search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Don't try calling lsl when file is missing.
[splint-patched.git] / src / exprChecks.c
blob769f08d11186ca14d05fefdfc98a0f901b25d2f1
1 /*
2 ** Splint - annotation-assisted static program checker
3 ** Copyright (C) 1994-2003 University of Virginia,
4 ** Massachusetts Institute of Technology
5 **
6 ** This program is free software; you can redistribute it and/or modify it
7 ** under the terms of the GNU General Public License as published by the
8 ** Free Software Foundation; either version 2 of the License, or (at your
9 ** option) any later version.
10 **
11 ** This program is distributed in the hope that it will be useful, but
12 ** WITHOUT ANY WARRANTY; without even the implied warranty of
13 ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 ** General Public License for more details.
15 **
16 ** The GNU General Public License is available from http://www.gnu.org/ or
17 ** the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
18 ** MA 02111-1307, USA.
19 **
20 ** For information on splint: info@splint.org
21 ** To report a bug: splint-bug@splint.org
22 ** For more information: http://www.splint.org
23 */
24 /*
25 ** exprChecks.c
26 */
27
28 # include "splintMacros.nf"
29 # include "basic.h"
30 # include "transferChecks.h"
31 # include "exprChecks.h"
32
33 /*
34 ** for now, allow exprChecks to access exprNode.
35 ** may remove this in future
36 */
37
38 /*@access exprNode@*/
39
40 static bool checkCallModifyAux (/*@exposed@*/ sRef p_s, exprNode p_f, sRef p_alias, exprNode p_err);
41 static bool checkModifyValAux (/*@exposed@*/ sRef p_s, exprNode p_f, sRef p_alias, exprNode p_err);
42 static bool checkModifyAux (/*@exposed@*/ sRef p_s, exprNode p_f, sRef p_alias, exprNode p_err);
43 static void checkSafeReturnExpr (/*@notnull@*/ exprNode p_e);
44
45 /*
46 ** called at end of expression statement
47 **
48 ** of e->kind is not an assign, empty, body or modop
49 ** verify the the value is void
50 **
51 */
52
53 static int inCompoundStatementExpression = 0;
54
55 void
56 exprChecks_inCompoundStatementExpression (void)
57 {
58 inCompoundStatementExpression++;
59 }
60
61 void
62 exprChecks_leaveCompoundStatementExpression (void)
63 {
64 inCompoundStatementExpression--;
65 llassert (inCompoundStatementExpression >= 0);
66 }
67
68 void
69 exprChecks_checkStatementEffect (exprNode e)
70 {
71 bool hasError = FALSE;
72
73 if (inCompoundStatementExpression > 0)
74 {
75 /*
76 ** Okay to have effectless statments in compound statement expression (should check
77 ** it is the last statement, but we don't for now).
78 */
79
80 return;
81 }
82
83 if (!exprNode_isError (e))
84 {
85 exprKind ek = e->kind;
86
87 if (ek == XPR_CALL && !(ctype_isRealVoid (e->typ)))
88 {
89 if (ctype_isKnown (e->typ))
90 {
91 if (ctype_isManifestBool (ctype_realishType (e->typ)))
92 {
93 hasError = optgenerror
94 (FLG_RETVALBOOL,
95 message ("Return value (type %t) ignored: %s",
96 e->typ,
97 exprNode_unparseFirst (e)),
98 e->loc);
99 }
100 else if (ctype_isDirectInt (e->typ))
101 {
102 hasError = optgenerror
103 (FLG_RETVALINT,
104 message ("Return value (type %t) ignored: %s",
105 e->typ,
106 exprNode_unparseFirst (e)),
107 e->loc);
108 }
109 else
110 {
111 hasError = optgenerror
112 (FLG_RETVALOTHER,
113 message ("Return value (type %t) ignored: %s",
114 e->typ,
115 exprNode_unparseFirst (e)),
116 e->loc);
117 }
118 }
119 }
120
121 if (!hasError && !(exprNode_mayEscape (e))
122 && !(e->canBreak)) /* control changes are effects too! */
123 {
124 if (sRefSet_hasRealElement (e->sets)
125 || sRefSet_hasRealElement (e->msets))
126 {
127 ; /* okay */
128 }
129 else
130 {
131 if (sRefSet_isEmpty (e->sets) && sRefSet_isEmpty (e->msets))
132 {
133 voptgenerror
134 (FLG_NOEFFECT,
135 message ("Statement has no effect: %s",
136 exprNode_unparseFirst (e)),
137 e->loc);
138 }
139 else
140 {
141 if (context_maybeSet (FLG_NOEFFECTUNCON))
142 {
143 if (sRefSet_hasUnconstrained (e->sets))
144 {
145 voptgenerror
146 (FLG_NOEFFECTUNCON,
147 message ("Statement has no effect (possible "
148 "undected modification through "
149 "call to %q): %s",
150 sRefSet_unparseUnconstrained (e->sets),
151 exprNode_unparseFirst (e)),
152 e->loc);
153 }
154 else if (sRefSet_hasUnconstrained (e->msets))
155 {
156 voptgenerror
157 (FLG_NOEFFECTUNCON,
158 message ("Statement has no effect (possible "
159 "undected modification through "
160 "call to %q): %s",
161 sRefSet_unparseUnconstrained (e->msets),
162 exprNode_unparseFirst (e)),
163 e->loc);
164 }
165 else
166 {
167 ; /* statement has unknown modification */
168 }
169 }
170 }
171 }
172 }
173 }
174 }
175
176 static bool
177 checkRepExposed (sRef base, /*@notnull@*/ exprNode e, sRef alias,
178 /*@unused@*/ exprNode unused)
179 {
180 ctype btype;
181
182 if (sRef_isInvalid (alias) || sRef_sameName (base, alias))
183 {
184 btype = sRef_getType (base);
185
186 if (ctype_isAbstract (btype) && ctype_isVisiblySharable (e->typ))
187 {
188 voptgenerror (FLG_RETEXPOSE,
189 message ("Return value exposes rep of %s: %s",
190 ctype_unparse (btype),
191 exprNode_unparse (e)),
192 e->loc);
193 return TRUE;
194 }
195 }
196 else
197 {
198 sRef rbase = sRef_getRootBase (base);
199 btype = sRef_getType (rbase);
200
201 if (ctype_isAbstract (btype) && ctype_isVisiblySharable (e->typ))
202 {
203 voptgenerror
204 (FLG_RETEXPOSE,
