Astrée and RuleChecker Release 23.04

* Added support for C++20.
* Added support for MISRA C:2012 Amendment 3.
* Updated the Clang/LLVM frontend to version 15.

New DAX version 1.15
* Removed the top-level DAX tag <files/>. Files that do not require 
  preprocessing must now be specified in preprocessor configurations with 
  the additional tag <use-internal-preprocessor>no</use-internal-preprocessor>.
* The tag <use-internal-preprocessor/> is no longer allowed directly 
  inside of the <preprocess/> tag. It can now only be specified inside of 
  individual preprocessor configurations, i.e. within <config/> tags.
* Changed the specification of the comment mode. It is now specified 
  in the new top-level tag <comment-mode>AAL|patterns</comment-mode>.
* The attribute "use-relative-paths=yes|no" for items in the top-level tag 
  <files/> is now deprecated.

Improved precision
* Improved precision when casts from integers to floats 
  are used in comparisons.
* Improved precision of the congruence intervals domain.
* Improved precision when checking for run-time errors in conditions, 
  to prevent false alarms reported in previous releases.
* Improved the precision of modulo with powers of two.
* Improved precision when copying shared variables that are possibly 
* More precise handling of bitwise "&" in conditions.
* Improved the precision of __ASTREE_modify on arrays 
  when the array index is an enumerator.
* Improved the precision on non-linear expressions when sub-expressions 
  can be handled by octagons.

Improved comments
* Removed restrictions on the use of different mechanisms 
  for commenting alarms.
  * The comment mode setting in the Info view of the GUI and the corresponding 
    DAX tag no longer restricts which comment mechanism (AAL or Patterns) 
    is available. Instead it only specifies the preferred comment mechanism 
    when commenting alarms in the Findings view.
  * The "comment alarm(s)..." dialog accessible via the context menu in the 
    Findings view now allows to select a particular comment mechanism, 
    overriding the default specified by the comment mode when appropriate. 
    This allows mixing AAL and Pattern comments in the same analysis project.
  * AAL comments are now enforced for alarms about rule violations when Pattern 
    comments are not appropriate for technical reasons.
* Overhauled the comment patterns feature. Comment patterns are now:
  * available for commenting alarms in the analysis config file
  * more strictly avoided for commenting rule violations
  * appliable to control_flow_anomaly alarms about non-returning functions

New options
* no-partition-functions 
  specifies a list of functions that are excluded from automatic partitioning.
* warn-on-unsigned-integer-lshift-range 
  for controlling warnings about overflows in unsigned left shifts.
* precise-multiple-return-function 
  applies automatic state-machine partitioning to functions with multiple 
  returns. The option is only available in astree-cxx mode to enable a more 
  precise analysis of such functions when using the clang-based C/C++ frontend.
* New options for bounded analysis:
  * analysis-timeout 
    specifies a timeout after which the analyzer starts 
    a soft shutdown, collecting partial, unsound results.
  * shutdown-timeout 
    specifies an additional timeout for the soft shutdown 
    initiated by the option analysis-timeout.
* Removed the option warn-on-integer-lshift-range. Existing analysis projects 
  that enabled this option must now enable the two options 
  and warn-on-signed-integer-lshift-range.

Improved directives
* Improved the __ASTREE_partition_ranges directive 
  to generate more appropriate partitions for small integer intervals.
* Partitioning directives no longer cut the undefined cases 
  when evaluating expressions with undefined behaviors. 
  As a visible consequence, alarms may shift from partitioning directives 
  to other statements of the program.
* The directive __ASTREE_octagon_pack can now also be used in global scope, 
  i.e. outside of function bodies.
* Within functions, the directive __ASTREE_octagon_pack now also accepts 
  variables of pointer type, used as arrays, and simple C expressions 
  appearing as array indices in directive access paths. For example:

    void f(int x, int *arr, int n) {
      __ASTREE_octagon_pack((x, arr[0:n - 1]));

* The __ASTREE_modify and __ASTREE_initialize directives no longer accept 
  arguments of the form ptr[] where ptr is a pointer. Such arguments 
  should be replaced by ptr[lb..ub] where lb and ub are appropriate bounds 
  for accessing ptr.
* The __ASTREE_known_range directive now supports slice syntax 
  when used with arrays and pointers, e.g. arr[0:2] or ptr[3:5].
* Fixed an issue that could cause __ASTREE_octagon_pack 
  and __ASTREE_boolean_pack to choose a variable from an out-of-scope 
  function when addressing it using the var@function_name syntax.

Improved alarms
* Alarms about invalid_pointer_arithmetics in array and field accesses 
  now cut NULL and INVALID pointer values to prevent them from causing 
  subsequent alarms.
* Alarms about unbounded loops now only highlight the keyword of the loop 
  instead of the complete loop.
* Removed false alarms for shift_argument when the ABI value bits_of_byte 
  is set to 16 bits.
* Removed false alarms about field_overflow_upon_dereference for bit-fields.

