Hello, I am attempting to create a coccinelle script that will detect possibly buggy usage of the bitwise operators where integer promotion may result in bugs, usually due to sign extension.
I know this script needs a lot more work, but I am just beginning to learn the syntax of coccinelle. At this stage I am mainly looking for advice if this is even worth continuing, or if I am on the wrong track entirely. Here is an example of the bug I hope to find: https://lore.kernel.org/lkml/20210317013758.ga134...@roeck-us.net/ Where ints and unsigned are mixed in bitwise operations, and the sizes differ. Thanks Evan Benn Signed-off-by: Evan Benn <evanb...@chromium.org> --- .../coccinelle/tests/int_sign_extend.cocci | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 scripts/coccinelle/tests/int_sign_extend.cocci diff --git a/scripts/coccinelle/tests/int_sign_extend.cocci b/scripts/coccinelle/tests/int_sign_extend.cocci new file mode 100644 index 000000000000..bad61e37e4e7 --- /dev/null +++ b/scripts/coccinelle/tests/int_sign_extend.cocci @@ -0,0 +1,35 @@ +// SPDX-License-Identifier: GPL-2.0-only +/// Mixing signed and unsigned types in bitwise operations risks problems when +/// the 'Usual arithmetic conversions' are applied. +/// For example: +/// https://lore.kernel.org/lkml/20210317013758.ga134...@roeck-us.net/ +/// When a signed int and an unsigned int are compared there is no problem. +/// But if the unsigned is changed to a unsigned long, for example by using BIT +/// the signed value will be sign-extended and could result in incorrect logic. +// Confidence: +// Copyright: (C) 2021 Evan Benn <evanb...@chromium.org> +// Comments: +// Options: + +virtual context +virtual org +virtual report + +@r@ +position p; +{int} s; +{unsigned long} u; +@@ + s@p & u + +@script:python depends on org@ +p << r.p; +@@ + +cocci.print_main("sign extension when comparing bits of signed and unsigned values", p) + +@script:python depends on report@ +p << r.p; +@@ + +coccilib.report.print_report(p[0],"sign extension when comparing bits of signed and unsigned values") -- 2.31.0.291.g576ba9dcdaf-goog
