[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-hardening
Subject:    Re: [cocci] spatch --jobs N missing matches?
From:       Julia Lawall <julia.lawall () inria ! fr>
Date:       2022-09-28 5:23:44
Message-ID: alpine.DEB.2.22.394.2209280722150.2844 () hadrien
[Download RAW message or body]



On Tue, 27 Sep 2022, Kees Cook wrote:

>
> On Tue, Sep 27, 2022 at 11:09:35PM +0200, Julia Lawall wrote:
> > The problem is fixed in github.  Coccinelle was doing some caching of
> > header files, that was not desirable in the case where one actually wants
> > to match the code, and not just get type information.
>
> Thank you for the fix! I can confirm things appear to be working
> correctly now. (And took 124 minutes to run.)

OK, long, but at least you get the result.

> > [...]
> > Actually, there are not that many memcpys in the considered code.  Then
> > there are not that many that refer to the last element of a structure.  If
> > level2 produces nothing, then level 1 should not be applied.
> >
> > In the original rule order, all of the pairs of a flexible structure and
> > any structure are considered, regardless of whether any memcpys are
> > present.
>
> Ah! Yes, I keep forgetting to start with the narrowest part first. :P
>
> I also forget that I can do a "depends" on something that has no other
> matches, but if it's built on prior rules that I use in later rules,
> then it limits that rule directly. I haven't quite managed to think
> sideways hard enough. :)

Actually, that is the only purpose of depends on.  Your original rule had
a depends on level2 that was unnecessary, since the rule couldn't match if
some metavariables from level2 were not bound.

julia
[prev in list] [next in list] [prev in thread] [next in thread]