Other improvements
* Optimized analyzer for better performance on large, asynchronous code.
* Uninstallation on Windows can now be made silent 
  by providing the option /VERYSILENT to the installer.
* Providing an analysis option that is not supported by the configured 
  analysis mode (astree, astree-cxx, rulechecker) now triggers an error message.
* It is now possible to start program slicing from declarations 
  with an initializer that contains a function call.
* Overhauled the implementation of the automatic partitioning heuristics. 
  In rare cases the new behavior may differ from the old one, 
  causing changes in precision and performance of affected analyses.
* Improved the separate function heuristics.
* Improved the display of context information (e.g. in alarm messages) 
  for partitions produced by the directive __ASTREE_partition_expr.
* The analyzer now distinguishes more clearly between arithmetic overflows 
  with predictable result (on unsigned integers) and arithmetic overflows 
  with unpredictable result (on signed integers). To this end, 
  it now reports the latter as class A alarms using the new alarm key 
* Non-returning separately analyzed functions are now only reported 
  at the call sites of such functions. The additional, redundant alarms 
  at the function definitions, reported by previous versions, are now omitted.
* The analyzer now distinguishes more clearly between arithmetic overflows 
  on floats with predictable result (+/- infinity when keep-float-specials=yes) 
  and with unpredictable result (floating-point exception raised when 
  keep-float-specials=no). To this end, it now reports the latter as 
  class A alarms using the new alarm key arithmetic_overflow_unpredictable.
* Added new syntax [:] for specifying array slices in Astrée 
  directives. In contrast to the [<lb>..<ub>] syntax 
  for array slices, the new syntax works not only with plain constants 
  for lb and ub, but also with arbitrary constant expressions 
  or even variables, if supported by the directive.
* Analyses on asynchronous code now report all processes that are created 
  during the analysis, including additional information such as priorities 
  and locks. The new information appears in the Output view 
  and in the text report file in the new section "List of processes".

Integration with TargetLink
* Added support for TargetLink 2022:B.
* When looking for the <model>_pcf.c file required for the analysis,
  the toolbox now takes into account the output folder configuration.

Integration with KEIL μVision
The toolbox no longer generates deprecated <coverage-ignore> DAX elements.

* Rule-checking related sections in the log output and text report 
  have been renamed to better reflect their contents.
* The new diagnostic rule B.1.7 (legacy-alarm-annotation) informs about 
  suppress or comment directives that, for reasons of backwards compatibility, 
  are applied to alarms with new alarm keys introduced in later releases.
* New scope option for rule check configurations that controls 
  whether a configuration applies to all the contents of the selected files 
  or only to code that appears inside or outside of designated code blocks, 
  respectively. The new RuleChecker option designated-block-comment 
  specifies the comment pattern that identifies designated code blocks.
* Improved the reporting of active rule checks in the text report 
  and the Output view. They now contain only one section 
  that lists all active rule checks.
* Improved performance of application-wide code metrics calculation.

Rule sets and checks for C
* Added support for MISRA C:2012 Amendment 3.
* Improved coverage of rule CERT.PRE.6. The rule is now fully checked.
* Replaced the check object-definition-without-extern by the new check 
  global-object-declaration in rule X.F.30.

Rule sets and checks for C++
* Messages about rule violations now report the C++ template instantiation(s)
  in which the corresponding checks are violated.
* New checks:
  * dynamic_cast_in_constructor (M2008.12.1.1, AUTOSAR.12.1.1M)
  * typeid_in_constructor (M2008.12.1.1, AUTOSAR.12.1.1M)
  * cast-pointer-to-intptr and cast-pointer-void-to-intptr, 
    split off from the checks cast-pointer-to-integer, 
    cast-pointer-void-to-integer and associated with 
    the same rules (M2008.5.2.9, AUTOSAR.5.2.9M)
  * include-guard-pragma-once (CERT.PRE.6, M2008.16.2.3, AUTOSAR.16.2.3M, 
    M202x-DRAFT.000207), split from the check include-guard-missing 
    to warn about usage of #pragma once as include guard. 
    To allow the usage of #pragma once for certain rules, 
    you can now deselect the new check.
* Split the check macro-function-like (AUTOSAR.16.0.1A, CERT.PRE.0, M.19.7, 
  M2008.16.0.4, M2008.16.2.1, M2012.D.4.9) into the two checks 
  macro-function-like and macro-function-like-strict. 
  This enables configuring whether function-like macros 
  with __LINE__, __FILE__, __func__, or the operators # or ## 
  shall be regarded as rule violations or not. 

