From patchwork Mon Jun 9 11:58:01 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Phil Carmody X-Patchwork-Id: 4321541 Return-Path: X-Original-To: patchwork-linux-sparse@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork1.web.kernel.org (Postfix) with ESMTP id D61C29F433 for ; Mon, 9 Jun 2014 12:05:43 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 594F720259 for ; Mon, 9 Jun 2014 12:05:42 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 02F3720171 for ; Mon, 9 Jun 2014 12:05:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754299AbaFIMFk (ORCPT ); Mon, 9 Jun 2014 08:05:40 -0400 Received: from wursti.dovecot.fi ([87.106.245.223]:41353 "EHLO wursti.dovecot.fi" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754217AbaFIMFj (ORCPT ); Mon, 9 Jun 2014 08:05:39 -0400 X-Greylist: delayed 466 seconds by postgrey-1.27 at vger.kernel.org; Mon, 09 Jun 2014 08:05:39 EDT Received: from phil.dovecot.net (vfw03.dovecot.fi [88.194.145.100]) by wursti.dovecot.fi (Postfix) with ESMTPSA id C3A7721EBD; Mon, 9 Jun 2014 13:57:51 +0200 (CEST) From: Phil Carmody To: sparse@chrisli.org Cc: linux-sparse@vger.kernel.org, phil@dovecot.fi Subject: [PATCH 2/3] sparse: detect non-sign-extended masks created by '~' Date: Mon, 9 Jun 2014 14:58:01 +0300 Message-Id: <1402315082-14102-3-git-send-email-phil@dovecot.fi> X-Mailer: git-send-email 2.0.0 In-Reply-To: <1402315082-14102-2-git-send-email-phil@dovecot.fi> References: <1402315082-14102-1-git-send-email-phil@dovecot.fi> <1402315082-14102-2-git-send-email-phil@dovecot.fi> Sender: linux-sparse-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-sparse@vger.kernel.org X-Spam-Status: No, score=-7.5 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Consider the operation of rounding up to the nearest multiple of a power of 2. e.g. #define ALLOC_SIZE(t) ((sizeof(t) + ASIZE - 1) & ~(ASIZE - 1)) If ASIZE is unfortunately defined as an unsigned type smaller than size_t, then the ~ will not undergo sign-bit extension, and the incorrect mask will be used. If used in a memory allocation context this could be fatal. Warn about such dubious 'large op ~short' usage. Signed-off-by: Phil Carmody --- evaluate.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/evaluate.c b/evaluate.c index 9052962..c0f3c91 100644 --- a/evaluate.c +++ b/evaluate.c @@ -189,6 +189,14 @@ left: return left; } +static int is_bigger_int_type(struct symbol *left, struct symbol *right) +{ + left = integer_promotion(left); + right = integer_promotion(right); + + return (left->bit_size > right->bit_size); +} + static int same_cast_type(struct symbol *orig, struct symbol *new) { return orig->bit_size == new->bit_size && @@ -927,6 +935,19 @@ static struct symbol *evaluate_binop(struct expression *expr) op, right_not ? "!" : ""); + left_not = expr->left->type == EXPR_PREOP + && expr->left->op == '~'; + right_not = expr->right->type == EXPR_PREOP + && expr->right->op == '~'; + if ((left_not && is_bigger_int_type(rtype, ltype) + && (ltype->ctype.modifiers & MOD_UNSIGNED)) || + (right_not && is_bigger_int_type(ltype, rtype) + && (rtype->ctype.modifiers & MOD_UNSIGNED))) + warning(expr->pos, "dubious: %sx %c %sy", + left_not ? "~" : "", + op, + right_not ? "~" : ""); + ltype = usual_conversions(op, expr->left, expr->right, lclass, rclass, ltype, rtype); ctype = rtype = ltype;