syzkaller/prog/prog.go

// Copyright 2015 syzkaller project authors. All rights reserved.
// Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.

package prog

import (
	"fmt"

	"github.com/google/syzkaller/sys"
)

type Prog struct {
	Calls []*Call
}

type Call struct {
	Meta *sys.Call
	Args []*Arg
	Ret  *Arg
}

type Arg struct {
	Type         sys.Type
	Kind         ArgKind
	Val          uintptr       // value of ArgConst
	AddrPage     uintptr       // page index for ArgPointer address, page count for ArgPageSize
	AddrOffset   int           // page offset for ArgPointer address
	AddrPagesNum uintptr       // number of available pages for ArgPointer
	Data         []byte        // data of ArgData
	Inner        []*Arg        // subargs of ArgGroup
	Res          *Arg          // target of ArgResult, pointee for ArgPointer
	Uses         map[*Arg]bool // this arg is used by those ArgResult args
	OpDiv        uintptr       // divide result for ArgResult (executed before OpAdd)
	OpAdd        uintptr       // add to result for ArgResult

	// ArgUnion/UnionType
	Option     *Arg
	OptionType sys.Type
}

type ArgKind int

const (
	ArgConst ArgKind = iota
	ArgResult
	ArgPointer  // even if these are always constant (for reproducibility), we use a separate type because they are represented in an abstract (base+page+offset) form
	ArgPageSize // same as ArgPointer but base is not added, so it represents "lengths" in pages
	ArgData
	ArgGroup // logical group of args (struct or array)
	ArgUnion
	ArgReturn // fake value denoting syscall return value
)

// Returns inner arg for PtrType args
func (a *Arg) InnerArg() *Arg {
	switch typ := a.Type.(type) {
	case *sys.PtrType:
		if a.Res == nil {
			if !typ.Optional() {
				panic(fmt.Sprintf("non-optional pointer is nil\narg: %+v\ntype: %+v", a, typ))
			}
			return nil
		} else {
			return a.Res.InnerArg()
		}
	default:
		return a
	}
}

func encodeValue(value, size uintptr, bigEndian bool) uintptr {
	if !bigEndian {
		return value
	}
	switch size {
	case 2:
		return uintptr(swap16(uint16(value)))
	case 4:
		return uintptr(swap32(uint32(value)))
	case 8:
		return uintptr(swap64(uint64(value)))
	default:
		panic(fmt.Sprintf("bad size %v for value %v", size, value))
	}
}

// Returns value taking endianness into consideration.
func (a *Arg) Value() uintptr {
	switch typ := a.Type.(type) {
	case *sys.IntType:
		return encodeValue(a.Val, typ.Size(), typ.BigEndian)
	case *sys.ConstType:
		return encodeValue(a.Val, typ.Size(), typ.BigEndian)
	case *sys.FlagsType:
		return encodeValue(a.Val, typ.Size(), typ.BigEndian)
	case *sys.LenType:
		return encodeValue(a.Val, typ.Size(), typ.BigEndian)
	}
	return a.Val
}

func (a *Arg) Size() uintptr {
	switch typ := a.Type.(type) {
	case *sys.IntType, *sys.LenType, *sys.FlagsType, *sys.ConstType,
		*sys.ResourceType, *sys.VmaType, *sys.PtrType:
		return typ.Size()
	case *sys.BufferType:
		return uintptr(len(a.Data))
	case *sys.StructType:
		var size uintptr
		for _, fld := range a.Inner {
			size += fld.Size()
		}
		return size
	case *sys.UnionType:
		return a.Option.Size()
	case *sys.ArrayType:
		var size uintptr
		for _, in := range a.Inner {
			size += in.Size()
		}
		return size
	default:
		panic("unknown arg type")
	}
}

func constArg(t sys.Type, v uintptr) *Arg {
	return &Arg{Type: t, Kind: ArgConst, Val: v}
}