Rule sets and checks specific to Astrée
* New diagnostic check unknown-component (A.5.7) 
  that warns about unknown component names 
  used in the option component-pairs-under-observation.
* If the memory block specified by an __ASTREE_absolute_address directive 
  does not fit into the addressable memory, the directive is now ignored 
  and a violation of the check invalid-directive is reported.

Enhancements, clarifications, refinements for both C and C++
* Fixed errors that could occur during rule checking due to 
  unresolved environment variables in the preprocessor configuration.
* Removed false negatives for the check function_name_usage 
 (M2008.8.4.4, AUTOSAR.8.4.4M) when function identifiers 
  are not subject to pointer decay.
* Removed false positives for the check parameter-name-match 
 (AUTOSAR.8.4.2M, M.16.4, M2008.8.4.2, M2012.8.3, M202x-DRAFT.000149). 
  The check no longer reports unnamed parameters as a conflict.
* Declarations in files excluded from rule checks are no longer considered 
  for the check parameter-name-match (AUTOSAR.8.4.2M, M.16.4, M2008.8.4.2, 
  M2012.8.3, M202x-DRAFT.000149).
* The new check precedence-pp warns about missing parentheses in expressions 
  evaluated by the preprocessor. This removes false negatives for the rules 
  AUTOSAR.5.0.2M, M.12.1, M2008.5.0.2, and M2012.12.1.
* Rule violations are now consistently reported only in files that use 
  the language(s) addressed by the corresponding rule set.
* Extended the check parameter-name-match (AUTOSAR.8.4.2M, M.16.4, 
  M2008.8.4.2, M2012.8.3, M202x-DRAFT.000149) to remove false negatives 
  regarding different parameter names in different translation units 
  when at least one translation unit is C++.

Enhancements, clarifications, refinements for C code
* Removed false positives for the check parameter-missing-const 
 (CERT.DCL.0, CERT.DCL.13, M.16.7, M2012.8.13). It no longer warns about 
  parameters passed to __astree_bzero, __astree_memcpy, or __ASTREE_trash.
* Removed false positives for the check uninitialized-local-read 
 (CERT.EXP.33, CWE.456, CWE.457, CWE.665, CWE.824, CWE.908, 
  ISO17961.uninitref, M.9.1, M2012.9.1) when taking the address 
  of an array that is part of a struct.
* Removed false negatives for the following checks, which did not warn 
  about conversions applied to arrays converted to pointer (cf. C11 §
  * incompatible-object-pointer-conversion 
   (A.1.11, CERT.MSC.40, M.1.1, M2012.D.2.1, M2012.1.1)
  * pointer-qualifier-cast-const 
   (CERT.EXP.5, CERT.EXP.40, M.11.5, M2012.11.8)
  * pointer-qualifier-cast-volatile (M.11.5, M2012.11.8) 
* Removed false positives for the check return-reference-local 
 (CERT.DCL.30, CERT.ARR.30, ISO17961.addrescape, M.17.6, M2012.18.6), 
  which erroneously warned about values taken from objects of struct types, 
  if a preceding assignment to another field of that struct 
  stored a pointer to a local variable.
* Removed false positives for the check evaluation-order 
 (A.4.1, CERT.EXP.10, CERT.EXP.30, M.12.2, M2012.1.3, M2012.13.2) 
  that could occur when implicitly taking the address of an array.
* The check pointer-cast-alignment no longer warns about 
  null pointer constants.
* Removed false positives for the check return-implicit 
 (CERT.MSC.37, M.16.8, M2012.17.4, X.F.41). 
  It no longer warns about asm functions.
* Refined the rule check return-value-type (X.F.39) to ignore conversions 
  that only affect type qualifiers.
* Improved the rule check multiple-instructions-per-line (X.F.1). 
  It now ignores statements stemming from macro invocations.
* Removed an issue that caused the analyzer to report 
  an "Out of memory" error during rule checks.
* Updated the coverage information for rule M2012.D.4.7, 
  which is checked only partially even when Astrée is used.
* Violations of the check parameter-name-match (M.16.4, M2012.8.3) 
  are now reported at the parameter declaration and not the function name.
* Removed false negatives for the check function-pointer-cast (M2012.11.1)
  which did not warn about casts changing qualifiers in parameter types.
* Removed false negatives for the checks type-compatibility-link 
  and type-compatibility (A.1.1, CERT.DCL.40, CERT.MSC.40, 
  ISO17961.funcdecl, M.1.1, M.8.4, M2012.D.2.1, M2012.1.1) 
  which in some cases did not report declarations with different use 
  of volatile qualifiers in typedefs.
* Violations of the checks include-characters, include-characters-backslash, 
  and include-characters-sline (M.19.2, M2012.20.2) are no longer reported 
  for code that is excluded by preprocessor directives, e.g. using 
  #if 0 ... #endif

