CodeSonar Release 3.4p0 Release Notes

JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

If you access the manual through the hub's Web GUI, the functionality will not be suppressed because the hub is a web server.
Alternatively, your browser may allow you to explicitly disable the security setting that suppresses functionality. See the CodeSonar FAQ for more information.

CodeSonar^® 9.0p0 Hot Tips

CONFIDENTIAL

CodeSecure Inc

Release Notes

CodeSonar Release 3.4, patchlevel 0: Release Notes

Official release date: August 17, 2009.

Major New Features

Incrementality: CodeSonar projects can now be updated and re-analyzed based on incremental builds of the underlying software project.

Warning Processors: scripts and executables can be invoked on warnings as they are submitted to the hub or as requested by a user.

Alerts are now issued by the CodeSonar build/analysis

SSL Support: CodeSonar hubs can be configured to use HTTPS using the Configure HTTPS page in the Web GUI. If necessary, the Generate SSL Certificate page can be used to generate a new self-signed certificate for use with the hub.

Notes on Upgrading

CodeSonar 3.4p0 includes changes to the internal representation of CodeSonar projects. As a consequence, GUI source listing pages from projects built with earlier versions of CodeSonar will not be viewable on hubs running CodeSonar 3.4p0. The source excerpts included in GUI warning reports will still be visible. Rebuild your projects with CodeSonar 3.4p0 to make source listing pages available.
If you have edited any configuration files, see the manual section on updating configuration files.
The Windows installer will not install CodeSonar in a directory that already exists. If you intend to install in the same location as a a previous version of CodeSonar, and you have edited any files in the installation directory, make copies of those files before you delete the directory.

More Information on the Major New Features

Incrementality

Suppose a user has an underlying software project S and a CodeSonar project P that was generated by performing the CodeSonar build/analysis on S. Then an incremental build/analysis of P works as follows.

The CodeSonar builder observes an incremental build of S and makes the corresponding adjustments to P.
CodeSonar re-analyzes only the parts of P that are affected by the incremental build.

This introduces the new notions of "parent" and "child" analysis. Information about these relationships is available from Project and Analysis pages in the Web GUI.

The CodeSonar Plug-In API now provides support for handling warning retraction in incremental analyses.

For full details, see the manual section on incrementality.

Warning Processors

Common uses for warning processors include:

Integrating CodeSonar with other software products.
Automatically setting properties for new warnings in cases where the WARNING_FILTER configuration file variable is unsuitable.

A new Manage Warning Processors page in the Web GUI allows installation and uninstallation of warning processors. The GUI Warning Report page and Change Multiple Warnings functionality have been expanded to allow users to apply selected warning processors to warnings or sets of warnings.

Several example warning processors are shipped with CodeSonar.

For full details, see the manual section on warning processors.

Alerts

CodeSonar issues alerts when certain problems arise with the build/analysis. There are two alert levels: red and yellow. Issued alerts are displayed on the Analysis Page; each alert message links to further information about the problem and how to resolve it.

The red alerts are:

num Parse Errors (where num ≥ 200)
Bad File System
num Bad Configuration File Settings
num Bad Extension Constructs

The yellow alerts are:

num Parse Errors (where num < 200)
num Undefined Functions
Incremental Parent Analysis Absent

For full information, see the manual section on alerts.

Other New Features

Many New Warning Classes and Checks

This version of CodeSonar includes many new warning classes and checks, including:

New warning classes to support the Power of Ten rules for writing safety-critical software.
Greatly expanded coverage of Win32, Linux Kernel, Nucleus, and VXWorks library functions in new and existing warning classes.

The changes are described below.

New GUI Functionality

The new Manage Warning Processors page allows the Administrator to enable and disable warning processors, and to add new warning processors.
The new Account Editor page allows the Administrator to change the settings for a user account, or delete the account entirely.
The new Configure HTTPS page allows the Administrator to specify an SSL/TLS certificate for the hub, and to enable/disable HTTPS.
The new Generate SSL Certificate page allows the Administrator to generate a self-signed SSL/TLS certificate, which will be uploaded to the hub and used to enable HTTPS.
The Analysis page now displays Alerts produced by the build/analysis. It also provides a timing estimate if the analysis is still in progress. If the analysis has an incremental parent and/or incremental child(ren), links to these analyses are provided.
Warning processors can now be applied from the Warning Report page, and through the Change Multiple Warnings feature available on the Analysis and Search Results pages.
Source code listings are now paginated.

New Configuration Files and Configuration File Parameters

The set of configuration files used by the build and analysis have changed. See the manual section on configuration files for full details.

