slither icon indicating copy to clipboard operation
slither copied to clipboard
verified publisher icon crytic

cleanup break/continue fixup

Open samczsun opened this issue 5 years ago • 3 comments

we know which loop we're in when we're constructing the cfg, so let's link break/continue properly during cfg construction instead of doing the hacky "find which loop we're in after the fact" thing

my very basic testcase:

contract C {
    function f() public {
        for (uint i = 0; i < 10; i++) {
            if (i > 100) {
                break;
            }
            if (i < 3) {
                continue;
            }

            for (uint j = 0; j < 10; j++) {
                if (j > 10) {
                    continue;
                }
                if (j < 3) {
                    break;
                }

                j -= 1;
            }
        }
    }
}

samczsun avatar Sep 09 '20 06:09 samczsun

@0xalpharush: could you review if we can update the work done by @samczsun to work on the current dev?

montyly avatar Aug 03 '22 15:08 montyly

TBD: we might want the CONTINUE node to point to the increment EXPRESSION and not STARTLOOP. See visualization here. Will open an issue and fix in a follow-on PR

0xalpharush avatar Aug 04 '22 17:08 0xalpharush

I am a bit unsure about the usage of FunctionSolc. _loops, as this variable is meant for local analysis (during the parsing), but is added to the object itself. It might give the impression that this will contain all the loops, but it actually contain a list that is pushed/popped during the parsing.

Maybe we should make a functions' parameter, and rename it to something like loop_scope?

montyly avatar Aug 08 '22 11:08 montyly

Can we merge this? I have a fix for continue (https://github.com/crytic/slither/pull/1651), but I'll need to rebase.

duckki avatar Feb 09 '23 18:02 duckki