HCoop / bpt / coccinelle.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Release coccinelle-0.2.2-rc1
[bpt/coccinelle.git] / standard.iso
1 // ****************************************************************************
2 // Prelude
3 // ****************************************************************************
4
5 // Note: some isomorphisms are handled in the engine directly because they
6 // require special support. They can not be easily described with a
7 // XX <=> YY. But some of them have names, so they can be disabled, as for
8 // any other isomorphism rule. That also means that those names can not
9 // be used for regular isomorphism rule. Those reserved rule names are:
10 // - optional_storage
11 // - optional_qualifier
12 // - value_format
13 // See parse_cocci.ml, pattern.ml, transformation.ml.
14
15
16 // Note: the order of the rules has some importance. As we don't do a fixpoint,
17 // changing the order may impact the result. For instance, if we have
18 //
19 // iso1 = x+y <=> y+x
20 // iso2 = i++ <=> i=i+1;
21 //
22 // and if
23 // in SP we have i++;
24 // in C we have i=1+i;
25 //
26 // Does the SP matches the C ?
27 // - Yes if iso2 precedes iso1 in this file,
28 // - No otherwise.
29
30
31 // ****************************************************************************
32 // Standard C isomorphisms
33 // ****************************************************************************
34
35 // ---------------------------------------------------------------------------
36 // Spacing (include comments) isomorphisms
37 // ---------------------------------------------------------------------------
38 // They are handled at lex time.
39
40 // ---------------------------------------------------------------------------
41 // Dataflow isomorphisms (copy propagation, assignments)
42 // ---------------------------------------------------------------------------
43 // They are handled in engine (TODO).
44
45
46 // ---------------------------------------------------------------------------
47 // Iso-by-absence (optional qualifier, storage, sign, cast) isomorphisms
48 // ---------------------------------------------------------------------------
49 // Some of them are handled in cocci_vs_c. Some of them handled here.
50
51
52 // We would like that
53 // chip = (ak4117_t *)snd_magic_kcalloc(ak4117_t, 0, GFP_KERNEL);
54 // also matches
55 // X = snd_magic_kcalloc(T, 0, C)
56 //
57 // For the moment because the iso is (T) E => E and not <=>, it forces
58 // us to rewrite the SP as X = (T) snd_magic_kcalloc(T, 0, C)
59
60 Expression
61 @ drop_cast @
62 expression E;
63 pure type T;
64 @@
65
66 // in the following, the space at the beginning of the line is very important!
67 (T)E => E
68
69 Type
70 @ add_signed @
71 @@
72 int => signed int
73
74 Type
75 @ add_int1 @
76 @@
77 unsigned => unsigned int
78
79 Type
80 @ add_int2 @
81 @@
82 signed => signed int
83
84
85 // ---------------------------------------------------------------------------
86 // Field isomorphisms
87 // ---------------------------------------------------------------------------
88 // Dereferences
89
90
91 // Those iso were introduced for the 'generic program matching' paper,
92 // with sgrep. The idea is that when we want to detect bugs,
93 // we want to detect something like free(X) ... *X
94 // meaning that you try to access something that have been freed.
95 // But *X is not the only way to deference X, there is also
96 // X->fld, hence those iso.
97
98 // The following don't see like a good idea, because eg fld could be
99 // instantiated in different ways in different places, meaning that the
100 // two occurrences of "*E" would not refer to the same thing at all.
101 // This could be addressed by making E pure, but then I think it would
102 // have no purpose.
103
104 // Expression
105 // @@
106 // expression E;
107 // identifier fld;
108 // @@
109 //
110 // *E => E->fld
111 //
112 // Expression
113 // @@
114 // expression E;
115 // identifier fld;
116 // @@
117 //
118 // *E => (E)->fld
119 //
120 // Expression
121 // @@
122 // expression E,E1;
123 // @@
124 //
125 // *E => E[E1]
126
127 // ---------------------------------------------------------------------------
128 // Typedef isomorphisms
129 // ---------------------------------------------------------------------------
130 // They are handled in engine.
131
132
133 // ---------------------------------------------------------------------------
134 // Boolean isomorphisms for int and pointer types
135 // ---------------------------------------------------------------------------
136
137 // the space at the beginning of the line is very important!