func resultArg(t sys.Type, r *Arg) *Arg {
	arg := &Arg{Type: t, Kind: ArgResult, Res: r}
	if r.Uses == nil {
		r.Uses = make(map[*Arg]bool)
	}
	if r.Uses[arg] {
		panic("already used")
	}
	r.Uses[arg] = true
	return arg
}

func dataArg(t sys.Type, data []byte) *Arg {
	return &Arg{Type: t, Kind: ArgData, Data: append([]byte{}, data...)}
}

func pointerArg(t sys.Type, page uintptr, off int, npages uintptr, obj *Arg) *Arg {
	return &Arg{Type: t, Kind: ArgPointer, AddrPage: page, AddrOffset: off, AddrPagesNum: npages, Res: obj}
}

func pageSizeArg(t sys.Type, npages uintptr, off int) *Arg {
	return &Arg{Type: t, Kind: ArgPageSize, AddrPage: npages, AddrOffset: off}
}

func groupArg(t sys.Type, inner []*Arg) *Arg {
	return &Arg{Type: t, Kind: ArgGroup, Inner: inner}
}

func unionArg(t sys.Type, opt *Arg, typ sys.Type) *Arg {
	return &Arg{Type: t, Kind: ArgUnion, Option: opt, OptionType: typ}
}

func returnArg(t sys.Type) *Arg {
	return &Arg{Type: t, Kind: ArgReturn}
}

func (p *Prog) insertBefore(c *Call, calls []*Call) {
	idx := 0
	for ; idx < len(p.Calls); idx++ {
		if p.Calls[idx] == c {
			break
		}
	}
	var newCalls []*Call
	newCalls = append(newCalls, p.Calls[:idx]...)
	newCalls = append(newCalls, calls...)
	if idx < len(p.Calls) {
		newCalls = append(newCalls, p.Calls[idx])
		newCalls = append(newCalls, p.Calls[idx+1:]...)
	}
	p.Calls = newCalls
}

// replaceArg replaces arg with arg1 in call c in program p, and inserts calls before arg call.
func (p *Prog) replaceArg(c *Call, arg, arg1 *Arg, calls []*Call) {
	if arg.Kind != ArgConst && arg.Kind != ArgResult && arg.Kind != ArgPointer && arg.Kind != ArgUnion {
		panic(fmt.Sprintf("replaceArg: bad arg kind %v", arg.Kind))
	}
	if arg1.Kind != ArgConst && arg1.Kind != ArgResult && arg1.Kind != ArgPointer && arg.Kind != ArgUnion {
		panic(fmt.Sprintf("replaceArg: bad arg1 kind %v", arg1.Kind))
	}
	if arg.Kind == ArgResult {
		delete(arg.Res.Uses, arg)
	}
	for _, c := range calls {
		sanitizeCall(c)
	}
	p.insertBefore(c, calls)
	// Somewhat hacky, but safe and preserves references to arg.
	uses := arg.Uses
	*arg = *arg1
	arg.Uses = uses
	if arg.Kind == ArgResult {
		delete(arg.Res.Uses, arg1)
		arg.Res.Uses[arg] = true
	}
	sanitizeCall(c)
}

// removeArg removes all references to/from arg0 of call c from p.
func (p *Prog) removeArg(c *Call, arg0 *Arg) {
	foreachSubarg(arg0, func(arg, _ *Arg, _ *[]*Arg) {
		if arg.Kind == ArgResult {
			if _, ok := arg.Res.Uses[arg]; !ok {
				panic("broken tree")
			}
			delete(arg.Res.Uses, arg)
		}
		for arg1 := range arg.Uses {
			if arg1.Kind != ArgResult {
				panic("use references not ArgResult")
			}
			arg2 := constArg(arg1.Type, arg1.Type.Default())
			p.replaceArg(c, arg1, arg2, nil)
		}
	})
}

