--- proj3.6.conf 2013-08-30 14:24:05.744344600 -0400 +++ proj3.7.conf 2013-08-30 14:24:21.917875600 -0400 @@ -65,13 +65,14 @@ # compiler, with these additional CFLAGs prepended. # # Notes # Most compilers will implicitly define various preprocessor symbols -# and include directories. If real compiler cannot be automatically -# queried for its implicit definitions (only works for gcc), then the -# user must specify them here to avoid parse errors. Typically, -# these flags specify the CPU architecture, the operating system, and -# the compiler's include directory. +# and include directories. Unless you are using gcc (which can be +# queried for its definitions), specify those implicit definitions +# here to avoid parse errors. +# +# Typically, the implicit definitions specify the CPU architecture, +# the operating system, and the compiler's include directory. # # The += operator will actually prepend to this preference (in all # other cases except \param EDG_FRONTEND_OPTIONS_PREPEND, the += # operator appends). This means that if you have two \tt @@ -193,8 +194,13 @@ # COMPILER_MODELS += tcc -> armcc # COMPILER_MODELS += tcpp -> armcpp # \endcode # +# On Solaris, in addition to posix default models: +# \code +# COMPILER_MODELS += CC -> acpp +# \endcode +# # To activate the Hi-Tech compiler model for Linux, Solaris, and OS X: # \code # COMPILER_MODELS += picc -> picc # \endcode @@ -657,8 +663,30 @@ # NEW_FAILURE_BEHAVIOR = RETURN_NULL # NEW_FAILURE_BEHAVIOR = DOESNT_FAIL +# Parameter MUTEX_FAILURE_BEHAVIOR +# +# Purpose +# Specifies the treatment of lock acquisition and release functions such as +# pthread_mutex_lock on failure. +# +# Type +# {RETURN_ERR, DOESNT_FAIL} +# +# Behavior +# - \tt RETURN_ERR : lock acquire/release functions are modeled as returning +# an error code on failure +# - \tt DOESNT_FAIL : lock acquire/release functions are assumed never to fail +# +# Notes +# It is dangerous to choose DOESNT_FAIL, when using an API (such as POSIX +# threads) that allows lock acquire/release functions to fail spuriously. +# +#MUTEX_FAILURE_BEHAVIOR = RETURN_ERR +# MUTEX_FAILURE_BEHAVIOR = DOESNT_FAIL + + # Parameter INITIALIZER_LIMIT # # Purpose # Specifies an upper bound on the number of elements in an initializer. @@ -677,8 +705,33 @@ # #INITIALIZER_LIMIT = 512 +# Parameter AST_DEPTH_LIMIT +# +# Purpose +# Specifies an upper bound on the depth of expression \link +# ../API/Descriptions/API_AST.html ASTs \endlink. +# +# Type +# integer +# +# Behavior +# For every expression AST, the analysis will only consider those +# parts of the AST that lie within this limit. +# +# A value of -1 means that there is no limit. +# +# Notes +# This is for preventing the front end or the analyzer from exhausting +# the stack when processing deeply nested expressions. For example, +# var + var2 + ... with 4000 additions. +# +# Using "ulimit -s unlimited" in the shell from which the analysis +# runs will make it possible to use higher values. +#AST_DEPTH_LIMIT = 256 + + # Parameter VERBOSITY # # Purpose # Specifies status message verbosity @@ -702,9 +755,9 @@ # Type # a list of build options # # Behavior -# See the CodeSurfer manual, section \link +# See the CodeSurfer manual, section \link [CSURF] # ../../../../csurf/doc/codesurfer/CodeSurfer.html#OptionsPreferences/BuildOptionsSummary.html # Build Options: Summary \endlink for a list of the available # options. # @@ -1179,8 +1232,58 @@ # FATSTATS_DUMP_FILE = /PATH/TO/dump_file # \endcode +# Parameter MAX_CONCURRENT_PARSE_PROCESSES +# +# Purpose +# Limits the number of concurrent parse processes. Note that +# concurrent parsing only occurs insofar as your normal build +# system invokes the compiler concurrently. +# +# Type +# integer +# +# Notes +# This limit is necessary because each concurrent compilation +# contributes to 5 files, and eventually the analysis needs to open +# all files simultaneously (estimated at 50 + 5 * +# NUMBER_OF_CONCURRENT_PARSES). Most systems have various limits on +# the number of files a process can open. Typical file descriptor +# limits for this platform are: +# - getrlimit(RLIMIT_NOFILE) = 2048 +# - stdio FILE* Limit = 512 +# - GrammaTech-Internal Limit = 4096 +# - FD_SETSIZE = 64 (of no consequence on Windows) +# +# Increasing this value may cause the product to exhaust available +# file descriptors. Environments with low ulimits may need to +# decrease this value. 32-bit Solaris users may be able to increase +# this value if using LD_PRELOAD_32=extendedFILE.so.1. +# +#MAX_CONCURRENT_PARSE_PROCESSES = 92 + +# Parameter PROCEDURE_METRIC_TIMEOUT +# +# Purpose +# Seconds spent computing a metric for a single procedure before the operation +# is aborted. +# +# Type +# Integer +# +# Behavior +# A value of -1 disables the timeout. Values of 0 or greater specify the maximum +# number of seconds (elapsed time) to spend computing a single procedure +# metric value. If the timeout occurs for a given procedure and metric, no +# metric value will be reported for that procedure and metric. +# +# Notes +# Only applies to the following metrics: +# - Module Design Complexity (ivG) +# - Essential Complexity (evG) +# +#PROCEDURE_METRIC_TIMEOUT = 60 # Parameter INCREMENTAL_BUILD # # Purpose # Specifies whether or not the build/analysis will be incremental. @@ -1370,15 +1473,12 @@ # is one of: # - class # - categories # - file -# - rank= # - procedure # - procedure_typed # - line= # - path_listing -# - preconditions -# - postconditions # - compilation_unit # - language # # and is one of: @@ -1475,24 +1575,45 @@ # WARNING_FILTER += discard class="Useless Assignment" # WARNING_FILTER += discard class="Varargs Function Cast" # \endcode # -# The following checks are disabled by default. To enable checks for -# a particular class, use the corresponding "allow" rule. +# The following checks are disabled by default. To enable checks for a +# particular class, use the corresponding "allow" rule. (Checks for +# some classes may require additional settings in order to work +# correctly. See the individual warning class documentation in the +# manual for full information.) # \code +# WARNING_FILTER += allow class="Basic Numerical Type Used" +# WARNING_FILTER += allow class="Code Before #include" +# WARNING_FILTER += allow class="Condition Contains Side Effects" # WARNING_FILTER += allow class="Conditional Compilation" +# WARNING_FILTER += allow class="Conflicting Lock Order" +# WARNING_FILTER += allow class="Data Race" # WARNING_FILTER += allow class="Dynamic Allocation After Initialization" # WARNING_FILTER += allow class="Excessive Stack Depth" # WARNING_FILTER += allow class="Function Too Long" # WARNING_FILTER += allow class="Function Pointer" +# WARNING_FILTER += allow class="Function Pointer Conversion" # WARNING_FILTER += allow class="Goto Statement" # WARNING_FILTER += allow class="High Risk Loop" +# WARNING_FILTER += allow class="Inconsistent Enumerator Initialization" +# WARNING_FILTER += allow class="Lock/Unlock Mismatch" +# WARNING_FILTER += allow class="Locked Twice" +# WARNING_FILTER += allow class="Macro Defined in Function Body" # WARNING_FILTER += allow class="Macro Does Not End With ) or }" # WARNING_FILTER += allow class="Macro Does Not Start With ( or {" +# WARNING_FILTER += allow class="Macro Undefined in Function Body" # WARNING_FILTER += allow class="Macro Uses -> Operator" # WARNING_FILTER += allow class="Macro Uses [] Operator" # WARNING_FILTER += allow class="Macro Uses ## Operator" # WARNING_FILTER += allow class="Macro Uses Unary * Operator" +# WARNING_FILTER += allow class="Missing Lock Acquisition" +# WARNING_FILTER += allow class="Missing Lock Release" +# WARNING_FILTER += allow class="Multiple Statements On Line" +# WARNING_FILTER += allow class="Multiple Declarations On Line" +# WARNING_FILTER += allow class="Nested Locks" +# WARNING_FILTER += allow class="No Matching #if" +# WARNING_FILTER += allow class="No Matching #endif" # WARNING_FILTER += allow class="Not Enough Assertions" # WARNING_FILTER += allow class="Pointer Before Beginning of Object" # WARNING_FILTER += allow class="Pointer Past End of Object" # WARNING_FILTER += allow class="Pointer Type Inside Typedef" @@ -1500,11 +1621,16 @@ # WARNING_FILTER += allow class="Recursion" # WARNING_FILTER += allow class="Recursive Macro" # WARNING_FILTER += allow class="Scope Could Be File Static" # WARNING_FILTER += allow class="Scope Could Be Local Static" +# WARNING_FILTER += allow class="Task Delay Function" # WARNING_FILTER += allow class="Too Many Dereferences" +# WARNING_FILTER += allow class="Too Much Indirection in Declaration" # WARNING_FILTER += allow class="Unbalanced Parenthesis" # WARNING_FILTER += allow class="Unchecked Parameter Dereference" +# WARNING_FILTER += allow class="Too Many Parameters" +# WARNING_FILTER += allow class="Unknown Lock" +# WARNING_FILTER += allow class="Use of #undef" # WARNING_FILTER += allow class="Use of longjmp" # WARNING_FILTER += allow class="Use of setjmp" # WARNING_FILTER += allow class="Variadic Macro" # \endcode @@ -1542,26 +1668,33 @@ # check for and warnings to issue when those functions occur. # - \tt BAD_FUNCTION_REGEX is a regular expression. If a reference # to a function that matches this is found, then a warning # is issued. -# - \tt BAD_FUNCTION_MESSAGE is the text of the message that will -# be shown, and will also be used as the warning class name. It -# defaults to "Bad Function". -# - \tt BAD_FUNCTION_CATEGORIES is the set of categories for the warning, -# as a semicolon-separated list. This defaults to the empty string. +# - \tt BAD_FUNCTION_MESSAGE will be used as the warning class +# name. It defaults to "Bad Function". +# - \tt BAD_FUNCTION_CATEGORIES is the set of categories for the +# warning, as a semicolon-separated list. This defaults to the +# empty string. # - \tt BAD_FUNCTION_RANK is the rank assigned to the warning, with # default 15.0. -# - \tt BAD_FUNCTION_INFO will be used in the warning endbox sentence -# 'Use of [\tt funcname()] is not recommended because ...'