It is possible to incorporate CodeSonar results in the TICS output
for C and/or C++ files. CodeSonar is a
source-code analyzer that identifies complex bugs at compile time. The tool is
manufactured by GrammaTech.
The integration of CodeSonar within TICS is based on
CodeSonar version 3.3p1.20081121-i686-pc-win32.
It is not recommended to use another version than this version.
CodeSonar integration, the following prerequisites
must be met:
CodeSonar must be installed on all TICS BuildServers and
TICS Clients.CodeSonar hub should be running on the
default location 127.0.0.1:7340.CodeSonar has to be configured correctly, see below.
Since CodeSonar acts during compile time,
it needs to be instructed with several options, like the classpath for the
project. This information is extracted by TICS from the project's build.
For this, the correct
BUILDTYPE
should be specified. Since a compilation has to be performed, the correct
compiler should be configured for the buildtype.
'C' => {
...
'BUILDTYPE' => [
{ 'name' => 'Make', 'compiler' => [ 'Gcc' ] },
],
...
},
'CPP' => {
...
'BUILDTYPE' => [
{ 'name' => 'VCXProj', 'compiler' => [ 'VC' ] },
],
...
}
CodeSonar has the possibility to detect problems of many different
classes. All these classes are listed within the CodeSonar
installation in the following file:
CodeSonar/codesonar/doc/WarningClasses/WarningClasses.html.
The user is free to choose any set of classes that should be reported by
TICS. As with other codecheckers, this is done by editing the
RULES.txt and the IMPL.txt files within the
cfg directory on the TICS FileServer. The user is free to choose
the rule's identifier, severity level, category and synopsis in the
RULES.txt. How TICS invokes CodeSonar is configured
in the IMPL.txt. In this file, the "Warning Class" of
the class should be used. These "Warning classes" are the strings
in the "Warning Class" column in the WarningClasses.html page.
Note: all spaces in the "Warning Class" should be replaced by "_"'s.
A short example of the IMPL.txt
file is given below:
CS#1 CodeSonar Accept_on_socket_in_wrong_state CS#2 CodeSonar Bind_on_socket_in_wrong_state CS#3 CodeSonar Buffer_Overrun CS#4 CodeSonar Buffer_Underrun CS#5 CodeSonar Cast_Alters_Value CS#6 CodeSonar Connect_on_socket_in_wrong_state CS#7 CodeSonar Dangerous_Function_Cast CS#8 CodeSonar Division_By_Zero
A standard CodeSonar rule configuration is available in the
form of a IMPL.txt, RULES.txt pair.