// removeCall removes call idx from p.
func (p *Prog) removeCall(idx int) {
	c := p.Calls[idx]
	copy(p.Calls[idx:], p.Calls[idx+1:])
	p.Calls = p.Calls[:len(p.Calls)-1]
	for _, arg := range c.Args {
		p.removeArg(c, arg)
	}
	p.removeArg(c, c.Ret)
}
initial commit 2015-10-12 08:16:57 +00:00			`// Copyright 2015 syzkaller project authors. All rights reserved.`
			`// Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.`

			`package prog`

			`import (`
prog: implement mutation of union args 2015-12-31 14:24:08 +00:00			`"fmt"`

initial commit 2015-10-12 08:16:57 +00:00			`"github.com/google/syzkaller/sys"`
			`)`

			`type Prog struct {`
			`Calls []*Call`
			`}`

			`type Call struct {`
			`Meta *sys.Call`
			`Args []*Arg`
			`Ret *Arg`
			`}`

			`type Arg struct {`
Refactor & improve len type handling 2016-10-11 12:24:25 +00:00			`Type sys.Type`
			`Kind ArgKind`
			`Val uintptr // value of ArgConst`
			`AddrPage uintptr // page index for ArgPointer address, page count for ArgPageSize`
			`AddrOffset int // page offset for ArgPointer address`
			`AddrPagesNum uintptr // number of available pages for ArgPointer`
			`Data []byte // data of ArgData`
			`Inner []*Arg // subargs of ArgGroup`
			`Res *Arg // target of ArgResult, pointee for ArgPointer`
			`Uses map[*Arg]bool // this arg is used by those ArgResult args`
			`OpDiv uintptr // divide result for ArgResult (executed before OpAdd)`
			`OpAdd uintptr // add to result for ArgResult`
sys: add union type 2015-12-29 14:00:57 +00:00
			`// ArgUnion/UnionType`
			`Option *Arg`
			`OptionType sys.Type`
initial commit 2015-10-12 08:16:57 +00:00			`}`

			`type ArgKind int`

			`const (`
			`ArgConst ArgKind = iota`
			`ArgResult`
			`ArgPointer // even if these are always constant (for reproducibility), we use a separate type because they are represented in an abstract (base+page+offset) form`
			`ArgPageSize // same as ArgPointer but base is not added, so it represents "lengths" in pages`
			`ArgData`
sys: add union type 2015-12-29 14:00:57 +00:00			`ArgGroup // logical group of args (struct or array)`
			`ArgUnion`
initial commit 2015-10-12 08:16:57 +00:00			`ArgReturn // fake value denoting syscall return value`
			`)`

Refactor & improve len type handling 2016-10-11 12:24:25 +00:00			`// Returns inner arg for PtrType args`
prog: remote Type argument from Arg.Size/Value They are not necessary since we now always have types attached to args. Also remove sys.Type.InnerType as it is not necessary now as well. 2016-10-29 21:42:36 +00:00			`func (a Arg) InnerArg() Arg {`
			`switch typ := a.Type.(type) {`
sys: always use pointers to types Currently we store most types by value in sys.Type. This is somewhat counter-intuitive for C++ programmers, because one can't easily update the type object. Store pointers to type objects for all types. It also makes it easier to update types, e.g. adding paddings. 2016-10-19 14:20:37 +00:00			`case *sys.PtrType:`
Refactor & improve len type handling 2016-10-11 12:24:25 +00:00			`if a.Res == nil {`
prog: remote Type argument from Arg.Size/Value They are not necessary since we now always have types attached to args. Also remove sys.Type.InnerType as it is not necessary now as well. 2016-10-29 21:42:36 +00:00			`if !typ.Optional() {`
			`panic(fmt.Sprintf("non-optional pointer is nil\narg: %+v\ntype: %+v", a, typ))`
Refactor & improve len type handling 2016-10-11 12:24:25 +00:00			`}`
prog: remote Type argument from Arg.Size/Value They are not necessary since we now always have types attached to args. Also remove sys.Type.InnerType as it is not necessary now as well. 2016-10-29 21:42:36 +00:00			`return nil`
Refactor & improve len type handling 2016-10-11 12:24:25 +00:00			`} else {`
prog: remote Type argument from Arg.Size/Value They are not necessary since we now always have types attached to args. Also remove sys.Type.InnerType as it is not necessary now as well. 2016-10-29 21:42:36 +00:00			`return a.Res.InnerArg()`
Refactor & improve len type handling 2016-10-11 12:24:25 +00:00			`}`
			`default:`
			`return a`
			`}`
			`}`

