CODERRECT SOFTWARE EVALUATION LICENSE AGREEMENT

IMPORTANT-READ CAREFULLY: This Single User License Agreement (“Agreement”) is a legal agreement between you (either an individual person or a single legal entity, who will be referred to in this Agreement as “You”) and Coderrect Inc. for the Coderrect software that accompanies this Agreement, including any associated media, printed materials and electronic documentation (collectively “Software”). The Software also includes any software updates, add-on components, web services and/or supplements that Coderrect Inc. may provide to you or make available to you after the date you obtain your initial copy of the Software to the extent that such items are not accompanied by a separate license agreement or terms of use. By installing, copying, downloading, accessing or otherwise using the Software, You agree to be bound by the terms of this Agreement. If you do not agree to the terms of this Agreement, do not install, access or use the Software.

GENERAL TERMS AND CONDITIONS

Coderrect Inc. grants you ONE (1) non-exclusive and non-transferable single user license for the internal use only of the Software. This license entitles the owner to install the Software on a single computer. You will not otherwise use or copy, translate, modify, adapt, decompile, disassemble or reverse engineer the Software. You agree not to use the Software in violation of any law, statute, ordinance or other regulation (including export control and unfair competition laws) or any obligation to which you are bound. 

You agree to comply with all applicable laws and regulations regarding your use of the Software. You agree to indemnify Coderrect Inc. from and against any liability that Coderrect Inc. may incur arising from your use of the Software.

You may use the Software solely to evaluate and test the Software pursuant to the terms of this Agreement during the evaluation period. Since this is evaluation Software, portions of the full use version of the Software may be withheld or unusable and use of the Software may require accessing portions of the Software remotely through the Internet.

OWNERSHIP

All patents, copyrights, trade secrets and other proprietary rights in or related to the Software are and will remain the exclusive property of Coderrect Inc., whether or not specifically recognized or perfected under the laws of the country where the Software is located. You hereby assign and agree to assign any and all rights you may have or acquire in or to the Software to Coderrect Inc. for no additional consideration. 

You will not take any action that jeopardizes Coderrect Inc.’s or its licensors’ proprietary rights or acquire any rights in the Software. Coderrect Inc. or its designee will own all rights in any copy, translation, modification, adaptation or derivation of the Software, including any improvement or development thereof. At Coderrect Inc.’s request, you will execute or obtain the execution of any instrument that may be appropriate to assign these rights to Coderrect Software or its designee or to perfect these rights in Coderrect Inc.’s or its designee’s name.

CONFIDENTIALITY

(a) Confidentiality. You acknowledge that the Software is and incorporates confidential and proprietary information developed, acquired by or licensed to Coderrect Inc.. You will take all reasonable precautions necessary to safeguard the confidentiality of the Software, and will not disclose any information about the Software or the Software evaluations or reports to any other person without Coderrect Inc.’s prior written permission. You will not allow the removal or defacement of any confidentiality or proprietary notice placed on the Software. The placement of a copyright notice on the Software will not constitute publication or otherwise impair its confidential nature.

(b) Unauthorized Use or Disclosure. You acknowledge that any unauthorized use or disclosure of the Software will cause irreparable harm to Coderrect Inc. and its licensors. If an unauthorized use or disclosure occurs, you will take all steps that are necessary to recover the Software and to prevent its subsequent unauthorized use or dissemination.

(c) Limitation. You will have no confidentiality obligation with respect to any portion of the Software that (i) You lawfully obtained from a third party under no obligation of confidentiality or (ii) became available to the public other than as a result of Your act or omission.

DISCLAIMER OF WARRANTY

UNLESS SPECIFIED IN THIS AGREEMENT, ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT THESE DISCLAIMERS ARE HELD TO BE LEGALLY INVALID.

 DISCLAIMER OF DAMAGES

TO THE EXTENT NOT PROHIBITED BY LAW, IN NO EVENT WILL CODERRECT INC. OR ITS LICENSORS BE LIABLE FOR ANY LOSS IN REVENUE, PROFIT OR DATA, OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF OR RELATED TO THE USE OF OR INABILITY TO USE THE SOFTWARE, EVEN IF CODERRECT INC. HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO EVENT WILL CODERRECT INC.’S LIABILITY TO YOU, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, EXCEED THE AMOUNT PAID BY YOU FOR SOFTWARE UNDER THIS AGREEMENT. THE FOREGOING LIMITATIONS WILL APPLY EVEN IF THE ABOVE STATED WARRANTY FAILS OF ITS ESSENTIAL PURPOSE.

