insufficient dependency analysis
In parsing_cocci/parse_cocci.ml, in the function parse, eval_depend should return FailDep when it analyzes second, because first gives FailDep and second depends on first. But there seems to be no updating of the virt environment based on rules that are found to be irrelevant. This is done later, in checking whether rule can do anything useful, but it needs to be done here, so that we can accomodate both * and -+ rules in the same semantic patch.