|
|
|
The column headings in the Klocwork Issues view are:
Column heading |
Displays |
Description |
the Klocwork-assigned issue type or code, such as RLK.IN, for each reported issue and a brief description. If the description is truncated in the view, just hover over it to display it completely. |
Resource |
the name of the class/file that contains the issue |
Location |
the line number where the issue occurs |
Severity |
a message that corresponds to the severity number assigned by Klocwork. A severity number of 1 (Critical) is the most serious severity, with 10 being the lowest. |
Status |
a user-assigned indicator (except for the default initial status of Analyze) of how the detected issue should be handled. It can be one of the following: Analyze, Ignore, Not a problem, Fix, Fix in Next Release, Fix in Later Release, Defer and Filter. |
Origin |
a read-only indicator in desktop projects that tells you where the issue was detected. If it's "Local", the issue was introduced into the desktop project. If it's "System", the issue was detected in the integration build analysis. If your project is not connected to an integration project on the Klocwork server, then all detected issues will be tagged "Local". |
You can group reported issues in the Klocwork Issues view by issue type, category, state, status, severity or package.
Grouping by issue type is a quick way to view the types of issues detected in your project. Klocwork assigns a unique code to each type of issue it detects and provides detailed information about the issue type in its help files.
and select Group by > Issue Type.
Tip: If grouping is enabled, you can't sort by column headings. You must disable grouping by selecting Group by > None.
.
The issue help provides more details about each type of issue detected by Klocwork.
The Klocwork Details view shows you traceback for a selected issue, allowing you to trace its root causes in the source code.
If you haven't already selected an issue, double-click the RLK.IN issue, located in Line 146 of SqlInsertRendererFromDBF.java.
The source code statement containing the issue is highlighted in the editor view, and the traceback for the issue is displayed in the Klocwork Details view:
About traceback
Traceback identifies and describes statements in the source code that contribute to issues. Traceback lines link directly to the source code and follow execution order. You can click the traceback statements to navigate through your source code to find problems that led to the issue you are viewing in the list.
Key statements that contribute to issues are marked with red rectangles and include a description of the problem.
A plus-sign to the left of a traceback statement indicates an associated call stack. You can expand the tree to navigate traceback details.
Traceback may not be available for all issues. If you don't see any traceback for the error selected from the list of issues, it means that the problem associated with the issue is confined to one line of code.
RLK.IN at Line 146 in the SqlInsertRendererFromDBF.java file
Here, the input stream is created on line 146 in SqlInsertRendererFromDBF.java and closed when the work is done. However, if the DBFReader constructor throws DBFException (line 147 – you can see it in the traceback), the stream will not be closed. It's better to place the "close" method into the "finally" block.
In the previous step, we investigated RLK.IN in SqlInsertRendererFromDBF.java at Line 146 to pinpoint the problem. Since correcting this issue is quick and straightforward we'll go ahead and fix it.
Fix RLK.IN issues
The source code is already displayed in the editor:
try {
InputStream is = new FileInputStream( calculateFileName() );
DBFReader reader = new DBFReader(is);
...
is.close();
} catch (IOException e) {
e.printStackTrace();
}
As noted when we viewed traceback for this issue, it's better to place the "close" method into the "finally" block, so that's what we'll do here.
InputStream is = null;
try {
is = new FileInputStream( calculateFileName() );
DBFReader reader = new DBFReader(is);
...
// is.close(); moved to finally block
} catch (IOException e) {
e.printStackTrace();
} finally {
if (is != null)
try {
is.close();
} catch (IOException e) {
e.printStackTrace();
}
}
The fix looks simpler, when the method throws IOException:
public void readInformation() throws IOException {
InputStream is = new FileInputStream( calculateFileName() );
try {
DBFReader reader = new DBFReader(is);
...
// is.close(); moved to finally block
} finally {
is.close();
}
}
The issue disappears from the list because default Filtering hides reported issues in Fixed state. If you want to display this issue, go to your filter settings and select Fixed in the State filter setting.
Note: The state of the issues, which was initially set to New by Klocwork, is now changed to Existing.
Typically, if there's an issue you can fix right away, you fix it. But there are those that can't be fixed right away due to time constraints or there's occasional detected issue that you don't regard as a problem. That's where statuses come in. You can tag these issues with a status that indicates how it should be handled in future. You can also add comments to Klocwork issues to include your observations.
During the initial analysis of a project, all issues are assigned the status Analyze. An issue's status remains Analyze until you change it to one of the other status values. See Issue statuses.
Change the status of specific issues
Tip: You can also select multiple issues using Shift-click or Ctrl-click.
All ESCMP.EMPTYSTR issues now have the status Ignore and include the comment. Since the default filter is set to show only issues in Analyze or Fix statuses, the ESCMP.EMPTYSTR issues disappear from the list.
In the previous step we changed the status of all reported ESCMP.EMPTYSTR issues to Ignore. Consequently, the default filters hide these issues from the list. But if instances of this issue type are detected in a later analysis for this project, they will be reported in the Klocwork Issues view in the initial status of Analyze.
If this is an issue type that you decide is not helpful for this project, you can turn it off. If you want to turn off the issue type for this project and all current and future projects, you can turn it off in your workspace. See Workspace settings and project-specific settings. We'll turn this issue type off for the project.
No future occurrences of this issue type will be reported for this project.
This tutorial, among other things, showed how to turn issues on or off for the analysis engine.
You may see instances a Klocwork reported issues that you don't regard as a problem but turning off the issue type altogether is not an option because the issue type itself is a valuable one to track. For this scenario you can either:
OR