Enhancements, clarifications, refinements for C++ code
* Fixed false negatives for the checks 
  octal_escape_sequence (M2008.2.13.2, AUTOSAR.2.13.2M), 
  float_suffix (M2008.2.13.4, AUTOSAR.2.13.4M), 
  long_suffix (M2008.2.13.4, AUTOSAR.2.13.4M), 
  digit_separator_placement (AUTOSAR.13.6.1A), and 
  hexadecimal_lower_case_digit (AUTOSAR.2.13.5A) 
  for literals used within macro expansions.
* Fixed the detection of subexpressions and expression statements 
  in the presence of temporaries. This removes:
  * false positives for the checks 
    conditional_as_sub_expression (AUTOSAR.5.16.1A) and 
    unary_assign_separation (AUTOSAR.5.2.10M, M2008.5.2.10)
  * false negatives for the checks 
    constructor_call_statement (AUTOSAR.6.2.2A), 
    function_return_unused (AUTOSAR.0.1.2A, M2008.0.1.7), and 
    error_information_unused (AUTOSAR.0.3.2M, CERT-CPP.ERR.33C, M2008.0.3.2).
* Fixed identification of forwarding references in the presence of 
  parameter packs. This removes false positives and false negatives 
  for the checks forward-parameter (AUTOSAR.8.4.6A), 
  move-forwarding-reference (AUTOSAR.18.9.2A), 
  forward-rvalue-reference (AUTOSAR.18.9.2A), and 
  consume-parameter (AUTOSAR.8.4.5A).
* Extended the calculation of metrics to more template functions. 
  This removes false negatives for all threshold checks (ruleset T).
* The check expensive-to-copy (AUTOSAR.8.4.7A) no longer warns about 
  parameters of non-copy-constructible types.
* The check array-argument-to-pointer-decay (AUTOSAR.5.2.12M, M2008.5.2.12) 
  now also warns about non-identifier expressions of array type 
  that are subject to pointer decay.
* Adjusted the check precedence (M2008.5.0.2, AUTOSAR.5.0.2M) to follow 
  the more precise descriptions used in M202x-DRAFT and M2012. 
  In particular, expressions with different operators but of the same 
  precedence no longer require explicit parentheses, e.g. a + b - c 
  no longer violates this check.
* The checks member-function-missing-const and 
  member-function-missing-static (M2008.9.3.3, AUTOSAR.9.3.3M) 
  no longer report violations for templated methods when the body 
  uses dependent calls that cannot be resolved without instantiation. 
  This removes false positives for these checks. For instantiations 
  of templated methods, all violations are reported as before.
* Removed false positives for the check functional-cast 
 (M2008.5.2.4, M202x-DRAFT.000089) when the type is a deduced 
  template specialization and the expression thus constitutes 
  an object construction and not a functional cast.
* Rule violations that concern explicit function template instantiations 
  are now reported at the declaration of the corresponding template.
* Removed false negatives for the check unused-local-variable 
 (M2008.0.1.3, AUTOSAR.0.1.3M, M202x-DRAFT.000003) 
  when C++17 structured bindings are used.
* Removed false alarms for the check unused-local-variable 
 (M2008.0.1.3, AUTOSAR.0.1.3M, M202x-DRAFT.000003) 
  within the scope of not instantiated templates.
* The check enum-usage-overloaded-operator no longer reports
  enum usage in "operator()" and "operator,". This removes false positives 
  with respect to a revised interpretation of AUTOSAR.4.5.1A.
* The check enum-usage no longer reports enum usage in the operators 
  "?:" and ",". This removes false positives with respect to a revised 
  interpretation of M2008.4.5.2 and AUTOSAR.4.5.1A.
* Removed false positives for the check member-function-missing-static 
 (M2008.9.3.3, AUTOSAR.9.3.3M) with virtual functions.
* Removed false positives for the check undefined-extern (AUTOSAR.3.2.2M, 
  AUTOSAR.3.2.4M, CERT-CPP.DCL.60, M2008.3.2.2, 
  M2008.3.2.4) with constexpr static data members.
* The base classes list of class and variable template 
  specializations/instantiations is no longer ignored. 
  This removes false negatives and false positives for all C++ checks.
* Removed false positives for the check c-style-cast (AUTOSAR.5.2.2A, 
  M2008.5.2.4). It no longer reports the use of non-type template arguments 
  as cast.
* Removed false positives for the check check_precedence (AUTOSAR.5.0.2M, 
* Removed false positives for the check logop-postfix-operand (M2008.5.2.1).

