IAR Information Center for 8051

• Important information
• New features
• Known problems
• Program corrections
• User guide corrections
• Miscellaneous
• Release history

Important information

• None

New features

• To achieve better correlation between the number of C-STAT messages and the number of potential problems, checks that identify identical problems are now consolidated in the analysis report. For example, if both MISRAC++2008-6-2-1 and MISRAC2012-Rule-13.4_b are enabled and a potential problem is detected, only one message will be produced, mentioning both checks. This might lead to a decrease in the number of messages (but not in reported potential problems).

Known problems

• None

Program corrections

• [CSTAT-427] Performing a re-analysis on a project that has messages in a header file, which in turn is included by more than one source file, can cause C-STAT to crash.
• [CSTAT-426] The check PTR-null-cmp-bef will only give one warning, regardless of how many violations against the rule it finds.
• [CSTAT-425] If C-STAT analyzes the same code a second time, and the only change in the code is an added comment directive, the directive does not have any effect.
• [CSTAT-424] C-STAT estimates the size of an array of pointers incorrectly.
• [CSTAT-421] The check for MISRAC++2008-6-5-4 incorrectly produces a message if the loop counter in a function is an iterator.
• [CSTAT-420] Checks for the rules MISRAC++2008-6-2-1 and MISRAC2012-Rule-13.4_b incorrectly generate a message for compiler-generated code with assignments in sub-expressions. (Such code patterns can be introduced by, for instance, range-based for loops.)
• [CSTAT-419] The directive in a comment for disabling a check for the immediately following function (//cstat #tag) can sometimes fail to disable the specified check.
• [CSTAT-418] The --exclude option does not work when the path is absolute.
• [CSTAT-417] In some cases, C-STAT interprets the result of the addition operators + or += as to be of unsigned type, even if none of the operands are of unsigned type.
• [CSTAT-415] The check MISRAC2012-Dir-4.8 incorrectly warns when there is no pointer to a visible struct or union that can be dereferenced.
• [CSTAT-413] MISRAC2012-Rule-1.3_t: The message incorrectly says "copying x bytes to..." instead of "copying x bytes to/from..." while the size of both the source and the destination of the memcpy function call are checked.
• [CSTAT-412] Using the wildcard character (*) in C-STAT comment directives has no effect.
• [CSTAT-411] When using comment characters and operators to disable or enable C-STAT messages for specific checks, /*cstat op [op op...]*/, the last op and */ must be separated with a whitespace.
• [CSTAT-409] C-STAT can in some cases report an incorrect size for objects that are accessed via either the . (dot) or -> (arrow) operator.
• [CSTAT-408] For MISRAC2012-Rule-8.7, a function definition is incorrectly not considered as a reference of a function.
• [CSTAT-407] MISRAC2012-Rule-14.1_a and MISRAC++2008-6-5-1_a incorrectly warn when any object in the controlling expression is of type float. These checks should only warn if the loop counter is of type float.
• [CSTAT-406] C-STAT can generate messages that incorrectly refer to line '0' (MISRAC2004-1.1 is an exception to this).
• [CSTAT-404] A typedef in a header file can incorrectly be seen as non-unique when the header file is included from multiple source files. This can make MISRAC2012-Rule-5.6 report a false positive.
• [CSTAT-403] Declarations in a header file can incorrectly be seen as multiple declarations, when the header file is included from multiple source files, and make MISRAC2012-Rule-8.5_b generate a false positive.
• [CSTAT-402] Certain declarations, break and continue statements inside if, for and while statements, can make rule CERT-EXP19-C produce false positives.
• [CSTAT-401] MISRAC2012-Rule-13.1 yields a false positive. Taking the address of a volatile object is considered as an operation with a side-effect.
• [CSTAT-400] Using NULL in assert macros triggers false positives for MISRAC2012-Rule-11.9.