138 Expression
139 @ not_int1 @
140 int X;
141 @@
142 !X => X == 0
143
144 TestExpression
145 @ not_int2 @
146 int X;
147 @@
148 X => X != 0
149
150 // the space at the beginning of the line is very important!
151 Expression
152 @ not_ptr1 @
153 expression *X;
154 @@
155 !X => X == NULL
156
157 TestExpression
158 @ not_ptr2 @
159 expression *X;
160 @@
161 X => X != NULL
162
163 // ---------------------------------------------------------------------------
164 // Boolean isomorphisms
165 // ---------------------------------------------------------------------------
166
167 Expression
168 @commeq@
169 expression E;
170 constant C;
171 @@
172
173 E == C <=> C == E
174
175 Expression
176 @commneq@
177 expression E;
178 constant C;
179 @@
180
181 E != C <=> C != E
182
183 Expression
184 @ is_zero @
185 expression X;
186 @@
187 X == 0 => !X
188
189 // X should be a test expression, but X!=0 doesn't have to be one
190 // not nice at all... ToTestExpression sets everything after the first
191 // pattern in the iso rule to be TestExpression
192 ToTestExpression
193 @ isnt_zero @
194 expression X;
195 @@
196 X != 0 => X
197
198 Expression
199 @ is_null @
200 expression X;
201 @@
202 X == NULL => !X
203
204 ToTestExpression
205 @ isnt_null1 @
206 expression X;
207 @@
208 X != NULL => X
209
210 // ---------------------------------------------------------------------------
211 // Bit operations
212 // ---------------------------------------------------------------------------
213
214 Expression
215 @ bitor_comm @
216 expression X,Y;
217 @@
218 X | Y => Y | X
219
220 Expression
221 @ bitand_comm @
222 expression X,Y;
223 @@
224 X & Y => Y & X
225
226 // only if side effect free in theory, perhaps makes no sense
227 // Expression
228 // @ and_comm @
229 // expression X,Y;
230 // @@
231 // X && Y => Y && X
232
233 // Expression
234 // @ or_comm @
235 // expression X,Y;
236 // @@
237 // X || Y => Y || X
238
239
240 // ---------------------------------------------------------------------------
241 // Arithmetic isomorphisms
242 // ---------------------------------------------------------------------------
243 //todo: require check side-effect free expression
244
245 Expression
246 @ plus_comm @
247 expression X, Y;
248 @@
249 X + Y => Y + X
250
251
252 // needed in kcalloc CE, where have a -kzalloc(c * sizeof(T), E)
253 Expression
254 @ mult_comm @
255 expression X, Y;
256 @@
257 X * Y => Y * X
258
259 Expression
260 @ plus_assoc @
261 expression X, Y, Z;
262 @@
263 // note space before (
264 (X + Y) + Z <=> X + Y + Z
265
266 Expression
267 @ minus_assoc @
268 expression X, Y, Z;
269 @@
270
271 (X - Y) - Z <=> X - Y - Z
272
273 Expression
274 @ plus_minus_assoc1 @
275 expression X, Y, Z;
276 @@
277
278 (X + Y) - Z <=> X + Y - Z
279
280 Expression
281 @ plus_minus_assoc2 @
282 expression X, Y, Z;
283 @@
284
285 (X - Y) + Z <=> X - Y + Z
286
287 Expression
288 @ times_assoc @
289 expression X, Y, Z;
290 @@
291
292 (X * Y) * Z <=> X * Y * Z
293
294 Expression
295 @ div_assoc @
296 expression X, Y, Z;
297 @@
298
299 (X / Y) / Z <=> X / Y / Z
300
301 Expression
302 @ times_div_assoc1 @
303 expression X, Y, Z;
304 @@
305
306 (X * Y) / Z <=> X * Y / Z
307
308 Expression
309 @ times_div_assoc2 @
310 expression X, Y, Z;
311 @@
312
313 (X / Y) * Z <=> X / Y * Z
314
315 // ---------------------------------------------------------------------------
316 // Relational isomorphisms
317 // ---------------------------------------------------------------------------
318
319 Expression
320 @ gtr_lss @
321 expression X, Y;
322 @@
323 X < Y <=> Y > X
324
325 Expression
326 @ gtr_lss_eq @
327 expression X, Y;
328 @@
329 X <= Y <=> Y >= X
330
331 // ---------------------------------------------------------------------------
332 // Increment isomorphisms
333 // ---------------------------------------------------------------------------
334
335 // equivalences between i++, +=1, etc.
