatch_state *tmp_state;
608 struct sm_state *sm;
609 struct state_list *add_to_one = NULL;
610 struct state_list *add_to_two = NULL;
611 AvlIter one_iter;
612 AvlIter two_iter;
613
614 avl_iter_begin(&one_iter, *one, FORWARD);
615 avl_iter_begin(&two_iter, *two, FORWARD);
616
617 for (;;) {
618 if (!one_iter.sm && !two_iter.sm)
619 break;
620 if (cmp_tracker(one_iter.sm, two_iter.sm) < 0) {
621 __set_fake_cur_stree_fast(*two);
622 tmp_state = __client_unmatched_state_function(one_iter.sm);
623 __pop_fake_cur_stree_fast();
624 sm = alloc_state_no_name(one_iter.sm->owner, one_iter.sm->name,
625 one_iter.sm->sym, tmp_state);
626 add_ptr_list(&add_to_two, sm);
627 avl_iter_next(&one_iter);
628 } else if (cmp_tracker(one_iter.sm, two_iter.sm) == 0) {
629 avl_iter_next(&one_iter);
630 avl_iter_next(&two_iter);
631 } else {
632 __set_fake_cur_stree_fast(*one);
633 tmp_state = __client_unmatched_state_function(two_iter.sm);
634 __pop_fake_cur_stree_fast();
635 sm = alloc_state_no_name(two_iter.sm->owner, two_iter.sm->name,
636 two_iter.sm->sym, tmp_state);
637 add_ptr_list(&add_to_one, sm);
638 avl_iter_next(&two_iter);
639 }
640 }
641
642 FOR_EACH_PTR(add_to_one, sm) {
643 avl_insert(one, sm);
644 } END_FOR_EACH_PTR(sm);
645
646 FOR_EACH_PTR(add_to_two, sm) {
647 avl_insert(two, sm);
648 } END_FOR_EACH_PTR(sm);
649
650 free_slist(&add_to_one);
651 free_slist(&add_to_two);
652 }
653
654 static void call_pre_merge_hooks(struct stree **one, struct stree **two)
655 {
656 struct sm_state *sm;
657
658 save_all_states();
659
660 __swap_cur_stree(*one);
661 FOR_EACH_SM(*two, sm) {
662 call_pre_merge_hook(sm);
663 } END_FOR_EACH_SM(sm);
664 *one = clone_stree(__get_cur_stree());
665
666 __swap_cur_stree(*two);
667 FOR_EACH_SM(*one, sm) {
668 call_pre_merge_hook(sm);
669 } END_FOR_EACH_SM(sm);
670 *two = clone_stree(__get_cur_stree());
671
672 restore_all_states();
673 }
674
675 static void clone_pool_havers_stree(struct stree **stree)
676 {
677 struct sm_state *sm, *tmp;
678 struct state_list *slist = NULL;
679
680 FOR_EACH_SM(*stree, sm) {
681 if (sm->pool) {
682 tmp = clone_sm(sm);
683 add_ptr_list(&slist, tmp);
684 }
685 } END_FOR_EACH_SM(sm);
686
687 FOR_EACH_PTR(slist, sm) {
688 avl_insert(stree, sm);
689 } END_FOR_EACH_PTR(sm);
690
691 free_slist(&slist);
692 }
693
694 int __stree_id;
695
696 /*
697 * merge_slist() is called whenever paths merge, such as after
698 * an if statement. It takes the two slists and creates one.
