{"id":366,"date":"2018-02-26T16:42:37","date_gmt":"2018-02-26T16:42:37","guid":{"rendered":"http:\/\/cppdepend.com\/blog\/?p=366"},"modified":"2018-02-26T16:42:37","modified_gmt":"2018-02-26T16:42:37","slug":"make-the-most-of-cppcheck","status":"publish","type":"post","link":"https:\/\/cppdepend.com\/blog\/make-the-most-of-cppcheck\/","title":{"rendered":"Make the most of CppCheck."},"content":{"rendered":"<p>Static code analysis is the process of detecting flaws in software\u2019s source code. \u00a0The static analysis tools are useful to detect common coding mistakes; here are some benefits from using them:<\/p>\n<ul>\n<li>Make the code source more readable and maintainable.<\/li>\n<li>Prevent unexpected behavior at runtime.<\/li>\n<li>Optimize the execution.<\/li>\n<li>Make the code more secure.<\/li>\n<\/ul>\n<p><!--more--><\/p>\n<p>In the C++ world Cppcheck is the most popular tool to detect the issues in your C++ code base. Several ways exist to explore\u00a0the result of cppcheck<\/p>\n<p>\u2022<strong>\u00a0XML format<\/strong>: XML files could be generated from cppcheck, and it can be used to create a customized HTML report or used by another tool to explore\u00a0the analysis result.<\/p>\n<p>\u2022\u00a0<strong>HTML format<\/strong>: HTML report is very suitable way to present the cppcheck issues; it can be\u00a0stored in a server and shared by\u00a0the team.<\/p>\n<p>\u2022\u00a0<strong>IDE Plugins<\/strong>:\u00a0Many cppcheck plugins exsit, to explore the issues from the IDE.<\/p>\n<p>Few years ago, we added in\u00a0<a href=\"http:\/\/www.cppdepend.com\/\">CppDepend\u00a0<\/a>the feature of importing the result of other tools, and query them from CppDepend. We asked Daniel, the lead developer of Cppcheck, if we could integrate his tool inside CppDepend. He replied:\u201d a battery of tools is better than using 1 tool. Therefore, there\u2019s no problem if we embed his tool.\u201d<\/p>\n<p>Let\u2019s discover the possibilities that CppDepend provides to the cppcheck users:<\/p>\n<p><strong>1) Query the issues \u00a0with CQlinq<\/strong><\/p>\n<p>Using CQLinq permits to query the issues like a database. For example, you can get all the cppcheck issues:<\/p>\n<p><a href=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck2.png\"><img decoding=\"async\" class=\"aligncenter\" src=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck2.png\" alt=\"cppcheck2\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>Or get the most recurrent issues:<\/p>\n<p><a href=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck3.png\"><img decoding=\"async\" class=\"aligncenter\" src=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck3.png\" alt=\"cppcheck3\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>Moreover, it\u2019s interesting also to identify the\u00a0classes having most issues:<\/p>\n<p><a href=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck4.png\"><img decoding=\"async\" class=\"aligncenter\" src=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck4.png\" alt=\"cppcheck4\" \/><\/a><\/p>\n<p>The previous query is interesting, but it does not give us exactly the classes with lack of quality, another useful metric to take into account is the NBLinesOfCode. We can modify the previous request to calculate the ratio between the Issues count and the NBLinesofCode.<\/p>\n<p><a href=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck6.png\"><img decoding=\"async\" class=\"aligncenter\" src=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck6.png\" alt=\"cppcheck6\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>We can also search for the most used methods having issues. Bugs in such methods must have a high priority to resolve.<\/p>\n<p><a href=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck12.png\"><img decoding=\"async\" class=\"aligncenter\" src=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck12.png\" alt=\"cppcheck12\" \/><\/a><\/p>\n<p><strong>2) Generate Issues Trend<\/strong><\/p>\n<p>Having issues in a project is not an exception; any project could have many problems to resolve. However, we have to check the quality trend of the project. Indeed it\u2019s a bad indicator if the number of issues grows after changes and evolution. CppDepend\u00a0provides the Trend Monitoring feature to create trend charts.