TERMINATION

This Agreement is effective until terminated. You may terminate this Agreement at any time by destroying all copies of the Software. This Agreement will terminate immediately without notice from Coderrect Inc. if you fail to comply with any provision of this Agreement. Upon Termination, you must destroy all copies of Software. Upon termination, you agree to promptly de-install and delete all copies of the Software in Your possession and discontinue any further use of the Software. The parties’ rights and obligations will survive the termination of this Agreement.

MISCELLANEOUS

You and Coderrect Inc. are independent parties. Nothing in this Agreement shall be construed as making you an employee, agent or legal representative of Coderrect Inc.. 

This Agreement constitutes the complete and entire statement of all terms, conditions and representations of the agreement between you and Coderrect Inc. with respect to the Software.

If any provision of this Agreement is held to be unenforceable, This Agreement will remain in effect with the provision omitted, unless omission would frustrate the intent of the parties, in which case this Agreement will immediately terminate.

This Agreement is the entire agreement between you and Coderrect Inc. relating to its subject matter. It supersedes all prior or contemporaneous oral or written communications, proposals, representations and warranties and prevails over any conflicting or additional terms of any quote, order, acknowledgment, or other communication between the parties relating to its subject matter during the term of this Agreement. No modification of this Agreement will be binding, unless in writing and signed by an authorized representative of each party.

For inquiries please contact:

Coderrect Inc.
3206 Longmire
College Station, TX 77845, USA

V0.9.1

• The Coderrect team announces a new version of Coderrect, a super fast, precise and scalable static race detector. Coderrect software can be downloaded from the download page.
• Coderrect software is under an evaluation license.
• For more information about Coderrect, start with the product page. If you have questions or comments, please send us an email.

• Release 0.9.1 includes some small refinements to improve race detection accuracy

What’s New in V0.9.0

• Better Fortran module support and syntax compatibility.
• Incremental race comparison.
• Configuration can include other configuration files using the keyword ‘include’.
• Configuration supports ‘@’ to merge values of the same key from multiple configuration files.
• Function-oriented thread API profile (tutorial).
• Upgrade to clang/llvm-10.
• More complete call stack for inlined functions
• Improved detection accuracy on C++ vector operations
• Reentrant deadlock detection

Minimum System Requirements

Linux-based OS:

• Ubuntu 14+
• CentOS 7+
• Debian 8+

4GB+ RAM (recommended)

Previous Release Notes

V0.8.1

The latest 0.8.1 release allows the Coderrect Scanner to handle a wider variety of build environments.
Although the Coderrect Scanner uses clang internally, release 0.8.1 introduces preliminary support for analyzing projects that are built by other compilers, like icc or icpc, that use flags not recognized by clang.

V0.8.0

• Support Fortran (90, 95, and 2003), see tutorial.
• Support more OpenMP (4.5 and 5) features including sections, tasks and taskgroup.
• Support static array bound verification.
• Optimize detection performance and accuracy for both Pthreads and OpenMP races.
• Allow the user to register open-source projects in our OpenScan page.

V0.7.0

• Detect multithreaded TOCTOU issues (see tutorial).
• Better OpenMP array indirect analysis.
• Allow the user to configure customized lock-unlock functions (see the tutorial)
• Allow the user to configure non-parallel functions (see the tutorial).
• Cleanup configurations (see the complete configuration manual).
• Allow Coderrect to continue analysis even when it encounters build errors.
• Optimize detection performance.

V0.6.0

• Support C++11 std::thread APIs.
• Support C++ standard container APIs.
• Add Exhaust mode (option “-mode=exhaust”) to exhaustively detect all possible races aiming for full coverage (checkout the tutorial).
• Add Fast mode (option “-mode=fast”) to detect races as fast as possible aiming for faster detection speed (checkout the tutorial). 
• Support Ubuntu 20.04 and other Linux distributions shipped with libtinfo.6. (for older versions the libtinfo issue has been resolved)
• Support Github CI/CD integration (experimental, checkout the tutorial).
• Support Jenkins CI/CD integration (experimental, checkout the tutorial).
• The race report shows the data structure field involved in a data race.
• The race report records the configuration settings.
• Support user specified lock/unlock APIs (checkout the tutorial)
• Support analyzing multiple binaries generated by a project (checkout the tutorial).

Download a PDF version here.

Overview

Coderrect is a fast static detector for C/C++/Fortran/OpenMP multi-threaded bugs.