. The -# default value is "it is correlated with security or safety -# problems." -# - \tt BAD_FUNCTION_LINK is the URL that will be used in the warning -# endbox sentence 'See here for more information.' -# If not specified, CodeSonar will look for a category beginning with -# "BADFUNC" in the \tt BAD_FUNCTION_CATEGORIES list. If there is such -# a category, CodeSonar will link to the corresponding warning class -# page in the "See here..." sentence. Otherwise, the sentence will -# not be shown in the endbox. +# - \tt BAD_FUNCTION_INFO will be used in the \link +# ../GUI/GUI_Warning_Report.html#endbox warning description +# box\endlink sentence 'Use of [\tt funcname()] is not recommended +# because ...'. The default value is "it is correlated with +# security or safety problems." Use to +# delimit paragraphs. Use +# linktext to link "linktext" to linkURL. +# - \tt BAD_FUNCTION_LINK specifies a URL for further information. +# Values beginning with "#' are interpreted relative to the +# CodeSonar manual root. If a value is specified, CodeSonar will +# append 'See here for more information.' to the +# text in the \link ../GUI/GUI_Warning_Report.html#endbox warning +# description box\endlink. If no value is specified, and \tt +# BAD_FUNCTION_INFO is also not specified, CodeSonar will look for +# a category beginning with "BADFUNC" in the \tt +# BAD_FUNCTION_CATEGORIES list. If there is such a category, +# CodeSonar will add the "See here..." sentence with a link to the +# corresponding warning class page. # # Notes # # If two or more sets of \tt BAD_FUNCTION_* rules have the same \tt @@ -1664,22 +1797,35 @@ #BAD_FUNCTION_RANK = 43.0 #BAD_FUNCTION_REGEX = ^setjmp$ #BAD_FUNCTION_MESSAGE = $Call to setjmp$Use of setjmp -#BAD_FUNCTION_CATEGORIES = BADFUNC.SETJMP;POW10:1;CWE:691;CWE:710 +#BAD_FUNCTION_CATEGORIES = BADFUNC.SETJMP;CWE:691;CWE:710;POW10:1;JPL:11 #BAD_FUNCTION_RANK = 1.0 #BAD_FUNCTION_REGEX = ^longjmp$ #BAD_FUNCTION_MESSAGE = $Call to longjmp$Use of longjmp -#BAD_FUNCTION_CATEGORIES = BADFUNC.LONGJMP;POW10:1;CWE:691;CWE:710 +#BAD_FUNCTION_CATEGORIES = BADFUNC.LONGJMP;CWE:691;CWE:710;POW10:1;JPL:11 #BAD_FUNCTION_RANK = 12.0 #BAD_FUNCTION_REGEX = ^mktemp$|^_(t|w)?mktemp$ #BAD_FUNCTION_MESSAGE = $Insecure Temporary File$Use of mktemp #BAD_FUNCTION_INFO = it creates filenames that are easily guessed, so the resulting files can be manipulated by other processes. Its use is therefore a security risk. #BAD_FUNCTION_CATEGORIES = BADFUNC.TEMP.MKTEMP;BSI:MKTEMP;CWE:377 #BAD_FUNCTION_RANK = 47.0 +## For "Task Delay Function" check. +## As with other JPL classes, this warning class is disabled by default.f + +#BAD_FUNCTION_REGEX = ^sleep|usleep|taskDelay|nanosleep|clock_nanosleep$ +#BAD_FUNCTION_MESSAGE = Task Delay Function +#BAD_FUNCTION_INFO = it is considered to be a task delay function. The use of task delay functions for synchronization can cause problems such as race conditions. +#BAD_FUNCTION_CATEGORIES = CONCURRENCY.BADFUNC.DELAY;JPL:7 + +#BAD_FUNCTION_REGEX = ^osal_task_delay|osal_task_pause$ +#BAD_FUNCTION_MESSAGE = Task Delay Function +#BAD_FUNCTION_INFO = it is considered to be a task delay function. The use of task delay functions for synchronization can cause problems such as race conditions. +#BAD_FUNCTION_CATEGORIES = CONCURRENCY.BADFUNC.DELAY;JPL:7 + # Parameter PLUGINS # # Purpose @@ -1817,10 +1963,10 @@ # Behavior # When the web application needs certain information (such as source # file listings), it queries the analysis daemon. If the analysis # daemon is not running, then the web application will attempt to -# start it. Starting the analysis daemon can take a minute, so it -# wouldn't due to restart it for every query. +# start it. This can take a minute or more, so timing out quickly is +# often undesirable. # # A negative value prevents the analysis daemon from timing out at # all. # @@ -1829,69 +1975,66 @@ # applicable queries exceeds this value. A high value can result in # an extra process hanging around doing nothing on the analysis # machine. The default setting is 30 minutes ( = 1800 seconds). # +# The analysis log will not be finalized,and so the \link +# ../GUI/GUI_Log_Analysis.html Analysis Log page\endlink contents may +# continue to change, until the analysis daemon times out (or is +# properly shut down). +# #DAEMON_TIMEOUT = 1800 -# Parameter CONSTANT_CACHE_CAPACITY +# Parameter FOREGROUND_DAEMON_TIMEOUT # # Purpose -# Megabytes of memory to allocate for values of constants, such as -# those found in static initializers of const variables. +# Seconds of inactivity when running in foreground mode before the +# analysis daemon shuts down to conserve system resources. # # Type # integer # +# Behavior +# When the web application needs certain information (such as source +# file listings), it queries the analysis daemon. If the analysis +# daemon is not running, then the web application will attempt to +# start it. This can take a minute or more, so timing out quickly is +# often undesirable. +# +# A negative value prevents the analysis daemon from timing out at +# all. +# # Notes -# A low value may cause the analysis to frequently recompute the -# values of local and static constants. -# -#CONSTANT_CACHE_CAPACITY = 64 - - -# Parameter TOKEN_RENDERER_CAPACITY +# Applicable when running with FOREGROUND = Yes or -foreground on the +# command line. # -# Purpose -# Megabytes of memory to allocate for hotlinkable tokens when -# rendering source code. This is a hard limit that will not be -# exceeded wheras \param TOKEN_RENDERER_BACKOFF_CAPACITY may be -# exceeded. +# A low value can result in slow web queries if the time between +# applicable queries exceeds this value. A high value can result in +# an extra process hanging around doing nothing on the analysis +# machine. The default setting is 30 minutes ( = 1800 seconds). # -# Type -# integer +# The analysis log will not be finalized,and so the \link +# ../GUI/GUI_Log_Analysis.html Analysis Log page\endlink contents may +# continue to change, until the analysis daemon times out (or is +# properly shut down). # -#TOKEN_RENDERER_CAPACITY = 64 +#FOREGROUND_DAEMON_TIMEOUT = 5 -# Parameter TOKEN_RENDERER_BACKOFF_CAPACITY +# Parameter CONSTANT_CACHE_CAPACITY # # Purpose -# Megabytes of memory to allocate for hotlinkable tokens before -# enforcing the \param TOKENS_PER_LINE limit. +# Megabytes of memory to allocate for values of constants, such as +# those found in static initializers of const variables. # # Type # integer # # Notes -# Exceeding this limit may result in unlinked tokens. Using two -# limits prevents a single pathological line from obliterating all -# links in a procedure/file. -# -#TOKEN_RENDERER_BACKOFF_CAPACITY = 32 - - -# Parameter TOKENS_PER_LINE -# -# Purpose -# Once \param TOKEN_RENDERER_BACKOFF_CAPACITY is exceeded, the number -# of hotlinkable tokens for a single line will not be allowed to -# exceed this value. -# -# Type -# integer +# A low value may cause the analysis to frequently recompute the +# values of local and static constants. # -#TOKENS_PER_LINE = 10 +#CONSTANT_CACHE_CAPACITY = 64 # Parameter TOLERATE_PARSE_ERRORS # @@ -1917,21 +2060,22 @@ # Parameter NULL_POINTER_THRESHOLD # # Purpose -# Determines what qualifies as a null pointer dereference. +# Determines what qualifies as a \wclink LANG.MEM.NPD Null Pointer +# Dereference \endwclink. # # Type # integer # # Behavior # Any dereference of an address less than this value will be treated -# as a null pointer dereference. Most machines will never allocate -# objects on the 0 page in user-mode. +# as a Null Pointer Dereference. Most machines will never allocate +# objects on the 0 page in user mode. # # Notes -# Non-zero values must be treated as null pointer dereferences in -# order catch things such as: +# Non-zero values must be treated as Null Pointer Dereferences in +# order to catch things such as: # # \code # int *p = &s->f; /* this is ok, even if s is null */ # *p = 42; /* this is where the program will @@ -1942,8 +2086,44 @@ # #NULL_POINTER_THRESHOLD = 4096 +# Parameter REPORT_TEMPLATE_UQ_WARNINGS +# +# Purpose +# Determines whether to report warnings in templated functions in +# warning classes for which something must hold on all paths. +# +# Type +# {Yes, No} +# +# Behavior +# If set to "Yes", then warnings of classes requiring universal +# quantification over paths will be reported in C++ templated +# functions. +# The affected warning classes are: +# - \wclink LANG.STRUCT.RC Redundant Condition \endwclink +# - The \wclink LANG.STRUCT.UC Unreachable Code \endwclink family: +# Unreachable Call, Unreachable Computation, Unreachable +# Conditional, Unreachable Control Flow, and Unreachable Data +# Flow +# - \wclink LANG.STRUCT.UVAL Unused Value \endwclink +# - \wclink LANG.STRUCT.UA Useless Assignment \endwclink +# +# Notes +# Setting this to "Yes" will increase the false positive rate and +# decrease the false negative rate for warning classes requiring +# universal quantification over paths. +# +# These warnings are often not very useful. For example, +# if( sizeof(T)==sizeof(int) ) is likely to cause some unreachable +# code in some template instantations, but this isn't interesting to +# most users. However, useful warnings in these functions will also +# be lost. +# +#REPORT_TEMPLATE_UQ_WARNINGS = No + + # Parameter REPORT_INTER_PARTIAL_UQ_WARNINGS # # Purpose # Determines whether exhaustive interprocedural exploration is @@ -1958,9 +2138,8 @@ # quantification over paths will be reported on statements preceded # by calls to functions that have not been exhaustively explored. # The default behavior is to suppress such warnings. # The affected warning classes are: -# - \wclink LANG.STRUCT.NTAD Null Test After Dereference \endwclink # - \wclink LANG.STRUCT.RC Redundant Condition \endwclink # - The \wclink LANG.STRUCT.UC Unreachable Code \endwclink family: # Unreachable Call, Unreachable Computation, Unreachable # Conditional, Unreachable Control Flow, and Unreachable Data @@ -2002,8 +2181,43 @@ # #REPORT_PARTIAL_NTAD_WARNINGS = Yes +# Parameter UNDEF_FUNCS_EXHAUSTIVE +# +# Purpose +# Determines whether calls to undefined functions and function +# pointer calls are considered exhaustively explored. +# +# Type +# {Yes, No} +# +# Behavior +# If set to "Yes", then warnings of classes requiring universal +# quantification over paths can be reported on statements preceded by +# calls to undefined functions or function pointer calls. The +# default behavior is to report such warnings. +# The affected warning classes are: +# - \wclink LANG.STRUCT.NTAD Null Test After Dereference \endwclink +# - \wclink LANG.STRUCT.RC Redundant Condition \endwclink +# - The \wclink LANG.STRUCT.UC Unreachable Code \endwclink family: +# Unreachable Call, Unreachable Computation, Unreachable +# Conditional, Unreachable Control Flow, and Unreachable Data +# Flow +# - \wclink LANG.STRUCT.UVAL Unused Value \endwclink +# - \wclink LANG.STRUCT.UA Useless Assignment \endwclink +# +# Notes +# Setting this to "Yes" will increase the false positive rate and +# decrease the false negative rate for warning classes requiring +# universal quantification over paths. Using the setting "No" is +# most useful if undefined functions and functions called using +# function pointers are modifying globals that are then tested by the +# calling function. +# +#UNDEF_FUNCS_EXHAUSTIVE = Yes + + # Parameter TIME_LIMIT_INTRA_EXPLORE # # Purpose # Seconds the analysis may spend doing intraprocedural exploration in @@ -2152,13 +2366,41 @@ # #TIME_LIMIT_REFINE = 16 +# Parameter TIME_LIMIT_RENDER +# +# Purpose +# Seconds the analysis may spend rendering intra- and interprocedural +# vulnerabilities, per procedure. +# +# Type +# integer +# +# Behavior +# Once a warning is identified, the analysis renders a warning report +# for presentation to the user. If the rendering phase takes longer +# than the limit specified here, the warning is discarded. +# +# Factors that can make rendering take a long time include extremely +# long lines of source code, deeply nested call stacks, and heavy use +# of the preprocessor. +# +# Notes +# The default limit is rarely exceeded and exists to guard against +# pathological constructs. +# +# All warning classes can be affected by this limit. +# +#TIME_LIMIT_RENDER = 60 + + # Parameter TIME_LIMIT_LEAK_CLASSIFY # # Purpose # Seconds the analysis may spend determining whether potential -# leaks warrant further examination, per procedure. +# \wclink ALLOC.LEAK Leaks\endwclink warrant further examination, per +# procedure. # # Type # integer # @@ -2176,10 +2418,10 @@ # Parameter TIME_LIMIT_LEAK_REFINE # # Purpose -# Seconds the analysis may spend refining potential leaks, per -# procedure. +# Seconds the analysis may spend refining potential \wclink +# ALLOC.LEAK Leaks\endwclink, per procedure. # # Type # integer # @@ -2221,8 +2463,52 @@ # \param TIME_LIMIT_INTRA_CLASSIFY. # #TIME_LIMIT_PROP_EXHAUSTIVE = 60 +# Parameter TIME_LIMIT_DATA_RACE_PATH_SEARCH +# +# Purpose +# Seconds the analysis may spend searching for a feasible path for a +# particular pair of threads and a particular memory location. +# +# Type +# integer +# +# Behavior +# If the time limit is exceeded, no \wclink CONCURRENCY.DATARACE Data +# Race\endwclink warnings will be reported for the relevant pair of +# threads and memory location. +# +# Notes +# This specifies elapsed time. The default limit is unlikely to be +# exceeded and exists to guard against pathological behavior. +# +#TIME_LIMIT_DATA_RACE_PATH_SEARCH = 600 + + +# Parameter DATA_RACE_MAX_MEM_ACCESSES +# +# Purpose +# Bounds the number of memory accesses that are tracked in a single +# procedure for detecting data races. +# +# Type +# non-negative integer +# +# Behavior +# If a procedure accesses more than this many shared variables, some +# variables will not be checked for data races. Raising this will result +# in a more thorough analysis, but will increase the time and memory +# used by the analysis. +# +# Notes +# This only affects the analysis for \wclink CONCURRENCY.DATARACE +# Data Race\endwclink warnings. If this is set to a very high number +# (for example, more than 200,000) CodeSonar may behave unpredictably +# or crash. +# +#DATA_RACE_MAX_MEM_ACCESSES = 1000 + # Parameter ROLLBACK_SUMMARIES_ON_ABORT # # Purpose @@ -2320,15 +2606,22 @@ # Type # {Yes, No} # # Purpose -# If two warnings look roughly alike (the source code of the interesting -# points along the path is the same and the warnings have the same -# class), should both of them be reported? +# Specifies whether or not the analysis should report all members of +# each \link ../Elements/PROPERTIES_Warning.html#group_def warning +# group\endlink detected (as opposed to a single \link +# ../Elements/PROPERTIES_Warning.html#representative_def +# representative instance\endlink per group). # -# Notes -# Similar warnings will share metadata (priority, state, finding, owner) -# in the web application. +# Behavior +# If set to "Yes", the analysis will report all \link +# ../Elements/PROPERTIES_Warning.html#instance_def warning +# instances\endlink detected. +# +# If set to "No", the analysis will report one \link +# ../Elements/PROPERTIES_Warning.html#instance_def warning +# instance\endlink per warning group detected. # #REPORT_SIMILAR_WARNINGS = Yes @@ -2400,12 +2693,12 @@ # # Checks for code nearer to the beginning of procedures # receive preferential treatment. # -# Both implicit and explicit inputs are counted. For -# instance, both the pointer passed to strlen and the value pointed -# to by that pointer are counted as inputs to strlen. Global -# variables transitively used by a procedure also qualify. +# Both implicit and explicit inputs are counted. For example, both +# the pointer passed to strlen() and the value pointed to by that +# pointer are counted as inputs to strlen(). Global variables +# transitively used by a procedure also qualify. # #MAX_CHECKED_INPUTS_PER_PROCEDURE = 100 @@ -2507,11 +2800,11 @@ # Type # integer # # Behavior -# A negative value indicates no limit. Increasing the value for this -# preference may allow more precise analysis, at the cost of longer -# analysis time and higher memory usage. +# Increasing the value for this preference may allow more precise +# analysis, at the cost of longer analysis time and higher memory +# usage. # # Notes # Complex procedures with a large number of possible effects may have # a correspondingly large number of summaries. If this number @@ -2591,9 +2884,11 @@ # specify exceptions to the statistical analysis: functions whose # return values will always trigger a warning if ignored. # # Type -# \link ../Asides/STkRegExp.html STk-style regular expression\endlink +# \link +# ../../../../third-party/boost/libs/regex/doc/html/boost_regex/syntax.html +# Boost regular expression\endlink # # Behavior # If the name of a called function matches a \tt # RETURN_CHECKER_CHECKED_FUNCS regular expression and the return @@ -2655,8 +2950,12 @@ #RETURN_CHECKER_CHECKED_FUNCS += ^select$ #RETURN_CHECKER_CHECKED_FUNCS += ^send$ #RETURN_CHECKER_CHECKED_FUNCS += ^sendmsg$ #RETURN_CHECKER_CHECKED_FUNCS += ^sendto$ +#RETURN_CHECKER_CHECKED_FUNCS += ^sete[gu]id$ +#RETURN_CHECKER_CHECKED_FUNCS += ^setfs[gu]id$ +#RETURN_CHECKER_CHECKED_FUNCS += ^setre[gu]id$ +#RETURN_CHECKER_CHECKED_FUNCS += ^set[gu]id$ #RETURN_CHECKER_CHECKED_FUNCS += ^truncate$ #RETURN_CHECKER_CHECKED_FUNCS += ^write$ #RETURN_CHECKER_CHECKED_FUNCS += ^writev$ #RETURN_CHECKER_CHECKED_FUNCS += ^CAccessToken::Impersonate$ @@ -2750,9 +3049,11 @@ # specify exceptions to the statistical analysis: functions whose # return values can be ignored without triggering a warning. # # Type -# \link ../Asides/STkRegExp.html STk-style regular expression\endlink +# \link +# ../../../../third-party/boost/libs/regex/doc/html/boost_regex/syntax.html +# Boost regular expression\endlink # # Behavior # If the name of a called function matches a \tt # RETURN_CHECKER_IGNORED_FUNCS regular expression and the return @@ -2770,8 +3071,9 @@ # #RETURN_CHECKER_IGNORED_FUNCS += ^strchr$ #RETURN_CHECKER_IGNORED_FUNCS += ^strlen$ +#RETURN_CHECKER_IGNORED_FUNCS += ^std::basic_ostream::operator<<()$ # Parameter FORMAT_STRING_CHECKER_SAMPLE_SIZE # @@ -2851,10 +3153,10 @@ #FORMAT_STRING_CHECKER_CHECKED_FUNCS += 1, ^_ftprintf$ #FORMAT_STRING_CHECKER_CHECKED_FUNCS += 2, ^_s[tw]printf$ #FORMAT_STRING_CHECKER_CHECKED_FUNCS += 3, ^_v?sn[tw]?printf$ #FORMAT_STRING_CHECKER_CHECKED_FUNCS += 2, ^_v?stprintf$ -#FORMAT_STRING_CHECKER_CHECKED_FUNCS += 2, ^[fs]wprintf$ -#FORMAT_STRING_CHECKER_CHECKED_FUNCS += 3, ^snwprintf$ +#FORMAT_STRING_CHECKER_CHECKED_FUNCS += 2, ^fwprintf$ +#FORMAT_STRING_CHECKER_CHECKED_FUNCS += 3, ^sn?wprintf$ #FORMAT_STRING_CHECKER_CHECKED_FUNCS += 1, ^v?w?printf$ #FORMAT_STRING_CHECKER_CHECKED_FUNCS += 2, ^v?