From: "Jörn Engel" <joern@wohnheim.fh-wedel.de>
To: Dan Carpenter <error27@gmail.com>
Cc: Sam Ravnborg <sam@ravnborg.org>,
smatch-discuss@lists.sf.net, linux-sparse@vger.kernel.org
Subject: Re: Moving smatch to use sparse
Date: Thu, 5 Oct 2006 12:25:42 +0200 [thread overview]
Message-ID: <20061005102542.GD23093@wohnheim.fh-wedel.de> (raw)
In-Reply-To: <a63d67fe0610050249j1cadc3bfk438b66ec8ad34586@mail.gmail.com>
On Thu, 5 October 2006 02:49:36 -0700, Dan Carpenter wrote:
> On 10/5/06, Sam Ravnborg <sam@ravnborg.org> wrote:
> >
> >For the mindless - can you please repeat what smatch does?
>
> It's a static code checker. Take a look at check_null_deref.c.
>
> You've got a function called match_assign() that gets called for every
> assignment:
>
> name = get_variable_from_expr(expr->left, &sym);
> name = alloc_string(name);
> if (is_null(expr->right))
> set_state(name, my_id, sym, ISNULL);
> else
> set_state(name, my_id, sym, NONNULL);
>
> Say it encounter the code: a = foo(), then it's going to set the
> state of 'a' to NONNULL;
>
> Then say it encounters a call to tty_ldisc_deref(), it's going to
> check the state of 'a' and if it's ISNULL or UNDEFINED it's going to
> print a message out.
>
> More often you have something like:
> a = NULL;
> if (b) {
> a = foo();
> }
> a->x; <---Error. 'a' is Undefined.
>
> The idea is that it's easy to write checks once all the state tracking
> code is in place.
>
> Use it like this:
> make C=1 CHECK=/path/to/smatch > warns.out 2>&1
One advantage over gcc or plain sparse is that code checking can be
done in two passes. Pass one collects all sorts of information for
every compilation unit. Pass two can then combine the information for
all compilation units and do global checking of some sort.
For example, the currently debated "may be used uninitialized" warning
in gcc is simply not able to detect something like:
foo.c:
int foo;
do_initialize(&foo);
do_something(foo);
bar.c:
void do_initialize(int *bar)
{
*bar = 0;
}
The code is 100% correct, but gcc only looks at foo.c and spits out a
warning. Smatch can do better than that - if someone writes a
checker.
Jörn
--
But this is not to say that the main benefit of Linux and other GPL
software is lower-cost. Control is the main benefit--cost is secondary.
-- Bruce Perens
next prev parent reply other threads:[~2006-10-05 10:25 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <a63d67fe0607140925h3665cd98ibc2fab07f6f80360@mail.gmail.com>
2006-07-16 0:42 ` Moving smatch to use sparse Dan Carpenter
2006-10-05 8:41 ` Dan Carpenter
2006-10-05 9:26 ` Sam Ravnborg
2006-10-05 9:49 ` Dan Carpenter
2006-10-05 10:25 ` Jörn Engel [this message]
2006-10-06 6:31 ` Dan Carpenter
2006-10-05 15:52 ` Michael Stefaniuc
2006-10-05 20:58 ` Dan Carpenter
2006-10-05 22:46 ` Michael Stefaniuc
2006-10-06 8:57 ` Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20061005102542.GD23093@wohnheim.fh-wedel.de \
--to=joern@wohnheim.fh-wedel.de \
--cc=error27@gmail.com \
--cc=linux-sparse@vger.kernel.org \
--cc=sam@ravnborg.org \
--cc=smatch-discuss@lists.sf.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).