205 message ("Return value may expose rep of %s through alias %q: %s",
206 ctype_unparse (btype),
207 sRef_unparse (rbase),
208 exprNode_unparse (e)),
209 e->loc);
210 return TRUE;
211 }
212 }
213
214 return FALSE;
215 }
216
217 static bool
218 checkRefGlobParam (sRef base, /*@notnull@*/ exprNode e,
219 sRef alias, /*@unused@*/ exprNode unused)
220 {
221 if (sRef_isInvalid (alias) || sRef_sameName (base, alias))
222 {
223 ctype ct = e->typ;
224
225 if (ctype_isUnknown (ct))
226 {
227 ct = sRef_getType (base);
228 }
229
230 if (ctype_isVisiblySharable (ct))
231 {
232 if (sRef_isFileOrGlobalScope (base))
233 {
234 uentry fcn = context_getHeader ();
235 bool noerror = FALSE;
236
237 if (uentry_isValid (fcn) && uentry_isFunction (fcn))
238 {
239 sRef res = uentry_getSref (fcn);
240
241 /* If result is dependent and global is owned, this is okay... */
242 if (sRef_isDependent (res)
243 && sRef_isOwned (base))
244 {
245 noerror = TRUE;
246
247 }
248 }
249
250 if (!noerror)
251 {
252 voptgenerror
253 (FLG_RETALIAS,
254 message ("Function returns reference to global %q: %s",
255 sRef_unparse (base),
256 exprNode_unparse (e)),
257 e->loc);
258 }
259
260 return TRUE;
261 }
262 else if (sRef_isAnyParam (base))
263 {
264 uentryList params = context_getParams ();
265 int paramno = sRef_getParam (base);
266
267 if (paramno < uentryList_size (params))
268 {
269 uentry arg = uentryList_getN (params, paramno);
270 sRef ref = uentry_getSref (arg);
271
272 if (uentry_isReturned (arg)
273 || sRef_isOnly (ref)
274 || sRef_isExposed (ref)
275 || sRef_isRefCounted (ref))
276 {
277 ; /* okay */
278 }
279 else
280 {
281 voptgenerror
282 (FLG_RETALIAS,
283 message ("Function returns reference to parameter %q: %s",
284 sRef_unparse (base),
285 exprNode_unparse (e)),
286 e->loc);
287 }
288 }
289 else
290 {
291 llbuglit ("ret alias: bad paramno");
292 }
293
294 return TRUE;
295 }
296 else
297 {
298 return FALSE;
299 }
300 }
301 }
302 else
303 {
304 if (ctype_isVisiblySharable (e->typ))
305 {
306 if (sRef_isFileOrGlobalScope (base))
307 {
308 voptgenerror
309 (FLG_RETALIAS,
310 message ("Function may return reference to global %q through alias %q: %s",
311 sRef_unparse (alias),
312 sRef_unparse (base),
313 exprNode_unparse (e)),
314 e->loc);
315 return TRUE;
316 }
317 else if (sRef_isAnyParam (base) && !(sRef_isOnly (base)))
318 {
319 uentryList params = context_getParams ();
320 int paramno = sRef_getParam (base);
321
322 if (paramno < uentryList_size (params))
323 {
324 uentry arg = uentryList_getN (params, paramno);
325
326 if (!uentry_isReturned (arg))
327 {
328 voptgenerror
329 (FLG_RETALIAS,
330 message
331 ("Function may return reference to parameter %q through alias %q: %s",
332 sRef_unparse (base),
333 sRef_unparse (alias),
334 exprNode_unparse (e)),
335 e->loc);
336
337 return TRUE;
338 }
339 }
340 else
341 {
342 voptgenerror
343 (FLG_RETALIAS,
344 message
345 ("Function may return reference to parameter %q through alias %q: %s",
346 sRef_unparse (base),
347 sRef_unparse (alias),
348 exprNode_unparse (e)),
349 e->loc);
350
351 return TRUE;
352 }
353 }
354 else
355 {
356 return FALSE;
357 }
358 }
359 }
360 return FALSE;
361 }
362
363
364 void
365 exprNode_checkModify (exprNode e, exprNode err)
366 {
367 llassert (exprNode_isDefined (e));
368
369 DPRINTF (("Check modify: %s", exprNode_unparse (e)));
370
371 if (sRef_isValid (e->sref))
372 {
373 sRef_aliasCheckPred (checkModifyAux, sRef_isReference, e->sref, e, err);
374 }
375 }
376
377 void
378 exprNode_checkModifyVal (exprNode e, exprNode err)
379 {
380 llassert (exprNode_isDefined (e));
381
382 DPRINTF (("Check modify val: %s", exprNode_unparse (e)));
383
384 if (sRef_isValid (e->sref))
385 {
386 sRef_aliasCheckPred (checkModifyValAux, sRef_isReference, e->sref, e, err);
387 }
388 }
389
390 void
391 exprChecks_checkNullReturn (fileloc loc)
392 {
393 if (!context_inRealFunction ())
394 {
395 /*
396 llmsg ("exprChecks_checkNullReturnExpr: not in function context");
397 */
398 return;
399 }
400 else
401 {
402 if (ctype_isFunction (context_currentFunctionType ()))
403 {
404 ctype tr = ctype_getReturnType (context_currentFunctionType ());
405
406 if (!ctype_isFirstVoid (tr))
407 {
408 if (ctype_isUnknown (tr))
409 {
410 voptgenerror
411 (FLG_EMPTYRETURN,
412 cstring_makeLiteral ("Empty return in function declared to implicitly return int"),
413 loc);
414 }
415 else
416 {
417 voptgenerror (FLG_EMPTYRETURN,
418 message ("Empty return in function declared to return %t", tr),
419 loc);
420 }
421 }
422 }
423 }
424 }
425
426 void
427 exprNode_checkReturn (exprNode e)
428 {
429 if (!exprNode_isError (e))
430 {
431 if (!context_inRealFunction ())
432 {
433 if (context_inMacro ())
434 {
435 llerror (FLG_MACRORETURN,
436 message ("Macro %s uses return (not functional)",
437 context_inFunctionName ()));
438 }
439 else
440 {
441 /*
442 llbuglit ("exprNode_checkReturn: not in function context");
443 */
444 }
445 }
446 else
447 {
448 if (ctype_isFunction (context_currentFunctionType ()))
449 {
450 checkSafeReturnExpr (e);
451 }
452 else
453 {
454 ;
455 }
456 }
457 }
458 }
459
460 void
461 exprNode_checkPred (cstring c, exprNode e)
462 {
463 ctype ct;
464
465 if (exprNode_isError (e))
466 return;
467
468 ct = exprNode_getType (e);
469
470 if (exprNode_isAssign (e))
471 {
472 voptgenerror
473 (FLG_PREDASSIGN,