[fs]printf$ #FORMAT_STRING_CHECKER_CHECKED_FUNCS += 2, ^vfwprintf$ #FORMAT_STRING_CHECKER_CHECKED_FUNCS += 3, ^v?snprintf$ @@ -2912,97 +3214,334 @@ # This parameter replaces the csonar_ignore_format_string() function # previously available in the \link ../Extensions/Extensions.html # Extension API\endlink. # +#FORMAT_STRING_CHECKER_IGNORED_FUNCS += 3, ^strftime$ -# Parameter CALL_SITE_EXPANSIONS +# Parameter MULTIPLE_THREADS_PER_ENTRY_PROCEDURE # -# Purpose -# Specifies the extent to which the CodeSonar analysis will expand -# call sites for full analysis instead of using summaries to -# approximate the behavior of the call. +# Purpose +# Specifies whether CodeSonar should assume every thread entry point is +# used to create multiple threads that run concurrently. # -# Type -# {None, Some, More, Most} +# Type +# {Yes, No} # -# Behavior -# A call site will only be expanded if it is on a path and is -# especially relevant. -# -# A higher value for this preference can reduce the number of false -# positive results, but will make the analysis take longer. +# Behavior +# If set to Yes, CodeSonar will report Data Race warnings in which both +# threads start at the same entry procedure/method. Normally, only +# warnings between threads that start at different points are reported. # -# Notes -# If a call site on some path is expanded in the CodeSonar analysis, -# the corresponding HTML warning report will allow navigation into -# the call site. This provides a more complete depiction of program -# behavior, but increases the size of the output. +# Note +# Setting this to Yes can result in a large number of false positive +# Data Race warnings, especially for applications that use many +# "singleton threads". # -#CALL_SITE_EXPANSIONS = Some -# CALL_SITE_EXPANSIONS = None -# CALL_SITE_EXPANSIONS = More -# CALL_SITE_EXPANSIONS = Most - +#MULTIPLE_THREADS_PER_ENTRY_PROCEDURE = No -# Parameter CALL_SITE_EXPANSION_BOUND +# Parameter THREAD_ENTRY_METHOD_NAMES # -# Purpose -# Places a bound on the nesting depth of call site expansions (nested -# "+" widgets in warning reports). +# Purpose +# For programs that use an object-oriented multithreading +# API. Specifies which method on an object should be considered the +# "entry method" when the object (or a reference to it) is specified +# as a thread entry point. # # Type -# integer +# \link ../Asides/STkRegExp.html STk-style regular expression\endlink # -# Notes -# A limit that is too high may cause CodeSonar to have a stack -# overflow. The default limit is only encountered in pathological -# cases: only one program capable of inducing a stack overflow has -# ever been found in the wild. -# -#CALL_SITE_EXPANSION_BOUND = 30 +# Behavior +# If an object (or object reference) is used in a location where a +# thread entry point procedure is expected, CodeSonar will scan the +# object's class hierarchy for a method whose name matches one of the +# specified patterns. +# - If such a method is found, it will be used as a thread entry +# procedure. +# - Otherwise, no thread entry point is discovered. If the thread +# contributed to a data race, the analysis will not be able to detect +# that race. +# +# Note +# CodeSonar uses \tt THREAD_ENTRY_METHOD_NAMES settings to determine +# which method on an object should be considered the "entry method" +# when the object is specified as a thread entry point. This +# parameter is only suitable for use with object-oriented +# multithreading APIs. +# +# To specify that an arbitrary function provides a thread +# entry point, you will need to write a model for that function. See +# the manual section on \link +# ../C_Module/LibraryModels/ConcurrencyModels.html concurrency +# models\endlink for details. +# +# Example rule: +# \code +# THREAD_ENTRY_METHOD_NAMES += ^Main$ +# \endcode +#THREAD_ENTRY_METHOD_NAMES += ^run$ -# Parameter ABRIDGE_HTML +# Parameter SEMOPEN_FUNCTIONS # -# Purpose -# Determines whether HTML warning reports may abridge procedure listings -# in order to show only the most relevant parts. +# Purpose +# Used by the lock-related checks to identify the procedures used to +# open named semaphores # # Type -# {Yes, No} +# \link ../Asides/STkRegExp.html STk-style regular expression\endlink # -# Behavior -# When set to "No": if a path includes any part of a procedure, the -# warning report will show all of the procedure. +# Behavior +# The analysis will treat all functions whose names match patterns +# in \tt SEMOPEN_FUNCTIONS as semaphore-opening functions. +# The analysis assumes that the first parameter is a string that +# represents the name of the semaphore. +# +# Notes +# Functions that open named semaphores are expected to return the +# same semaphore address each time they are successfully called with +# the same name, until that semaphore is unlinked or +# closed. Identifying a function f() with SEMOPEN_FUNCTIONS ensures +# that the CodeSonar analysis correctly associates these properties +# with f(). +# +# For more information, see the manual section on \link +# ../C_Module/LibraryModels/ConcurrencyModels.html concurrency +# models\endlink. # -#ABRIDGE_HTML = Yes +# Example rule: +# \code +# SEMOPEN_FUNCTIONS += ^semOpen$ +# SEMOPEN_FUNCTIONS += ^sem_open$ +# \endcode -# Parameter MAX_FUNCTION_LENGTH +# Parameter LOCK_FUNCTIONS # # Purpose -# Used by the \wclink LANG.FUNCS.TOOLONG Function Too Long\endwclink -# check: specifies the maximum allowable length of a function. +# Used by the \wclink CONCURRENCY.LOCK.NOLOCK Missing Lock +# Acquisition\endwclink and \wclink CONCURRENCY.LOCK.NOUNLOCK Missing +# Lock Release\endwclink checks to identify functions that should be +# treated as if they directly acquire locks. # # Type -# non-negative integer +# \link ../Asides/STkRegExp.html STk-style regular expression\endlink # # Behavior -# CodeSonar will emit a \wclink LANG.FUNCS.TOOLONG Function Too Long -# \endwclink warning for functions that exceed this length. +# The analysis will treat all functions whose names match patterns +# in \param LOCK_FUNCTIONS as lock-acquiring functions. The analysis +# assumes that the first parameter is a pointer to the lock object. # # Notes -# Note that the \wclink LANG.FUNCS.TOOLONG Function Too -# Long\endwclink check is disabled by default: use a \param -# WARNING_FILTER rule to enable it. +# Use this parameter to identify wrapper functions for lock +# acquisition. This allows lock acquire/release checks to issue +# warnings in code that uses these wrappers, instead of only inside +# the bodies of the wrappers themselves. # -#MAX_FUNCTION_LENGTH = 60 - - -# Parameter MIN_ASSERTS +# For example, suppose a project uses wrapper mylock(): # -# Purpose +# \code +# void mylock(GMutex *m){ +# /* ... */ +# g_mutex_lock(m); +# return; +# } +# +# void nounlock(GMutex *m){ +# mylock(m); +# } +# \endcode +# +# If we set LOCK_FUNCTIONS += ^mylock$, the analysis will issue a +# "Missing Lock Release" in the body of function nounlock(). +# +# If we do not specify that mylock is a lock function with +# LOCK_FUNCTIONS, the analysis will not issue a "Missing Lock +# Release" warning in the body of function nounlock(), but WILL issue +# a "Missing Lock Release" warning in the body of mylock(). +# +# Functions that have library models identifying them as +# lock acquirers do not need to be specified with LOCK_FUNCTIONS: +# they will automatically be treated correctly. +# +# For more information, see the manual section on \link +# ../C_Module/LibraryModels/ConcurrencyModels.html concurrency +# models\endlink. +# +# Example rule: +# \code +# LOCK_FUNCTIONS += ^my_lock_wrapper$ +# \endcode + + +# Parameter UNLOCK_FUNCTIONS +# +# Purpose +# Used by the \wclink CONCURRENCY.LOCK.NOLOCK Missing Lock +# Acquisition\endwclink and \wclink CONCURRENCY.LOCK.NOUNLOCK Missing +# Lock Release\endwclink checks to identify functions that should be +# treated as if they directly acquire locks. +# +# Type +# \link ../Asides/STkRegExp.html STk-style regular expression\endlink +# +# Behavior +# The analysis will treat all functions whose names match patterns +# in \param UNLOCK_FUNCTIONS as lock-releasing functions. The analysis +# assumes that the first parameter is a pointer to the lock object. +# +# Notes +# Use this parameter to identify wrapper functions for lock +# release. This allows lock acquire/release checks to issue +# warnings in code that uses these wrappers, instead of only inside +# the bodies of the wrappers themselves. +# +# For example, suppose a project uses wrapper myunlock(): +# +# \code +# void myunlock(GMutex *m){ +# g_mutex_unlock(m); +# /* ... */ +# return; +# } +# +# void nolock(GMutex *m){ +# myunlock(m); +# } +# \endcode +# +# If we set UNLOCK_FUNCTIONS += ^myunlock$, the analysis will issue a +# "Missing Lock Acquisition" warning in the body of function nolock(). +# +# If we do not use LOCK_FUNCTIONS specify that myunlock is a unlock +# function, the analysis will not issue a "Missing Lock Acquisition" +# warning in the body of function nounlock(), but