Projects / SMATCH

SMATCH

SMATCH is a neat program designed to locate programming errors in any open source software project. Right now it is actively used to screen out errors inside the Linux kernel. There are two main parts to Smatch. The first is a patch to the gcc sources to screen out a lot of useful information. The second part is a collection of Perl scripts and libraries to analyze the information and report the findings.

Tags
Licenses
Operating Systems

RSS Recent releases

  •  04 Jul 2003 00:32

Release Notes: Lots of bugs have been fixed, and many new features added. Among the changes are a new format for var_decl, printing of more declaration information, and printing of function definition information.

  •  15 May 2003 03:51

Release Notes: This release handles struct initialization better. This should take care of most of the sm_unknown() problems.

  •  13 May 2003 06:18

Release Notes: Smatch now prints a message if there are any tree types that it doesn't know how to handle.

  •  08 Apr 2003 01:11

Release Notes: Parenthesis fixes were added.

  •  04 Apr 2003 15:59

Release Notes: This release changes to GNU-style indents and adds support for struct declarations.

RSS Recent comments

26 Mar 2003 18:55 brainless

Smatch in action !
If you want to witness smatch in action, please go to


kbugs.org/cgi-bin/inde... (kbugs.org/cgi-bin/inde...)


and see for yourself how smatch identifying all sorts of potential bugs, - MORE THAN 1,000 of them ! - and identifying scores of REAL bugs.

05 Feb 2003 02:47 error27

Re: Source code analyser?

> Is that a general purpose source code
> analyser (like ncc )?
> Can you for example generate the call
> flow for any C program ?
>
> Well, it seems like one.

I not familliar with ncc. It sounds different though.

The core of smatch is a modified gcc that creates .c.sm files and a support library "smatch.pm". The smatch.pm script traces all the state changes through the code paths.

The rest of smatch is made of the scripts that parse the .c.sm files and look for errors. Sometimes these are general purpose errors and sometimes they are specific to the Linux kernel.

Tonight, for example, I updated this script. As you can see, the script is not very long, mostly it was a cut and paste job. The rule for this script is that you should always know whether a spinlock is locked or unlocked. A call to _raw_spin_lock() sets the state to locked. A call to _raw_spin_unlock() sets the state to unlocked.

Typical errors look like this:

spin_lock();

if (foo){

spin_unlock();

}

spin_unlock();

That is an error because you can't tell whether the spinlock is locked or not coming out of the if statement.
(In smatch terminology that is a merge location because the true and false code paths are merged back together.) I added the double spin_unlock() to show what happens when programmers are not careful, but the script doesn't actually check for that, only for the undefined merge.

The script found 50 errors. A lot of them are obvious false positives. Some of the results are real errors. In this case there is forgotten goto on line 685. The error message is printed when the goto is merged on line 714.
But If you look carefully there is a double unlock on line 723.

>
> Does it work for C++ code?

For now, it only works for C. In a couple months I would like to look at other languages.

31 Jan 2003 07:11 ccat

Source code analyser?
Is that a general purpose source code analyser (like ncc (freshmeat.net/projects...))?
Can you for example generate the call flow for any C program ?

Well, it seems like one.

Does it work for C++ code?

18 Jan 2003 11:33 brainless

Some Useful Info About Smatch
Smatch is a way of finding errors in source code, especially the Linux kernel source.

Smatch is based on the papers about the Stanford Checker. Functionally Smatch is similar to the Stanford Checker but the implementation is completely different. At this point, Smatch is not finished yet but the large parts are written and looking at the code will give you a good idea of what the finished product will be.

Steps in installing Smatch:

1) Download gcc-3.1.1
2) zcat gcc-3.1.1.tar.gz | tar -xv
3) Download the smatch-patch from sourceforge
4) cd gcc-3.1.1 && zcat ../diff-smatch.gz | patch -p1
5) cd ..
6) mkdir build/
7) cd build/
8) ../gcc-3.1.1/configure --prefix=../build
--enable-languages=c
9) make

Bug database is at 67.116.240.35/cgi-bin/...

Screenshot

Project Spotlight

Magento One Step Checkout

One step check out is a magento extension. It's a simple way for the customers to complete the checkout.

Screenshot

Project Spotlight

libntru

A C implementation of NTRUEncrypt.