474 message ("Test expression for %s is assignment expression: %s",
475 c, exprNode_unparse (e)),
476 e->loc);
477 }
478
479 if (ctype_isRealBool (ct) || ctype_isUnknown (ct))
480 /* evs 2000-12-20 added || ctype_isUnknown to avoid spurious messages */
481 {
482 ;
483 }
484 else if (ctype_isRealPointer (ct))
485 {
486 voptgenerror
487 (FLG_PREDBOOLPTR,
488 message ("Test expression for %s not %s, type %t: %s", c,
489 context_printBoolName (),
490 ct, exprNode_unparse (e)),
491 e->loc);
492 }
493 else if (ctype_isRealInt (ct))
494 {
495 voptgenerror
496 (FLG_PREDBOOLINT,
497 message ("Test expression for %s not %s, type %t: %s", c,
498 context_printBoolName (), ct, exprNode_unparse (e)),
499 e->loc);
500 }
501 else
502 {
503 voptgenerror
504 (FLG_PREDBOOLOTHERS,
505 message ("Test expression for %s not %s, type %t: %s", c,
506 context_printBoolName (), ct, exprNode_unparse (e)),
507 e->loc);
508 }
509 }
510
511 void
512 exprChecks_checkUsedGlobs (globSet decl, globSet used)
513 {
514 fileloc fl = uentry_whereSpecified (context_getHeader ());
515
516 if (fileloc_isUndefined (fl))
517 {
518 fl = uentry_whereDeclared (context_getHeader ());
519 }
520
521 globSet_allElements (decl, el)
522 {
523 if (!globSet_member (used, el))
524 {
525 if (sRef_isSpecInternalState (el)
526 || sRef_isNothing (el))
527 {
528 ;
529 }
530 else
531 {
532 cstring sname = sRef_unparse (el);
533
534 if (fileloc_isLib (fl))
535 {
536 voptgenerror (FLG_USEALLGLOBS,
537 message ("Global %s listed (%q) but not used",
538 sname, fileloc_unparse (fl)),
539 g_currentloc);
540 }
541 else
542 {
543 voptgenerror (FLG_USEALLGLOBS,
544 message ("Global %s listed but not used", sname),
545 fl);
546 }
547
548 cstring_free (sname);
549 }
550 }
551 } end_globSet_allElements;
552 }
553
554 void
555 exprNode_checkAllMods (sRefSet mods, uentry ue)
556 {
557 bool realParams = FALSE;
558 uentry le = context_getHeader ();
559 fileloc fl = uentry_whereSpecified (le);
560 uentryList paramNames = context_getParams ();
561
562 if (uentry_isFunction (le))
563 {
564 uentryList specParamNames = uentry_getParams (le);
565
566 if (uentryList_isUndefined (specParamNames))
567 {
568 ; /* unknown params */
569 }
570 else if (uentryList_size (paramNames) != uentryList_size (specParamNames))
571 {
572 llbug
573 (message ("exprNode_checkAllMods: parameter lists have different sizes: "
574 "%q (%d) / %q (%d)",
575 uentryList_unparse (paramNames),
576 uentryList_size (paramNames),
577 uentryList_unparse (specParamNames),
578 uentryList_size (specParamNames)));
579 }
580 else if (uentryList_size (paramNames) > 0
581 && !uentry_hasRealName (uentryList_getN (specParamNames, 0)))
582 {
583 /* loaded from a library */
584 }
585 else
586 {
587 realParams = TRUE;
588 }
589 }
590
591 sRefSet_allElements (mods, sr)
592 {
593 if (sRef_isNothing (sr) || sRef_isSpecState (sr))
594 {
595 ; /* should report on anything? */
596 }
597 else if (sRef_isInternalState (sr))
598 {
599 if (!sRef_isModified (sr))
600 {
601 if (sRefSet_hasStatic (mods))
602 {
603 ; /* okay */
604 }
605 else
606 {
607 if (optgenerror
608 (FLG_MUSTMOD,
609 message
610 ("Function %s specified to modify internal state "
611 "but no internal state is modified",
612 uentry_rawName (ue)),
613 uentry_whereLast (ue)))
614 {
615 uentry_showWhereSpecified (le);
616 }
617 }
618 }
619 }
620 else
621 {
622 if (!sRef_isModified (sr))
623 {
624 cstring sname = realParams ? sRef_unparse (sr) : sRef_unparse (sr);
625
626 if (fileloc_isLib (fl) && !realParams)
627 {
628 voptgenerror
629 (FLG_MUSTMOD,
630 message ("Suspect object listed (%q) in modifies "
631 "clause of %s not modified: %s",
632 fileloc_unparse (fl),
633 uentry_rawName (ue),
634 sname),
635 uentry_whereLast (ue));
636 }
637 else
638 {
639 if (optgenerror
640 (FLG_MUSTMOD,
641 message ("Suspect object listed in modifies of %s "
642 "not modified: %s",
643 uentry_rawName (ue),
644 sname),
645 uentry_whereLast (ue)))
646 {
647 uentry_showWhereSpecified (le);
648 }
649 }
650 cstring_free (sname);
651 }
652 }
653 } end_sRefSet_allElements;
654 }
655
656 void exprNode_checkMacroBody (/*@only@*/ exprNode e)
657 {
658 if (!exprNode_isError (e))
659 {
660 uentry hdr;
661
662 if (!(context_inFunctionLike () || context_inMacroConstant ()
663 || context_inUnknownMacro ()))
664 {
665 llcontbug
666 (message
667 ("exprNode_checkMacroBody: not in macro function or constant: %q",
668 context_unparse ()));
669 exprNode_free (e);
670 return;
671 }
672
673 hdr = context_getHeader ();
674
675 if (e->kind == XPR_STMTLIST || e->kind == XPR_BODY)
676 {
677 voptgenerror
678 (FLG_MACROSTMT,
679 message
680 ("Macro %q definition is statement list (recommend "
681 "do { ... } while (0) constuction to ensure multiple "
682 "statement macro is syntactic function)",
683 uentry_getName (hdr)),
684 fileloc_isDefined (e->loc) ? e->loc : g_currentloc);
685 }
686
687 if (context_inMacroConstant ())
688 {
689 ctype t = uentry_getType (hdr);
690
691 uentry_setDefined (hdr, e->loc);
692
693 if (!(exprNode_matchType (t, e)))
694 {
695 cstring uname = uentry_getName (hdr);
696
697 if (cstring_equal (uname, context_getTrueName ())
698 || cstring_equal (uname, context_getFalseName ()))
699 {
700 /*
701 ** We need to do something special to allow FALSE and TRUE
702 ** to be defined without reporting errors. This is a tad
703 ** bogus, but otherwise lots of things would break.
