From bc27b77df1939b9567aa468c47d4a5784f40cfa1 Mon Sep 17 00:00:00 2001 From: Julia Lawall Date: Wed, 23 Aug 2017 15:11:13 +0200 Subject: Coccinelle: setup_timer: improve messages from setup_timer Allow messages about multiple timers. Signed-off-by: Julia Lawall Signed-off-by: Masahiro Yamada --- scripts/coccinelle/api/setup_timer.cocci | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) (limited to 'scripts/coccinelle') diff --git a/scripts/coccinelle/api/setup_timer.cocci b/scripts/coccinelle/api/setup_timer.cocci index eb6bd9e4ab1a..b5ab0317fa03 100644 --- a/scripts/coccinelle/api/setup_timer.cocci +++ b/scripts/coccinelle/api/setup_timer.cocci @@ -104,11 +104,9 @@ position j0, j1, j2; ) @match_function_and_data_after_init_timer_context -depends on !patch && -!match_immediate_function_data_after_init_timer_context && - (context || org || report)@ +depends on !patch && (context || org || report)@ expression a, b, e1, e2, e3, e4, e5; -position j0, j1, j2; +position j0 != match_immediate_function_data_after_init_timer_context.j0,j1,j2; @@ * init_timer@j0 (&e1); @@ -124,13 +122,12 @@ position j0, j1, j2; * e1@j2.function = a; ) -@r3_context depends on !patch && -!match_immediate_function_data_after_init_timer_context && -!match_function_and_data_after_init_timer_context && - (context || org || report)@ +@r3_context depends on !patch && (context || org || report)@ expression c, e6, e7; position r1.p; -position j0, j1; +position j0 != + {match_immediate_function_data_after_init_timer_context.j0, + match_function_and_data_after_init_timer_context.j0}, j1; @@ * init_timer@j0@p (&e6); -- cgit v1.2.3 From 1b18d05c7c204a59e0ac66cbfa813a7173c4426e Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Wed, 20 Sep 2017 16:27:25 -0700 Subject: coccinelle: Improve setup_timer.cocci matching This improves the patch mode of setup_timer.cocci. Several patterns were missing: - assignments-before-init_timer() cases - limit the .data case removal to the specific struct timer_list instance - handling calls by dereference (timer->field vs timer.field) Cc: Gilles Muller Cc: Nicolas Palix Cc: Michal Marek Cc: cocci@systeme.lip6.fr Signed-off-by: Kees Cook Acked-by: Julia Lawall Signed-off-by: Masahiro Yamada --- scripts/coccinelle/api/setup_timer.cocci | 129 +++++++++++++++++++++++++------ 1 file changed, 105 insertions(+), 24 deletions(-) (limited to 'scripts/coccinelle') diff --git a/scripts/coccinelle/api/setup_timer.cocci b/scripts/coccinelle/api/setup_timer.cocci index b5ab0317fa03..e4577089dcb9 100644 --- a/scripts/coccinelle/api/setup_timer.cocci +++ b/scripts/coccinelle/api/setup_timer.cocci @@ -2,6 +2,7 @@ /// and data fields // Confidence: High // Copyright: (C) 2016 Vaishali Thakkar, Oracle. GPLv2 +// Copyright: (C) 2017 Kees Cook, Google. GPLv2 // Options: --no-includes --include-headers // Keywords: init_timer, setup_timer @@ -10,60 +11,123 @@ virtual context virtual org virtual report +// Match the common cases first to avoid Coccinelle parsing loops with +// "... when" clauses. + @match_immediate_function_data_after_init_timer depends on patch && !context && !org && !report@ expression e, func, da; @@ --init_timer (&e); -+setup_timer (&e, func, da); +-init_timer ++setup_timer + ( \(&e\|e\) ++, func, da + ); +( +-\(e.function\|e->function\) = func; +-\(e.data\|e->data\) = da; +| +-\(e.data\|e->data\) = da; +-\(e.function\|e->function\) = func; +) + +@match_immediate_function_data_before_init_timer +depends on patch && !context && !org && !report@ +expression e, func, da; +@@ +( +-\(e.function\|e->function\) = func; +-\(e.data\|e->data\) = da; +| +-\(e.data\|e->data\) = da; +-\(e.function\|e->function\) = func; +) +-init_timer ++setup_timer + ( \(&e\|e\) ++, func, da + ); + +@match_function_and_data_after_init_timer +depends on patch && !context && !org && !report@ +expression e, e2, e3, e4, e5, func, da; +@@ + +-init_timer ++setup_timer + ( \(&e\|e\) ++, func, da + ); + ... when != func = e2 + when != da = e3 ( -e.function = func; +... when != da = e4 -e.data = da; | +-e->function = func; +... when != da = e4 +-e->data = da; +| -e.data = da; +... when != func = e5 -e.function = func; +| +-e->data = da; +... when != func = e5 +-e->function = func; ) -@match_function_and_data_after_init_timer +@match_function_and_data_before_init_timer depends on patch && !context && !org && !report@ -expression e1, e2, e3, e4, e5, a, b; +expression e, e2, e3, e4, e5, func, da; @@ - --init_timer (&e1); -+setup_timer (&e1, a, b); - -... when != a = e2 - when != b = e3 ( --e1.function = a; -... when != b = e4 --e1.data = b; +-e.function = func; +... when != da = e4 +-e.data = da; | --e1.data = b; -... when != a = e5 --e1.function = a; +-e->function = func; +... when != da = e4 +-e->data = da; +| +-e.data = da; +... when != func = e5 +-e.function = func; +| +-e->data = da; +... when != func = e5 +-e->function = func; ) +... when != func = e2 + when != da = e3 +-init_timer ++setup_timer + ( \(&e\|e\) ++, func, da + ); @r1 exists@ +expression t; identifier f; position p; @@ f(...) { ... when any - init_timer@p(...) + init_timer@p(\(&t\|t\)) ... when any } @r2 exists@ +expression r1.t; identifier g != r1.f; -struct timer_list t; expression e8; @@ g(...) { ... when any - t.data = e8 + \(t.data\|t->data\) = e8 ... when any } @@ -77,14 +141,31 @@ p << r1.p; cocci.include_match(False) @r3 depends on patch && !context && !org && !report@ -expression e6, e7, c; +expression r1.t, func, e7; position r1.p; @@ --init_timer@p (&e6); -+setup_timer (&e6, c, 0UL); -... when != c = e7 --e6.function = c; +( +-init_timer@p(&t); ++setup_timer(&t, func, 0UL); +... when != func = e7 +-t.function = func; +| +-t.function = func; +... when != func = e7 +-init_timer@p(&t); ++setup_timer(&t, func, 0UL); +| +-init_timer@p(t); ++setup_timer(t, func, 0UL); +... when != func = e7 +-t->function = func; +| +-t->function = func; +... when != func = e7 +-init_timer@p(t); ++setup_timer(t, func, 0UL); +) // ---------------------------------------------------------------------------- -- cgit v1.2.3 From a44b86645a4a173a45e57d127ac037e88750ea6a Mon Sep 17 00:00:00 2001 From: Julia Lawall Date: Sun, 8 Oct 2017 21:18:41 +0200 Subject: coccinelle: api: detect identical chip data arrays This semantic patch detects duplicate arrays declared using BQ27XXX_DATA within a single structure. It is currently specific to the file drivers/power/supply/bq27xxx_battery.c. Nevertheless, having the script in the kernel will allow others to check their code if the data structures change in the future. Signed-off-by: Julia Lawall Signed-off-by: Masahiro Yamada --- scripts/coccinelle/api/check_bq27xxx_data.cocci | 161 ++++++++++++++++++++++++ 1 file changed, 161 insertions(+) create mode 100644 