From c1d6628c9433c09ff62f916f2b933ee12995e9d8 Mon Sep 17 00:00:00 2001
From: Patrick Steinhardt <ps@pks.im>
Date: Tue, 18 Feb 2025 08:45:56 +0100
Subject: [PATCH] meson: wire up static analysis via Coccinelle

Wire up static analysis via Coccinelle via a new test target
"coccicheck". This target can be executed via `meson compile coccicheck`
and generates the semantic patch for us.

Note that we don't hardcode the list of source and header files that
shall be analyzed, and instead use git-ls-files(1) to find them for us.
This is because we also want to analyze files that may not get built on
the current platform, so finding all sources at configure time is easier
than introducing a new variable that tracks all sources, including those
which aren't being built.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---
 contrib/coccinelle/meson.build | 89 ++++++++++++++++++++++++++++++++++
 contrib/meson.build            |  1 +
 meson_options.txt              |  2 +
 3 files changed, 92 insertions(+)
 create mode 100644 contrib/coccinelle/meson.build

diff --git a/contrib/coccinelle/meson.build b/contrib/coccinelle/meson.build
new file mode 100644
index 0000000000..5d76a7fee6
--- /dev/null
+++ b/contrib/coccinelle/meson.build
@@ -0,0 +1,89 @@
+spatch = find_program('spatch', required: get_option('coccinelle'))
+if not spatch.found()
+  subdir_done()
+endif
+
+third_party_sources = [
+  ':!contrib',
+  ':!compat/inet_ntop.c',
+  ':!compat/inet_pton.c',
+  ':!compat/nedmalloc',
+  ':!compat/obstack.*',
+  ':!compat/poll',
+  ':!compat/regex',
+  ':!sha1collisiondetection',
+  ':!sha1dc',
+  ':!t/unit-tests/clar',
+  ':!t/unit-tests/clar',
+  ':!t/t[0-9][0-9][0-9][0-9]*',
+]
+
+rules = [
+  'array.cocci',
+  'commit.cocci',
+  'config_fn_ctx.pending.cocci',
+  'equals-null.cocci',
+  'flex_alloc.cocci',
+  'free.cocci',
+  'git_config_number.cocci',
+  'hashmap.cocci',
+  'index-compatibility.cocci',
+  'object_id.cocci',
+  'preincr.cocci',
+  'qsort.cocci',
+  'refs.cocci',
+  'strbuf.cocci',
+  'swap.cocci',
+  'the_repository.cocci',
+  'xcalloc.cocci',
+  'xopen.cocci',
+  'xstrdup_or_null.cocci',
+  'xstrncmpz.cocci',
+]
+
+concatenated_rules = custom_target(
+  command: [
+    'cat', '@INPUT@',
+  ],
+  input: rules,
+  output: 'rules.cocci',
+  capture: true,
+)
+
+sources = [ ]
+foreach source : run_command(git, '-C', meson.project_source_root(), 'ls-files', '--deduplicate', '*.c', third_party_sources, check: true).stdout().split()
+  sources += source
+endforeach
+
+headers = [ ]
+foreach header : run_command(git, '-C', meson.project_source_root(), 'ls-files', '--deduplicate', '*.h', third_party_sources, check: true).stdout().split()
+  headers += meson.project_source_root() / header
+endforeach
+
+patches = [ ]
+foreach source : sources
+  patches += custom_target(
+    command: [
+      spatch,
+      '--all-includes',
+      '--sp-file', concatenated_rules,
+      '--patch', meson.project_source_root(),
+      '@INPUT@',
+    ],
+    input: meson.project_source_root() / source,
+    output: source.underscorify() + '.patch',
+    capture: true,
+    depend_files: headers,
+  )
+endforeach
+
+concatenated_patch = custom_target(
+  command: [
+    'cat', '@INPUT@',
+  ],
+  input: patches,
+  output: 'cocci.patch',
+  capture: true,
+)
+
+alias_target('coccicheck', concatenated_patch)
diff --git a/contrib/meson.build b/contrib/meson.build
index 569c23ee76..a88c5dfe09 100644
--- a/contrib/meson.build
+++ b/contrib/meson.build
@@ -2,4 +2,5 @@ foreach feature : get_option('contrib')
   subdir(feature)
 endforeach
 
+subdir('coccinelle')
 subdir('credential')
diff --git a/meson_options.txt b/meson_options.txt
index c51ba88d85..afa908d6c5 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -101,6 +101,8 @@ option('docs_backend', type: 'combo', choices: ['asciidoc', 'asciidoctor', 'auto
   description: 'Which backend to use to generate documentation.')
 
 # Testing.
+option('coccinelle', type: 'feature', value: 'auto',
+  description: 'Provide a coccicheck target that generates a Coccinelle patch.')
 option('tests', type: 'boolean', value: true,
   description: 'Enable building tests. This requires Perl, but is separate from the "perl" option such that you can build tests without Perl features enabled.')
 option('test_output_directory', type: 'string',