On Wed, 11 Jan 2012, Robert Gomulka wrote:
Thanks again. Would you be so kind to help me with the following thing?// RG - detect invalid pointer usage // invalid - after realloc or free @r@ expression E; type T; position p; @@ ( E = (T) realloc@p(E,...) | E = (T) my_realloc@p(E, ...) ) @@ expression E, E2, E3; identifier fld; identifier func !~ "dbg"; position p2 != r.p; @@ ( realloc@p2(E, ...) | my_realloc@p2(E, ...) | free(E) | my_free(E) ) ... ( E = E2; | - *E + BUG(*E) | - E[E3] + BUG(E[E3]) | - E->fld + BUG(E) | -func(E) +BUG(E) | func(..., - E, + BUG(E), ...) ) 1. Without func(E) -> BUG(E) double free is not catched. Why? Why doesn't the following work? | -func(E) +func(BUG(E)) (I get EXN:Invalid_argument("equal: abstract value")) 2. Related to 1 - why do I get: EXN:Invalid_argument("equal: abstract value") for some files with posted version? Is it related to http://comments.gmane.org/gmane.comp.version-control.coccinelle/1758?
The problem is that the implementor of the PCRE library was overly conservative and does not allow even pointer equality of compiled regular expressions. I have fixed the problem. But we are working right now on the compilation problem you noted before making the release.
Does that answer the question? If not, could you make a smaller semantic patch that illustrates the problem and send it with some test data?
thanks, julia _______________________________________________ Cocci mailing list [email protected] http://lists.diku.dk/mailman/listinfo/cocci (Web access from inside DIKUs LAN only)
