So it's basically working...
The problem is that this test produces quite a high rate of false
positives. The bug was silencing some of them... I might end up hiding
this check under the --spammy option if I can't get rid of more of the
false positives.
Also I should pull the "dereferencing uninitialized" bit out of the
check and I'm working on doing that.
Anyway, I'm not going to push this fix right away, but here it is in
case you are interested.
regards,
dan carpenter
diff --git a/check_deref.c b/check_deref.c
index 3e4787b..6ce155a 100644
--- a/check_deref.c
+++ b/check_deref.c
@@ -183,15 +183,27 @@ static void match_assign(struct expression *expr)
if (!is_zero(expr->right))
return;
- FOR_EACH_PTR_REVERSE(big_statement_stack, stmt) {
- if (stmt->type == STMT_DECLARATION)
- return;
- break;
- } END_FOR_EACH_PTR_REVERSE(stmt);
+ if (__in_fake_assign)
+ return;
+
+ stmt = last_ptr_list((struct ptr_list *)big_statement_stack);
+
+ if (stmt && stmt->type == STMT_DECLARATION)
+ return;
set_state_expr(my_id, expr->left, &null);
}
+static void match_assigns_address(struct expression *expr)
+{
+ struct expression *right;
+
+ right = strip_expr(expr->right);
+ if (right->type != EXPR_PREOP || right->op != '&')
+ return;
+ set_state_expr(my_id, right, &ok);
+}
+
static void match_condition(struct expression *expr)
{
if (expr->type == EXPR_ASSIGNMENT) {
@@ -271,6 +283,7 @@ void check_deref(int id)
add_hook(&match_condition, CONDITION_HOOK);
add_hook(&match_declarations, DECLARATION_HOOK);
add_hook(&match_assign, ASSIGNMENT_HOOK);
+ add_hook(&match_assigns_address, ASSIGNMENT_HOOK);
if (option_project == PROJ_KERNEL)
register_allocation_funcs();
}
--
To unsubscribe from this list: send the line "unsubscribe smatch" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