Add big-endian ints 2016-10-11 19:01:06 +00:00			`func encodeValue(value, size uintptr, bigEndian bool) uintptr {`
			`if !bigEndian {`
			`return value`
			`}`
			`switch size {`
			`case 2:`
			`return uintptr(swap16(uint16(value)))`
			`case 4:`
			`return uintptr(swap32(uint32(value)))`
			`case 8:`
			`return uintptr(swap64(uint64(value)))`
			`default:`
			`panic(fmt.Sprintf("bad size %v for value %v", size, value))`
			`}`
			`}`

			`// Returns value taking endianness into consideration.`
prog: remote Type argument from Arg.Size/Value They are not necessary since we now always have types attached to args. Also remove sys.Type.InnerType as it is not necessary now as well. 2016-10-29 21:42:36 +00:00			`func (a *Arg) Value() uintptr {`
			`switch typ := a.Type.(type) {`
sys: always use pointers to types Currently we store most types by value in sys.Type. This is somewhat counter-intuitive for C++ programmers, because one can't easily update the type object. Store pointers to type objects for all types. It also makes it easier to update types, e.g. adding paddings. 2016-10-19 14:20:37 +00:00			`case *sys.IntType:`
prog: remote Type argument from Arg.Size/Value They are not necessary since we now always have types attached to args. Also remove sys.Type.InnerType as it is not necessary now as well. 2016-10-29 21:42:36 +00:00			`return encodeValue(a.Val, typ.Size(), typ.BigEndian)`
sys: always use pointers to types Currently we store most types by value in sys.Type. This is somewhat counter-intuitive for C++ programmers, because one can't easily update the type object. Store pointers to type objects for all types. It also makes it easier to update types, e.g. adding paddings. 2016-10-19 14:20:37 +00:00			`case *sys.ConstType:`
prog: remote Type argument from Arg.Size/Value They are not necessary since we now always have types attached to args. Also remove sys.Type.InnerType as it is not necessary now as well. 2016-10-29 21:42:36 +00:00			`return encodeValue(a.Val, typ.Size(), typ.BigEndian)`
sys: always use pointers to types Currently we store most types by value in sys.Type. This is somewhat counter-intuitive for C++ programmers, because one can't easily update the type object. Store pointers to type objects for all types. It also makes it easier to update types, e.g. adding paddings. 2016-10-19 14:20:37 +00:00			`case *sys.FlagsType:`
prog: remote Type argument from Arg.Size/Value They are not necessary since we now always have types attached to args. Also remove sys.Type.InnerType as it is not necessary now as well. 2016-10-29 21:42:36 +00:00			`return encodeValue(a.Val, typ.Size(), typ.BigEndian)`
sys: always use pointers to types Currently we store most types by value in sys.Type. This is somewhat counter-intuitive for C++ programmers, because one can't easily update the type object. Store pointers to type objects for all types. It also makes it easier to update types, e.g. adding paddings. 2016-10-19 14:20:37 +00:00			`case *sys.LenType:`
prog: remote Type argument from Arg.Size/Value They are not necessary since we now always have types attached to args. Also remove sys.Type.InnerType as it is not necessary now as well. 2016-10-29 21:42:36 +00:00			`return encodeValue(a.Val, typ.Size(), typ.BigEndian)`
Add big-endian ints 2016-10-11 19:01:06 +00:00			`}`
			`return a.Val`
			`}`