336 // note: there is an addition in this SP.
337 Statement
338 @ inc @
339 identifier i;
340 @@
341 i++; <=> ++i; <=> i+=1; <=> i=i+1;
342
343 // I would like to avoid the following rule, but we cant transform a ++i
344 // in i++ everywhere. We can do it only when the instruction is alone,
345 // such as when there is not stuff around it (not as in x = i++) That's why in
346 // the previous iso, we have explicitely force the i++ do be alone with
347 // the ';'. But unfortunately in the last expression of the for there is
348 // no ';' so the previous rule cannot be applied, hence this special
349 // case.
350
351 Statement
352 @ for_inc @
353 expression X, Y;
354 statement S;
355 identifier i;
356 @@
357 for(X;Y;i++) S <=> for(X;Y;++i) S
358
359
360 // ****************************************************************************
361 // gcc specific isomorphisms
362 // ****************************************************************************
363
364 // likely and unlikely are used to give hints to gcc to improve performance.
365
366 Expression
367 @ unlikely @
368 expression E;
369 @@
370
371 unlikely(E) <=> likely(E) => E
372
373 // ---------------------------------------------------------------------------
374 // Parenthesis isomorphisms
375 // ---------------------------------------------------------------------------
376 //Expression
377 //@@ expression E; @@
378 // E => (E)
379 //// E => ((E))
380
381 // todo: isomorphism avec les () around ? cf sizeof 3.
382 // (E) => E with some conditions.
383
384 Expression
385 @ paren @
386 expression E;
387 @@
388
389 (E) => E
390
391 // ---------------------------------------------------------------------------
392 // Statement isomorphisms
393 // ---------------------------------------------------------------------------
394
395 // ---------------------------------------------------------------------------
396 // Value isomorphisms
397 // ---------------------------------------------------------------------------
398
399 // There is also equal_c_int in cocci_vs_c to dealing with other
400 // integer decimal/hexadecimal isomorphisms.
401 // an argexpression applies only at top level, in the argument of a
402 // function call, or on the right-hand side of an assignment
403 ArgExpression
404 @ zero_multiple_format @
405 @@
406 0 => '\0'
407
408 // ----------------
409 // If
410 // ----------------
411
412 // ****************************************************************************
413 // if structure isomorphisms
414 // ****************************************************************************
415
416 // these are after the above so that the introduced negation will distribute
417 // properly over the argument to likely/unlikely
418
419 Statement
420 @ neg_if @
421 expression X;
422 statement S1, S2;
423 @@
424 if (X) S1 else S2 => if (!X) S2 else S1
425
426 Statement
427 @ ne_if @
428 expression E1, E2;
429 statement S1, S2;
430 @@
431 if (E1 != E2) S1 else S2 => if (E1 == E2) S2 else S1
432
433 Statement
434 @ drop_else @
435 expression E;
436 statement S1;
437 pure statement S2;
438 @@
439
440 if (E) S1 else S2 => if (E) S1
441
442 Expression
443 @ neg_if_exp @
444 expression E1, E2, E3;
445 @@
446
447 E1 ? E2 : E3 => !E1 ? E3 : E2
448
449
450 // if (X) Y else Z <=> X ? Y : Z sometimes.