Server and server controller
* Improved responsiveness of the server when importing large AAF files 
  or creating revisions of large analysis projects.
* Fixed an issue that caused the analysis server to crash when
  * trying to import an AAF file from a later release 
  * connecting a client to a project with an unsupported analysis version 
    using the command line option --id <analysis-id>
* Fixed an issue that could trigger a "Cannot commit analysis state" error 
  on analysis start after restarting a server with a different system user 
  or after switching from a user space server to service without changing 
  the data directory.
* The server log file now uses the JSON line format.
* Improved stability of the analysis server.
* Improved performance of the network communication 
  between server and client.
* Fixed the encoding used for the XML output of the server-controller 
  command-line interface.

Client GUI, batch mode, and report files
* Files that do not require preprocessing are now specified 
  in the Preprocessor view. The new flag "Use the built-in preprocessor" 
  specifies for each preprocessor configuration whether or not 
  the listed files require preprocessing by the internal preprocessor.
* Removed the preprocessor option "Remove analysis files before 
  importing preprocessed files" from the client GUI.
* The tag <function> of the XML report file has been extended 
  by the new optional attribute "tu=pX" to indicate that a function 
  has internal linkage and is the instance in the translation unit 
  represented by preprocessed file pX.
* Importing options from a DAX file into an existing project 
  now also overwrites options that are set to non-default values 
  in the project (e.g. with their default value specified 
  in the imported DAX file).
* Improved error reporting on DAX import.
* Improved the identifier search for identifiers in macro expansions,
  so that all such identifiers are now found at the locations 
  at which they appear literally in the code.
* The project monitor has been reworked to display additional information,
  e.g. used and available server memory and disk space.
* Tooltips in editor windows now stay longer before disappearing.
* Errors that occur during JSON compilation database import in batch mode
  are now reported via stderr.
* The copy action in the annotations view now also copies 
  the alarm location comments of AAL comment directives, if available.
* The Global data flow view has been extended to show 
  the kind of data race that a variable is involved in:
  * no (not involved in a data race)
  * rw (involved only in read-write data races)
  * ww (involved only in write-write data races)
  * rw+ww (involved in both read-write and write-write data races). 
* The tag <variable/> in XML report files has been extended 
  by the new attributes "has_read_write_datarace" and 
 "has_write_write_datarace" that indicate whether a variable 
  is involved in a read-write or write-write data race.
* Fixed an issue that on Windows prevented the context menu
  for alarm comments in the editor views from being displayed.
* In the Control flow and Global Data flow views, 
  the core a process runs on is now also displayed 
  for non-AUTOSAR projects.
* Changed order of the columns Application and Core 
  in custom reports with data flow and/or control flow information.
* Fixed location information for additional lines (as reported 
  for some findings) in the XML report.
* The new batch mode option --preprocess-only allows running 
  only the preprocessing without running the subsequent analysis. 
  The option is useful in conjunction with --export 
  for creating AAF files in batch mode. These AAF files then 
  contain the analysis setup plus all preprocessed and original
  source files. The actual analysis can be performed later, 
  possibly on different machines, by importing the AAFs 
  and triggering the analysis.
* The Global Data Flow view now also displays the phase 
  in which a variable is read or written by a process.

Frontends and preprocessor
* Removed errors about missing source files caused by source directives 
  mixed with nested comments and parentheses within the same comment.
* Improved compatibility of the preprocessor with ClearCase drives.
* The C frontend now supports the GCC builtin type __builtin_va_list 
  and the following GCC builtin functions:
  * __builtin_va_arg
  * __builtin_va_copy
  * __builtin_va_end
  * __builtin_va_start
* The C frontend now supports the following GCC builtin functions:
  * __atomic_compare_exchange_n
  * __atomic_exchange_n
  * __atomic_fetch_add
  * __atomic_fetch_and
  * __atomic_fetch_or
  * __atomic_fetch_sub
  * __atomic_fetch_xor
  * __atomic_load_n
  * __atomic_store_n
* The C frontend now rejects initializing a struct/union/array 
  by a scalar without braces.
* The C frontend now by default uses internal linkage for functions 
  with the asm specifier (asm macros).
* Improved handling of _Atomic and _Thread_local in the C frontend.
* The JSON compilation database importer now recognizes the compile option 
  -include <file> and maps it to an auto-include in the generated 
  preprocessor configuration.
* Fixed the parsing of the __ASTREE_comment directive 
  in the C++ analysis mode to remove parse errors such as

    frontend_clang: arguments to ASTREE directive cannot be parsed

* Fixed an issue that could cause the C++ frontend to crash 
  when encountering recursively inheriting templates.
* Fixed a corner case regarding the "Patterns to ignore" feature 
  that could cause a function filter to remove code blocks 
  following a #define directive in which the filter matched.