prog: remote Type argument from Arg.Size/Value They are not necessary since we now always have types attached to args. Also remove sys.Type.InnerType as it is not necessary now as well. 2016-10-29 21:42:36 +00:00			`func (a *Arg) Size() uintptr {`
			`switch typ := a.Type.(type) {`
sys: add string flags Allow to define string flags in txt descriptions. E.g.: filesystem = "ext2", "ext3", "ext4" and then use it in string type: ptr[in, string[filesystem]] 2016-10-31 21:15:13 +00:00			`case sys.IntType, sys.LenType, sys.FlagsType, sys.ConstType,`
sys: replace FileoffType with IntType{Kind: IntFileoff} FileoffType is effectively an int, no need for a separate type. Also remove fd option from fileoff as it is unused and use story is unclear. 2016-10-29 22:06:40 +00:00			`sys.ResourceType, sys.VmaType, *sys.PtrType:`
sys: automatically add padding to structs 2015-12-11 14:42:14 +00:00			`return typ.Size()`
sys: always use pointers to types Currently we store most types by value in sys.Type. This is somewhat counter-intuitive for C++ programmers, because one can't easily update the type object. Store pointers to type objects for all types. It also makes it easier to update types, e.g. adding paddings. 2016-10-19 14:20:37 +00:00			`case *sys.BufferType:`
sys: automatically add padding to structs 2015-12-11 14:42:14 +00:00			`return uintptr(len(a.Data))`
sys: support recursive structs A struct can have a pointer to itself directly or indirectly. Currently it leads to inifinite recursion when generating descriptions. Fix this. 2016-09-03 10:36:49 +00:00			`case *sys.StructType:`
initial commit 2015-10-12 08:16:57 +00:00			`var size uintptr`
prog: remote Type argument from Arg.Size/Value They are not necessary since we now always have types attached to args. Also remove sys.Type.InnerType as it is not necessary now as well. 2016-10-29 21:42:36 +00:00			`for _, fld := range a.Inner {`
			`size += fld.Size()`
initial commit 2015-10-12 08:16:57 +00:00			`}`
			`return size`
sys: support recursive structs A struct can have a pointer to itself directly or indirectly. Currently it leads to inifinite recursion when generating descriptions. Fix this. 2016-09-03 10:36:49 +00:00			`case *sys.UnionType:`
prog: remote Type argument from Arg.Size/Value They are not necessary since we now always have types attached to args. Also remove sys.Type.InnerType as it is not necessary now as well. 2016-10-29 21:42:36 +00:00			`return a.Option.Size()`
sys: always use pointers to types Currently we store most types by value in sys.Type. This is somewhat counter-intuitive for C++ programmers, because one can't easily update the type object. Store pointers to type objects for all types. It also makes it easier to update types, e.g. adding paddings. 2016-10-19 14:20:37 +00:00			`case *sys.ArrayType:`
sys: automatically add padding to structs 2015-12-11 14:42:14 +00:00			`var size uintptr`
			`for _, in := range a.Inner {`
prog: remote Type argument from Arg.Size/Value They are not necessary since we now always have types attached to args. Also remove sys.Type.InnerType as it is not necessary now as well. 2016-10-29 21:42:36 +00:00			`size += in.Size()`
initial commit 2015-10-12 08:16:57 +00:00			`}`
sys: automatically add padding to structs 2015-12-11 14:42:14 +00:00			`return size`
initial commit 2015-10-12 08:16:57 +00:00			`default:`
			`panic("unknown arg type")`
			`}`
			`}`

prog: assign types to args during construction Eliminate assignTypeAndDir function and instead assign types to all args during construction. This will allow considerable simplifation of assignSizes. 2016-10-29 08:24:21 +00:00			`func constArg(t sys.Type, v uintptr) *Arg {`
			`return &Arg{Type: t, Kind: ArgConst, Val: v}`
initial commit 2015-10-12 08:16:57 +00:00			`}`