699 */
700 static void __merge_stree(struct stree **to, struct stree *stree, int add_pool)
701 {
702 struct stree *results = NULL;
703 struct stree *implied_one = NULL;
704 struct stree *implied_two = NULL;
705 AvlIter one_iter;
706 AvlIter two_iter;
707 struct sm_state *tmp_sm;
708
709 if (out_of_memory())
710 return;
711
712 /* merging a null and nonnull path gives you only the nonnull path */
713 if (!stree)
714 return;
715 if (*to == stree)
716 return;
717
718 if (!*to) {
719 *to = clone_stree(stree);
720 return;
721 }
722
723 implied_one = clone_stree(*to);
724 implied_two = clone_stree(stree);
725
726 match_states_stree(&implied_one, &implied_two);
727 call_pre_merge_hooks(&implied_one, &implied_two);
728
729 if (add_pool) {
730 clone_pool_havers_stree(&implied_one);
731 clone_pool_havers_stree(&implied_two);
732
733 set_stree_id(&implied_one, ++__stree_id);
734 set_stree_id(&implied_two, ++__stree_id);
735 if (implied_one->base_stree)
736 set_stree_id(&implied_one->base_stree, ++__stree_id);
737 if (implied_two->base_stree)
738 set_stree_id(&implied_two->base_stree, ++__stree_id);
739 }
740
741 push_stree(&all_pools, implied_one);
742 push_stree(&all_pools, implied_two);
743
744 avl_iter_begin(&one_iter, implied_one, FORWARD);
745 avl_iter_begin(&two_iter, implied_two, FORWARD);
746
747 for (;;) {
748 if (!one_iter.sm || !two_iter.sm)
749 break;
750 if (cmp_tracker(one_iter.sm, two_iter.sm) < 0) {
751 sm_msg("error: Internal smatch error.");
752 avl_iter_next(&one_iter);
753 } else if (cmp_tracker(one_iter.sm, two_iter.sm) == 0) {
754 if (add_pool && one_iter.sm != two_iter.sm) {
755 one_iter.sm->pool = implied_one;
756 if (implied_one->base_stree)
757 one_iter.sm->pool = implied_one->base_stree;
758 two_iter.sm->pool = implied_two;
759 if (implied_two->base_stree)
760 two_iter.sm->pool = implied_two->base_stree;
761 }
762 tmp_sm = merge_sm_states(one_iter.sm, two_iter.sm);
763 add_possible_sm(tmp_sm, one_iter.sm);
764 add_possible_sm(tmp_sm, two_iter.sm);
765 avl_insert(&results, tmp_sm);
766 avl_iter_next(&one_iter);
767 avl_iter_next(&two_iter);
768 } else {
769 sm_msg("error: Internal smatch error.");
770 avl_iter_next(&two_iter);
771 }
772 }
773
774 free_stree(to);
775 *to = results;
776 }
777
778 void merge_stree(struct stree **to, struct stree *stree)
779 {
780 __merge_stree(to, stree, 1);
781 }
782
783 void merge_stree_no_pools(struct stree **to, struct stree *stree)
784 {
785 __merge_stree(to, stree, 0);
786 }
787
788 /*
789 * This is unfortunately a bit subtle... The problem is that if a
790 * state is set on one fake stree but not the other then we should
791 * look up the the original state and use that as the unset state.
792 * Fortunately, after you pop your fake stree then the cur_slist should
793 * reflect the original state.
794 */
795 void merge_fake_stree(struct stree **to, struct stree *stree)
796 {
797 struct stree *one = *to;
798 struct stree *two = stree;
799 struct sm_state *sm;
800 struct state_list *add_to_one = NULL;
801 struct state_list *add_to_two = NULL;
802 AvlIter one_iter;
803 AvlIter two_iter;
804
805 if (!stree)
806 return;
807 if (*to == stree)
808 return;
809 if (!*to) {
810 *to = clone_stree(stree);
811 return;
812 }
813
814 avl_iter_begin(&one_iter, one, FORWARD);
815 avl_iter_begin(&two_iter, two, FORWARD);
816
817 for (;;) {
818 if (!one_iter.sm && !two_iter.sm)
819 break;
820 if (cmp_tracker(one_iter.sm, two_iter.sm) < 0) {
821 sm = get_sm_state(one_iter.sm->owner, one_iter.sm->name,
822 one_iter.sm->sym);
823 if (sm)
824 add_ptr_list(&add_to_two, sm);
825 avl_iter_next(&one_iter);
826 } else if (cmp_tracker(one_iter.sm, two_iter.sm) == 0) {
827 avl_iter_next(&one_iter);
828 avl_iter_next(&two_iter);
829 } else {
830 sm = get_sm_state(two_iter.sm->owner, two_iter.sm->name,
831 two_iter.sm->sym);
832 if (sm)
833 add_ptr_list(&add_to_one, sm);