Stub libraries, ABIs, OS and compiler configurations
* Removed legacy stub code for the AUTOSAR modules NvM and Dem. 
  Stubbing these modules is no longer necessary.
* Fixed converting constructor of std::deque::const_iterator 
  from std::deque::iterator in the more abstract STL stubs 
  to remove false alarms about definite runtime errors.
* Updated and improved the ARINC-653 OS stubs.
* Rule violations in the generated part of the OSEK stubs 
  are now automatically suppressed. Astrée directives that 
  are generated into these files no longer appear in the list 
  of "Further directives" in the reports.
* Fixed type-generic macros in the tgmath.h header of the C stub library.
* Invocations of the error() function in the OSEK/AUTOSAR stubs 
  are now reported as definite run-time errors, 
  stopping the analysis for the corresponding contexts. 
  This generally results in more efficient and precise analyses. 
  The old behavior, i.e. continuing with the analysis 
  without reporting an error, can be restored by defining 
  the preprocessor macro KEEP_OSEKSTUB_ERRORS in the 
  preprocessor settings for the OSEK/AUTOSAR stubs.

Qualification Support Kits
* MISRA C++:2008 is now completely covered by the RuleChecker QSK.
* The driver program to run QSK packages has been renamed to qualify.

New test cases in the Astrée QSK
* qk_alarm_arithmetic_overflow_unpredictable
* qk_check_bad_macro_use
* qk_check_function_prototype
* qk_check_legacy_alarm_annotation
* qk_check_local_object_name_max_length
* qk_check_global_object_name_max_length
* qk_check_realloc_zero
* qk_check_static_function_declaration
* qk_check_static_object_declaration
* qk_check_static_object_name_max_length
* qk_check_stdbool_redefine
* qk_check_storage_class_placement
* qk_check_unknown_component
* qk_commandline_preprocess_only
* qk_filter_expressions_alternatives
* qk_option_analysis_timeout
* qk_option_no_partition_functions
* qk_option_shutdown_timeout
* qk_option_warn_on_unsigned_integer_lshift_ranges
* qk_rule_a_5_7
* qk_rule_b_1_7
* qk_rule_s_obj_0_3

Renamed test cases in the Astrée QSK
* qk_filter_expressions_alternatives_special_characters 
  -> qk_filter_expressions_special_characters
* qk_filter_expressions_dot_star 
  -> qk_filter_expressions_dot_repetitions

Test cases removed from the Astrée QSK
* qk_filter_expressions_directives
* qk_filter_pragma_asm
* qk_option_warn_on_integer_lshift_ranges
* qk_option_remove_analysis_files

Astrée QSK test cases extended to C++
* qk_option_analysis_entry
* qk_option_c_version
* qk_option_code_lines
* qk_option_continue_on_definite_rte
* qk_option_cut_arithmetic_operations_on_null
* qk_option_cut_integer_division_by_zero
* qk_option_cxx_version
* qk_option_generate_undeclared_absolute_addresses
* qk_option_inline_semantics
* qk_option_keep_float_specials
* qk_option_metrics
* qk_option_skip_analysis
* qk_check_stdlib_limits
* qk_option_equality