prog: assign types to args during construction Eliminate assignTypeAndDir function and instead assign types to all args during construction. This will allow considerable simplifation of assignSizes. 2016-10-29 08:24:21 +00:00			`func resultArg(t sys.Type, r Arg) Arg {`
			`arg := &Arg{Type: t, Kind: ArgResult, Res: r}`
initial commit 2015-10-12 08:16:57 +00:00			`if r.Uses == nil {`
			`r.Uses = make(map[*Arg]bool)`
			`}`
			`if r.Uses[arg] {`
			`panic("already used")`
			`}`
			`r.Uses[arg] = true`
			`return arg`
			`}`

prog: assign types to args during construction Eliminate assignTypeAndDir function and instead assign types to all args during construction. This will allow considerable simplifation of assignSizes. 2016-10-29 08:24:21 +00:00			`func dataArg(t sys.Type, data []byte) *Arg {`
			`return &Arg{Type: t, Kind: ArgData, Data: append([]byte{}, data...)}`
initial commit 2015-10-12 08:16:57 +00:00			`}`

prog: assign types to args during construction Eliminate assignTypeAndDir function and instead assign types to all args during construction. This will allow considerable simplifation of assignSizes. 2016-10-29 08:24:21 +00:00			`func pointerArg(t sys.Type, page uintptr, off int, npages uintptr, obj Arg) Arg {`
			`return &Arg{Type: t, Kind: ArgPointer, AddrPage: page, AddrOffset: off, AddrPagesNum: npages, Res: obj}`
initial commit 2015-10-12 08:16:57 +00:00			`}`

prog: assign types to args during construction Eliminate assignTypeAndDir function and instead assign types to all args during construction. This will allow considerable simplifation of assignSizes. 2016-10-29 08:24:21 +00:00			`func pageSizeArg(t sys.Type, npages uintptr, off int) *Arg {`
			`return &Arg{Type: t, Kind: ArgPageSize, AddrPage: npages, AddrOffset: off}`
initial commit 2015-10-12 08:16:57 +00:00			`}`

prog: assign types to args during construction Eliminate assignTypeAndDir function and instead assign types to all args during construction. This will allow considerable simplifation of assignSizes. 2016-10-29 08:24:21 +00:00			`func groupArg(t sys.Type, inner []Arg) Arg {`
			`return &Arg{Type: t, Kind: ArgGroup, Inner: inner}`
initial commit 2015-10-12 08:16:57 +00:00			`}`

prog: assign types to args during construction Eliminate assignTypeAndDir function and instead assign types to all args during construction. This will allow considerable simplifation of assignSizes. 2016-10-29 08:24:21 +00:00			`func unionArg(t sys.Type, opt Arg, typ sys.Type) Arg {`
			`return &Arg{Type: t, Kind: ArgUnion, Option: opt, OptionType: typ}`
sys: add union type 2015-12-29 14:00:57 +00:00			`}`

prog: assign types to args during construction Eliminate assignTypeAndDir function and instead assign types to all args during construction. This will allow considerable simplifation of assignSizes. 2016-10-29 08:24:21 +00:00			`func returnArg(t sys.Type) *Arg {`
			`return &Arg{Type: t, Kind: ArgReturn}`
initial commit 2015-10-12 08:16:57 +00:00			`}`