Coderrect identifies critical race conditions in high-performance, highly-concurrent C/C++/Fortran code. Precise location and call stack trace leading to the race are provided to help developers understand how to fix them quickly. Coderrect seamlessly integrates automated testing into your CI/CD pipelines and supports your existing development tools and workflows.

Key features

Fast and accurate analysis

• Coderrect’s “analysis without running” feature enables developers to detect race conditions without running the program. Simply prepend “coderrect” to your project build command line, and Coderrect will automatically analyze the code.
• Coderrect supports three modes: fast, normal, and full. Fast mode allows developers to analyze the project with hundreds of lines of code in tens of seconds. Full mode allows exhaustively checking all execution paths for most subtle issues.

Comprehensive reporting

• Coderrect provides developers all the information they need to understand how to fix the issues identified, including detailed descriptions, categories, shared variables, code snippets, and stack traces. 

• Developers can choose to view a terminal-based report or to generate a HTML-based detail report.

Software development life cycle integrations

• Coderrect supports native integration for Github.
• Coderrect provides plugins and integration for Jenkins.

OpenMP Support

• Specially designed analysis for OpenMP regions.
• Support for common OpenMP features:
  • parallel, for, barrier, master, single, reduction, atomic, critical, target, and more.
• Specialized array index analysis for detecting data races on arrays and matrices.
• Support for OpenMP offloaded to GPUs through the target construct.

Technical Specification

Supported Compilers

• Clang
• Intel C++
• GNU GCC/G++
• GFortran/G77
• IFORT
• Flang

Critical checks

• Atomicity violations
• Order violations
• Deadlocks
• Data races
• Time of check to time of use (TOCTOU)

Supported Operating Systems

• Ubuntu 14.04+
• CentOS 7+
• Redhat 7+
• Debian 8+
• Arch

SDLC native integrations

• Github
• Jenkins 2+

Configurations

Configurations are set in a configuration file named .coderrect.json. This configuration file should be placed in the directory where Coderrect is called.

Each configuration setting can only appear once in a configuration file, for example, you can NOT have multiple skipFunctions sections in a configuration file. 

Command Line Options (by function groups)

Configurations to control the race detection algorithm

Skip Functions

Config Coderrect to skip specified functions during race analysis.

"skipFunctions":[
    "FunctionName*",
    "FunctionOther"
] 

Check out a tutorial uses this configuration here

Indirect Functions

Config Coderrect to analyze all possible targets called in specified functions.

"indirectFunctions":[
    "FunctionName*",
    "FunctionOther"
]

Check out a tutorial uses this configuration here

Ignore Races in Functions

Config Coderrect to skip analysis specified functions.

"ignoreRacesInFunctions":[
    "std::*"
    "FunctionName*",
    "FunctionName2"
]

This configuration by default is set to skip all functions matching std::*.

Check out a tutorial uses this configuration here

Ignore Races at Locations

Config Coderrect to skip analysis on specified locations, i.e. filename and line numbers.

"ignoreRacesAtLocations": [
    "items.c:1277",
    "extstore.c:493"
],

Check out a tutorial uses this configuration here

Ignore Races by Variable Name

Config Coderrect to skip analysis on specified variables.

"ignoreRaceVariables":[
    "VariableName*",
    "VariableOtherName"
]

Check out a tutorial uses this configuration here

Set Low Priority Files

Races detected in specified files are set to a lower priority in the report, and shown lower in the report.

"lowPriorityFiles":[
    "FileName*",
    "FileNameOther"
]

Check out a tutorial uses this configuration here

Set High Priority Files

Races detected in specified files are set to a higher priority in the report, and shown lower in the report.

"highPriorityFiles":[
    "FileName*",
    "FunctionNameOther"
]

Check out a tutorial uses this configuration here

Set Low Priority Races

Races detected in specified variables are set to a lower priority in the report, and shown lower in the report.

"lowPriorityRaces":[
    "VariableName*",
    "VariableNameOther"
]

Check out a tutorial uses this configuration here

Set High Priority Races

Races detected in specified variables are set to a higher priority in the report, and shown lower in the report.

"highPriorityRaces":[
    "VariableName*",
    "VariableNameOther"
]

Check out a tutorial uses this configuration here

Mark Heap Allocation Functions

Specify functions to be treated as allocating memory.

"heapAllocFunctions":[
    "je_malloc",
    "je_calloc",
    "je_mallocx",
    "rm_malloc",
    "rm_calloc"
]

The setting show in the above example is the default setting.

