In the latest round of development we aimed for the most rock solid and sane implementation of C/C++ static analysis that we could. We did this by working on three fronts: consistency, speed and features.

As usual, all current users get the upgrade for free. If you were a trial user in the past and need a trial extension visit: http://redlizards.com/trial-extension.

Whats new in 2.4?

General improvements:

• We revamped the integer arithmetic interval analysis engine with a new algorithm which affords us increased speed and precision. So much speed that we have also added the ability to track pointer arithmetic as mentioned in the previous blog post.
• Our interval analysis engine can handle new operations: Casts, Logical operators and shift operators.
• We have enabled floating licenses in our Studio and Central products; please contact us if you are interested.

Goanna Central improvements:

• The argument –parse-error=0 is now a default, this will cause Goanna to exit with an exit code of 0 when a parse error is encountered. We have also revamped the way parse errors are handled.
• The interprocedural analysis in the Goanna Central command line is now even simpler to use and manage by conveniently specifying a user-defined folder with the argument –ipa=<project name>.  All new database files are then stored in ~/.goanna_project_store/<project name>.

Goanna Studio improvements:

• In Eclipse there is now an option to not run the tool chain compiler during analysis.
• In Eclipse there is a new menu item to jump to the currently selected projects Goanna Studio Properties page.

Renamed checks for consistency:

• ATH-div-0-aft-assign -> ATH-div-0-assign
• ATH-div-0-aft-cmp -> ATH-div-0-cmp-aft
• ATH-div-0-bef-cmp -> ATH-div-0-cmp-bef
• ATH-div-0-param-unchk -> ATH-div-0-unchk-param
• PTR-param-unchk -> PTR-unchk-param
• PTR-param-unchk-some -> PTR-unchk-param-some
• RED-const-assign-cond -> RED-cond-const-assign
• RED-const-expr-cond -> RED-cond-const-expr
• SPC-ret-stack -> MEM-stack
• builtin_ctor_dtor_leak -> COP-ctor-dtor-leak

New checks:

• ARR-inv-index-ptr – A pointer is assigned to an array, static or dynamic, and it is accessed with an index that is out of the array’s bounds.
• ARR-inv-index-ptr-pos – A pointer is assigned to an array, static or dynamic, and it is accessed with an index that may be out of the array’s bounds.
• ATH-overflow-cast – An expression is cast to a different type, resulting in an overflow or underflow of its value.
• ATH-shift-neg – The left-hand side of a right shift operation may be a negative value.
• COP-dtor-throw – An exception is thrown, or may be thrown, in a class’ destructor.
• CPU-delete-throw – An exception is thrown, or may be thrown, in an overloaded delete or delete[] operator.
• FPT-arith-address – Performing pointer arithmetic on the address of a function.
• FPT-literal – Dereferencing a function pointer that refers to a literal address.
• FPT-misuse – A function pointer is used in an invalid context.
• ITR-end-cmp-aft – An iterator is used, then compared with end().
• ITR-invalidated – An iterator is assigned to point into a container, but subsequent modifications to that container have possibly invalidated the iterator. The iterator is then used or dereferenced, which may be undefined behavior.
• ITR-mismatch-alg – A pair of iterators passed to an STL algorithm function point to different containers.
• ITR-store – A container’s begin() or end() iterator is stored and subsequently used.
• MEM-malloc-diff-type – A call to malloc tries to allocate memory based on a sizeof operator, but the target type of the call is of a different type.
• MEM-stack-ref – A stack object is returned from a function as a reference.
• PTR-arith-field – Direct access to a field of a struct using an offset from the address of the struct.
• PTR-arith-var – Invalid pointer arithmetic with an automatic variable that is neither an array nor a pointer.
• RED-cond-var-always – The value of the variable used as a condition will always evaluate to non-zero or true. This means the condition will always be met.
• RED-cond-var-never – The value of the variable used as a condition will always evaluate to zero or false. This means the condition will never be met.

