On 04/09/2019 13:07, Valentin Schneider wrote:
> [...]
> Baby steps...
There's something regarding coccinelle disjunctions that just can't grasp,
and this also fails to recognize "current" as being "struct task_struct*".
Once I fix these, it's "just" a matter of finding out how to write a rule
for layered calls (e.g. __kthread_bind() -> __kthread_bind_mask() ->
wait_task_inactive()), and we should be close to having something somewhat
usable.
---
virtual patch
virtual report
@state_access@
identifier func;
struct task_struct *p;
identifier state_var;
position fpos;
position epos;
@@
func(...)@fpos
{
<...
(
p->state & state_var@epos
|
p->state | state_var@epos
|
p->state < state_var@epos
|
p->state > state_var@epos
|
state_var@epos = p->state
// For some reason adding this disjunction gives us more matches, but causes
// some to go away :/
// |
// p->state == state_var@epos
|
p->state != state_var@epos
)
...>
}
@depends on patch@
identifier fn = state_access.func;
identifier state_var = state_access.state_var;
@@
fn(...,
- long state_var
+ int state_var
,...)
{
...
}
// Should be merged in the above but can't get disjunction to work
@depends on patch@
identifier fn = state_access.func;
identifier state_var = state_access.state_var;
@@
fn(...,
- unsigned long state_var
+ unsigned int state_var
,...)
{
...
}
// Is it possible to match without semicolons? :/
@depends on patch@
identifier state_var = state_access.state_var;
expression E;
@@
(
- long state_var;
+ int state_var;
|
- long state_var = E;
+ int state_var = E;
)
@script:python depends on report@
fp << state_access.fpos;
ep << state_access.epos;
@@
cocci.print_main("Func at", fp)
cocci.print_main("Expr at", ep)
