The major change is More Checks, in fact 40% more than were previously available in v1.1. Over the next few months we will continue to add new checks with each release. You can expect to see up to 100 additional high quality checks within the coming 6 months, which as usual will be free for all existing customers. Additionally, should you require a 30 day Trial Extension for your version 1.2 update please complete this trial extension request form.

We are also very pleased to announce the Beta release of Goanna for Command Line. This new command line version enables more flexibility and freedom for those wishing to integrate our powerful C/C++ static analyzer into their own development process. The Beta is currently available for Linux users and a version for Windows users is scheduled to be available in May. Linux users can now access a fully gcc-compatible solution integrated with over 60 classes of flow-sensitive quality checks to detect critical bugs as early as possible in the development cycle.

Inter-procedural analysis is also well under way, so stay tuned for a public Beta release soon!

We have some further news regarding recent developments (more high quality checks being one) and we’ll be posting more information next week.

Fixed a constructor initialization false positive.

Fixed several unused variable false positives related to complex types in C++.

Include paths can now end in a backslash.

Accelerator keys: Alt+F1 (run Goanna on the Solution) and Alt+F2 (Run Goanna on the active project).

Several new checks, including:

Comparison never holds

Comparison always holds

Switch case is unreachable

Expanded the interval analysis.

Checks are now organized by category in the settings dialog.

Underlining (”Squiggles”) of warning-relevant code in the Visual Studio text editor.

Statistics page for monitoring Goanna’s progress.

Analysis of assert() statements for variable bounds.

Improved traces.

Much more internal work has been done, laying the groundwork for inter-procedural analysis and user-defined checks. Visual Studio 2010 support is well underway.

Goanna’s interval analysis can now catch this division by zero:

#include <assert.h>

int bad_div_of_8(int x)
{
  assert(x == 4);
  x -= 3;
  x--;
  return 8 / x;
}

This release comes with some minor bug fixes, and a significant speed increase for C++ projects with large header files (like the Boost libraries). Hopefully we are nearing the end of our Beta period.

• Right-click support for Solution Folders.
• A Goanna icon on the toolbar.
• Control-flow ordering of short-circuit operators (&& and ||).
• Solution-wide settings panel.
• Several common false positives have been eliminated.
• Auto-detection of less common MSVC macros in the build process.

You can download it now!


int ret;
if (x > 0 && (ret = foo()) > 0) {
/* ... */
}
return ret;


There’s a bug here, and that is that if x <= 0, ret is not initialised when you try to return it. With the condition statement as a single event, Goanna could not tell that the first half of the && could run without the second half running.

Well, we developed some techniques that let us handle larger control flow graphs. So that latest nightly version of Goanna reports this:


Goanna - analyzing file example.c
Number of functions: 1
example.c:12: warning: Goanna - Variable `ret' may be uninitialized
Total runtime : 0.04 seconds


So our next release will help you catch even more bugs!