WILL issue a +# "Missing Lock Acquisition" warning in the body of myunlock(). +# +# Functions that have library models identifying them as +# lock releasers do not need to be specified with UNLOCK_FUNCTIONS: +# they will automatically be treated correctly. +# +# For more information, see the manual section on \link +# ../C_Module/LibraryModels/ConcurrencyModels.html concurrency +# models\endlink. +# +# Example rule: +# \code +# UNLOCK_FUNCTIONS += ^my_unlock_wrapper$ +# \endcode + + +# Parameter CALL_SITE_EXPANSIONS +# +# Purpose +# Specifies the extent to which the CodeSonar analysis will expand +# call sites for full analysis instead of using summaries to +# approximate the behavior of the call. +# +# Type +# {None, Some, More, Most} +# +# Behavior +# A call site will only be expanded if it is on a path and is +# especially relevant. +# +# A higher value for this preference can reduce the number of false +# positive results, but will make the analysis take longer. +# +# Notes +# If a call site on some path is expanded in the CodeSonar analysis, +# the corresponding HTML warning report will allow navigation into +# the call site. This provides a more complete depiction of program +# behavior, but increases the size of the output. +# +#CALL_SITE_EXPANSIONS = Some +# CALL_SITE_EXPANSIONS = None +# CALL_SITE_EXPANSIONS = More +# CALL_SITE_EXPANSIONS = Most + + +# Parameter CALL_SITE_EXPANSION_BOUND +# +# Purpose +# Places a bound on the nesting depth of call site expansions (nested +# "+" widgets in warning reports). +# +# Type +# integer +# +# Notes +# A limit that is too high may cause CodeSonar to have a stack +# overflow. The default limit is only encountered in pathological +# cases: only one program capable of inducing a stack overflow has +# ever been found in the wild. +# +#CALL_SITE_EXPANSION_BOUND = 30 + + +# Parameter ABRIDGE_HTML +# +# Purpose +# Determines whether HTML warning reports may abridge procedure listings +# in order to show only the most relevant parts. +# +# Type +# {Yes, No} +# +# Behavior +# When set to "No": if a path includes any part of a procedure, the +# warning report will show all of the procedure. +# +#ABRIDGE_HTML = Yes + + +# Parameter MAX_FUNCTION_LENGTH +# +# Purpose +# Used by the \wclink LANG.FUNCS.TOOLONG Function Too Long\endwclink +# check: specifies the maximum allowable length of a function. +# +# Type +# non-negative integer +# +# Behavior +# CodeSonar will emit a \wclink LANG.FUNCS.TOOLONG Function Too Long +# \endwclink warning for functions whose \link +# ../Metrics/Metrics.html#LCode Lines With Code\endlink exceeds this +# value. +# Notes +# Note that the \wclink LANG.FUNCS.TOOLONG Function Too +# Long\endwclink check is disabled by default: use a \param +# WARNING_FILTER rule to enable it. +# +#MAX_FUNCTION_LENGTH = 60 + + +# Parameter MAX_NUM_PARAMS +# +# Purpose +# Specifies the maximum allowable numbers of parameters a function +# can have to comply with the Too Many Parameters check. +# +# Type +# non-negative integer +# +# Behavior +# CodeSonar will emit a \wclink LANG.FUNCS.TMFP Too Many Paramaters +# \endwclink warning for functions that have more parameters +# than specified here. +# +# Notes +# Note that the \wclink LANG.FUNCS.TMFP Too Many Parameters +# \endwclink check is disabled by default: use a \param +# WARNING_FILTER rule to enable it. +# +#MAX_NUM_PARAMS = 6 + + +# Parameter MIN_ASSERTS +# +# Purpose # Used by the \wclink LANG.FUNCS.ASSERTS Not Enough # Assertions\endwclink check: specifies the minimum number of # assertions each function must contain. # @@ -3034,9 +3573,10 @@ # non-negative integer # # Behavior # CodeSonar will only check the number of assertions in functions -# whose "lines with code" exceeds this value. +# whose \link ../Metrics/Metrics.html#LCode Lines With Code\endlink +# exceeds this value. # # Notes # Note that the \wclink LANG.FUNCS.ASSERTS Not Enough # Assertions\endwclink check is disabled by default: use a \param @@ -3072,8 +3612,68 @@ # #MAX_PERMITTED_DEREFS = 1 +# Parameter MAX_PERMITTED_INDIRECTION_IN_DECLARATION +# +# Purpose +# Specifies the maximum levels of indirection allowed in a +# declaration to comply with the \wclink LANG.STRUCT.TMID Too Much +# Indirection in Declaration\endwclink check. +# +# Type +# non-negative integer +# +# Behavior +# CodeSonar will emit a \wclink LANG.STRUCT.TMID Too Much Indirection +# in Declaration\endwclink warning when it detects a number of +# indirections greater than this setting. +# +# Notes +# For example, the following declaration has two levels of indirection: +# \code +# int **x +# \endcode +# +# Note that the \wclink LANG.STRUCT.TMID Too Much Indirection +# in Declaration\endwclink check is disabled by default: use a \param +# WARNING_FILTER rule to enable it. + +#MAX_PERMITTED_INDIRECTION_IN_DECLARATION = 2 + + +# Parameter SCOPE_CHECK_SUGGESTS_LOCAL_STATIC +# +# Purpose +# Determines how the analysis will report variables that can +# be local static but are declared with file or global scope. +# +# Type +# {Yes, No} +# +# Behavior +# If "Yes", variables that are global or file static but could be +# local static will trigger \wclink LANG.STRUCT.SCOPE.LOCAL Scope +# Could Be Local Static\endwclink warnings. +# +# If "No", variables that are global but could be local static will +# trigger \wclink LANG.STRUCT.SCOPE.FILE Scope Could Be File +# Static\endwclink warnings; variables that are file static but could +# be local static do not trigger any scope warning. +# +# Notes +# Setting to "No" means that no warnings of class \wclink +# LANG.STRUCT.SCOPE.LOCAL Scope Could Be Local Static\endwclink will +# be issued by the analysis. +# +# The \wclink LANG.STRUCT.SCOPE.FILE Scope Could Be File +# Static\endwclink check and the \wclink LANG.STRUCT.SCOPE.LOCAL +# Scope Could Be Local Static\endwclink check are disabled by +# default: use \param WARNING_FILTER rules to enable them. +# +# SCOPE_CHECK_SUGGESTS_LOCAL_STATIC = Yes + + # Parameter PTR_INSIDE_TYPEDEF_EXCEPTION # # Purpose # Used by the \wclink LANG.STRUCT.PIT Pointer Type Inside @@ -3085,11 +3685,12 @@ # ../../../../third-party/boost/libs/regex/doc/html/boost_regex/syntax.html # Boost regular expression\endlink # # Behavior -# If a typedef for type contains a pointer type but matches -# this regular expression, a \wclink LANG.STRUCT.PIT Pointer Type -# Inside Typedef\endwclink warning will not be issued. +# \wclink LANG.STRUCT.PIT Pointer Type Inside Typedef\endwclink +# warnings will not be issued for typedefs whose type name matches a +# regular expression in the \tt PTR_INSIDE_TYPEDEF_EXCEPTION set, +# even if the typedef contains a pointer type. # # Notes # For example, # \code @@ -3174,8 +3775,34 @@ # #DFS_MAX_LOCAL_VISITED = 16 +# Parameter DATA_RACE_PATH_FINDING_EFFORT +# +# Purpose +# Used by the data race analysis to limit the amount of effort spent +# searching for a feasible path in a particular set of potential +# paths. +# +# Type +# non-negative integer +# +# Behavior +# Specifies the maximum number of control flow branches to be +# explored in the search for a feasible path. +# +# Notes +# The data race analysis builds up large sets of program paths that +# could be involved in data races. After the main code analysis +# completes, the data race detector must search through its +# (potentially quite large) sets of paths to find pairs of paths that +# represent a real race. Searching through these sets can be quite +# time consuming, so \tt DATA_RACE_PATH_FINDING_EFFORT gives a +# mechanism to limit the amount of time spent on the search. +# +#DATA_RACE_PATH_FINDING_EFFORT = 10000 + + # Parameter STACK_DEPTH_THRESHOLD # # Purpose # Used by the \wclink LANG.STRUCT.CALLSTACK Excessive Stack @@ -3271,8 +3898,64 @@ # WARNING_FILTER rule to enable it. # #STACK_DEPTH_ACTIVATION_RECORD_CONSTANTS = 12 +# Parameter STACK_DEPTH_MODULES +# +# Purpose +# Used by \wclink LANG.STRUCT.CALLSTACK Excessive Stack Depth\endwclink +# to specify the entry point of a module and the maximum allowable depth +# of the call stack of this module, in bytes. +# +# Type +# A string of the form +# \code +# , +# \endcode +# where: +# - \tt is the maximum allowable depth. +# - \tt is an \link +# ../../../../third-party/boost/libs/regex/doc/html/boost_regex/syntax.html +# Boost regular expression\endlink +# +# Behavior +# If the stack depth of the module entry point exceeds the module's +# threshold, CodeSonar will issue a \wclink +# LANG.STRUCT.CALLSTACK Excessive Stack Depth\endwclink warning. +# +# Notes +# If any STACK_DEPTH_MODULES is specified -- even if none of them +# match any function -- CodeSonar won't check for project wide +# stack depth violations. +# +# STACK_DEPTH_MODULES += 65536, ^module_1_init$ + +# Parameter STACK_DEPTH_TERMINATE_FUNCTIONS +# +# Purpose +# Used by \wclink LANG.STRUCT.CALLSTACK Excessive Stack Depth\endwclink +# to specify functions whose callees should be ignored when computing +# the stack depth of the function. +# +# Type +# string +# +# Behavior +# If the name of a function equals to the string given, the stack +# depth of the function will only be computed from its locals. +# +# STACK_DEPTH_TERMINATE_FUNCTIONS += foo + +# Parameter UNDEFINED_FUNCTIONS_HAVE_SIDE_EFFECTS +# +# Purpose +# Specifies whether or not undefined functions should be considered as +# having side effects by \wclink Condition Contains Call\endwclink +# +# Type +# {Yes, No} +# +#UNDEFINED_FUNCTIONS_HAVE_SIDE_EFFECTS = Yes # Parameter CHECK_EMPTY_BRANCH # # Purpose @@ -3543,10 +4226,13 @@ # Specifies the maximum sized integer that should be considered a # character type for the purpose of tracking the null-terminator # position. # +# Type +# integer +# # Notes -# Setting this to two may prove useful for projects using +# Setting this to 2 may prove useful for projects using # wide characters. However, some approximations that occur as a # consequence of using this can backfire when a single memory region # contains multiple zeroes. It is not recommended that users alter # this unless advised to do so by GrammaTech. @@ -3583,8 +4269,783 @@ # \endcode # #WARN_POINTER_AT_END = No + +# Parameter WARN_MORE_LOOP_UVARS +# +# Purpose +# Specifies whether the tracking of variable initialization in +# loops is tuned to potentially report more Uninitialized Variable +# warnings. +# +# Type +# {Yes, No} +# +# Behavior +# If set to "Yes", Uninitialized Variable warnings will be issued for +# variables that are initialized on some but not all paths through +# the loop. +# +# Notes +# This feature is turned off by default because it is a frequent +# source of false positive results when complex invariants in the +# codebase render the non-initializing paths infeasible. +# +#WARN_MORE_LOOP_UVARS = No + + +# Parameter METRIC_FILTER +# +# Purpose +# Allows \link ../Metrics/Metrics.html metrics \endlink to be turned +# on/off, either for an entire metric class or for specific files, +# procedures, or compilation units. +# +# Type +# Zero or more patterns, each consisting of an followed by +# one or more s. +# +# is one of: +# - discard +# - allow +# +# is one of: +# - metric +# - file +# - procedure +# - procedure_typed +# - compilation_unit +# - language +# +# and is one of: +# - : (substring match) +# - = (exact match) +# +# Behavior +# Depends on the : +# - \tt discard : metrics matching the rules will be discarded instead +# of being submitted to the hub, and whenever possible will not be computed. +# - \tt allow : metrics matching the rules will be submitted to the +# hub, even if they matched a previous "discard" +# +# Notes +# If there are two or more s in a pattern, the pattern +# will be applied to metrics that match ALL of the rules. +# +# \tt procedure rules match against the \link +# ../API/CAPI/cs__pdg_8h.html#func_cs_pdg_friendly_name +# cs_pdg_friendly_name()\endlink of a procedure; \tt procedure_typed +# rules match against the \link +# ../API/CAPI/cs__pdg_8h.html#func_cs_pdg_procedure_name +# cs_pdg_procedure_name()\endlink. +# +# If you want to compute any of the Halstead metrics (n1, N1, n2, N2, +# D, I, T, E, N, L, V), set +# \code +# BUILD_OPTIONS += -retain-unnormalized-c-ast yes +# \endcode +# +# Metrics of an individual granularity can be allowed/discarded if the string +# pattern is of the form "name[granularity]". For example, to discard the +# "Total Lines" (TL) metric only for file granularity (not the analysis or +# procedure granularity metrics of the same name), the following rule will +# work: +# \code +# METRIC_FILTER += discard metric="TL[FILE]" +# \endcode +# +# The following metrics are enabled by default. To discard +# a particular metric class, use the corresponding "discard" rule. +# \code +# METRIC_FILTER += discard metric="LCodeOnly" +# METRIC_FILTER += discard metric="LCode" +# METRIC_FILTER += discard metric="LMCC" +# METRIC_FILTER += discard metric="LComOnly" +# METRIC_FILTER += discard metric="LB" +# METRIC_FILTER += discard metric="TL" +# METRIC_FILTER += discard metric="LCom" +# METRIC_FILTER += discard metric="vG" +# METRIC_FILTER += discard metric="mvG" +# METRIC_FILTER += discard metric="Modules" +# METRIC_FILTER += discard metric="TopLF" +# METRIC_FILTER += discard metric="InclF" +# \endcode +# +# The following metrics are disabled by default. To enable +# a particular metric class, use the corresponding "allow" rule. +# \code +# METRIC_FILTER += allow metric="n1" +# METRIC_FILTER += allow metric="N1" +# METRIC_FILTER += allow metric="n2" +# METRIC_FILTER += allow metric="N2" +# METRIC_FILTER += allow metric="D" +# METRIC_FILTER += allow metric="I" +# METRIC_FILTER += allow metric="T" +# METRIC_FILTER += allow metric="E" +# METRIC_FILTER += allow metric="N" +# METRIC_FILTER += allow metric="L" +# METRIC_FILTER += allow metric="V" +# METRIC_FILTER += allow metric="evG" +# METRIC_FILTER += allow metric="ivG" +# METRIC_FILTER += allow metric="S1" +# \endcode + + +# Parameter METRIC_DERIVED_DEF +# +# Purpose +# Creates new derived \link ../Metrics/Metrics.html metrics \endlink, +# which are computed by mathematically manipulating values of already +# existing metrics. +# +# Type +# A string of the form +# , , , +# +# where: +# is the quoted short name to give the new metric, and must: +# - start with characters matching: [a-zA-Z] +# - only contain characters matching: [a-zA-Z][0-9] _- +# - have string length <= 15 characters +# - be unique (in combination with a granularity), case insensitively +# - not match any \tt function name in the expression grammar +# +# is the quoted description to give the new metric, +# and must: +# - only contain characters matching: [a-zA-Z][0-9] _- +# - have string length <= 35 characters +# +# is the granularity of the new metric, and is one of +# {ANALYSIS, COMPUNIT, FILE, PROCEDURE} +# +# is an expression containing mathematical operators, functions, +# constant (floating point) values, and references to other metrics. +# +# Expression grammar: +# \code +# S -> expr +# expr -> expr + expr | expr - expr | expr * expr | expr / expr | +# const | metric | function(expr, ...) +# function -> cos | sin | tan | acos | asin | atan | atan2 | cosh | sinh | +# tanh | exp | frexp | ldexp | log | log10 | pow | sqrt | +# ceil | fabs | floor | fmod | sum | prod | avg | min | max +# metric -> "[a-zA-Z0-9]+\[granularity\]" (must match existing metric, case-insensitive) +# granularity -> PROJECT | COMPUNIT | FILE | PROCEDURE +# \endcode +# +# - All \tt functions return a single floating point value. +# - All math operations are floating point. +# - Functions \tt sum, \tt prod, \tt avg, \tt min, and \tt max are +# summarizing functions they only take metrics as arguments, and +# only work when the derived metric has granularity greater than +# the referenced metric. See table below (\tt sum is used as example). +# +# \code +# +---------------------+-------------------+-----------------------------+ +# | derived metric gran | expression | description | +# +---------------------+-------------------+-----------------------------+ +# | FILE | sum(PROCEDURE) | Sums over all procedures in | +# | | | the file. | +# | | | | +# | COMPUNIT | sum(PROCEDURE) | Sums over all procedures in | +# | | | the compilation unit. | +# | | | | +# | PROJECT | sum(PROCEDURE) | Sums over all procedures in | +# | | | the project. | +# | | | | +# | COMPUNIT | sum(FILE) | Sums over all files in the | +# | | | compilation unit. | +# | ... etc | +# +-----------------------------------------------------------------------+ +# \endcode +# +# Behavior +# If a properly formed derived metric is specified, that metric will +# be computed and displayed for the next analysis unless it is +# discarded via \param METRIC_FILTER. +# +# If there is an error in the specification of \tt +# METRIC_DERIVED_DEF, CodeSonar will issue an \link +# ../GUI/GUI_Alerts.html alert\endlink that specifies the nature of +# the problem. +# +# Notes +# If a derived metric which is enabled refers to a metric which is +# disabled, the derived metric will still be calculated. This will +# cause the disabled metric to be calculated as well (though not +# reported). In this scenario, the performance gains from having the +# unreported metric disabled are lost. +# +# All \tt METRIC_DERIVED_DEF definitions are processed before any +# \param METRIC_FILTER settings. A derived metric can therefore be +# disabled by a \tt METRIC_FILTER rule that appears before the metric +# definition in the configuration file. +# +# If you want to compute any of the Halstead metrics (n1, N1, n2, N2, +# D, I, T, E, N, L, V), set +# \code +# BUILD_OPTIONS += -retain-unnormalized-c-ast yes +# \endcode +# +# The following are some examples defining file-granularity versions +# of the Halstead and McCabe metrics. +# \code +# METRIC_DERIVED_DEF += "vG", "Cyclomatic Complexity", FILE, sum("vG[PROCEDURE]") +# METRIC_DERIVED_DEF += "ivG", "Design Complexity", FILE, sum("ivG[PROCEDURE]") +# METRIC_DERIVED_DEF += "evG", "Essential Complexity", FILE, sum("evG[PROCEDURE]") +# METRIC_DERIVED_DEF += "n1", "Distinct Operators", FILE, sum("n1[PROCEDURE]") +# METRIC_DERIVED_DEF += "N1", "Total Operators", FILE, sum("N1[PROCEDURE]") +# METRIC_DERIVED_DEF += "n2", "Distinct Operands", FILE, sum("n2[PROCEDURE]") +# METRIC_DERIVED_DEF += "N2", "Total Operands", FILE, sum("N2[PROCEDURE]") +# METRIC_DERIVED_DEF += "D", "Halstead Program Difficulty", FILE, sum("D[PROCEDURE]") +# METRIC_DERIVED_DEF += "I", "Halstead Intelligent Content", FILE, sum("I[PROCEDURE]") +# METRIC_DERIVED_DEF += "T", "Halstead Programming Time", FILE, sum("T[PROCEDURE]") +# METRIC_DERIVED_DEF += "E", "Halstead Programming Effort", FILE, sum("E[PROCEDURE]") +# METRIC_DERIVED_DEF += "N", "Halstead Program Length", FILE, sum("N[PROCEDURE]") +# METRIC_DERIVED_DEF += "L", "Halstead Program Level", FILE, sum("L[PROCEDURE]") +# METRIC_DERIVED_DEF += "V", "Halstead Program Volume", FILE, sum("V[PROCEDURE]") +# \endcode +# +# The following are more examples, this time slight variations on the basic +# McCabe metrics. +# \code +# METRIC_DERIVED_DEF += "vG-code", "Cyclomatic Density", PROCEDURE, "vG[PROCEDURE]" / "LCode[PROCEDURE]" +# METRIC_DERIVED_DEF += "ivG-vG", "Design Density", PROCEDURE, "ivG[PROCEDURE]" / "vG[PROCEDURE]" +# METRIC_DERIVED_DEF += "evG-vG", "Essential Density", PROCEDURE, ("evG[PROCEDURE]" - 1) / "vG[PROCEDURE]" +# \endcode +# + +# Parameter METHOD_INVOCATION_DEREFERENCE_BEHAVIOR +# +# Purpose +# Specifies whether C++ method invocations should always be treated +# as if they dereference \tt this at the method invocation site. +# +# Type +# {All, Undefined, None} +# +# Behavior +# The C++ method invocation p->m() will not actually dereference the +# pointer p unless the body of m accesses a data member of p. +# However, sometimes it is useful to treat method invocations as if +# they always dereference their objects - either because the source +# code implementing m() is unavailable or to reduce the complexity of +# warnings. +# +# - "All": All method invocations are treated as if they dereference +# their \tt this pointer. Additionally, \tt this is +# assumed to never have a value below \param +# NULL_POINTER_THRESHOLD. +# - "Undefined": All invocations of undefined methods (methods for which no +# source code is available) are treated as if they +# dereference their \tt this pointers, which are +# assumed to never have a value below \param +# NULL_POINTER_THRESHOLD. No assumptions are made +# about defined methods. +# - "None": No assumptions are made about any methods. In practice, +# this means that invocations of undefined methods are never +# considered to dereference \tt this. +# +# Notes +# With the "All" setting, method invocations on unconditionally null +# pointers will result in unreachable code after the method returns. +# +#METHOD_INVOCATION_DEREFERENCE_BEHAVIOR = None +# METHOD_INVOCATION_DEREFERENCE_BEHAVIOR = Undefined +# METHOD_INVOCATION_DEREFERENCE_BEHAVIOR = All + + +# Parameter METRIC_WARNING_CONDITION +# Parameter METRIC_WARNING_CLASS_NAME +# Parameter METRIC_WARNING_CATEGORIES +# Parameter METRIC_WARNING_RANK +# +# Purpose +# Specifies a warning condition for a metric; if that condition is +# met, a warning is reported. +# +# Type +# - \tt METRIC_WARNING_CONDITION: metric number +# where the metric is specified by name[granularity], and is +# one of >, <, >=, <= +# - \tt METRIC_WARNING_CLASS_NAME: string +# - \tt METRIC_WARNING_CATEGORIES: string +# - \tt METRIC_WARNING_RANK: number +# +# Behavior +# These parameters are used together to specify conditions on metric +# values, and warnings to issue when values meet those conditions. +# +# - \tt METRIC_WARNING_CONDITION specifies a metric and a condition on +# that metric. A warning will be issued if the metric's value meets the +# condition. The metric must be enabled with a \param METRIC_FILTER +# \tt allow rule. Both built-in metrics and derived metrics can be used. +# - \tt METRIC_WARNING_CLASS_NAME is the warning class name. +# - \tt METRIC_WARNING_CATEGORIES is the set of categories for the +# warning, as a semicolon-separated list. This defaults to +# "METRIC.CUSTOM". +# - \tt METRIC_WARNING_RANK is the rank assigned to the warning, with +# default 25.0. +# +# Notes +# +# The \tt METRIC_WARNING_CATEGORIES and \tt METRIC_WARNING_RANK +# settings are optional, but both \tt METRIC_WARNING_CONDITION and +# \tt METRIC_WARNING_CLASS_NAME must be fully specified. The \tt +# METRIC_WARNING_CONDITION message must come first, and the \tt +# METRIC_WARNING_CLASS_NAME second. +# +# If two or more sets of \tt METRIC_WARNING_* rules have the same \tt +# METRIC_WARNING_CLASS_NAME value, the same warning class will be +# used to cover all cases. Therefore, sets of rules with the same \tt +# METRIC_WARNING_CLASS_NAME should also have the same \tt +# METRIC_WARNING_CATEGORIES and \tt METRIC_WARNING_RANK values (that +# is, they should only differ in the \tt METRIC_WARNING_CONDITION +# setting). +# +# Similarly, if a set of \tt METRIC_WARNING_* rules has a \tt +# METRIC_WARNING_CLASS_NAME that is the same as the name of a standard +# CodeSonar warning class, the category and rank settings of the +# standard class will apply and any \tt METRIC_WARNING_CATEGORIES or +# \tt METRIC_WARNING_RANK specified in the set will not be used. +# +# Examples: +# +# Instruct CodeSonar to issue a warning of class "High Cyclomatic +# Complexity" for any function with a cyclomatic complexity of 20 or +# more. +# \code +# METRIC_WARNING_CONDITION = vG[PROCEDURE] >= 20 +# METRIC_WARNING_CLASS_NAME = High Cyclomatic Complexity +# METRIC_WARNING_CATEGORIES = METRIC.VG +# METRIC_WARNING_RANK = 5.0 +# \endcode +# +# Instruct CodeSonar to issue a warning of class "Large procedure" +# for any function containing more than 100 lines with code: +# \code +# METRIC_WARNING_CONDITION = LCode[PROCEDURE] > 100 +# METRIC_WARNING_CLASS_NAME = Large procedure +# METRIC_WARNING_CATEGORIES = METRIC.LCODE +# METRIC_WARNING_RANK = 1.0 +# \endcode +# +# Instruct CodeSonar to issue a warning of class "Too few comments" +# for any insufficiently commented function (defined here as a +# function containing fewer than 5 lines with comments). +# \code +# METRIC_WARNING_CONDITION = LCom[PROCEDURE] < 5 +# METRIC_WARNING_CLASS_NAME = Too few comments +# METRIC_WARNING_CATEGORIES = METRIC.LCOM +# METRIC_WARNING_RANK = 2.0 +# \endcode +# +# Note that the categories in these examples are arbitrary text. +# + + +# Parameter SCHEME_WEB_CONSOLE +# +# Purpose +# Specifies whether the \link ../GUI/GUI_Analysis.html#dry_runs +# Analysis: Dry Runs\endlink Scheme Console will be made available +# with the analysis. +# +# Type +# {Yes, No} +# +# Behavior +# If set to "Yes", the Scheme Console will be available and +# functional for this analysis. Warning: this poses a grave security +# risk. Anyone with access to the hub can execute arbitrary code in +# the analysis process. +# +# Notes +# This feature can be useful for experimenting with the Scheme API. +# It can also be useful for debugging analysis plug-ins. +# +# Code will have full access to the program representations generated +# by CodeSonar and will run with the credentials of whoever started +# the analysis process. There is no sandboxing of any kind. + +#SCHEME_WEB_CONSOLE = No + + +# Parameter COLLAPSE_PROCEDURES +# +# Purpose +# Specifies whether multiple instances of the same procedure should be +# collapsed into a single instance for viewing purposes. This primarily +# affects templated functions which are instantiated with multiple template +# arguments, and also static inline functions. +# +# Type +# {Yes, No} +# +# Behavior +# If set to "Yes", the hub will only display one procedure in cases where +# multiple PDGs are instances of the same procedure. +# +# Notes +# The choice of representative procedure instance is +# arbitrary. Multiple procedures defined at the same source file/line +# may also be collapsed. Do not change the setting of this parameter between +# incremental builds. +# +# For example, suppose foo(void) has two instances: foo(void) +# and foo(void). +# - With COLLAPSE_PROCEDURES=Yes, foo will have only a single line in +# tables of procedures and procedure-granularity metrics, describing +# one of the two instances. Only this instance will be shown in +# charts. +# - With COLLAPSE_PROCEDURES=No, foo will have two lines in tables of +# procedures and procedures-granularity metrics - one for each +# instance. Both instances will be shown in charts. +# +# Procedure and line counts are not affected by the setting of this +# parameter. Metrics warnings on procedures are also not affected. +# +#COLLAPSE_PROCEDURES = Yes + + +# Parameter WARN_MORE_LOOP_LEAKS +# +# Purpose +# Normally, leak warnings on paths that iterate around a loop +# multiple times are suppressed. Setting to "Yes" will disable the +# suppression. +# +# Type +# {Yes, No} +# +# Behavior +# If set to "Yes", leaks will be reported on paths that iterate +# around loops multiple times. These leaks are often false +# positives. +# +# Notes +# This is an experimental feature and more work is necessary on +# GrammaTech's part to eliminate false positives in this area. The +# natural language explanation of existing warnings may also degrade +# as a consequence of enabling this setting. +# +#WARN_MORE_LOOP_LEAKS = No + +# Parameter FILE_LISTING_UNDEF_PROCS +# +# Purpose +# Specifies whether file listings (not warning report listings) should show +# events for calls to undefined functions that occur in the listing. Warning +# report listings will always show events for undefined function calls that +# occur on the warning path. +# +# Type +# {Yes, No} +# +# Behavior +# If set to "Yes", undefined functions will be marked with events when viewing +# a file's contents from the hub. +# +# Notes +# Turning this on could have a negative performance impact on the file listing +# view in the hub. +# +#FILE_LISTING_UNDEF_PROCS = No + + +# Parameter XML_DUMP_MODE +# +# Purpose +# Specifies whether analysis daemon should write the content of a warning +# to an XML file when it sends the warning to the hub. +# +# Type +# {FULL, NO_LISTING, No} +# +# Behavior +# - \tt FULL: the full warning report will be written out for each +# warning. +# - \tt NO_LISTING: the warning report for each warning will be +# written out with the path listing omitted. +# - \tt No: no XML files