Some of our users may have experienced a bug when using Goanna Studio for Eclipse or Goanna Central 2.3 on linux 64-bit systems. This error looked something like this:

internal error: assertion failed: conv_host_fp_to_double:
error on conversion of DBL_MAX: Numerical result out of range:
((double)1.7...e+308L) (float_pt.c, line 524)

This bug was caused by us upgrading our release build infrastructure that defined DBL_MAX to a value that contained a cast, and our parser was not able to deal with this. We are releasing a patch that will correct this issue. Please download version 2.3.1 if you are using goanna on a 64-bit linux system. Windows and 32-bit linux systems are not affected.

For the past several months we have received a lot of great feedback and support requests which have helped us dramatically improve the stability of our products Goanna Studio and Central. And yesterday we pushed a new version to our website which bear the fruits of our labor. At the same time we are releasing a bunch of new features that we hope will help people understand what Goanna is doing and make people more effective at using Goanna.

As usual, all current users get the upgrade for free. If you were a trial user in the past and need a trial extension visit: http://redlizards.com/trial-extension

What is new in 2.3?

New Checks:

• ATH-div-0-param-unchk: Dividing by a parameter value without first checking that it is not zero
• MEM-stack-global-field: storing the address of a field of a local struct in a global variable
• ITR-uninit: using (dereferencing or incrementing) an iterator that hasn’t been initialized
• ITR-end-cmp-bef: using an iterator after it has been compared with end(). This can occur when using an iterator after it is used in a loop.

New Goanna Studio features:

• access check descriptions and examples through the IDE
• added ability to manage warnings by suppressing/unsuppressing
• added ability to pass specific options to the Goanna command line that is used during analysis.

Goanna Studio for Eclipse:

• New ability to right-click on a file/project and run the Goanna analysis over just that item
• Project specific settings have been moved to the Properties of the project (out of the Goanna Preferences)
• Right-click menu now includes a link to the Goanna summary page for projects
• If you close the Goanna Warning view it can be reopened from the Goanna menu
• Improved stability of the Goanna warnings pane (with regards to close/open of Eclipse)

Goanna Studio for Visual Studio:

• redesign of menu structure, Goanna is now a top-level menu
• auto updating: no more uninstall-install updating.
  Note: you cannot do this from version 2.2 -> 2.3. It will work from now on.

General:

• Improved handling of floating point numbers in the data tracking analysis
• Warning suppression captured in the database structure
• Several bug fixes including handling of very large ASTs.

I am thrilled to announce that Goanna Studio 2.2 is now the most stable version of Goanna Studio ever created. Goanna Studio 2.1 was an impressive piece of software, but thanks to all the great feedback we have received, we have nailed down all the outstanding issues and we are ready to let you reap the benefits of our efforts.

The major part of our efforts has been targeted at making the Goanna Studio experience much better. This means more features and more stability. On the Visual Studio front, Goanna Studio is now capable of fully handling the range of possible inputs that you can throw at it. That means full Unicode support in everything, from how we process filenames, to project names and folders names, even down to the default file name when you export your warnings to CSV format from the Goanna Summary web page. This means, Goanna works reliably now with, e.g., Korean, Chinese and Japanese Windows. In addition we have introduced a feature we are calling Macro Visualisation. It is a way of presenting to you exactly what your source code looks like underneath all that macro mess.

On the Eclipse side we have some amazing new features. Goanna Studio can now handle various custom CDT Tool Chain tools. It’s as simple as telling Goanna which Tool’s it should be emulating, and then the Goanna analysis in your build environment is one step closer to perfection. The long-standing annoyance that appears asking you to select a CDT Project when you first try to analyse something with Goanna is now fixed. In addition, Goanna Studio for Eclipse now works in Windows-based environments with the MinGW tool chain.

Another major feature we are pleased to announce is Flexelint and PC-Lint integration into the Goanna Studio for Eclipse package. This allows you to run your version of lint and Goanna analysis at the same time, and have all the warnings presented to you in one simple interface.

