GUI: Search Callers

JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

If you access the manual through the hub's Web GUI, the functionality will not be suppressed because the hub is a web server.
Alternatively, your browser may allow you to explicitly disable the security setting that suppresses functionality. See the CodeSonar FAQ for more information.

CodeSonar^® 9.0p0 Hot Tips

CONFIDENTIAL

CodeSecure Inc

GUI Reference: Search Callers

This page allows users to search the paths to a warning or code location, and displays the results.

The Search Callers page type is available for analyzed C/C++ code only.

Navigating To
Page Properties
Contents and Usage
Page Modes
Navigating From

Navigating To

Important Note: the CodeSonar Web GUI makes extensive use of JavaScript. Make sure JavaScript is enabled in your web browser.

A Search Callers page can be reached in any of the following ways.

From...	Action	Page Mode
Warning Report Extended Warning Report	Expand the warning details section and click tabular (on the Explore Callers line).	Warning
Explore Callers	Click Search Callers.	Matches the Explore Callers page mode.
Information Window (on any applicable page)	Click the tabular link under the Call Tree label. (Will be present on function call sites and function entry points.)	Ordinary
	Click the tabular link under the <token> is tainted [...] Find Source label. (Will be present for tainted tokens.)	Taint
	Click a tabular link under the <token> is tainted [...] Check Taint in Warning Context label. (Will be present for tainted tokens in Warning Reports and in the Line Content column of any table of warnings.)	Taint+Warning

Page Properties

Output formats

none

Visibility Filter Applied

none

RBAC Permissions Needed

Page Access	ANALYSIS_READ ANALYSIS_WARNING_READ

Contents and Usage

The following annotated screenshot shows the various parts of a Search Callers page.

Annotated Screenshot: Search Callers Page

Standard Header

See CodeSonar GUI Reference: Standard Header.

Breadcrumbs

Home > [Other_ProjectTree_Ancestors >] Project_Name > Analysis_Name > Search Callers

Where

Home links to the GUI Home page.
Together with the Home link (corresponding to the root project tree), Other_ProjectTree_Ancestors represents the project tree ancestors of the analyzed project as a >-separated sequence of project tree names. Each name links to the corresponding Project Tree page.
Project_Name links to the corresponding Project page.
Analysis_Name links to the corresponding Analysis page.

Page Heading

Project_Name : Analysis_Name : Search Callers leading to <location/mode>

Project_Name

The project for which the warning was issued.

Analysis_Name

The analysis in which the warning was issued.

Warning_Class

Links to the warning report for the warning.

<location/mode>

Is a short descriptive string that depends on the page mode.

Page Mode	<location/mode> string
Ordinary	**Func_Name at File_Name:line_num** with a link to line line_num in the source listing for file File_Name.
Taint	Taint at token
Warning	**Warning_Class at File_Name:line_num** with a link to the corresponding Warning Report.
Taint+Warning	**Warning_Class at File_Name:line_num / Taint at token** with a link to the corresponding Warning Report.

Search Tool

A Search Callers query is a space-separated list of substrings to be (case-sensitive) matched against the procedure names appearing in paths. To specify that substring S should be excluded, use -S. For example:

query	...matches...	...but not
eval -print	evalfile → main eval_and_free → next → main	eval_and_free → print → main

To search the paths to a warning:

Enter your query in the text field.
Click Search Callers.

The page will expand to display the search results.

Search Results

Search results are presented in a table, unless there are no paths matching the query.

annotated screenshot fragment: search result table

table navigation

Indicates which of the search results are shown on the current page. If there are multiple pages of results, < previous and next > links provide navigation to other pages.

paths matching the query

Each row of the table contains a call graph path that matches the query. If the query contained a single non-negated substring, function names that exactly match the substring are highlighted. Click any path to view its expanded path entry.

rightmost procedure

The rightmost procedure is the same for every path in the table, and corresponds to the first procedure in the warning's core path. The remainder of the core path (if any) is not explicitly displayed.

"check paths" links and results

Click check paths to perform path checking for the current page of results. For full details, see Checking Paths: Search Callers.

expanded path entry

Click on any table row to view the expanded path entry; click again to hide it (note that clicking directly on a procedure name in the row will open a pop-up menu instead). The expanded path entry contains additional information and functionality for the path:

Warning Detected	[Warning page mode only] Provides warning feasibility checking results and functionality. For full details, see Checking Paths: Search Callers.
Taint Detected	[Taint page mode only] Provides taint propagation checking results and functionality. For full details, see Checking Paths: Search Callers.
Warning With Taint Detected	[Taint+Warning page mode only] Provides taint propagation checking in warning context results and functionality. For full details, see Checking Paths: Search Callers.
View Path	Provides alternatives for examining the path: listing : Click to open a new GUI page showing the selected path. The type of page that will open depends on the current page mode. Taint mode: Tainted Value Warning, Taint+Warning: Extended Warning Report Ordinary: listing option is not present side-by-side source listing graphical (lite): explore callers (with the same page mode as the current page)
Call Stack	Lists additional information about each procedure on the path: the File in which it is defined, and the Line number (in that file) of the procedure entry point.

pop-up menu

Right-click any procedure name in the table to open a pop-up menu.

screenshot fragment: pop-up menu

Stay highlighted

Highlights all occurrences of the procedure name in the table. A check mark is displayed next to this menu item when the procedure name is highlighted: select it again to remove the highlighting (and check mark).

Up to five procedure names can be highlighted at once; each will be given a different color.

Go to definition

Navigate to the definition location. There are three navigation options:

Navigate in the current tab.
Navigate in a new tab.
[anywhere else on the menu item] Navigate in the code tab of the information window.

Lock information window

Locks the information window content to the current procedure.

information window

The information window is available on this page. Hover over a node in the graph to display information about the corresponding procedure.

Standard Footer

See CodeSonar GUI Reference: Standard Footer

Page Modes

Depending on the context in which you navigated to the Search Callers page, it will be in one of four modes.

Mode	Page Behavior
Ordinary	No additional functionality. Path checking is not available.
Taint	Path checking is performed with respect to taint propagation. The table of results has a "Taint Detected" column. Each expanded path entry has a "Taint Detected" field. The View Path: listing link in each expanded path entry navigates to a Tainted Value page.
Warning	Path checking is performed with respect to warning feasibility. The table of results has a "Warning Detected" column. Each expanded path entry has a "Warning Detected" field. The View Path: listing link in each expanded path entry navigates to an Extended Warning Report.
Taint+Warning	Path checking is available for taint propagation in warning context. The table of results has a "Warning With Taint Detected" column. Each expanded path entry has both a "Warning Detected" field and a "Taint Detected" field. The View Path: listing link in each expanded path entry navigates to an Extended Warning Report.

Navigating From

view the standard warning report	Click the warning ID in the page breadcrumbs or the warning class name in the page heading.
view a path in an extended warning report	Click the warning report link in the expanded path entry.
view a path in the explore callers page	Click the graphical (lite) link in the expanded path entry.
view the side by side code listings for a path	Click the side-by-side source link in the expanded path entry.
view a source listing (scrolled to a procedure definition)	Right-click an occurrence of the procedure name and select Go to definition from the pop-up menu that opens.
view parent analysis information	Click the analysis name in the page breadcrumbs.
view parent project information	Click the project name in the page breadcrumbs.