are generated. +# +# Notes +# Set this parameter to \tt FULL or \tt NO_LISTING if you want the analysis +# to generate XML files for all warnings sent to the hub. There will +# be one XML file per warning. +# +# - XML files for warnings issued in source file \tt / +# will be output at \tt +# .xml/analysis_//. +# - XML files for warnings not associated with a source file will be +# output at \tt +# .xml/analysis_/NONAME_0000000>/. +# +#XML_DUMP_MODE = No + + +# Parameter NON_TERMINATING_LOOP_MARK +# +# Purpose +# Specifies loops for which \wclink LANG.STRUCT.ULOOP Potential +# Unbounded Loop \endwclink should not issue warnings. +# +# Type +# \link +# ../../../../third-party/boost/libs/regex/doc/html/boost_regex/syntax.html +# Boost regular expression\endlink +# +# Behavior +# If the line the loop condition is at matches this regular expression, +# a \wclink LANG.STRUCT.ULOOP Potential Unbounded Loop \endwclink +# warning will not be issued. +# +# Notes +# For example, +# \code +# NON_TERMINATING_LOOP_MARK += /[*] @non-terminating@ [*]/ +# \endcode +# specifies that \wclink LANG.STRUCT.ULOOP Potential Unbounded Loop +# \endwclink warnings will not be triggered by any loop whose condition +# line contains the comment /* @non-terminating@ */. +# +# Don't issue warnings for loops whose condition looks like \tt for(;;) : +# \code +# NON_TERMINATING_LOOP_MARK += for *[(] *; *; *[)] +# \endcode +# +# Don't issue warnings for loops whose condition looks like \tt while(1) : +# \code +# NON_TERMINATING_LOOP_MARK += while *[(] *1 *[)] +# \endcode +# +# Note that the \wclink LANG.STRUCT.ULOOP Potential Unbounded Loop +# \endwclink check is disabled by default: use a \param +# WARNING_FILTER rule to enable it. + +#NON_TERMINATING_LOOP_MARK += for *[(] *; *; *[)] +#NON_TERMINATING_LOOP_MARK += while *[(] *1 *[)] + + +# Parameter PROGRAM_ENTRY_POINTS +# +# Purpose +# Specifies additional functions that should be considered as program +# entry points. Currently only the \wclink ALLOC.POSTINIT +# Dynamic Allocation After Initialization \endwclink check uses this +# parameter. +# +# Type +# \link +# ../../../../third-party/boost/libs/regex/doc/html/boost_regex/syntax.html +# Boost regular expression\endlink +# +# Behavior +# The \wclink ALLOC.POSTINIT Dynamic Allocation After +# Initialization \endwclink check will trigger a warning if there is +# a call chain from a program entry point to an allocator call that +# does not go through a function specified with \param +# DYN_INIT_FUNCTIONS. +# +# Notes +# For example, +# \code +# PROGRAM_ENTRY_POINTS += ^init$ +# \endcode +# specifies that the check should start at function(s) named init. +# +# Note that the \wclink ALLOC.POSTINIT Dynamic Allocation After +# Initialization\endwclink check is disabled by default: use a \param +# WARNING_FILTER rule to enable it. + +# #System_Initialization is the true 'main' procedure in a CodeSonar +# project. +#PROGRAM_ENTRY_POINTS += ^#System_Initialization$ +#PROGRAM_ENTRY_POINTS += ^init$ + + +# Parameter ALLOCATOR_FUNCTIONS +# +# Purpose +# Specifies allocator functions. +# Currently only used by +# \wclink ALLOC.POSTINIT Dynamic Allocation After Initialization +# \endwclink check. +# +# Type +# \link +# ../../../../third-party/boost/libs/regex/doc/html/boost_regex/syntax.html +# Boost regular expression\endlink +# +# Behavior +# For \wclink ALLOC.POSTINIT Dynamic Allocation After Initialization +# \endwclink check: calls to functions matching this regular +# expression are reported unless: +# - they are directly or transitively called by a function specified with +# \param DYN_INIT_FUNCTIONS, or +# - they are not reachable from a program entry point (see \param +# PROGRAM_ENTRY_POINTS). +# +# Notes +# For example, +# \code +# ALLOCATOR_FUNCTIONS += ^mmap$ +# \endcode +# specifies that \tt mmap() should be considered an allocator +# +# Note that the \wclink ALLOC.POSTINIT Dynamic Allocation After +# Initialization\endwclink check is disabled by default: use a \param +# WARNING_FILTER rule to enable it. + +#ALLOCATOR_FUNCTIONS += ^(csonar_allocate_heap)$ +#ALLOCATOR_FUNCTIONS += ^(malloc|alloca|realloc)$ +#ALLOCATOR_FUNCTIONS += ^(sbrk|brk|mmap)$ +#ALLOCATOR_FUNCTIONS += ^(_mmap)$ + + +# Parameter DYN_INIT_FUNCTION +# +# Purpose +# Specifies functions that may directly or transitively call +# allocator functions without triggering a \wclink +# ALLOC.POSTINIT Dynamic Allocation After Initialization +# \endwclink warning. +# +# Type +# \link +# ../../../../third-party/boost/libs/regex/doc/html/boost_regex/syntax.html +# Boost regular expression\endlink +# +# Behavior +# No \wclink ALLOC.POSTINIT Dynamic Allocation After +# Initialization \endwclink warnings are issued for allocators (as +# specified by \param ALLOCATOR_FUNCTIONS) called directly or +# transitively by a function whose name matches this regular +# expression. +# +# Notes +# For example, +# \code +# DYN_INIT_FUNCTIONS += ^dyn_init$ +# \endcode +# specifies that function(s) \tt dyn_init() can directly or +# transitively call allocator functions without triggering a warning. +# +# Note that the \wclink ALLOC.POSTINIT Dynamic Allocation After +# Initialization\endwclink check is disabled by default: use a \param +# WARNING_FILTER rule to enable it. + +#DYN_INIT_FUNCTIONS += ^dyn_init$ + + +# Parameter ASSERT_FAIL_FUNCTIONS +# +# Purpose +# Specifies functions that will be treated as assertions by the \wclink +# LANG.FUNCS.ASSERTS Not Enough Assertions \endwclink check +# +# Type +# \link +# ../../../../third-party/boost/libs/regex/doc/html/boost_regex/syntax.html +# Boost regular expression\endlink +# +# Behavior +# Calls to functions matching this regular expression are counted +# as assertions. +# +# Notes +# For example, +# \code +# ASSERT_FAIL_FUNCTIONS += ^__assert_fail$ +# \endcode +# specifies that calls to \tt __assert_fail() should be considered +# assertions. Some systems implement the \tt assert macro using \tt +# __assert_fail(). +# +# Note that the \wclink LANG.FUNCS.ASSERTS Not Enough Assertions +# \endwclink check is disabled by default: use a \param +# WARNING_FILTER rule to enable it. + +#ASSERT_FAIL_FUNCTIONS += ^__assert_fail$ +#ASSERT_FAIL_FUNCTIONS += ^__assert$ +#ASSERT_FAIL_FUNCTIONS += ^_assert$ +#ASSERT_FAIL_FUNCTIONS += ^assert$ +#ASSERT_FAIL_FUNCTIONS += ^_wassert$ + + +# Parameter SYSTEM_INCLUDE_PATHS +# +# Purpose +# Specifies file system paths which contain system include headers. +# +# Type +# string +# +# Behavior +# Any file matching the paths added via SYSTEM_INCLUDE_PATHS are excluded +# from computation of metrics and certain warning classes. Substring match is +# used to match files to the specified system include paths. +# +# NOTE: Any line ending with a "\" is treated as a continuation - meaning that +# the subsequent line will be concatenated with the current line. To avoid +# this situation (e.g. for paths that actually end in "\"), add whitespace +# after the "\" before the newline character. + +#SYSTEM_INCLUDE_PATHS += /codesonar/smel/ +#SYSTEM_INCLUDE_PATHS += /codesonar/libmodels/ +#SYSTEM_INCLUDE_PATHS += /csurf/csinclude/ +#SYSTEM_INCLUDE_PATHS += /usr/include/ +#SYSTEM_INCLUDE_PATHS += /usr/lib/ +#SYSTEM_INCLUDE_PATHS += /usr/lib64/ +#SYSTEM_INCLUDE_PATHS += /usr/local/include/ +#SYSTEM_INCLUDE_PATHS += /usr/local/lib/ +#SYSTEM_INCLUDE_PATHS += /usr/local/lib64/ +#SYSTEM_INCLUDE_PATHS += /usr/sfw/include/ +#SYSTEM_INCLUDE_PATHS += /usr/sfw/lib/ +#SYSTEM_INCLUDE_PATHS += /opt/sfw/include/ +#SYSTEM_INCLUDE_PATHS += /opt/sfw/lib/ +#SYSTEM_INCLUDE_PATHS += /cygwin/lib/ +#SYSTEM_INCLUDE_PATHS += /cygwin/local/lib/ +#SYSTEM_INCLUDE_PATHS += :\Program Files\Microsoft +#SYSTEM_INCLUDE_PATHS += :\Program Files\Freescale +#SYSTEM_INCLUDE_PATHS += :\Program Files\Metrowerks +#SYSTEM_INCLUDE_PATHS += :\Program Files\Intel +#SYSTEM_INCLUDE_PATHS += :\Program Files\ARM +#SYSTEM_INCLUDE_PATHS += :\Program Files\IAR +#SYSTEM_INCLUDE_PATHS += :\Program Files\Borland +#SYSTEM_INCLUDE_PATHS += :\Program Files\CodeGear +#SYSTEM_INCLUDE_PATHS += :\Program Files\Hi-Tech +#SYSTEM_INCLUDE_PATHS += :\CCStudio +#SYSTEM_INCLUDE_PATHS += :\WINCE +#SYSTEM_INCLUDE_PATHS += :\Keil +#SYSTEM_INCLUDE_PATHS += :\HEW +#SYSTEM_INCLUDE_PATHS += :\Borland +#SYSTEM_INCLUDE_PATHS += ARC\MetaWare +#SYSTEM_INCLUDE_PATHS += :\cygwin\usr\include\ +#SYSTEM_INCLUDE_PATHS += :\cygwin\lib\ +#SYSTEM_INCLUDE_PATHS += :\cygwin\local\lib\ +#SYSTEM_INCLUDE_PATHS += \csurf\include\ +#SYSTEM_INCLUDE_PATHS += \csurf\csinclude\ +#SYSTEM_INCLUDE_PATHS += \codesonar\smel\ +#SYSTEM_INCLUDE_PATHS += \codesonar\libmodels\ +#SYSTEM_INCLUDE_PATHS += :\Program Files (x86)\Microsoft +#SYSTEM_INCLUDE_PATHS += :\Program Files (x86)\Freescale +#SYSTEM_INCLUDE_PATHS += :\Program Files (x86)\Metrowerks +#SYSTEM_INCLUDE_PATHS += :\Program Files (x86)\Intel +#SYSTEM_INCLUDE_PATHS += :\Program Files (x86)\ARM +#SYSTEM_INCLUDE_PATHS += :\Program Files (x86)\IAR +#SYSTEM_INCLUDE_PATHS += :\Program Files (x86)\Borland +#SYSTEM_INCLUDE_PATHS += :\Program Files (x86)\CodeGear +#SYSTEM_INCLUDE_PATHS += :\Program Files (x86)\Hi-Tech +#SYSTEM_INCLUDE_PATHS += /Developer/Headers/ +#SYSTEM_INCLUDE_PATHS += /Developer/SDKs/ +#SYSTEM_INCLUDE_PATHS += /Library/Frameworks/ +#SYSTEM_INCLUDE_PATHS += /System/Library/ +#SYSTEM_INCLUDE_PATHS += /opt/local/include/ +#SYSTEM_INCLUDE_PATHS += /sw/include/ + + # Parameter EXTRA_COMPILATION_UNITS # # Purpose # Specifies extra compilation units to be added to every CodeSonar