> I would like to achieve a bit of functionality which is already provided
> by other popular static source code analysis tools
Why not use them then?
> The SmPL approach that we are discussing now should point open issues out
> in source code like the following small test example.
>
> int implementation_with_an_ignored_return_value(void)
> {
> malloc(123);
> return 0;
> }
>
>
> I imagine that a complete solution would need a detailed data flow analysis
> for this purpose. But I am not familiar enough will all necessary
> technology there so far.
>
> So I hope that a smaller solution can be achieved with Coccinelle.
> * I can find an ordinary function call without problems.
>
> * The corresponding software development challenges become apparent
> when I would like to ensure by a SmPL filter that the source code position
> of this call is different from all other function calls which were detected
> at other places within a function implementation.
>
> @show_unstored_return_values
> depends on !find_calls_for_initialisations
> && !find_calls_for_designated_initialisations
> && !find_calls_for_assignments@
I have the impression that you just want
f(...);
once you have determined that f has a return value. No need for positions
or dependencies on other rules.
On the other hand, this is very liable to false positives when there is
some good reason why the return value of the particular call to f doesn't
matter.
julia
_______________________________________________
Cocci mailing list
[email protected]
https://systeme.lip6.fr/mailman/listinfo/cocci
