| commit | 8f3cb0e19f0955e6eb0538d8057fa9a16187db01 | |
| author | Dan Carpenter <dan.carpenter@oracle.com> | |
| Wed, 29 Mar 2017 08:58:33 +0000 (29 11:58 +0300) | ||
| committer | Dan Carpenter <dan.carpenter@oracle.com> | |
| Wed, 29 Mar 2017 08:58:33 +0000 (29 11:58 +0300) | ||
| tree | 60f721c4618c85b49ccbc53455e82d62dd64039c | treesnapshot (tar.gz zip) |
| parent | 30f8550cb505f801e73da158a8a43012ce04eb9e | commitdiff |
extra: handle MOD conditions like "if (a % 4) {" better
We're basically dorking around the minimum and maximum limits here. If
the start range is not known then we give up. In other words:
if (i == 0 || !(i % 4)) {
is handled differently from the same condition:
if (!(i % 4) || i == 0) {
Because the starting minimum condition is 1 in the first example and
0 in the second. That's fine, because this patch is better than doing
nothing and there is some kind of limit to the smatch_extra approach
to tracking values because you can only express so many values.
Smatch is about being practical more than being 100% perfect. So many
things are handled as special cases. Doing "foo % 4" is way more common
than doing "foo % 5" and I plan to handle that later by tracking set
and cleared bits better. Another idea would be to track all the true
conditions at any given time so you could say "if idx is 100 then were
out of bounds." then you could verify that all the conditions were
still possibly true. The point is that this isn't perfect but maybe
there will be ways later to get the other information that we want.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
We're basically dorking around the minimum and maximum limits here. If
the start range is not known then we give up. In other words:
if (i == 0 || !(i % 4)) {
is handled differently from the same condition:
if (!(i % 4) || i == 0) {
Because the starting minimum condition is 1 in the first example and
0 in the second. That's fine, because this patch is better than doing
nothing and there is some kind of limit to the smatch_extra approach
to tracking values because you can only express so many values.
Smatch is about being practical more than being 100% perfect. So many
things are handled as special cases. Doing "foo % 4" is way more common
than doing "foo % 5" and I plan to handle that later by tracking set
and cleared bits better. Another idea would be to track all the true
conditions at any given time so you could say "if idx is 100 then were
out of bounds." then you could verify that all the conditions were
still possibly true. The point is that this isn't perfect but maybe
there will be ways later to get the other information that we want.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
| smatch_extra.c | diffblobblamehistory | |
| validation/sm_mod.c | [new file with mode: 0644] | blob |