			`func (p Prog) insertBefore(c Call, calls []*Call) {`
			`idx := 0`
			`for ; idx < len(p.Calls); idx++ {`
			`if p.Calls[idx] == c {`
			`break`
			`}`
			`}`
			`var newCalls []*Call`
			`newCalls = append(newCalls, p.Calls[:idx]...)`
			`newCalls = append(newCalls, calls...)`
			`if idx < len(p.Calls) {`
			`newCalls = append(newCalls, p.Calls[idx])`
			`newCalls = append(newCalls, p.Calls[idx+1:]...)`
			`}`
			`p.Calls = newCalls`
			`}`
prog: implement mutation of union args 2015-12-31 14:24:08 +00:00
prog: assign types to args during construction Eliminate assignTypeAndDir function and instead assign types to all args during construction. This will allow considerable simplifation of assignSizes. 2016-10-29 08:24:21 +00:00			`// replaceArg replaces arg with arg1 in call c in program p, and inserts calls before arg call.`
			`func (p Prog) replaceArg(c Call, arg, arg1 Arg, calls []Call) {`
prog: implement mutation of union args 2015-12-31 14:24:08 +00:00			`if arg.Kind != ArgConst && arg.Kind != ArgResult && arg.Kind != ArgPointer && arg.Kind != ArgUnion {`
			`panic(fmt.Sprintf("replaceArg: bad arg kind %v", arg.Kind))`
			`}`
			`if arg1.Kind != ArgConst && arg1.Kind != ArgResult && arg1.Kind != ArgPointer && arg.Kind != ArgUnion {`
			`panic(fmt.Sprintf("replaceArg: bad arg1 kind %v", arg1.Kind))`
			`}`
			`if arg.Kind == ArgResult {`
			`delete(arg.Res.Uses, arg)`
			`}`
			`for _, c := range calls {`
			`sanitizeCall(c)`
			`}`
			`p.insertBefore(c, calls)`
			`// Somewhat hacky, but safe and preserves references to arg.`
			`uses := arg.Uses`
			`arg = arg1`
			`arg.Uses = uses`
			`if arg.Kind == ArgResult {`
			`delete(arg.Res.Uses, arg1)`
			`arg.Res.Uses[arg] = true`
			`}`
			`sanitizeCall(c)`
			`}`

prog: assign types to args during construction Eliminate assignTypeAndDir function and instead assign types to all args during construction. This will allow considerable simplifation of assignSizes. 2016-10-29 08:24:21 +00:00			`// removeArg removes all references to/from arg0 of call c from p.`
			`func (p Prog) removeArg(c Call, arg0 *Arg) {`
prog: implement mutation of union args 2015-12-31 14:24:08 +00:00			`foreachSubarg(arg0, func(arg, _ Arg, _ []*Arg) {`
			`if arg.Kind == ArgResult {`
			`if _, ok := arg.Res.Uses[arg]; !ok {`
			`panic("broken tree")`
			`}`
			`delete(arg.Res.Uses, arg)`
			`}`
			`for arg1 := range arg.Uses {`
			`if arg1.Kind != ArgResult {`
			`panic("use references not ArgResult")`
			`}`
prog: assign types to args during construction Eliminate assignTypeAndDir function and instead assign types to all args during construction. This will allow considerable simplifation of assignSizes. 2016-10-29 08:24:21 +00:00			`arg2 := constArg(arg1.Type, arg1.Type.Default())`
			`p.replaceArg(c, arg1, arg2, nil)`
prog: implement mutation of union args 2015-12-31 14:24:08 +00:00			`}`
			`})`
			`}`

			`// removeCall removes call idx from p.`
			`func (p *Prog) removeCall(idx int) {`
			`c := p.Calls[idx]`
			`copy(p.Calls[idx:], p.Calls[idx+1:])`
			`p.Calls = p.Calls[:len(p.Calls)-1]`
			`for _, arg := range c.Args {`
prog: assign types to args during construction Eliminate assignTypeAndDir function and instead assign types to all args during construction. This will allow considerable simplifation of assignSizes. 2016-10-29 08:24:21 +00:00			`p.removeArg(c, arg)`
prog: implement mutation of union args 2015-12-31 14:24:08 +00:00			`}`
prog: assign types to args during construction Eliminate assignTypeAndDir function and instead assign types to all args during construction. This will allow considerable simplifation of assignSizes. 2016-10-29 08:24:21 +00:00			`p.removeArg(c, c.Ret)`
prog: implement mutation of union args 2015-12-31 14:24:08 +00:00			`}`