Kwcheck output reference

From Insight-9.0

Contents 1 Introduction 2 Default output 3 Error message fields for metric threshold violations 3.1 Error message fields for usage rules

Introduction

By default, kwcheck only lists detected issues that are of "Local" origin and are in New or Analyze status.

For example, you have a connected desktop project called big_project.

The focus of your work is on a single subdirectory called big_project/dirA, which contains 10 files.

You've only worked on two of those files and now it's time to check your work:

kwcheck run big_project/dir1

You see two only issues in the list and the following summary at the end:

Summary: 2 Local
2 Total Issue(s)

The two issues you see are the ones that you injected into the project. The eight system issues you don't see were issues detected in the integration build analysis.

This default filtering allows you to easily focus on issues that you are responsible for.

There may be times however that you are tasked with fixing a system issue.

Information below provides more information about the output.

Default output

Each line in the Klocwork plain text output contains at least the following fields (the "error message" field for metric threshold violations and usage rules violations contains additional information, described in the proceeding topics):

<Issue ID> <origin> <File name>:<Line number> <Issue Code> <Status> <Message>

where

• Issue ID is the number assigned to the detected issue by Klocwork.
• Origin is a read-only indicator in desktop projects that tells you where the issue was detected. If it's "Local", the issue was introduced into the desktop project. If it's "System", the issue was detected in the integration build analysis. If your project is not connected to an integration project on the Klocwork server, then all detected issues will be tagged "Local". If the origin is System, then the System ID is also included in brackets after the local issue ID. See the example below.

  Note: You only see system issues when you use the --system option with kwcheck list.

• File name is the name of the file in which the <prob_or_viol_or_both> occurs.
• Line number indicates where the <prob_or_viol_or_both> occurs in the line specified in the Line number field.
• Issue code is a short name for the code problem. For descriptions of each of the code problems that Klocwork detects, see Detected C/C++ Issues.
• Status is a user-assigned indicator (except for the default initial status of Analyze) of how the detected issue should be handled.
• Message identifies key statements in the code, by line number, that contribute to the detected issue.

Example:

5 (Local) C:\zlib\trees.c:777 ABR Analyze Buffer overflow, array index of 'bl_tree' may be out of bounds. Array 'bl_tree' of size 39 may use index value(s) 39..65535. Also there are 2 similar errors on line(s) 777.

Error message fields for metric threshold violations

The error message field for metric threshold violations has these additional fields:

<Issue ID> <File name>: <Line number> <Metric name> <Status> Violated metric "<Metric description>": <Software entity> <Real value> <Operation> <Threshold value>

where

• Issue ID is the number assigned to the detected issue by Klocwork.
• File name is the name of the file in which the <prob_or_viol_or_both> occurs.
• Line number is the number of the line in the source code on which the <prob_or_viol_or_both> occurs.
• Metric name is the name for the metrics violation in the metric thresholds configuration file.
• Status is a user-assigned indicator (except for the default initial status of Analyze) of how the detected issue should be handled.
• Violated metrics "Metric description" is a brief description of the violated metric from the configuration file.
• Software entity is the name of the specific software entity that contains the metric violation. It can be any software entity recognized by Klocwork, such as FUNCTION, CLASS-METHOD, CLASS, FILE, or CLASS-TEMPLATE.
• Real value is the detected value of the metric in the code object.
• Operation is the logical comparison of the real value with the threshold value. It is an expression such as less than (<), equal to (=), or greater than (>).
• Threshold value is the metric threshold set in the configuration file.

Example:

6 (Local) /test_files/TC00000192.c:3 METRICS.E.cyclomatic_complexity Analyze
Violated metric "cyclomatic_complexity": foo1 21>20

The output indicates that the file TC00000192.c in line 3 violates the metric for cyclomatic complexity. The violation occurred because foo1 has a complexity rating of 21, which is higher than the threshold of 20.

Error message fields for usage rules

Usage rules violations are only shown if you or your organization is using .uconf files in the integration project on the Klocwork server or if you have imported a .uconf file into your desktop project.

The error message field for usage rules violations has these additional fields:

<Rule name>:<From> -> <To> <Relationship kind> (<Number> of <Total number>) <Expression>

where

• Rule name is the name of the rule in the usage rules configuration file
• From is the object in which the relationship originated, prefixed by a file name
• To is the object in which the relationship terminated, prefixed by a file name and, in brackets, the object type (such as FUNCTION)
• Relationship kind is the type of relationship between code entities
• Number is a number that represents the order in which the instance was found (for example, 1 of 4 means first of four instances)
• Total number is the total number of instances of this type of violation
• Expression is a logical expression in which the number on the left is the real number of violations of the rule and the number on the right is the number (threshold) specified in the rule (for example, 5>0 might mean that five relationships were found where the rule specifies that none are allowed).
• Note: The numbers in this expression may represent relationships or interfaces, depending on which was set with the count option in the usage rule.

Example:

--- Usage rule violations: Design rules ---
a.c<delimiter1>4<delimiter2>Error: no printf: a.c:{FUNCTION}a -> (undefined) :printf [FUNCTION_CALLS_FUNCTION] (1 of 2) 10>0:New:Analyze;Warning

This line means that the design rule called "no printf" was violated by function "a" from file "a.c" calling the function printf. The word "undefined" means that this function was not found inside the analyzed system (it is a system function defined in the system library). The number 10 means that there were a total of 10 violations of this rule.

The number 2 is the total number of times function printf was called from file a.c. The number 1 in "1 of 2" is the first instance of two calls that cause this violation. To print more instances (one more, in this case), <usage_details_option>. The issue was detected for the first time in this analysis and has yet to be assessed. This issue is in the category "Warning". [[category:Kwcheck Java]