scripts/coccinelle/api/check_bq27xxx_data.cocci (limited to 'scripts/coccinelle') diff --git a/scripts/coccinelle/api/check_bq27xxx_data.cocci b/scripts/coccinelle/api/check_bq27xxx_data.cocci new file mode 100644 index 000000000000..9212b85169d2 --- /dev/null +++ b/scripts/coccinelle/api/check_bq27xxx_data.cocci @@ -0,0 +1,161 @@ +/// Detect BQ27XXX_DATA structures with identical registers, dm registers or +/// properties. +//# Doesn't unfold macros used in register or property fields. +//# Requires OCaml scripting +/// +// Confidence: High +// Copyright: (C) 2017 Julia Lawall, Inria/LIP6, GPLv2. +// URL: http://coccinelle.lip6.fr/ +// Requires: 1.0.7 +// Keywords: BQ27XXX_DATA + +virtual report + +@initialize:ocaml@ +@@ + +let print_report p msg = + let p = List.hd p in + Printf.printf "%s:%d:%d-%d: %s" p.file p.line p.col p.col_end msg + +@str depends on report@ +type t; +identifier i,i1,i2; +expression e1,e2; +@@ + +t i[] = { + ..., + [e1] = BQ27XXX_DATA(i1,...), + ..., + [e2] = BQ27XXX_DATA(i2,...), + ..., +}; + +@script:ocaml tocheck@ +i1 << str.i1; +i2 << str.i2; +i1regs; i2regs; +i1dmregs; i2dmregs; +i1props; i2props; +@@ + +if not(i1 = i2) +then + begin + i1regs := make_ident (i1 ^ "_regs"); + i2regs := make_ident (i2 ^ "_regs"); + i1dmregs := make_ident (i1 ^ "_dm_regs"); + i2dmregs := make_ident (i2 ^ "_dm_regs"); + i1props := make_ident (i1 ^ "_props"); + i2props := make_ident (i2 ^ "_props") + end + +(* ---------------------------------------------------------------- *) + +@getregs1@ +typedef u8; +identifier tocheck.i1regs; +initializer list i1regs_vals; +position p1; +@@ + +u8 i1regs@p1[...] = { i1regs_vals, }; + +@getregs2@ +identifier tocheck.i2regs; +initializer list i2regs_vals; +position p2; +@@ + +u8 i2regs@p2[...] = { i2regs_vals, }; + +@script:ocaml@ +(_,i1regs_vals) << getregs1.i1regs_vals; +(_,i2regs_vals) << getregs2.i2regs_vals; +i1regs << tocheck.i1regs; +i2regs << tocheck.i2regs; +p1 << getregs1.p1; +p2 << getregs2.p2; +@@ + +if i1regs < i2regs && + List.sort compare i1regs_vals = List.sort compare i2regs_vals +then + let msg = + Printf.sprintf + "WARNING %s and %s (line %d) are identical\n" + i1regs i2regs (List.hd p2).line in + print_report p1 msg + +(* ---------------------------------------------------------------- *) + +@getdmregs1@ +identifier tocheck.i1dmregs; +initializer list i1dmregs_vals; +position p1; +@@ + +struct bq27xxx_dm_reg i1dmregs@p1[] = { i1dmregs_vals, }; + +@getdmregs2@ +identifier tocheck.i2dmregs; +initializer list i2dmregs_vals; +position p2; +@@ + +struct bq27xxx_dm_reg i2dmregs@p2[] = { i2dmregs_vals, }; + +@script:ocaml@ +(_,i1dmregs_vals) << getdmregs1.i1dmregs_vals; +(_,i2dmregs_vals) << getdmregs2.i2dmregs_vals; +i1dmregs << tocheck.i1dmregs; +i2dmregs << tocheck.i2dmregs; +p1 << getdmregs1.p1; +p2 << getdmregs2.p2; +@@ + +if i1dmregs < i2dmregs && + List.sort compare i1dmregs_vals = List.sort compare i2dmregs_vals +then + let msg = + Printf.sprintf + "WARNING %s and %s (line %d) are identical\n" + i1dmregs i2dmregs (List.hd p2).line in + print_report p1 msg + +(* ---------------------------------------------------------------- *) + +@getprops1@ +identifier tocheck.i1props; +initializer list[n1] i1props_vals; +position p1; +@@ + +enum power_supply_property i1props@p1[] = { i1props_vals, }; + +@getprops2@ +identifier tocheck.i2props; +initializer