Hi,
I'm trying to write a rule to match consecutive function calls. For example:
@r@
expression E, E1;
@@
call_func(E);
... when != E = E1
* call_func(E);
It works well, but not in case "E == p->f" and p is updated in between calls.
So, I'm to understand how can I avoid these kind of pointers update.
And fail case example:
struct test {
int a;
};
void call_func(int);
void test(void)
{
struct test t[10];
struct test *i;
for(i = t; i < i + 10; ++i) {
call_func(i->a);
}
}
While I tried to figure it out, I faced some cocci constructions with no
documentation.
For example, what are rulekinds, "when strict", and "expression *r.E;",
"expression E1 <= r.E;"?
1)
main_grammar.pdf, page 2:
rulekind ::= expression
identifier
type
What is it and how it could be used? I see that it's used in deref_null.cocci,
doublebitand.cocci.
2)
What is "... when strict"? Is it negation of "... when any" and enabled by
default?
3) What is "expression *r.E;" in ./null/deref_null.cocci, for example:
43:expression *E;
54:expression *ifm.E;
115:expression *ifm.E;
175:expression *ifm.E;
239:expression *E;
248:expression *ifm1.E;
4) What is "expression <= " in ./null/deref_null.cocci?
53:expression subE <= ifm.E;
114:expression subE <= ifm.E;
174:expression subE <= ifm.E;
247:expression subE <= ifm1.E;
Regards,
Denis
_______________________________________________
Cocci mailing list
[email protected]
https://systeme.lip6.fr/mailman/listinfo/cocci
