2. AdaCore GNAT SAS 26 Roadmap¶
This roadmap represents the current stage of AdaCore plans for its technology. It is not binding, and can change without notice. Products marks as “Beta” can be made available to customers supported on the corresponding products by contacting AdaCore support (https://www.adacore.com/support). Customers interested in trying out capabilities that they don’t have access to yet, or who are interested in discussing a more detailed status update can contact info@adacore.com
2.1. GNAT SAS¶
2.1.1. Detection of globals aliased by by-copy parameters¶
In the following code, a global variable is aliased by a by-copy parameter:
procedure Main is
Glob : INTEGER := 0;
procedure Change (X : in out INTEGER) is
begin
Glob := 1;
end Change;
begin
Change (Glob); -- Modifcation of Glob from within Change overwritten by
-- incoming value of Glob - so Glob is 0 after the call.
end Main;
GNAT SAS will detect this problematic pattern and alert the user.
2.1.2. Improvements to working with project files¶
GNAT SAS will offer improvements to the way project files are handled, in particular by offering a more uniform command-line experience when requesting analysis of a particular Ada unit within a project.
2.1.3. Parameter mode analysis¶
GNAT SAS will alert users when parameter mode usage is inconsistent with the specification of the subprogram. For example, if an IN-OUT parameter is never read, GNAT SAS will suggest that it be changed to OUT.
2.1.4. Taint-based analysis¶
GNAT SAS will offer specific analyses based on taint to help users identify defects related to data flow and integrity.
2.1.5. Tighter integration of GNATmetric¶
GNATmetric will be invocable from the GNAT SAS driver using gnatsas metric.
2.1.6. Towards implementation of TOP 25 CWE analysis¶
MITRE’s Common Weakness Enumeration (CWE) is a list of cyber security coding issues that are found in code. This release of GNAT SAS will continue to improve coverage of the 25 most common weaknesses through the enhancements presented below.
2.1.7. Type-state analysis¶
GNAT SAS will use type-state analysis to detect improper use of resources, such as files.