704 */
705
706
707 llassert (ctype_isManifestBool (t));
708 /* Should also check type of e is a reasonable (?) bool type. */
709 }
710 else
711 {
712 if (optgenerror
713 (FLG_INCONDEFS,
714 message
715 ("Constant %q specified as %s, but defined as %s: %s",
716 uentry_getName (hdr),
717 ctype_unparse (t),
718 ctype_unparse (e->typ),
719 exprNode_unparse (e)),
720 e->loc))
721 {
722 uentry_showWhereSpecified (hdr);
723 }
724 }
725
726 cstring_free (uname);
727 }
728 else
729 {
730 if (context_maybeSet (FLG_NULLSTATE)
731 && ctype_isUA(t)
732 && ctype_isRealPointer (t)
733 && exprNode_isNullValue (e))
734 {
735 uentry ue = usymtab_getTypeEntry (ctype_typeId (t));
736 sRef sr = uentry_getSref (ue);
737
738 if (!sRef_possiblyNull (sr))
739 {
740 vgenhinterror
741 (FLG_NULLSTATE,
742 message ("Constant %q of non-null type %s defined "
743 "as null: %s",
744 uentry_getName (hdr), ctype_unparse (t),
745 exprNode_unparse (e)),
746 message ("If %s can be null, add a /*@null@*/ "
747 "qualifer to its typedef.",
748 ctype_unparse (t)),
749 e->loc);
750 }
751
752 uentry_mergeConstantValue (hdr, e->val);
753 e->val = multiVal_undefined;
754 }
755 }
756 }
757 else if (context_inMacroFunction () || context_inUnknownMacro ())
758 {
759 ctype rettype = context_getRetType ();
760
761 if (context_isMacroMissingParams ())
762 {
763 llassert (context_inMacroFunction ());
764
765 /*
766 ** # define newname oldname
767 **
768 ** newname is a function
769 ** specification of oldname should match
770 ** specification of newname.
771 */
772
773 if (!ctype_isFunction (e->typ))
774 {
775 voptgenerror
776 (FLG_INCONDEFS,
777 message ("Function %s defined by unparameterized "
778 "macro not corresponding to function",
779 context_inFunctionName ()),
780 e->loc);
781 }
782 else
783 {
784 uentry ue = exprNode_getUentry (e);
785
786 if (uentry_isValid (ue))
787 {
788 /*
789 ** Okay, for now --- should check for consistency
790 */
791 /*
792 ** uentry oldue = usymtab_lookup (cfname);
793 */
794
795 /* check var conformance here! */
796 }
797 else
798 {
799 voptgenerror
800 (FLG_INCONDEFS,
801 message ("Function %s defined by unparameterized "
802 "macro not corresponding to function",
803 context_inFunctionName ()),
804 e->loc);
805 }
806
807 e->typ = ctype_getReturnType (e->typ);
808 rettype = e->typ; /* avoid aditional errors */
809 }
810 }
811
812 if (ctype_isVoid (rettype) || ctype_isUnknown (rettype))
813 {
814 ; /* don't complain when void macros have values */
815 }
816 else if (!exprNode_matchType (rettype, e))
817 {
818 if (optgenerror
819 (FLG_INCONDEFS,
820 message ("Function %q specified to return %s, "
821 "implemented as macro having type %s: %s",
822 uentry_getName (hdr),
823 ctype_unparse (rettype), ctype_unparse (e->typ),
824 exprNode_unparse (e)),
825 e->loc))
826 {
827 uentry_showWhereSpecified (hdr);
828 }
829 }
830 else
831 {
832 switch (e->kind)
833 {
834 /* these expressions have values: */
835 case XPR_PARENS: case XPR_ASSIGN:
836 case XPR_EMPTY: case XPR_VAR:
837 case XPR_OP: case XPR_POSTOP:
838 case XPR_PREOP: case XPR_CALL:
839 case XPR_SIZEOFT: case XPR_SIZEOF:
840 case XPR_ALIGNOFT: case XPR_ALIGNOF:
841 case XPR_CAST: case XPR_FETCH:
842 case XPR_COMMA: case XPR_COND:
843 case XPR_ARROW: case XPR_CONST:
844 case XPR_STRINGLITERAL: case XPR_NUMLIT:
845 case XPR_FACCESS: case XPR_OFFSETOF:
846
847 transferChecks_return (e, hdr);
848 break;
849
850 /* these expressions don't */
851 case XPR_LABEL:
852 case XPR_VAARG: case XPR_ITER:
853 case XPR_FOR: case XPR_FORPRED:
854 case XPR_GOTO: case XPR_CONTINUE:
855 case XPR_BREAK: case XPR_RETURN:
856 case XPR_NULLRETURN: case XPR_IF:
857 case XPR_IFELSE: case XPR_DOWHILE:
858 case XPR_WHILE: case XPR_STMT:
859 case XPR_STMTLIST: case XPR_SWITCH:
860 case XPR_INIT: case XPR_BODY:
861 case XPR_NODE: case XPR_ITERCALL:
862 case XPR_TOK: case XPR_CASE:
863 case XPR_FTCASE: case XPR_FTDEFAULT:
864 case XPR_DEFAULT: case XPR_WHILEPRED:
865 case XPR_BLOCK: case XPR_INITBLOCK:
866 if (optgenerror
867 (FLG_INCONDEFS,
868 message ("Function %q specified to return %s, "
869 "implemented as macro with no result: %s",
870 uentry_getName (hdr),
871 ctype_unparse (rettype),
872 exprNode_unparse (e)),
873 e->loc))
874 {
875 uentry_showWhereSpecified (hdr);
876 }
877 }
878 }
879
880 usymtab_checkFinalScope (FALSE);
881 }
882 else
883 {
884 llbug (message ("exprNode_checkMacroBody: not in macro function: %q", context_unparse ()));
885 }
886
887 exprNode_free (e);
888 }
889
890 context_exitFunction ();
891 return;
892 }
893
894 void exprNode_checkFunctionBody (exprNode body)
895 {
896 if (!exprNode_isError (body))
897 {
898 bool noret = context_getFlag (FLG_NORETURN);
