[Cocci] Sources with high badcount

Post by Francois-Xavier Le Bail
Hi,
I got high badcounts with some sources.

What is strange is that there is no BAD line. I will try to see what the
problem is.

julia

Post by Francois-Xavier Le Bail
https://raw.githubusercontent.com/the-tcpdump-group/tcpdump/master/print-bootp.c
Options are: --debug --verbose-parsing --no-includes
=======================================================================
init_defs_builtins: /usr/local/bin/../lib/coccinelle/standard.h
-----------------------------------------------------------------------
processing semantic patch file: ../u_char_p.cocci
with isos from: /usr/local/bin/../lib/coccinelle/standard.iso
-----------------------------------------------------------------------
@@
u_char *p;
@@
* p
HANDLING: print-bootp.c
-----------------------------------------------------------------------
let's go
-----------------------------------------------------------------------
-----------------------------------------------------------------------
ERROR-RECOV: found sync '}' at line 402
parsing pass2: try again
(ONCE) CPP-DEFINE: inside function, I treat it as comment
(ONCE) CPP-UNDEF: inside function, I treat it as comment
ERROR-RECOV: found sync '}' at line 402
parsing pass3: try again
PB: not found closing brace in fuzzy parsing
ERROR-RECOV: found sync '}' at line 402
parsing pass4: try again
PB: not found closing brace in fuzzy parsing
ERROR-RECOV: found sync '}' at line 402
parse error
= File "print-bootp.c", line 1116, column 0, charpos = 31388
around = '',
whole content =
badcount: 125
bad: };
bad: /*
bad: * Print bootp requests
bad: */
bad: void
bad: bootp_print(netdissect_options *ndo,
bad: const u_char *cp, u_int length)
bad: {
bad: const struct bootp *bp;
bad: static const u_char vm_cmu[4] = VM_CMU;
bad: static const u_char vm_rfc1048[4] = VM_RFC1048;
bad: uint8_t bp_op, bp_htype, bp_hlen;
bad: bp = (const struct bootp *)cp;
bad: ND_TCHECK(bp->bp_op);
bad: bp_op = EXTRACT_U_1(bp->bp_op);
bad: ND_PRINT((ndo, "BOOTP/DHCP, %s",
bad: tok2str(bootp_op_values, "unknown (0x%02x)", bp_op)));
[...]
=======================================================================
The line 402 is the closing '}' of the 'bootp_print' function.
Any clue ?
--
Francois-Xavier
_______________________________________________
Cocci mailing list
https://systeme.lip6.fr/mailman/listinfo/cocci

Julia Lawall

2018-01-04 14:09:16 UTC

Post by Francois-Xavier Le Bail
Hi,
I got high badcounts with some sources.

Actually, in this case there are just some parse errrors in the code.

ND_PRINT((ndo, " from %s", etheraddr_string(... (line 302)
This is missing one )

ND_PRINT((ndo, ", hops %d", EXTRACT_U_1(... (line 322)
This has one ) too many.

julia

Francois-Xavier Le Bail

2018-01-04 14:48:03 UTC

Post by Francois-Xavier Le Bail
Hi,
I got high badcounts with some sources.

Actually, in this case there are just some parse errrors in the code.
ND_PRINT((ndo, " from %s", etheraddr_string(... (line 302)
This is missing one )
ND_PRINT((ndo, ", hops %d", EXTRACT_U_1(... (line 322)
This has one ) too many.

Bingo !

Thank you.

Do you have an option or a tool to find these errors ?
Because neither gcc nor clang find them !

--
Francois-Xavier

Julia Lawall

2018-01-04 14:53:23 UTC

Post by Francois-Xavier Le Bail
Hi,
I got high badcounts with some sources.

Actually, in this case there are just some parse errrors in the code.
ND_PRINT((ndo, " from %s", etheraddr_string(... (line 302)
This is missing one )
ND_PRINT((ndo, ", hops %d", EXTRACT_U_1(... (line 322)
This has one ) too many.

Bingo !
Thank you.
Do you have an option or a tool to find these errors ?
Because neither gcc nor clang find them !

No. Actually the parser is built on the assumption that the code has been
approved by the compiler. I'm really puzzled why gcc/clang did not
complain. Perhaps the whole fils is just ifdefd out.

I don't know why it didn't put BAD on some line, but I guess it was pretty
disoriented. It already seems to have a special handling of macros that
have a single argument that is an argument list, ie ND_PRINT. That macro
is mentioned at the top of the --parse-c output. Maybe it can be helpful
to look around the things that are mentioned there.

julia

Francois-Xavier Le Bail

2018-01-04 15:10:28 UTC

Post by Francois-Xavier Le Bail
Hi,
I got high badcounts with some sources.

Actually, in this case there are just some parse errrors in the code.
ND_PRINT((ndo, " from %s", etheraddr_string(... (line 302)
This is missing one )
ND_PRINT((ndo, ", hops %d", EXTRACT_U_1(... (line 322)
This has one ) too many.

Bingo !
Thank you.
Do you have an option or a tool to find these errors ?
Because neither gcc nor clang find them !

No. Actually the parser is built on the assumption that the code has been
approved by the compiler. I'm really puzzled why gcc/clang did not
complain. Perhaps the whole fils is just ifdefd out.

Not ifdefd out in this case.

Post by Julia Lawall
I don't know why it didn't put BAD on some line, but I guess it was pretty
disoriented. It already seems to have a special handling of macros that
have a single argument that is an argument list, ie ND_PRINT. That macro
is mentioned at the top of the --parse-c output. Maybe it can be helpful
to look around the things that are mentioned there.

After doing the ')' fixes. I got:
BAD:!!!!! bp = (const struct bootp *);

The source line is:
bp = (const struct bootp *)cp;

I have also the message 'set verbose_parsing for more info' but the '--verbose-parsing' option was used.

--
Francois-Xavier

Julia Lawall

2018-01-04 15:19:40 UTC