Goanna Static Analysis by Red Lizard Software

Goanna version 1.2 has been released. Download it now.

The major change is More Checks, in fact 40% more than were previously available in v1.1. Over the next few months we will continue to add new checks with each release. You can expect to see up to 100 additional high quality checks within the coming 6 months, which as usual will be free for all existing customers. Additionally, should you require a 30 day Trial Extension for your version 1.2 update please complete this trial extension request form.

We are also very pleased to announce the Beta release of Goanna for Command Line. This new command line version enables more flexibility and freedom for those wishing to integrate our powerful C/C++ static analyzer into their own development process. The Beta is currently available for Linux users and a version for Windows users is scheduled to be available in May. Linux users can now access a fully gcc-compatible solution integrated with over 60 classes of flow-sensitive quality checks to detect critical bugs as early as possible in the development cycle.

Inter-procedural analysis is also well under way, so stay tuned for a public Beta release soon!

We’re proud to have been selected for simultaneous shipment of our Goanna static analysis extension with Microsoft Visual Studio 2010. Here is a short introductory video demonstrating our Visual Studio 2010 integration, and we’re on schedule for April release:

We have some further news regarding recent developments (more high quality checks being one) and we’ll be posting more information next week.

Goanna for Visual Studio 1.1 has been released. Download  it now. Changes include:

Fixed a constructor initialization false positive.

Fixed several unused variable false positives related to complex types in C++.

Include paths can now end in a backslash.

Accelerator keys: Alt+F1 (run Goanna on the Solution) and Alt+F2 (Run Goanna on the active project).

Several new checks, including:

Comparison never holds

Comparison always holds

Switch case is unreachable

Expanded the interval analysis.

Checks are now organized by category in the settings dialog.

Underlining (”Squiggles”) of warning-relevant code in the Visual Studio text editor.

Statistics page for monitoring Goanna’s progress.

Analysis of assert() statements for variable bounds.

Improved traces.

Much more internal work has been done, laying the groundwork for inter-procedural analysis and user-defined checks. Visual Studio 2010 support is well underway.

Goanna for Visual Studio is out of beta. Version 1.0 is available for download now, for both Visual Studio 2008 and 2005. You can also watch a short introductory video on using Goanna here.

To make Goanna fast enough for the desktop, we have to keep our control flow models simple. In the past we combined short-circuit operators in our models into single events, which means we missed some bugs. But some new tricks mean we can have finer-grained control flow models.
(more…)

Just to let you know that Goanna for Visual Studio is now available for download. We are classing it as Beta at this time yet we’re pleased with the progress we’ve made so far, and trust that you will be too. We very much look forward to any and all feedback on this release, and welcome comments to Ralf via ralf[at]redlizards.com . Thank you for your patience and we look foward to hearing from you.

So what’s different about Goanna and why did we approach the static analysis challenge with model checking?

In case you weren’t aware; Goanna is the first static analysis tool to implement model checking after 4 years research at NICTA (National ICT Australia), which is Australia’s leading ICT government research organisation. 

The result  is that the key attributes for Goanna’s differences are as follows;
(more…)

A static analysis tool for Java is FindBugs. I found this interesting Google Video, in which Bill Pugh talks about static analysis. While he talks mostly about bugs in Java it is still quite interesting in general. His most interesting lesson is “Smart people make dumb mistakes”. I’d like to add, “Really smart people are glad to find their dumb mistakes, and are not afraid to get help finding them“. (more…)