899 bool checkret = exprNode_mustEscape (body);
900
901 if (!checkret
902 && noret
903 && !exprNode_errorEscape (body)
904 && context_inRealFunction ()
905 && ctype_isFunction (context_currentFunctionType ()))
906 {
907 ctype tr = ctype_getReturnType (context_currentFunctionType ());
908
909 if (!ctype_isFirstVoid (tr))
910 {
911 if (ctype_isUnknown (tr))
912 {
913 voptgenerror
914 (FLG_NORETURN,
915 cstring_makeLiteral ("Path with no return in function declared to implicity return int"),
916 g_currentloc);
917 }
918 else
919 {
920 voptgenerror
921 (FLG_NORETURN,
922 message ("Path with no return in function declared to return %t",
923 tr),
924 g_currentloc);
925 }
926 }
927 }
928
929 if (!checkret)
930 {
931 context_returnFunction ();
932 }
933 }
934 }
935 /*drl modified */
936
937
938 void exprNode_checkFunction (/*@unused@*/ uentry ue, /*@only@*/ exprNode body)
939 {
940 constraintList c, t, post;
941 constraintList c2, fix;
942 context_enterInnerContext ();
943
944 llassert (exprNode_isDefined (body));
945
946 DPRINTF (("Checking body: %s", exprNode_unparse (body)));
947
948 /*
949 if we're not going to be printing any errors for buffer overflows
950 we can skip the checking to improve performance
951
952 FLG_DEBUGFUNCTIONCONSTRAINT controls wheather we perform the check anyway
953 in order to find potential problems like assert failures and seg faults...
954 */
955
956 if (!(context_getFlag (FLG_DEBUGFUNCTIONCONSTRAINT)
957 || context_getFlag (FLG_BOUNDSWRITE)
958 || context_getFlag (FLG_BOUNDSREAD)
959 || context_getFlag (FLG_LIKELYBOUNDSWRITE)
960 || context_getFlag (FLG_LIKELYBOUNDSREAD)
961 || context_getFlag (FLG_CHECKPOST)
962 || context_getFlag (FLG_ALLOCMISMATCH)))
963 {
964 exprNode_free (body);
965 context_exitInnerPlain();
966 return;
967 }
968
969 exprNode_generateConstraints (body); /* evans 2002-03-02: this should not be declared to take a
970 dependent... fix it! */
971
972 c = uentry_getFcnPreconditions (ue);
973
974 if (constraintList_isDefined (c))
975 {
976 DPRINTF (("Function preconditions are %s", constraintList_unparseDetailed (c)));
977
978 body->requiresConstraints =
979 constraintList_reflectChangesFreePre (body->requiresConstraints, c);
980
981 c2 = constraintList_copy (c);
982 fix = constraintList_makeFixedArrayConstraints (body->uses);
983 c2 = constraintList_reflectChangesFreePre (c2, fix);
984
985 constraintList_free (fix);
986
987 if (context_getFlag (FLG_ORCONSTRAINT))
988 {
989 t = constraintList_reflectChangesOr (body->requiresConstraints, c2 );
990 }
991 else
992 {
993 t = constraintList_reflectChanges(body->requiresConstraints, c2);
994 }
995
996 constraintList_free (body->requiresConstraints);
997 DPRINTF ((message ("The body has the required constraints: %s", constraintList_unparseDetailed (t) ) ) );
998
999 body->requiresConstraints = t;
1000
1001 t = constraintList_mergeEnsures (c, body->ensuresConstraints);
1002 constraintList_free(body->ensuresConstraints);
1003
1004 body->ensuresConstraints = t;
1005
1006 DPRINTF ((message ("The body has the ensures constraints: %s", constraintList_unparseDetailed (t) ) ) );
1007 constraintList_free(c2);
1008 }
1009
1010 if (constraintList_isDefined(c))
1011 {
1012 DPRINTF ((message ("The Function %s has the preconditions %s",
1013 uentry_unparse(ue), constraintList_unparseDetailed(c))));
1014 }
1015 else
1016 {
1017 DPRINTF((message ("The Function %s has no preconditions", uentry_unparse(ue))));
1018 }
1019
1020 if (context_getFlag (FLG_IMPBOUNDSCONSTRAINTS))
1021 {
1022 constraintList implicitFcnConstraints = context_getImplicitFcnConstraints (ue);
1023
1024 if (constraintList_isDefined (implicitFcnConstraints))
1025 {
1026 DPRINTF (("Implicit constraints: %s", constraintList_unparse (implicitFcnConstraints)));
1027
1028 body->requiresConstraints = constraintList_reflectChangesFreePre (body->requiresConstraints,
1029 implicitFcnConstraints);
1030 constraintList_free (implicitFcnConstraints);
1031 }
1032 else
1033 {
1034 DPRINTF (("No implicit constraints"));
1035 }
1036 }
1037
1038 body->requiresConstraints = constraintList_sort (body->requiresConstraints);
1039
1040 constraintList_printError(body->requiresConstraints, g_currentloc);
1041
1042 post = uentry_getFcnPostconditions (ue);
1043
1044 if (context_getFlag (FLG_CHECKPOST))
1045 {
1046 if (constraintList_isDefined (post))
1047 {
1048 constraintList post2;
1049
1050 DPRINTF ((message ("The declared function postconditions are %s \n\n\n\n\n",
1051 constraintList_unparseDetailed (post) ) ) );
1052
1053 post = constraintList_reflectChangesFreePre (post, body->ensuresConstraints);
1054
1055 post2 = constraintList_copy (post);
1056 fix = constraintList_makeFixedArrayConstraints (body->uses);