list[n2] i2props_vals; +position p2; +@@ + +enum power_supply_property i2props@p2[] = { i2props_vals, }; + +@script:ocaml@ +(_,i1props_vals) << getprops1.i1props_vals; +(_,i2props_vals) << getprops2.i2props_vals; +i1props << tocheck.i1props; +i2props << tocheck.i2props; +p1 << getprops1.p1; +p2 << getprops2.p2; +@@ + +if i1props < i2props && + List.sort compare i1props_vals = List.sort compare i2props_vals +then + let msg = + Printf.sprintf + "WARNING %s and %s (line %d) are identical\n" + i1props i2props (List.hd p2).line in + print_report p1 msg -- cgit v1.2.3 From e0be348e4d6ebd660c9558bcee50f648491cfef6 Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Thu, 26 Oct 2017 13:50:38 +0900 Subject: coccinelle: grep Options and Requires fields more precisely Currently, the required version for badzero.cocci is picked up from its "Comments:" line since it contains the word "Requires". Surprisingly, ld-version.sh can extract the version number from the string "Requires Coccinelle version 1.0.0-rc20 or later", but this expectation is fragile. Fix the .cocci file. I removed "-rc20" because ld-version.sh cannot handle it. Make the coccicheck script to see exact patterns for "Options:" and "Requires:" in order to avoid accidental matching to what just happens to appear in comment lines. Signed-off-by: Masahiro Yamada Acked-by: Julia Lawall Acked-by: Nicolas Palix --- scripts/coccicheck | 4 ++-- scripts/coccinelle/null/badzero.cocci | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'scripts/coccinelle') diff --git a/scripts/coccicheck b/scripts/coccicheck index 864b17e05e63..97f28f0f9498 100755 --- a/scripts/coccicheck +++ b/scripts/coccicheck @@ -168,8 +168,8 @@ OPTIONS="$OPTIONS $SPFLAGS" coccinelle () { COCCI="$1" - OPT=`grep "Option" $COCCI | cut -d':' -f2` - REQ=`grep "Requires" $COCCI | cut -d':' -f2 | sed "s| ||"` + OPT=`grep "Options:" $COCCI | cut -d':' -f2` + REQ=`grep "Requires:" $COCCI | cut -d':' -f2 | sed "s| ||"` REQ_NUM=$(echo $REQ | ${DIR}/scripts/ld-version.sh) if [ "$REQ_NUM" != "0" ] ; then if [ "$SPATCH_VERSION_NUM" -lt "$REQ_NUM" ] ; then diff --git a/scripts/coccinelle/null/badzero.cocci b/scripts/coccinelle/null/badzero.cocci index 5551da2b4fe3..f597c8007b76 100644 --- a/scripts/coccinelle/null/badzero.cocci +++ b/scripts/coccinelle/null/badzero.cocci @@ -10,7 +10,7 @@ // Copyright: (C) 2012 Julia Lawall, INRIA/LIP6. GPLv2. // Copyright: (C) 2012 Gilles Muller, INRIA/LiP6. GPLv2. // URL: http://coccinelle.lip6.fr/ -// Comments: Requires Coccinelle version 1.0.0-rc20 or later +// Requires: 1.0.0 // Options: virtual patch -- cgit v1.2.3 From 69c4907ba1ee9e9428363c9419c9116bb28c402c Mon Sep 17 00:00:00 2001 From: Julia Lawall Date: Sun, 29 Oct 2017 01:43:09 +0200 Subject: Coccinelle: use false positive annotation /// is to describe the semantic patch, while //# indicates reasons for false positives. Signed-off-by: Julia Lawall Signed-off-by: Masahiro Yamada --- scripts/coccinelle/misc/ifcol.cocci | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'scripts/coccinelle') diff --git a/scripts/coccinelle/misc/ifcol.cocci b/scripts/coccinelle/misc/ifcol.cocci index d0d00ef1f12a..ffe75407c5d2 100644 --- a/scripts/coccinelle/misc/ifcol.cocci +++ b/scripts/coccinelle/misc/ifcol.cocci @@ -3,10 +3,10 @@ /// Sometimes, code after an if that is indented is actually intended to be /// part of the if branch. /// -/// This