From 987f0b4bafcbb3f9d3c2dc94596af85a4fc8ee4e Mon Sep 17 00:00:00 2001 From: Dan Carpenter Date: Fri, 17 Jun 2016 12:47:25 +0300 Subject: [PATCH] extra: ignore truncated limits So the issue is, say you have a parameter with range "0-1,16". But the function we're calling takes a bool. Then it will return PARAM_LIMIT set to 1 or 0. Before we would say that after that function was called the parameter was 0-1, which is wrong. We should do something smarter with this but for now just ignore it. Signed-off-by: Dan Carpenter --- smatch_extra.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/smatch_extra.c b/smatch_extra.c index 04620b63..ed609a46 100644 --- a/smatch_extra.c +++ b/smatch_extra.c @@ -1818,6 +1818,18 @@ static void db_limited_after(void) free_stree(&unmatched_stree); } +static int rl_fits_in_type(struct range_list *rl, struct symbol *type) +{ + if (type_bits(rl_type(rl)) <= type_bits(type)) + return 1; + if (sval_cmp(rl_max(rl), sval_type_max(type)) > 0) + return 0; + if (sval_is_negative(rl_min(rl)) && + sval_cmp(rl_min(rl), sval_type_min(type)) < 0) + return 0; + return 1; +} + static void db_param_limit_filter(struct expression *expr, int param, char *key, char *value, enum info_type op) { struct expression *arg; @@ -1856,6 +1868,9 @@ static void db_param_limit_filter(struct expression *expr, int param, char *key, else rl = alloc_whole_rl(compare_type); + if (op == PARAM_LIMIT && !rl_fits_in_type(rl, compare_type)) + goto free; + call_results_to_rl(expr, compare_type, value, &limit); new = rl_intersection(rl, limit); -- 2.11.4.GIT