On Thu, Oct 26, 2017 at 12:54:20PM +0200, Rasmus Villemoes wrote:
> On 26 October 2017 at 12:48, Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:
> > On Wed, Oct 25, 2017 at 09:25:15PM +0200, Rasmus Villemoes wrote:
> >> For some reason this spits out an enourmous amount of false positives,
> >> making this entirely useless. We hit a lot of "%lx", (long)(a - b),
> >> but I don't understand why the a-b expression (a pointer difference)
> >> passes is_ptr_type().
> >
> > Well, it is a pointer type. If you do pointer math, you get pointer
> > results. You can't really treat subtract different from addition
> > because container_of() is a subtraction.
>
> Huh? When I subtract one pointer from another, I get an _integer_.
No. You still get a pointer. :P That's just how type promotion works
in C.
> The math done in container_of is subtracting an integer from a pointer
> which does give a pointer, of course, but that's not the issue here.
> The false positives I'm talking about are (at least those I checked)
> something like
>
> ptr = array;
> <misc logic, incrementing ptr along the way>
> if (uhoh)
> printk("trouble with array element %lx\n", (long)(ptr - array));
>
> which is obviously ok.
Right, yes. You'll need to filter those subtractions:
static bool is_subtraction(struct expression *expr)
{
sval_t sval;
expr = strip_expr(expr);
if (expr->type != EXPR_BINOP || expr->op != '-')
return false;
if (get_implied_value(expr->right, &sval)) /* constants */
return false;
return true;
}
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe smatch" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