has a high rate of false positives, because Coccinelle's column -/// calculation does not distinguish between spaces and tabs, so code that -/// is not visually aligned may be considered to be in the same column. -/// +//# This has a high rate of false positives, because Coccinelle's column +//# calculation does not distinguish between spaces and tabs, so code that +//# is not visually aligned may be considered to be in the same column. +// // Confidence: Low // Copyright: (C) 2010 Nicolas Palix, DIKU. GPLv2. // Copyright: (C) 2010 Julia Lawall, DIKU. GPLv2. -- cgit v1.2.3 From 6851ba1a1b22ba2e0800002d531bf04ced22ec18 Mon Sep 17 00:00:00 2001 From: Julia Lawall Date: Sun, 12 Nov 2017 16:02:18 +0100 Subject: coccinelle: use exists to improve efficiency This just needs to find any reassignment of the loop iterator, and doesn't need such a thing on all execution paths, so use exists on the first rule. Signed-off-by: Julia Lawall Signed-off-by: Masahiro Yamada --- scripts/coccinelle/iterators/list_entry_update.cocci | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts/coccinelle') diff --git a/scripts/coccinelle/iterators/list_entry_update.cocci b/scripts/coccinelle/iterators/list_entry_update.cocci index 873f444e7137..be6f9f1abb34 100644 --- a/scripts/coccinelle/iterators/list_entry_update.cocci +++ b/scripts/coccinelle/iterators/list_entry_update.cocci @@ -15,7 +15,7 @@ virtual context virtual org virtual report -@r@ +@r exists@ iterator name list_for_each_entry; expression x,E; position p1,p2; -- cgit v1.2.3 From 937c812dfc0a25343d56b07734438610a1fb7b46 Mon Sep 17 00:00:00 2001 From: Julia Lawall Date: Mon, 13 Nov 2017 06:53:35 +0100 Subject: coccinelle: orplus: reorganize to improve performance Adding two #define constants is less common than performing & and | operations on them, so put the addition first to reduce the set of cases that have to be considered in detail. At the same time, add & and | patterns for both arguments of +, to account for commutativity and obtain more results. Running time is divided by 3 when applying this to the whole kernel on my laptop with an Intel i5-6200U CPU. Signed-off-by: Julia Lawall Signed-off-by: Masahiro Yamada --- scripts/coccinelle/misc/orplus.cocci | 43 ++++++++++++++++++++++++------------ 1 file changed, 29 insertions(+), 14 deletions(-) (limited to 'scripts/coccinelle') diff --git a/scripts/coccinelle/misc/orplus.cocci b/scripts/coccinelle/misc/orplus.cocci index 81fabf379390..08de5be73693 100644 --- a/scripts/coccinelle/misc/orplus.cocci +++ b/scripts/coccinelle/misc/orplus.cocci @@ -14,7 +14,19 @@ virtual report virtual context @r@ -constant c; +constant c,c1; +identifier i,i1; +position p; +@@ + +( + c1 + c - 1 +| + c1@i1 +@p c@i +) + +@s@ +constant r.c, r.c1; identifier i; expression e; @@ @@ -27,28 +39,31 @@ e & c@i e |= c@i | e &= c@i +| +e | c1@i +| +e & c1@i +| +e |= c1@i +| +e &= c1@i ) -@s@ -constant r.c,c1; -identifier i1; -position p; +@depends on s@ +position r.p; +constant c1,c2; @@ -( - c1 + c - 1 -| -*c1@i1 +@p c -) +* c1 +@p c2 -@script:python depends on org@ -p << s.p; +@script:python depends on s && org@ +p << r.p; @@ cocci.print_main("sum of probable bitmasks, consider |",p) -@script:python depends on report@ -p << s.p; +@script:python depends on s && report@ +p << r.p; @@ msg = "WARNING: sum of probable bitmasks, consider |" -- cgit v1.2.3