1057 post2 = constraintList_reflectChangesFreePre (post2, fix);
1058 constraintList_free(fix);
1059 if ( context_getFlag (FLG_ORCONSTRAINT) )
1060 {
1061 t = constraintList_reflectChangesOr (post2, body->ensuresConstraints);
1062 }
1063 else
1064 {
1065 t = constraintList_reflectChanges(post2, body->ensuresConstraints);
1066 }
1067
1068 constraintList_free(post2);
1069 constraintList_free(post);
1070 post = t;
1071
1072 printf("Unresolved post conditions\n");
1073 constraintList_printErrorPostConditions(post, g_currentloc);
1074 }
1075 }
1076
1077 if (constraintList_isDefined (post))
1078 {
1079 constraintList_free (post);
1080 }
1081
1082 body->ensuresConstraints = constraintList_sort(body->ensuresConstraints);
1083
1084 if ( context_getFlag (FLG_FUNCTIONPOST) )
1085 {
1086 constraintList_printError(body->ensuresConstraints, g_currentloc);
1087 }
1088
1089 /* ConPrint (message ("Unable to resolve function constraints:\n%s", constraintList_printDetailed(body->requiresConstraints) ), g_currentloc);
1090
1091 ConPrint (message ("Splint has found function post conditions:\n%s", constraintList_printDetailed(body->ensuresConstraints) ), g_currentloc);
1092
1093 printf ("The required constraints are:\n%s", constraintList_printDetailed(body->requiresConstraints) );
1094 printf ("The ensures constraints are:\n%s", constraintList_unparseDetailed(body->ensuresConstraints) );
1095 */
1096
1097 if (constraintList_isDefined (c))
1098 constraintList_free(c);
1099
1100 context_exitInnerPlain();
1101
1102 /* is it okay not to free this? */
1103 DPRINTF (("Done checking constraints..."));
1104 exprNode_free (body);
1105 }
1106
1107 void exprChecks_checkEmptyMacroBody (void)
1108 {
1109 uentry hdr;
1110
1111 if (!(context_inFunctionLike () || context_inMacroConstant ()
1112 || context_inUnknownMacro ()))
1113 {
1114 llcontbug
1115 (message ("exprNode_checkEmptyMacroBody: not in macro function or constant: %q",
1116 context_unparse ()));
1117 return;
1118 }
1119
1120 hdr = context_getHeader ();
1121
1122 beginLine ();
1123
1124 if (uentry_isFunction (hdr))
1125 {
1126 voptgenerror
1127 (FLG_MACROEMPTY,
1128 message
1129 ("Macro definition for %q is empty", uentry_getName (hdr)),
1130 g_currentloc);
1131
1132 usymtab_checkFinalScope (FALSE);
1133 }
1134
1135 context_exitFunction ();
1136 return;
1137 }
1138
1139 void exprNode_checkIterBody (/*@only@*/ exprNode body)
1140 {
1141 context_exitAllClauses ();
1142
1143 context_exitFunction ();
1144 exprNode_free (body);
1145 }
1146
1147 void exprNode_checkIterEnd (/*@only@*/ exprNode body)
1148 {
1149 context_exitAllClauses ();
1150 context_exitFunction ();
1151 exprNode_free (body);
1152 }
1153
1154 static
1155 bool checkModifyAuxAux (/*@exposed@*/ sRef s, exprNode f, sRef alias, exprNode err)
1156 {
1157 bool hasMods = context_hasMods ();
1158 flagcode errCode = hasMods ? FLG_MODIFIES : FLG_MODNOMODS;
1159
1160 if (exprNode_isDefined (f))
1161 {
1162 f->sets = sRefSet_insert (f->sets, s);
1163 }
1164
1165 if (context_getFlag (FLG_MODIFIES)
1166 && (hasMods || context_getFlag (FLG_MODNOMODS)))
1167 {
1168 sRefSet mods = context_modList ();
1169
1170 if (!sRef_canModify (s, mods))
1171 {
1172 sRef rb = sRef_getRootBase (s);
1173
1174
1175 if (sRef_isFileOrGlobalScope (rb))
1176 {
1177 if (!context_checkGlobMod (rb))
1178 {
1179 return FALSE;
1180 }
1181 }
1182
1183 if (sRef_isInvalid (alias) || sRef_sameName (s, alias))
1184 {
1185 if (sRef_isLocalVar (sRef_getRootBase (s)))
1186 {
1187 voptgenerror
1188 (errCode,
1189 message
1190 ("Undocumented modification of internal state (%q): %s",
1191 sRef_unparse (s), exprNode_unparse (err)),
1192 exprNode_isDefined (f) ? f->loc : g_currentloc);
1193 }
1194 else
1195 {
1196 if (sRef_isSystemState (s))
1197 {
1198 if (errCode == FLG_MODNOMODS)
1199 {
1200 if (context_getFlag (FLG_MODNOMODS))
1201 {
1202 errCode = FLG_MODFILESYSTEM;
1203 }
1204 }
1205 else
1206 {
1207 errCode = FLG_MODFILESYSTEM;
1208 }
1209 }
1210
1211 voptgenerror
1212 (errCode,
1213 message ("Undocumented modification of %q: %s",
1214 sRef_unparse (s), exprNode_unparse (err)),
1215 exprNode_isDefined (f) ? f->loc : g_currentloc);
1216 }
1217
1218 return TRUE;
1219 }
1220 else
1221 {
1222 if (sRef_isReference (s) && !sRef_isAddress (alias))
1223 {
1224 voptgenerror
1225 (errCode,
1226 message
1227 ("Possible undocumented modification of %q through alias %q: %s",
1228 sRef_unparse (s),
1229 sRef_unparse (alias),
1230 exprNode_unparse (err)),
1231 exprNode_isDefined (f) ? f->loc : g_currentloc);
1232 return TRUE;
1233 }
1234 }
1235 }
1236 }
1237 else
1238 {
1239 if (context_maybeSet (FLG_MUSTMOD))
1240 {
1241 (void) sRef_canModify (s, context_modList ());