New test cases in the RuleChecker QSK
* qk_check_alignas_zero
* qk_check_alignment_specification_mismatch
* qk_check_alignment_specification_mismatch_link
* qk_check_bad_function_use
* qk_check_bad_macro_use
* qk_check_bad_pragma_use
* qk_check_bad_type_use
* qk_check_cast_pointer_to_intptr
* qk_check_cast_pointer_void_to_intptr
* qk_check_class_inconsistent_definitions
* qk_check_dynamic_cast_in_constructor
* qk_check_exception_specification_mismatch_link
* qk_check_generic_association_qualified_type
* qk_check_generic_association_type
* qk_check_generic_function_namespace
* qk_check_generic_operator_namespace
* qk_check_generic_selection_default_position
* qk_check_generic_selection_essential_type_mismatch
* qk_check_generic_selection_ignores_parameters
* qk_check_generic_selection_outside_macro
* qk_check_generic_selection_pointer_conversion
* qk_check_generic_selection_without_non_default
* qk_check_hexadecimal_lower_case_digit
* qk_check_inappropriate_float
* qk_check_inappropriate_type_tgmath
* qk_check_include_guard_pragma_once
* qk_check_inconsistent_alignment_specification
* qk_check_inconsistent_alignment_specification_link
* qk_check_invalid_noreturn
* qk_check_logop_postfix_operand
* qk_check_macro_function_like_strict
* qk_check_missing_noreturn
* qk_check_multiple_alignas
* qk_check_noreturn_void
* qk_check_precedence_pp
* qk_check_qualified_function_type
* qk_check_realloc_zero
* qk_check_register
* qk_check_return_reference_parameter_const
* qk_check_stdbool_redefine
* qk_check_stdint_constant_macro_argument
* qk_check_stdlib_use_alloc_strict
* qk_check_storage_class_placement
* qk_check_temporary_array_to_pointer_conversion
* qk_check_tgmath_argument_type_compatible
* qk_check_typeid_in_constructor
* qk_check_undefined_extern_pure_virtual
* qk_check_unhandled_throw_noexcept
* qk_check_union_bitfield_member
* qk_commandline_preprocess_only
* qk_dax_rulechecks_scope
* qk_externaldeclaration_one_function
* qk_externaldeclaration_typedef
* qk_filter_expressions_alternatives
* qk_filter_expressions_begin_and_end_of_line
* qk_filter_expressions_char_set
* qk_filter_expressions_dot_repetitions
* qk_filter_expressions_naming
* qk_filter_expressions_special_characters
* qk_filter_expressions_word_boundaries
* qk_option_designated_block_comment
* qk_filter_ignore
* qk_filter_more_functions
* qk_filter_one_function
* qk_filter_replacement
* qk_rule_autosar_0_1_1a
* qk_rule_autosar_0_1_2m
* qk_rule_autosar_0_1_3m
* qk_rule_autosar_0_1_9m
* qk_rule_autosar_0_3_2m
* qk_rule_autosar_0_4_4a
* qk_rule_autosar_14_5_3a
* qk_rule_autosar_15_4_2a
* qk_rule_autosar_15_5_3a
* qk_rule_autosar_16_0_2m
* qk_rule_autosar_16_1_1m
* qk_rule_autosar_16_1_2m
* qk_rule_autosar_16_2_1a
* qk_rule_autosar_17_0_1a
* qk_rule_autosar_18_0_2a
* qk_rule_autosar_18_0_3m
* qk_rule_autosar_18_2_1m
* qk_rule_autosar_18_5_10a
* qk_rule_autosar_18_5_1a
* qk_rule_autosar_18_5_6a
* qk_rule_autosar_2_10_1a
* qk_rule_autosar_2_10_1m
* qk_rule_autosar_2_13_2m
* qk_rule_autosar_2_13_3m
* qk_rule_autosar_2_13_4m
* qk_rule_autosar_2_13_5a
* qk_rule_autosar_2_5_1a
* qk_rule_autosar_3_2_1m
* qk_rule_autosar_3_2_2m
* qk_rule_autosar_3_2_4m
* qk_rule_autosar_3_3_2m
* qk_rule_autosar_3_8_1a
* qk_rule_autosar_3_9_1a
* qk_rule_autosar_5_0_10m
* qk_rule_autosar_5_0_2m
* qk_rule_autosar_5_0_3a
* qk_rule_autosar_5_2_10m
* qk_rule_autosar_5_2_3a
* qk_rule_autosar_5_2_6m
* qk_rule_autosar_5_2_8m
* qk_rule_autosar_5_3_2a
* qk_rule_autosar_5_3_2m
* qk_rule_autosar_5_6_1a
* qk_rule_autosar_5_8_1m
* qk_rule_autosar_6_4_3m
* qk_rule_autosar_6_4_5m
* qk_rule_autosar_6_5_2a
* qk_rule_autosar_6_6_1m
* qk_rule_autosar_7_1_4a
* qk_rule_autosar_7_4_1m
* qk_rule_autosar_7_5_1a
* qk_rule_autosar_7_5_1m
* qk_rule_autosar_7_6_1a
* qk_rule_autosar_8_4_4m
* qk_rule_autosar_8_5_2m
* qk_rule_autosar_9_6_4m
* qk_rule_cert_cpp_arr_30c
* qk_rule_cert_cpp_dcl_30c
* qk_rule_cert_cpp_dcl_40c
* qk_rule_cert_cpp_dcl_51
* qk_rule_cert_cpp_dcl_60
* qk_rule_cert_cpp_env_33c
* qk_rule_cert_cpp_err_33c
* qk_rule_cert_cpp_err_50
* qk_rule_cert_cpp_err_51
* qk_rule_cert_cpp_err_55
* qk_rule_cert_cpp_exp_34c
* qk_rule_cert_cpp_exp_54
* qk_rule_cert_cpp_exp_55
* qk_rule_cert_cpp_int_33c
* qk_rule_cert_cpp_mem_30c
* qk_rule_cert_cpp_mem_31c
* qk_rule_cert_cpp_mem_50
* qk_rule_cert_cpp_mem_51
* qk_rule_cert_cpp_mem_54
* qk_rule_cert_cpp_msc_53
* qk_rule_cert_cpp_oop_57
* qk_rule_m_1_2
* qk_rule_m2008_0_1_2
* qk_rule_m2008_0_1_3
* qk_rule_m2008_0_1_6
* qk_rule_m2008_0_1_9
* qk_rule_m2008_0_3_2
* qk_rule_m2008_14_5_1
* qk_rule_m2008_15_4_1
* qk_rule_m2008_15_5_3
* qk_rule_m2008_16_0_2
* qk_rule_m2008_16_0_3
* qk_rule_m2008_16_1_1
* qk_rule_m2008_16_1_2
* qk_rule_m2008_16_2_4
* qk_rule_m2008_17_0_1
* qk_rule_m2008_18_0_2
* qk_rule_m2008_18_0_3
* qk_rule_m2008_18_2_1
* qk_rule_m2008_18_4_1
* qk_rule_m2008_2_10_1
* qk_rule_m2008_2_10_2
* qk_rule_m2008_2_10_3
* qk_rule_m2008_2_13_2
* qk_rule_m2008_2_13_3
* qk_rule_m2008_2_13_4
* qk_rule_m2008_2_3_1
* qk_rule_m2008_3_2_1
* qk_rule_m2008_3_2_2
* qk_rule_m2008_3_2_4
* qk_rule_m2008_3_3_2
* qk_rule_m2008_3_9_2
* qk_rule_m2008_5_0_10
* qk_rule_m2008_5_0_19
* qk_rule_m2008_5_0_2
* qk_rule_m2008_5_2_10
* qk_rule_m2008_5_2_5
* qk_rule_m2008_5_2_6
* qk_rule_m2008_5_2_8
* qk_rule_m2008_5_3_2
* qk_rule_m2008_5_8_1
* qk_rule_m2008_6_4_3
* qk_rule_m2008_6_4_5
* qk_rule_m2008_6_4_8
* qk_rule_m2008_6_5_1
* qk_rule_m2008_6_6_1
* qk_rule_m2008_6_6_4
* qk_rule_m2008_7_4_1
* qk_rule_m2008_7_5_1
* qk_rule_m2008_7_5_3
* qk_rule_m2008_8_4_4
* qk_rule_m2008_8_5_2
* qk_rule_m2008_9_6_4
* qk_rule_m2012a3_10_1
* qk_rule_m2012a3_1_4
* qk_rule_m2012a3_1_5
* qk_rule_m2012a3_17_10
* qk_rule_m2012a3_17_11
* qk_rule_m2012a3_17_12
* qk_rule_m2012a3_17_13
* qk_rule_m2012a3_17_9
* qk_rule_m2012a3_18_9
* qk_rule_m2012a3_21_11
* qk_rule_m2012a3_21_12
* qk_rule_m2012a3_21_22
* qk_rule_m2012a3_21_23
* qk_rule_m2012a3_21_24
* qk_rule_m2012a3_23_1
* qk_rule_m2012a3_23_2
* qk_rule_m2012a3_23_3
* qk_rule_m2012a3_23_4
* qk_rule_m2012a3_23_5
* qk_rule_m2012a3_23_6
* qk_rule_m2012a3_23_8
* qk_rule_m2012a3_6_3
* qk_rule_m2012a3_7_5
* qk_rule_m2012a3_8_15
* qk_rule_m2012a3_8_16
* qk_rule_m2012a3_8_17