<\/p>\n<p>Trend charts are made of trend metrics values logged over time at analysis time. More than 50 trend metrics are available per default and it is easy to create your own trend metrics.<\/p>\n<p>With this trend chart we can monitor the evolution of the Cppcheck issues:<\/p>\n<p><a href=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck7.png\"><img decoding=\"async\" class=\"aligncenter\" src=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck7.png\" alt=\"cppcheck7\" \/><\/a><\/p>\n<p><strong>3- Generate custom HTML report<\/strong><\/p>\n<p>CppDepend\u00a0makes possible appending extra report sections in the HTML report that lists some CQLinq queries.<br \/>\nIn the CQLinq Query Explorer panel, a particular CQLinq reported group \u00a0is bordered with an orange rectangle.<\/p>\n<p><a href=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck10.png\"><img decoding=\"async\" class=\"aligncenter\" src=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck10.png\" alt=\"cppcheck10\" \/><\/a><\/p>\n<p>And in the HTML report these added sections are accessible from the menu:<\/p>\n<p><a href=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck11.png\"><img decoding=\"async\" class=\"aligncenter\" src=\"http:\/\/www.codergears.com\/Blog\/wp-content\/uploads\/cppcheck11.png\" alt=\"cppcheck11\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p><strong>4- Integrate cppcheck into the build process<\/strong><\/p>\n<p>CppDepend comes with the notion of\u00a0Critical CQLinq Rule. Critical rules represent a mean to define high priority rules that must never be violated. With critical rules, it is possible to break the Build Process when a critical rule violation occurs.<\/p>\n<p>A critical rule is just a CQLinq rule with the flag\u00a0<i>Critical Rule<\/i>\u00a0checked:<\/p>\n<p><img decoding=\"async\" id=\"ctl00_MyContentPH_Image1\" class=\"aligncenter\" src=\"http:\/\/cppdepend.com\/Doc\/CI_CriticalRule\/CriticalRuleDef.png\" alt=\"\" \/><br \/>\nAt Build Process time, when a critical rule is violated the process\u00a0<a href=\"http:\/\/cppdepend.com\/CppDepend.Console.aspx\">CppDepend.Console.exe<\/a>\u00a0returns a non-zero exit code.\u00a0This behavior can be used to break the Build Process if a critical rule is violated.<\/p>\n<p>We can easily define a cppcheck critical rule to break the build if \u00a0kinds of cppcheck issues are found.<\/p>\n<p><strong>Summary<\/strong><\/p>\n<p>CppDepend\u00a0is open to other static analysis tools, and you can also plug your customized tool easily as described\u00a0<a href=\"http:\/\/cppdepend.com\/Doc_custom_plugin.aspx\">here<\/a>. This way you can use all the CppDepend\u00a0features to explore\u00a0better the result from the known C\/C++\u00a0static analysis tools.<\/p>\n<p>And a special Thanks to Daniel who authorizes us to embed his amazing tool inside CppDepend.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Static code analysis is the process of detecting flaws in software\u2019s source code. \u00a0The static analysis tools are useful to detect common coding mistakes; here are some benefits from using them: Make the code source more readable and maintainable. Prevent unexpected behavior at runtime. Optimize the execution. Make the code more secure.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-366","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/cppdepend.com\/blog\/wp-json\/wp\/v2\/posts\/366","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cppdepend.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cppdepend.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cppdepend.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cppdepend.com\/blog\/wp-json\/wp\/v2\/comments?post=366"}],"version-history":[{"count":3,"href":"https:\/\/cppdepend.com\/blog\/wp-json\/wp\/v2\/posts\/366\/revisions"}],"predecessor-version":[{"id":490,"href":"https:\/\/cppdepend.com\/blog\/wp-json\/wp\/v2\/posts\/366\/revisions\/490"}],"wp:attachment":[{"href":"https:\/\/cppdepend.com\/blog\/wp-json\/wp\/v2\/media?parent=366"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cppdepend.com\/blog\/wp-json\/wp\/v2\/categories?post=366"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cppdepend.com\/blog\/wp-json\/wp\/v2\/tags?post=366"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}