Download the dependencies:
In Debian run:
apt-get install gcc make sqlite3 libsqlite3-dev libdbd-sqlite3-perl libssl-dev libtry-tiny-perl
Or in Fedora run:
yum install gcc make sqlite3 sqlite-devel sqlite perl-DBD-SQLite openssl-devel perl-Try-Tiny
Then Download and Build:
git clone https://github.com/error27/smatch
cd smatch
make -j
Test your code. I don’t bother actually installing Smatch.
cd path/to/kernel/src/
~/smatch/smatch_scripts/kchecker driver/dir/
Or if you just want to test one file the command is:
~/smatch/smatch_scripts/kchecker driver/dir/file.c
*DONE*
Smatch also does cross function analysis. If you want to do that the process is simple but building the database takes a hours and hours. `~/smatch/smatch_scripts/build_kernel_data.sh`. Every time you rebuild the database then it builds on the existing database. So each time you rebuild it the database grows. I find that that the call trees are basically complete after five rebuilds. I rebuild my database every day.
There is a script to examine the database in ~/smatch/smatch_data/db/smdb.py. It has information about how functions are called, what they return and where struct members are set. For example, if some functions are called as a function pointer and Smatch can give you that information so it can help you understand new code faster and it’s a very useful tool. I should try write a blog about the DB later.
Static Analysis by Dan Carpenter 
Leave a comment