New Parameter	Notes
ANALYSIS_NAME	Specifies a name for the analysis.
BAD_FUNCTION_REGEX BAD_FUNCTION_MESSAGE BAD_FUNCTION_CATEGORIES BAD_FUNCTION_RANK	Together specify a warning class based on function name.
DFS_MAX_LOCAL_VISITED	Used by the Recursion and Dynamic Allocation After Initialization checks: specifies a bound on the number of procedures visited by a single local depth-first search.
DFS_MAX_VISITED_COEFFICIENT DFS_MAX_VISITED_CONSTANT	Used by the Recursion and Dynamic Allocation After Initialization checks to compute an upper bound on the number of procedures the depth-first search in these checks can visit in an incremental run.
EXTRA_COMPILATION_UNITS +=	Among other uses, replaces the previous mechanism for including custom checks written with the extension API and compiled with xcc.
FLOAT_IS_ADVERSARIAL	Specifies whether all floating point values should be considered adversarial.
FORMAT_STRING_CHECKER_CHECKED_FUNCS += position, regex	Replaces extension function csonar_format_string_check(regex, position).
FORMAT_STRING_CHECKER_IGNORED_FUNCS += position, regex	Replaces extension function csonar_ignore_format_string(regex, position).
INCREMENTAL_BUILD	Specifies whether or not the build/analysis should run in incremental mode.
MAX_PERMITTED_DEREFS	Used by the Too Many Dereferences check: specifies the maximum number of dereferencing levels permitted on a single item.
MIN_ASSERTS	Used by the Not Enough Assertions check: specifies the minimum number of assertions each function must contain.
MIN_ASSERTS_FUNCTION_LENGTH	Used by the Not Enough Assertions check: specifies the minimum length a function must have to be subject to the check.
NULL_SENTINEL_CHAR_SIZE	Specifies the maximum sized integer that should be considered a character type for the purpose of tracking the null-terminator position.
PLUGINS	Specifies CodeSonar plug-ins to load.
PTR_INSIDE_TYPEDEF_EXCEPTION	Used by the Pointer Type Inside Typedef check: specifies types whose typedefs are allowed to contain pointer types.
RETURN_CHECKER_CHECKED_FUNCS += regex	Replaces extension function csonar_return_check(regex).
RETURN_CHECKER_IGNORED_FUNCS += regex	Replaces extension function csonar_ignore_return(regex).
VOLATILE_IS_UNKNOWABLE	Specifies whether reads through volatile types always result in unknown values.
WARN_POINTER_AT_END	Specifies whether Pointer Past End of Object warnings should be issued for pointers that point to exactly the end of an object.

CWE Version

This version of CodeSonar uses CWE v1.5 (released July 27, 2009).

codesonar Command Changes

See the manual section on the codesonar command for examples and links to full documentation.

codesonar hook-html and codesonar hook now take an optional NAME=analysis_name argument.
codesonar hook-html now takes an optional -foreground argument. When this is specified, the CodeSonar build/analysis will run in the foreground (otherwise it runs in the background).
codesonar create-conf creates one or more configuration files for a specified project.
codesonar get downloads a specified page from the Web GUI.

Warning Class Changes

Support for Power of Ten Checks

"The Power of Ten" refers to a set of ten rules developed by Gerard Holzmann of the NASA Jet Propulsion Laboratory for use in writing safety-critical software. The rules are simple, but they specify strict limits on the forms code can take.

A number of new warning classes supporting these checks have been added to CodeSonar. Each warning class that is associated with a Power of Ten rule has POW10:num in its category list, where num is the rule number.

For full details, see the manual section on Power of Ten checks.

Expanded Coverage for Win32, Linux Kernel, VxWorks, and Nucleus Libraries

Checks for the Leak warning class now take into account functions from the Win32, Linux Kernel, VxWorks, and Nucleus libraries that allocate and release dynamic resources. Similarly, Misaligned Object and Type Mismatch warnings can be triggered by functions from these libraries that use or release dynamic resources.

Calls to Win32 functions with important return values have Ignored Return Value checking enforced.

The following new warning classes are Win32-specific.

New Warning Classes

Many of these new warning classes are disabled by default: see the individual warning class documentation pages for details.

Deleted Warning Classes

The following warning classes have been superseded by Type Mismatch

LANG.ALLOC.DAOCM Delete[] Object Created by malloc
LANG.ALLOC.DAOCN Delete[] Object Created by new
LANG.ALLOC.DOCM Delete Object Created by malloc
LANG.ALLOC.DOCNA Delete Object Created by new[]
LANG.ALLOC.FOCNA Free Object Created by new[]
LANG.ALLOC.FOCN Free Object Created by new

API Changes

Plug-In API

The plug-in API has been expanded to support incrementality.