Set Entry Points to Analyze Libraries

Specify entry points for libraries without a main function.

"openlib": {
    "entryPoints":[
        "FunctionName*",
        "FunctionNameOther"
    ]
}

Check out a tutorial uses this configuration here

Specify Custom Lock/Unlock APIs

Specify a list of custom lock/unlock APIs so that Coderrect can make corrrect reasoning. 

"lockUnlockFunctions": {
    "MySpinLock": "MySpinUnlock",
    "MyMutexLock": "MyMutexUnlock"
}

Check out a tutorial uses this configuration here

The default global configuration file

You can find the default global configuration file “coderrect.json” under $installDir/conf.

{
  "logger": {
    "level": "debug",
    "logFolder": "logs",
    "maximumLogFileCount": 8,
    "maximumLogFileSize": 128,
    "toStderr": false
  },

  "report": {
    "enableTerminal": false,
    "//ouputDir": "please remove // and set the right path here"
  },

  "cleanBuild":                   false,
  "analyzeAllBinaries":           false,
  "continueIfBuildErrorPresents": false,
  "//bcPaths":                    "Remove // and specify a list of comma-separated paths",
  "//analyzeBinaries":            "Remove // and specify a list of comma-separated binary names",

  "publishResults":               false,

  "mode":                         "normal",
  "enableOpenMP":                 true,
  "enableOrderViolation":         true,
  "enableAtomicityViolation":     true,
  "enableMissingAPI":             true,
  "enableFilter":                 true,
  "enableLockSet":                true,
  "enableLoopUnroll":             true,

  "raceLimit":                    25,

  "skipFunctions":                [],
  "indirectFunctions":            [],
  "ignoreRacesInFunctions":       [
        "std::*"
  ],
  "ignoreRacesAtLocations":       [],
  "ignoreRaceVariables":          [],
  "lowPriorityFiles":             [],
  "lowPriorityRaces":             [],
  "highPriorityRaces":            [],
  "heapAllocFunctions":           [
     "je_malloc",
     "je_calloc",
     "je_mallocx",
     "rm_malloc",
     "rm_calloc"
  ],
  "lockUnlockFunctions":          {},
  "notParallelFunctionPairs":     {}

  "highPriorityFiles":            [],
  "lowPriorityFiles":             [],
  "highPriorityRaces":            [],
  "lowPriorityRaces":             [],

  "openlib": {
    "entryPoints":                [],
    "limit":                      999,
  }
}

• What’s Coderrect?

Coderrect is a fast and scalable tool that finds race conditions in complex software. 

• What does Coderrect mean, and how do you pronounce it?

Coderrect is a created word by combining Code and Correct.  It simply means code-correct. Coderrect is pronounced code-rect.

• Is Coderrect stable?

Coderrect is still a development release, but getting more stable.

• What are pre-requisites to run Coderrect successfully on my project?

Coderrect requires Linux-based OS, such as Ubuntu 14+, and CentOS 7+.  

To run Coderrect, you will need to compile your code successfully without Coderrect. For example, running make/cmake/Ninja/Bazel will build your project without errors.

• How does Coderrect work internally?

Coderrect generates an intermediate representation of your source code in the form of LLVM bitcode (BC) files and then performs sophisticated static analyses based on them to find potential race conditions. 

Coderrect produces a single BC file for each build binary (an executable, a static library, or a shared library).

• Does Coderrect change my build binaries?

No. Coderrect intercepts your build commands but will not change your build targets. Running Coderrect will generate exactly the same build binaries as w/o Coderrect. 

• What source languages are supported?

Coderrect supports most common C/C++ compilers (GCC/Clang/ICC). However, internally Coderrect will use clang to generate LLVM bitcode. So, it may not work if your code does not compile with clang, here is an example showing the difference between clang and gcc.

Coderrect also supports Fortran compilers including Flang/GFortran/IFORT.

• What compilers are supported?

Coderrect has full support for C and C++ source code through GCC/Clang/ICC, and Fortran source code through Flang/GFortran/IFORT.

• Where can I find the output of the code scan results?

Besides the console output, there is an HTML file named index.html generated under ./report directory by default. You can specify the location of the report through “-o <directory>” option on the command line.

• What license is Coderrect under?

Coderrect is currently under Evaluation License, and is subject to change in the future.

• I think that I have found a bug, what should I do?

Please contact us (contact@coderrect.com).

Updated 09/30/2020