Integration into building process and results preview of PVS-Studio and OCLint
Intro
Without questions, static code analysis is effective in regular usage (night checks or any other automatic checks). Automatic build control usually executes in console mode. I decided to study the possibilities to integrate into build systems and ease of results viewing of PVS-Studio 5.19 and OCLint 0.8.1.
PVS-Studio run parameters
The fragment of Makefile with analyzer run:
...
.cpp.o:
$(CXX) $(CFLAGS) $(WFLAGS) $(DFLAGS) $(BIT) $(INCLUDES) $< -o $@
PVS-Studio —cfg PVS-Studio.cfg —source-file $< —cl-params $(CFLAGS) $(WFLAGS) $(DFLAGS) $(BIT) $(INCLUDES)
...To reduce the size of this line I hid part of parameters in configuration file (for instance, PVS-Studio.cfg):
#Do not check system headers
exclude-path = C:\Program Files
exclude-path = C:\Program Files (x86)
#Log file
output-file = D:\SampleProject\SampleProject.log
#Project directory for relative path
sourcetree-root = D:\SampleProject
preprocessor = gcc
new-output-format=yes
platform = Win32
language = C++11OCLint run parameters
The fragment of Makefile with analyzer run:
…
.cpp.o:
$(CXX) $(CFLAGS) $(WFLAGS) $(DFLAGS) $(BIT) $(INCLUDES) $< -o $@
oclint -report-type text -o D:\SampleProject\SampleProject.txt $< — $(CFLAGS) $(WFLAGS) $(DFLAGS) $(BIT) $(INCLUDES)
…Analyzers output
Both analyzers log messages into given text file. Without giving path to text file output is printed into the console.
An example of OCLint log:
OCLint Report
d:\SampleProject\sample.cpp:16:5: collapsible if statements P3
d:\SampleProject\sample.cpp:19:13: dead code P2
d:\SampleProject\sample.cpp:3:2: short variable name P3 Variable name with 1 characters is shorter than the threshold of 3
d:\SampleProject\sample.cpp:10:3: short variable name P3 Variable name with 1 characters is shorter than the threshold of 3
d:\SampleProject\sample.cpp:15:5: short variable name P3 Variable name with 1 characters is shorter than the threshold of 3
d:\SampleProject\sample.cpp:15:5: short variable name P3 Variable name with 1 characters is shorter than the threshold of 3
d:\SampleProject\sample.cpp:3:2: unused local variable P3 The local variable ‘a’ is unused.
d:\SampleProject\sample.cpp:10:3: unused local variable P3 The local variable ‘a’ is unused.An example of PVS-Studio log:
Viva64-EM<#~>full<#~>6<#~>|?|\sample.cpp<#~>error<#~>V667<#~>The ‘throw’ operator does not possess any arguments and is not situated within the ‘catch’ block.<#~>false<#~>1<#~> {<#~> throw;<#~> }<#~>
Viva64-EM<#~>full<#~>275<#~>|?|\sample.h <#~>error<#~>V112<#~>Dangerous magic number 4 used: …Fingerprint[4];.<#~>false<#~>2<#~> unsigned char nDepth;<#~> unsigned char vchFingerprint[4];<#~> unsigned int nChild;<#~>Other log formats
OCLint allows saving log in html, xml, json и pmd formats.
HTML OCLint log example:
PVS-Studio analyzer has PVS-Studio Standalone utility, which allows to watch unparsed analyzer logs and to save them in XML format. Its main feature is a possibility to navigate to corresponding suspicious fragment in source code.
An example of PVS-Studio Standalone usage:
General impressions
This article is not about comparison, but I want to mention that I enjoyed PVS-studio much more. It gave a lot more useful warnings and founded some real mistakes.
Conclusion
These analyzers can be integrated into various build systems if needed. PVS-studio features small code fragments in text log, utilities for navigation in source code and warning sorting. PVS-studio XML log can also be viewed in Visual Studio.
Links
- OCLint analyzer. http://oclint.org/
- PVS-Studio analyzer. http://www.viva64.com/
- Direct integration of the PVS-Studio analyzer into build automation systems. http://www.viva64.com/en/d/0007/