New Plug-In API Functions

csonar_get_analysis_mode()
codesonar:get-analysis-mode
Retrieves the mode of the current CodeSonar process, allowing users to determine whether or not a build/analysis is incremental.
csonar_add_abs_loc_visitor()
codesonar:add-abs-loc-visitor
Adds a depth-first phase visitor for ABS_LOCs. This replaces csonar_add_pdg_declaration_visitor() / codesonar:add-pdg-declarations-visitor
csonar_add_program_drop_visitor
codesonar:add-program-drop-visitor
If the build/analysis is taking place in incremental mode, the specified visitor will be called during the drop phase if anything in the project has been dropped.
csonar_add_uid_drop_visitor()
codesonar:add-uid-drop-visitor
If the build/analysis is taking place in incremental mode, the specified visitor will be applied to a compilation unit during the drop phase if the compilation unit has been dropped, a file static in the compilation unit has been dropped, or the compilation unit include tree has changed.
csonar_add_pdg_drop_visitor()
codesonar:add-pdg-drop-visitor
If the build/analysis is taking place in incremental mode, the specified visitor will be applied to a PDG during the drop phase if the PDG has been dropped, a function static variable in the PDG has been dropped, or a PDG_VERTEX in the PDG has been dropped.
csonar_add_global_abs_loc_drop_visitor()
codesonar:add-global-abs-loc-drop-visitor
If the build/analysis is taking place in incremental mode, the specified visitor will be applied to a global ABS_LOC during the drop phase if it has been dropped.

Modified Plug-In API Functions

Modified Function	Notes
cs_xform_query()	Renamed to csonar_xform_query(). (Scheme function name is still codesonar:xform-query.)
csonar_report_warning() csonar_report_path_warning() csonar_report_step_path_warning() csonar_report_location_warning() csonar_report_locations_warning()	Now have an additional in-out cs_warning_retraction_info_t parameter.
codesonar:report-point-warning codesonar:report-path-warning codesonar:report-step-path-warning codesonar:report-location-warning codesonar:report-locations-warning	Now have an additional RETRACTION_INFO parameter and return a REPORT_SUBMISSION_RESULT.

Deleted Plug-In API Functions

Deleted Function	Notes
csonar_add_pdg_declaration_visitor() codesonar:add-pdg-declarations-visitor	Use csonar_add_abs_loc_visitor() / codesonar:add-abs-loc-visitor instead.

Extension API Changes

Several functions have been deleted from the extension API and replaced by configuration file parameters:

Deleted Function	Replacement Configuration Parameter and Setting
csonar_return_check ( regex )	RETURN_CHECKER_CHECKED_FUNCS += regex
csonar_ignore_return ( regex )	RETURN_CHECKER_IGNORED_FUNCS += regex
csonar_format_string_check( regex, position)	FORMAT_STRING_CHECKER_CHECKED_FUNCS += position, regex
csonar_ignore_format_string(regex, position )	FORMAT_STRING_CHECKER_IGNORED_FUNCS += position, regex

General-Purpose API

New General-Purpose API Functions

cs_result cs_abs_loc_uid_line( aloc, uid, line)
Find the compilation unit uid and line (of the smallest offset) of a declaration for aloc.
cs_result cs_pdg_uid_line( pdg, uid, line)
Find the compilation unit uid and line (of the smallest offset) of the entry vertex for pdg.
cs_result cs_pdg_locals_iter_first( pdg, aloc, itr)
cs_result cs_pdg_locals_iter_next( aloc, itr)
cs_result cs_pdg_locals_iter_close( itr)
Set up and use an iterator to traverse the local ABS_LOCs in pdg.
(pdg-for-each-local cl pdg) : BOOLEAN
Traverse the local ABS_LOCs in pdg, applying cl to each in turn.
cs_result cs_pdg_vertex_uid_line( pdgv, uid, line)
Find the compilation unit uid and line (of the smallest offset) of PDG_VERTEX pdgv.
cs_result cs_pdg_vertex_actuals_out_as_list(pdgv, actual_outs, capacity_bytes, bytes_needed)
( pdg-vertex-actuals-out-as-list pdgv) : [PDG_VERTEX]
Get a list of the actual-out PDG_VERTEXes associated with a given call site vertex pdgv.
cs_result cs_sdg_uids_iter_first( uid, itr)
cs_result cs_sdg_uids_iter_next( uid, itr)
cs_result cs_sdg_uids_iter_close( itr)
Set up and use an iterator to traverse the compilation unit UIDs for the current project.
(sdg-for-each-uid cl)
Traverse the compilation unit UIDs for the current project, applying cl to each in turn.
cs_result cs_uid_off_to_uid_line( uid, offset, line)
Given a compilation unit uid and an offset in that unit, determine the compilation unit line (after preprocessing) on which that offset occurs.
cs_result cs_uid_nonlocals_iter_first(uid, aloc, itr)
cs_result cs_uid_nonlocals_iter_next( aloc, itr)
cs_result cs_uid_nonlocals_iter_close(itr)
Set up and use an iterator to traverse the nonlocal ABS_LOCs in the compilation unit specified by uid.
(uid-for-each-nonlocal cl uid) : BOOLEAN
Traverse the nonlocal ABS_LOCs in the compilation unit specified by uid, applying cl to each in turn.
cs_boolean cs_uid_is_user_unit( uid)
(uid-is-user-unit? uid): BOOLEAN
Check: does uid correspond to a user-generated compilation unit?
cs_result cs_sdg_retain_unnormalized_c_ast( is_retained )
( sdg-retain-unnormalized-c-ast?): BOOLEAN
Check: has the project been built to retain unnormalized C ASTs?