1242 }
1243
1244 if (sRef_isRefsField (s))
1245 {
1246 sRef_setModified (s);
1247 }
1248 }
1249
1250 return FALSE;
1251 }
1252
1253 static
1254 bool checkModifyAux (/*@exposed@*/ sRef s, exprNode f, sRef alias, exprNode err)
1255 {
1256 DPRINTF (("Check modify aux: %s", sRef_unparseFull (s)));
1257
1258 if (sRef_isReference (s) && sRef_isObserver (s)
1259 && context_maybeSet (FLG_MODOBSERVER))
1260 {
1261 cstring sname;
1262
1263 if (sRef_isPointer (s))
1264 {
1265 sRef base = sRef_getBase (s);
1266 sname = sRef_unparse (base);
1267 }
1268 else
1269 {
1270 if (sRef_isAddress (s))
1271 {
1272 sRef p = sRef_constructPointer (s);
1273 sname = sRef_unparse (p);
1274 }
1275 else
1276 {
1277 sname = sRef_unparse (s);
1278 }
1279 }
1280
1281 if (!sRef_isValid (alias) || sRef_sameName (s, alias))
1282 {
1283 if (sRef_isMeaningful (s))
1284 {
1285 if (optgenerror
1286 (FLG_MODOBSERVER,
1287 message ("Suspect modification of observer %s: %s",
1288 sname, exprNode_unparse (err)),
1289 exprNode_isDefined (f) ? f->loc : g_currentloc))
1290 {
1291 sRef_showExpInfo (s);
1292 }
1293 }
1294 else
1295 {
1296 voptgenerror
1297 (FLG_MODOBSERVER,
1298 message ("Suspect modification of observer returned by "
1299 "function call: %s",
1300 exprNode_unparse (err)),
1301 exprNode_isDefined (f) ? f->loc : g_currentloc);
1302 }
1303 }
1304 else
1305 {
1306 if (optgenerror
1307 (FLG_MODOBSERVER,
1308 message ("Suspect modification of observer %s through alias %q: %s",
1309 sname, sRef_unparse (alias), exprNode_unparse (err)),
1310 exprNode_isDefined (f) ? f->loc : g_currentloc))
1311 {
1312 sRef_showExpInfo (s);
1313 }
1314 }
1315
1316 cstring_free (sname);
1317 }
1318
1319 (void) checkModifyAuxAux (s, f, alias, err);
1320 return FALSE;
1321 }
1322
1323 static
1324 bool checkModifyValAux (/*@exposed@*/ sRef s, exprNode f, sRef alias, exprNode err)
1325 {
1326 (void) checkModifyAuxAux (s, f, alias, err);
1327 return FALSE;
1328 }
1329
1330 static
1331 bool checkCallModifyAux (/*@exposed@*/ sRef s, exprNode f, sRef alias, exprNode err)
1332 {
1333 bool result = FALSE;
1334
1335 DPRINTF (("Check modify aux: %s / %s",
1336 sRef_unparse (s), sRef_unparse (alias)));
1337
1338 if (sRef_isObserver (s) && context_maybeSet (FLG_MODOBSERVER))
1339 {
1340 sRef p = sRef_isAddress (s) ? sRef_constructPointer (s) : s;
1341 cstring sname = sRef_unparse (p);
1342
1343 if (!sRef_isValid (alias) || sRef_sameName (s, alias))
1344 {
1345 if (sRef_isMeaningful (s))
1346 {
1347 result = optgenerror
1348 (FLG_MODOBSERVER,
1349 message ("Suspect modification of observer %s: %s",
1350 sname, exprNode_unparse (err)),
1351 exprNode_isDefined (f) ? f->loc : g_currentloc);
1352 }
1353 else
1354 {
1355 result = optgenerror
1356 (FLG_MODOBSERVER,
1357 message ("Suspect modification of observer returned by "
1358 "function call: %s",
1359 exprNode_unparse (err)),
1360 exprNode_isDefined (f) ? f->loc : g_currentloc);
1361 }
1362 }
1363 else
1364 {
1365 result = optgenerror
1366 (FLG_MODOBSERVER,
1367 message
1368 ("Suspect modification of observer %s through alias %q: %s",
1369 sname, sRef_unparse (alias), exprNode_unparse (err)),
1370 exprNode_isDefined (f) ? f->loc : g_currentloc);
1371 }
1372
1373 cstring_free (sname);
1374 }
1375 else if (context_maybeSet (FLG_MODIFIES))
1376 {
1377 DPRINTF (("can modify: %s / %s",
1378 sRef_unparse (s),
1379 sRefSet_unparse (context_modList ())));
1380
1381 if (!(sRef_canModifyVal (s, context_modList ())))
1382 {
1383 sRef p = sRef_isAddress (s) ? sRef_constructPointer (s) : s;
1384 cstring sname = sRef_unparse (p);
1385 bool hasMods = context_hasMods ();
1386 sRef rb = sRef_getRootBase (s);
1387 flagcode errCode = hasMods ? FLG_MODIFIES : FLG_MODNOMODS;
1388 bool check = TRUE;
1389
1390 DPRINTF (("Can't modify! %s", sRef_unparse (s)));
1391
1392 if (sRef_isFileOrGlobalScope (rb))
1393 {
1394 uentry ue = sRef_getUentry (rb);
1395
1396 /* be more specific here! */
1397 if (!uentry_isCheckedModify (ue))
1398 {
1399 check = FALSE;
1400 }
1401 }
1402
1403 if (check)
1404 {
1405 if (!sRef_isValid (alias) || sRef_sameName (s, alias))
1406 {
1407 if (sRef_isLocalVar (sRef_getRootBase (s)))
1408 {
1409 voptgenerror
1410 (errCode,
1411 message
1412 ("Undocumented modification of internal "
1413 "state (%q) through call to %s: %s",
1414 sRef_unparse (s), exprNode_unparse (f),
1415 exprNode_unparse (err)),
1416 exprNode_isDefined (f) ? f->loc : g_currentloc);
1417 }
1418 else
1419 {
1420 if (sRef_isSystemState (s))
1421 {
1422 if (errCode == FLG_MODNOMODS)
1423 {
1424 if (context_getFlag (FLG_MODNOMODS))
1425 {
1426 errCode = FLG_MODFILESYSTEM;
1427 }
1428 }
1429 else
1430 {
1431 errCode = FLG_MODFILESYSTEM;
