On Mon, 14 May 2012, Dan Carpenter wrote:
On Mon, May 14, 2012 at 09:07:55AM +0200, Arend van Spriel wrote:
Thanks for running smatch. I will look in the current code base and fix
this. Just out of curiosity: Another static checker used regularly is
Coccinelle. What are the pros and cons of smatch compared to Coccinelle?
Gr. AvS
That's a tricky question because of my obvious bias as the author
of Smatch, and I'm not an expert on Coccinelle. ;)
Smatch works on the preprocessed code and Coccinelle works on .c
code. So some things are easier to check for in Coccinelle. I've
generally found hacks to get the information I need in Smatch but
sometimes it's gnarly. So a one liner in Coccinelle is twenty lines
of code in Smatch which require in depth knowledge of Smatch and
Sparse.
Smatch doesn't fix the bugs it finds.
The other advantage for Coccinelle is that you can run it on other
architecture's code without setting up a cross compile environment.
What Smatch does that Coccinelle doesn't is that it tries to track
the values of all the variables. This means you can detect array
overflows, for example. Smatch tries to track values across
function calls as well, with the recent database work.
That's really the long term goal of Smatch, to track the value of
every variable in the kernel. But there is still a lot of work to
do. :P
That all seems accurate to me :)
julia
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html