The fixed false positives and changes to checks include:

• ATH-div-0 – now warns for any expression that evaluates to 0
• ATH-div-0-* – these checks now only warn when there is a definite division by 0.
• ATH-neg-* – these checks no longer give warnings about floating point operations.
• ARR-inv-index – now warns about invalid global array accesses.
• COP-assign-op-ret – no longer warns about operator==.
• COP-copy-ctor – two false positives were fixed, no longer warns when the copy constructor is intentionally unimplemented, and now handles C++ structs properly.
• COP-member-uninit – now gives one warning for each uninitialised class member and now will also analyse assignment operators.
• LIB-* – we have added a number of new checks warning about the unsafe use of library functions
• RED-no-effect now has a more precise warning message.
• RED-unused-val – no longer warns when you return a value, and now warns more correctly and almost lines up with the MISRA coding standard rule: 0-1-6.
• SPC-ret-stack – no longer gives a warning when you return static local variables.
• MEM-double-free – gives less false positives due to assuming that delete operators can throw exceptions

Other minor improvements and bug fixes are:

• better handling of gcc arguments (particularly include path specifications).
• Goanna Central now smoothly handles multiple files on the same command line.

As usual, all current users get the upgrade for free. If you were a trial user in the past and need a trial extension visit: http://redlizards.com/trial-extension

Goanna Studio 2.0 has been a great hit, we have gotten a lot of positive feedback and we have also acted on very nearly all suggestions and bug reports to produce a shiny new Goanna Studio update 2.1. This means that a great many false positives have been eliminated, greater accuracy has been achieved and we have also fixed some bugs and there is even a performance improvement or two.

The fixed false positives and changes to checks include:

• ATH-sizeof-by-sizeof – a false positive involving array sizeofs has been fixed.
• FPT-cmp-null – a false negative when warning about using a function pointer directly in a condition, not using a condition operator.
• RED-unused-var-all now considers sizeof(x) to be a use of x.
• MEM-stack-global, MEM-stack-param and MEM-stack-param-ref now take into account re-assignments for globals or parameters
• SPC-uninit-struct now considers a struct with a field which is an array to be accessible without warning.
• ATH-cmp-unsigned-pos and ATH-cmp-unsigned-neg take into account comparisons with (unsigned)-1
• MEM-free-some doesn’t warn when you check the result of a malloc and exit (or return) if it is invalid
• RED-dead no longer warns about goto’s and breaks
• PTR-null-const-pos doesn’t warn about string literals
• EXP-null-stmt no longer warns about a non-empty else block or when there is an assignment or function call in the condition
• SEM-nonconst-call has been renamed to SEM-const-call
• SEM-global-write has been renamed to SEM-pure-global
• SEM-impure-call has been renamed to SEM-pure-call
• ATH-shift-bounds now warns when you shift by 64
• COP-assign-op-ret now warns about assignment operators that do not return a non-const reference to this

The Goanna Studio for Visualstudio also has some improvements and bug fixes:

• Support for additional options and CL environment variable support.
• Fixed bug involving a non Win32 or Win64 build target and the verbose flag
• Support for environmnent variables with non-alphabetic characters
• ProjectDir and SolutionDir macros now expand with a trailing backslash

We’ve also worked hard to squeeze even more performance where we can, and overall the Goanna analysis engine now scales better with the number of checks that are being used, and Interprocedural analysis is now slightly faster.

Other minor improvements and bug fixes are:

• Better handling of types that have been typedef’ed
• Better handling of implicit this parameter in member functions
• Better handling of simple conditions containing only variables
• Better identification of compound declarations
• Better handling of throw and catch statements
• Support for -std=gnu++0x and -std=c++0x command line arguments
• Improved support for c++0x standard (still incomplete)
• With Goanna Central Linux – ability to use specific rc files
• Goannacc now correctly identifies versions of GCC that are built for different targets

As usual, all current users get the upgrade for free. If you were a trial user in the past and need a trial extension visit: http://redlizards.com/trial-extension