834 avl_iter_next(&two_iter);
835 }
836 }
837
838 FOR_EACH_PTR(add_to_one, sm) {
839 avl_insert(&one, sm);
840 } END_FOR_EACH_PTR(sm);
841
842 FOR_EACH_PTR(add_to_two, sm) {
843 avl_insert(&two, sm);
844 } END_FOR_EACH_PTR(sm);
845
846 one->base_stree = clone_stree(__get_cur_stree());
847 FOR_EACH_SM(one, sm) {
848 avl_insert(&one->base_stree, sm);
849 } END_FOR_EACH_SM(sm);
850
851 two->base_stree = clone_stree(__get_cur_stree());
852 FOR_EACH_SM(two, sm) {
853 avl_insert(&two->base_stree, sm);
854 } END_FOR_EACH_SM(sm);
855
856 free_slist(&add_to_one);
857 free_slist(&add_to_two);
858
859 __merge_stree(&one, two, 1);
860
861 *to = one;
862 }
863
864 /*
865 * filter_slist() removes any sm states "slist" holds in common with "filter"
866 */
867 void filter_stree(struct stree **stree, struct stree *filter)
868 {
869 struct stree *results = NULL;
870 AvlIter one_iter;
871 AvlIter two_iter;
872
873 avl_iter_begin(&one_iter, *stree, FORWARD);
874 avl_iter_begin(&two_iter, filter, FORWARD);
875
876 /* FIXME: This should probably be re-written with trees in mind */
877
878 for (;;) {
879 if (!one_iter.sm && !two_iter.sm)
880 break;
881 if (cmp_tracker(one_iter.sm, two_iter.sm) < 0) {
882 avl_insert(&results, one_iter.sm);
883 avl_iter_next(&one_iter);
884 } else if (cmp_tracker(one_iter.sm, two_iter.sm) == 0) {
885 if (one_iter.sm != two_iter.sm)
886 avl_insert(&results, one_iter.sm);
887 avl_iter_next(&one_iter);
888 avl_iter_next(&two_iter);
889 } else {
890 avl_iter_next(&two_iter);
891 }
892 }
893
894 free_stree(stree);
895 *stree = results;
896 }
897
898
899 /*
900 * and_slist_stack() pops the top two slists, overwriting the one with
901 * the other and pushing it back on the stack.
902 */
903 void and_stree_stack(struct stree_stack **stack)
904 {
905 struct sm_state *tmp;
906 struct stree *right_stree = pop_stree(stack);
907
908 FOR_EACH_SM(right_stree, tmp) {
909 overwrite_sm_state_stree_stack(stack, tmp);
910 } END_FOR_EACH_SM(tmp);
911 free_stree(&right_stree);
912 }
913
914 /*
915 * or_slist_stack() is for if we have: if (foo || bar) { foo->baz;
916 * It pops the two slists from the top of the stack and merges them
917 * together in a way that preserves the things they have in common
918 * but creates a merged state for most of the rest.
919 * You could have code that had: if (foo || foo) { foo->baz;
920 * It's this function which ensures smatch does the right thing.
921 */
922 void or_stree_stack(struct stree_stack **pre_conds,
923 struct stree *cur_stree,
924 struct stree_stack **stack)
925 {
926 struct stree *new;
927 struct stree *old;
928 struct stree *pre_stree;
929 struct stree *res;
930 struct stree *tmp_stree;
931
932 new = pop_stree(stack);
933 old = pop_stree(stack);
934
935 pre_stree = pop_stree(pre_conds);
936 push_stree(pre_conds, clone_stree(pre_stree));
937
938 res = clone_stree(pre_stree);
939 overwrite_stree(old, &res);
940
941 tmp_stree = clone_stree(cur_stree);
942 overwrite_stree(new, &tmp_stree);
943
944 merge_stree(&res, tmp_stree);
945 filter_stree(&res, pre_stree);
946
947 push_stree(stack, res);
948 free_stree(&tmp_stree);
949 free_stree(&pre_stree);
950 free_stree(&new);
951 free_stree(&old);
952 }
953
954 /*
955 * get_named_stree() is only used for gotos.
956 */
957 struct stree **get_named_stree(struct named_stree_stack *stack,
958 const char *name,
959 struct symbol *sym)
960 {
961 struct named_stree *tmp;
962
963 FOR_EACH_PTR(stack, tmp) {
964 if (tmp->sym == sym &&
965 strcmp(tmp->name, name) == 0)
966 return &tmp->stree;
967 } END_FOR_EACH_PTR(tmp);
968 return NULL;
969 }
970
971 /* FIXME: These parameters are in a different order from expected */
972 void overwrite_stree(struct stree *from, struct stree **to)
973 {
974 struct sm_state *tmp;
975
976 FOR_EACH_SM(from, tmp) {
977 overwrite_sm_state_stree(to, tmp);
978 } END_FOR_EACH_SM(tmp);
979 }
980
Static analysis for C