Modified General-Purpose API Functions

C Functions:

C function	Modification
csonar_report_location_warning()	Now return cs_result (not void).
csonar_report_locations_warning()
csonar_report_path_warning()
csonar_report_step_path_warning()
csonar_report_warning()
cs_pdg_abs_loc_cond_killed_vertices(...pdg...)	Now return CS_PDG_IS_UNDEFINED when pdg represents an undefined function
cs_pdg_abs_loc_killed_vertices(... pdg...)
cs_pdg_abs_loc_may_killed_vertices(... pdg...)
cs_pdg_abs_loc_set_cond_killed_vertices(...pdg...)
cs_pdg_abs_loc_set_killed_vertices(... pdg...)
cs_pdg_abs_loc_set_may_killed_vertices(...pdg...)
cs_pdg_abs_loc_set_used_vertices(... pdg...)
cs_pdg_abs_loc_used_vertices(... pdg...)
cs_pdg_call_sites(... pdg...)
cs_pdg_declarations(... pdg...)
cs_pdg_entry_basic_block(... pdg...)
cs_pdg_entry_vertex(... pdg...)
cs_pdg_exceptional_exits(... pdg...)
cs_pdg_exit_basic_block(... pdg...)
cs_pdg_exit_vertex(... pdg...)
cs_pdg_formals_in(... pdg...)
cs_pdg_formals_in_as_list(... pdg...)
cs_pdg_formals_out(... pdg...)
cs_pdg_gmod_abs_loc_set(... pdg...)
cs_pdg_gref_abs_loc_set(... pdg...)
cs_pdg_normal_exit(... pdg...)
cs_pdg_retrieve_basic_block(... pdg...)
cs_pdg_retrieve_vertex(... pdg...)
cs_pdg_vertices(... pdg...)

Scheme Functions:

Scheme function	Modification
(file-get-line-num ...uid...)	Now return #f when the compilation unit specified by uid is generated in the back end.
(file-get-linecol ...uid...)
(file-get-range ...uid...)
(file-uid->sfid ...uid...)
( file-uid-line->sfid-line ...uid...)
(ips-to-pdgvs-map-open ...uid...)
( pdg-vertex-actual-to-formals pdgv)	Now returns #f if pdgv is associated with an indirect call site.

The sets of possible return values for the following C API functions have been extended.

C function	Additional return values
cs_pdg_vertex_actual_to_formals()	CS_ELEMENT_NOT_PRESENT CS_ERROR_NOT_A_CALLSITE CS_PDG_IS_UNDEFINED
cs_file_ast()	CS_ERROR_UID_NOT_FOUND CS_ERROR_INVALID_ARGUMENT
cs_file_set_ast()	CS_ERROR_UID_NOT_FOUND CS_ERROR_INVALID_ARGUMENT
cs_file_get_line_num() cs_file_get_linecol() cs_file_get_range() cs_file_uid_get_sfid() cs_file_uid_line_to_sfid_line()	CS_GENERATED_COMPILATION
cs_file_uid_get_sfid()	CS_GENERATED_COMPILATION CS_ERROR_UID_NOT_FOUND
cs_ips_to_pdgvs_map_open()	CS_NO_POSITION

Removed

Deleted Configuration File Parameters

The following configuration file parameters have been removed.

Deleted Parameter	Notes
SPAWN_HUB	Hubs must always be explicitly started.

Deleted API Functions

The following API functions have been removed.

Deleted Function	Notes
csonar_add_pdg_declaration_visitor	Use csonar_add_abs_loc_visitor()
csonar_pdg_find()	Use cs_pdg_find().
cs_ast_abs_loc_list() ast-abs-loc-list	Some AST classes now have ABS_LOC fields; access these directly with cs_ast_get_field() / ast-field.
cs_ast_abs_loc() ast-abs-loc
cs_pdg_procedure_id_to_name()	Use cs_pdg_procedure_name() or cs_pdg_friendly_name().
cs_pdg_vertex_callee_id() pdg-vertex-callee-id	Use cs_pdg_vertex_callee() / pdg-vertex-callee.

Deleted Build Options

-user-models