User guide corrections

• None

Miscellaneous

• None

Release history

10.30.2, November 2020

Program corrections

• [CSTAT-399] C-STAT considers accessing a volatile object through the -> (arrow) or . (dot) operators as a volatile write operation.
• [CSTAT-398] It is not possible to suppress link analysis messages in C-STAT.
• [CSTAT-396] Using a section operator, for example __segment_begin, as a function parameter causes an internal error in C-STAT.
• [CSTAT-393] Running an analysis on an unchanged file with the check MISRAC2012-Dir-4.6_a enabled can in rare cases cause C-STAT to report an internal error.
• [CSTAT-392] The check MISRAC2012-Rule-13.1 reports a false positive when the right-hand side of an assignment is cast from a non-volatile value to a pointer-to-volatile value.
• [CSTAT-391] In some rare cases, C-STAT can misidentify how function parameters are used.
• [CSTAT-389] Arrays with more than 100 elements can cause C-STAT to crash if the check MISRAC2012-Rule-10.3 is enabled.
• [CSTAT-387] C-STAT does incorrectly not consider returning a struct from a function to be a use of the struct.
• [CSTAT-386] Source files larger than 16 MBytes can cause C-STAT to crash.

10.30.1, December 2018

New features

• When generating a full report, C-STAT now divides the report into multiple html files instead of one single html file. With this solution, the risk of slowing down the IDE and/or external web-browser by the report has been reduced.
• A new option --deterministic has been added. Use this option to ensure a deterministic amount of messages when running icstat with multiple threads, so that the amount of messages stays approximately the same from one analysis run to another. This option puts a limit on the option --parallel, which makes the analysis process slower.

Program corrections

• [CSTAT-382] Specifying the C-STAT option --exclude with the parameter dir, only works when all letters in dir are lower case.
• [CSTAT-377] Saving a function address is considered as a function call. This can lead to false positives for checks which look for recursion, such as MISRAC2012-Rule-17.2_b.
• [CSTAT-375] If an analysis of a source file only consists of suppressed messages, IAR Embedded Workbench will not output "Analyzing xxxx" in the Build window.
• [CSTAT-372] Array indices are calculated incorrectly when the array is a field (but not the first field) of a struct.
• [CSTAT-368] MISRAC2012-Rule-17.5 might report false positives if the parameter is a global array.
• [CSTAT-364] The severity level for the checks MISRAC2012-Rule-8.9_a and MISRAC2012-Rule-8.9_b is incorrect. It should be Low, not Medium.
• [CSTAT-363] if (++foo != 0) or if (--foo != 0) does not count as a comparison of foo against 0.
• [CSTAT-360] MISRAC2012-Rule-8.3_b generates a message for inconsistent types between global variables with the same name even if the variables are declared as static.
• [CSTAT-359] There are no link analysis messages when the paths to the source files contain white spaces. This occurs both when running icstat with the commands command and when performing an analysis in IAR Embedded Workbench.
• [CSTAT-357] Access ranges of arrays inside structs are not calculated correctly. This can for example generate false positives for the check ARR-inv-index-ptr-pos.
• [CSTAT-353] Function parameters for non-static functions are given an estimated value range based on an analysis of all function calls inside the module where the function is defined. This might introduce false positives when the function is called from another module.
• [CSTAT-349] MISRAC2012-Rule-10.3 can trigger an internal error when a string is assigned to an array of characters.

10.20.1, April 2018

New features

• The MISRA C 2004 package in C-STAT has been updated with approximately 20 new checks.

10.10.1, April 2017

New features

• New checks have been added.
• Improved analysis engine which increases the analysis precision.
• The time-consuming false-positive analysis is now disabled by default but can be enabled by an option in the IAR Embedded Workbench IDE or on the command line.
• A new option in the IAR Embedded Workbench IDE makes it possible to limit the number of messages generated per check and per file.
• C-STAT message suppression can now be controlled by directives placed in comments in the source files.

9.30.1, December 2015

New features

• C-STAT
  The add-on product C-STAT for static analysis is now supported. C-STAT features innovative static analysis that can detect defects, bugs, and security vulnerabilities as defined by CERT and the Common Weakness Enumeration, as well as help keeping code compliant to coding standards like MISRA C:2012/2004 or MISRA C++:2008. For more information, see C-STAT Static Analysis Guide.