1432 }
1433 }
1434
1435 result = optgenerror
1436 (errCode,
1437 message ("Undocumented modification of %s "
1438 "possible from call to %s: %s",
1439 sname,
1440 exprNode_unparse (f),
1441 exprNode_unparse (err)),
1442 exprNode_isDefined (f) ? f->loc : g_currentloc);
1443 }
1444 }
1445 else
1446 {
1447 result = optgenerror
1448 (errCode,
1449 message ("Undocumented modification of %s possible "
1450 "from call to %s (through alias %q): %s",
1451 sname,
1452 exprNode_unparse (f),
1453 sRef_unparse (alias),
1454 exprNode_unparse (err)),
1455 exprNode_isDefined (f) ? f->loc : g_currentloc);
1456 }
1457 }
1458 cstring_free (sname);
1459 }
1460 }
1461 else
1462 {
1463 if (context_maybeSet (FLG_MUSTMOD))
1464 {
1465 (void) sRef_canModifyVal (s, context_modList ());
1466 }
1467 }
1468
1469 return result;
1470 }
1471
1472 void exprNode_checkCallModifyVal (sRef s, exprNodeList args, exprNode f, exprNode err)
1473 {
1474 s = sRef_fixBaseParam (s, args);
1475 DPRINTF (("Check call modify: %s", sRef_unparse (s)));
1476 sRef_aliasCheckPred (checkCallModifyAux, NULL, s, f, err);
1477 }
1478
1479 void
1480 exprChecks_checkExport (uentry e)
1481 {
1482 if (context_checkExport (e))
1483 {
1484 fileloc fl = uentry_whereDeclared (e);
1485
1486 if (fileloc_isHeader (fl) && !fileloc_isLib (fl)
1487 && !fileloc_isImport (fl) && !uentry_isStatic (e))
1488 {
1489 if (uentry_isFunction (e) ||
1490 (uentry_isVariable (e) && ctype_isFunction (uentry_getType (e))))
1491 {
1492 voptgenerror
1493 (FLG_EXPORTFCN,
1494 message ("Function exported, but not specified: %q",
1495 uentry_getName (e)),
1496 fl);
1497 }
1498 else if (uentry_isExpandedMacro (e))
1499 {
1500 voptgenerror
1501 (FLG_EXPORTMACRO,
1502 message ("Expanded macro exported, but not specified: %q",
1503 uentry_getName (e)),
1504 fl);
1505 }
1506 else if (uentry_isVariable (e) && !uentry_isParam (e))
1507 {
1508 voptgenerror
1509 (FLG_EXPORTVAR,
1510 message ("Variable exported, but not specified: %q",
1511 uentry_getName (e)),
1512 fl);
1513 }
1514 else if (uentry_isEitherConstant (e))
1515 {
1516 voptgenerror
1517 (FLG_EXPORTCONST,
1518 message ("Constant exported, but not specified: %q",
1519 uentry_getName (e)),
1520 fl);
1521 }
1522 else if (uentry_isIter (e) || uentry_isEndIter (e))
1523 {
1524 voptgenerror
1525 (FLG_EXPORTITER,
1526 message ("Iterator exported, but not specified: %q",
1527 uentry_getName (e)),
1528 fl);
1529 }
1530
1531 else if (uentry_isDatatype (e))
1532 {
1533 ; /* error already reported */
1534 }
1535 else
1536 {
1537 BADEXIT;
1538 }
1539 }
1540 }
1541 }
1542
1543 static void checkSafeReturnExpr (/*@notnull@*/ exprNode e)
1544 {
1545 ctype tr = ctype_getReturnType (context_currentFunctionType ());
1546 ctype te = exprNode_getType (e);
1547
1548 /* evans 2001-08-21: added test to warn about void returns from void functions */
1549 if (ctype_isVoid (tr))
1550 {
1551 (void) gentypeerror
1552 (te, e, tr, exprNode_undefined,
1553 message ("Return expression from function declared void: %s", exprNode_unparse (e)),
1554 e->loc);
1555 return;
1556 }
1557
1558 if (!ctype_forceMatch (tr, te) && !exprNode_matchLiteral (tr, e))
1559 {
1560 (void) gentypeerror
1561 (te, e, tr, exprNode_undefined,
1562 message ("Return value type %t does not match declared type %t: %s",
1563 te, tr, exprNode_unparse (e)),
1564 e->loc);
1565 }
1566 else
1567 {
1568 sRef ret = e->sref;
1569 uentry rval = context_getHeader ();
1570 sRef resultref = uentry_getSref (rval);
1571
1572 DPRINTF (("Check return: %s / %s / %s",
1573 exprNode_unparse (e),
1574 sRef_unparseFull (e->sref),
1575 uentry_unparse (rval)));
1576
1577 transferChecks_return (e, rval);
1578
1579 DPRINTF (("After return: %s / %s / %s",
1580 exprNode_unparse (e),
1581 sRef_unparseFull (e->sref),
1582 uentry_unparse (rval)));
1583
1584 if (!(sRef_isExposed (uentry_getSref (context_getHeader ()))
1585 || sRef_isObserver (uentry_getSref (context_getHeader ())))
1586 && (context_getFlag (FLG_RETALIAS)
1587 || context_getFlag (FLG_RETEXPOSE)))
1588 {
1589 sRef base = sRef_getRootBase (ret);
1590 ctype rtype = e->typ;
1591
1592 if (ctype_isUnknown (rtype))
1593 {
1594 rtype = tr;
1595 }
1596
1597 if (ctype_isVisiblySharable (rtype))
1598 {
1599 if (context_getFlag (FLG_RETALIAS))
1600 {
1601 sRef_aliasCheckPred (checkRefGlobParam, NULL, base,
1602 e, exprNode_undefined);
1603 }
1604
1605 if (context_getFlag (FLG_RETEXPOSE) && sRef_isIReference (ret)
1606 && !sRef_isExposed (resultref) && !sRef_isObserver (resultref))
1607 {
1608 sRef_aliasCheckPred (checkRepExposed, NULL, base, e,
1609 exprNode_undefined);
1610 }
1611 }
1612 }
1613 }
1614 }
1615
Patched version for SPLint (Secure Programming Lint)