451
452 // ----------------
453 // Loops
454 // ----------------
455
456 // ---------------------------------------------------------------------------
457 // Optional initializers
458 // ---------------------------------------------------------------------------
459 // this is not safe when the declaration is replaced
460 // attempt to indicate that by requiring that Z is context
461 // no optional static/extern for isos
462 Declaration
463 @ decl_init @
464 type T;
465 context identifier Z;
466 @@
467 T Z; => T Z = ...;
468
469 Declaration
470 @ const_decl_init @
471 type T;
472 identifier Z;
473 constant C;
474 @@
475 T Z; => T Z = C;
476
477 Declaration
478 @ extern_decl_init @
479 type T;
480 context identifier Z;
481 @@
482 extern T Z; => extern T Z = ...;
483
484 Declaration
485 @ const_extern_decl_init @
486 type T;
487 identifier Z;
488 constant C;
489 @@
490 extern T Z; => extern T Z = C;
491
492 Declaration
493 @ static_decl_init @
494 type T;
495 context identifier Z;
496 @@
497 static T Z; => static T Z = ...;
498
499 Declaration
500 @ const_static_decl_init @
501 type T;
502 identifier Z;
503 constant C;
504 @@
505 static T Z; => static T Z = C;
506
507 // ---------------------------------------------------------------------------
508 // Branch (or compound) isomorphisms
509 // ---------------------------------------------------------------------------
510 // maybe a cocci patch should require something that looks like what is on
511 // the left above to occur in a if or while
512
513 // could worry that this has to be a simple statement, but this should work
514 // better as it allows + code on S
515 Statement
516 @ braces1 @
517 statement S;
518 @@
519 { ... S } => S
520
521 Statement
522 @ braces2 @
523 statement S;
524 @@
525 { ... S ... } => S
526
527 Statement
528 @ braces3 @
529 statement S;
530 @@
531 { S ... } => S
532
533 Statement
534 @ braces4 @
535 statement S;
536 @@
537 { S } => S
538
539 Statement
540 @ ret @
541 @@
542 return ...; => return;
543
544
545 // ---------------------------------------------------------------------------
546 // Declaration isomorphisms
547 // ---------------------------------------------------------------------------
548 // They are handled in engine (TODO)
549
550 // int i,j,k; <=> int i; int j; int k;
551
552
553 // ---------------------------------------------------------------------------
554 // Affectation/initialisation isomorphism
555 // ---------------------------------------------------------------------------
556 // They are handled in engine.
557 // 'X = Y' should also match 'type X = Y';
558
559 // ---------------------------------------------------------------------------
560 // Pointer/Array isomorphisms
561 // ---------------------------------------------------------------------------
562
563 // pointer arithmetic equivalences
564 // a + x <=> a[x]
565
566 // ---------------------------------------------------------------------------
567 // Pointer/Field isomorphisms
568 // ---------------------------------------------------------------------------
569
570 Expression
571 @ ptr_to_array @
572 expression E1, E2; // was pure, not sure why that's needed, not good for rule27
573 identifier fld;
574 @@
575
576 E1->fld => E1[E2].fld
577
578
579
580 TopLevel
581 @ mkinit @
582 type T;
583 pure context T E;
584 identifier I;
585 identifier fld;
586 expression E1;
587 @@
588
589 E.fld = E1; => T I = { .fld = E1, };
590
591 // ---------------------------------------------------------------------------
592 // more pointer field iso
593 // ---------------------------------------------------------------------------
594
595 // pure means that either the whole field reference expression is dropped,
596 // or E is context code and has no attached + code
597 // not really... pure means matches a unitary unplussed metavariable
598 // but this rule doesn't work anyway
599
600 Expression
601 @ fld_to_ptr @
602 type T;
603 pure T E;
604 pure T *E1;
605 identifier fld;
606 @@
607
608 E.fld => E1->fld
609
610
611 // ---------------------------------------------------------------------------
612 // sizeof isomorphisms
613 // ---------------------------------------------------------------------------
614
615 // The following is made redundant by the paren isomorphism
616 // Expression
617 // @ sizeof_parens @
618 // expression E;
619 // @@
620
621 // sizeof(E) => sizeof E
622
623
624 Expression
625 @ sizeof_type_expr @
626 pure type T; // pure because we drop a metavar
627 T E;
628 @@
629
630 sizeof(T) => sizeof(E)
631
632 // Expression
633 // @ fld_func_call @
634 // expression list ES;
635 // identifier fld;
636 // expression E;
637 // @@
638 // E.fld(ES) <=> (*E.fld)(ES)
639
640
641 // ****************************************************************************
642 // Linux specific isomorphisms
643 // ****************************************************************************
644
645 // Examples: many functions are equivalent/related, and one SP modifying
646 // such a function should also modify the equivalent/related one.
647
648
649 // ---------------------------------------------------------------------------
650 // in rule18, needed ?
651 // ---------------------------------------------------------------------------
652 // (
653 // - test_and_set_bit(ev, &bcs->event);
654 // |
655 // - set_bit(ev, &bcs->event);
656 // |
657 // - bcs->event |= 1 << ev; // the only case that is used
658
659
660 // ****************************************************************************
661 // Everything that is required to be in last position, for ugly reasons ...
662 // ****************************************************************************
Unnamed repository; edit this file 'description' to name the repository.