Test cases removed from the RuleChecker QSK
* qk_aal_comment_pattern_basic 
* qk_option_remove_analysis_files 

RuleChecker QSK test case extended to C
* include-guard-missing

RuleChecker QSK test cases extended to C++
* qk_check_bitfield_signed_size
* qk_check_bitop_recast
* qk_check_boolean_invariant_expression
* qk_check_defined_generation
* qk_check_defined_usage
* qk_check_definition_duplicate
* qk_check_error_information_unused
* qk_check_function_name_usage
* qk_check_function_pointer_cast
* qk_check_goto_nesting
* qk_check_identifier_hidden
* qk_check_identifier_unique_typedef
* qk_check_include_characters
* qk_check_include_characters_sline
* qk_check_initializer_complete_strict
* qk_check_initializer_shape
* qk_check_keyword_override
* qk_check_long_suffix
* qk_check_macro_argument_hash
* qk_check_octal_escape_sequence
* qk_check_offsetof
* qk_check_pointer_qualifier_cast_const
* qk_check_precedence
* qk_check_precedence_pp
* qk_check_reserved_identifier
* qk_check_return_reference_local
* qk_check_shift_width_constant
* qk_check_static_function_declaration
* qk_check_stdlib_limits
* qk_check_stdlib_use_alloc
* qk_check_stdlib_use_ato
* qk_check_stdlib_use_getenv
* qk_check_stdlib_use
* qk_check_switch_clause_break_continue
* qk_check_switch_clause_break_return
* qk_check_trigraph
* qk_check_unary_assign_separation
* qk_check_undefined_extern
* qk_check_underlying_minus
* qk_check_undocumented_asm
* qk_check_unused_label

Last updated on 11 July 2023 by Copyright 2023 AbsInt.
An HTML version of these release notes is available at