Skip to content

sonar.cxx.valgrind.reportPaths

Jump to bottom
Günter Wirth edited this page Nov 22, 2024 · 9 revisions

Overview

Sensor to read reports from the Valgrind/Memcheck tool. Memcheck detects memory-management problems, and is aimed primarily at C and C++ programs. When a program is run under Memcheck's supervision, all reads and writes of memory are checked, and calls to malloc/new/free/delete are intercepted.

Note: The cxx plugin itself does not run the tool, you have to do that yourself beforehand. The sensor only reads the report generated by the tool!

Supported versions

  • Link to the tool page: https://valgrind.org/
  • The sensor supports rules from Valgrind/Memcheck with protocol version 4.

Create report

In order to run Valgrind/Memcheck and generate a fitting report, make sure:

  • to call it from the projects root directory, so that the paths in the report fit
  • that the parameter matches the sonar.sources list in sonar-project.properties
  • that the binaries contain debug information

Sample command lines:

Tell Valgrind to generate XML output. The 'tool' option is not necessary as 'memcheck' is the default option. Make sure that the binaries contain debug information. The actual call should look something like this:

valgrind --xml=yes --xml-file=valgrind.xml <program> <arguments>

Example of a report file

If the tool was executed successfully, a report like the example below should be generated:

<?xml version="1.0"?>
<valgrindoutput>
<protocolversion>4</protocolversion>
<protocoltool>memcheck</protocoltool>
<preamble>
  <line>Memcheck, a memory error detector</line>
  <line>Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.</line>
  <line>Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info</line>
  <line>Command: /home/user/bin/64/debug/MODULE_TU_d /home/user/code/modules/MODULE/cppunit_output_dbg.xml</line>
</preamble>
<pid>20112</pid>
<ppid>20111</ppid>
<tool>memcheck</tool>
<args>
  <vargv>
    <exe>/usr/bin/valgrind.bin</exe>
    <arg>--leak-check=yes</arg>
    <arg>--xml=yes</arg>
    <arg>--xml-file=/home/user/code/modules/MODULE/valgrind_output.xml</arg>
  </vargv>
  <argv>
    <exe>/home/user/bin/64/debug/MODULE_TU_d</exe>
    <arg>/home/user/code/modules/MODULE/cppunit_output_dbg.xml</arg>
  </argv>
</args>
<status>
  <state>RUNNING</state>
  <time>00:00:00:00.277 </time>
</status>
<error>
  <unique>0x0</unique>
  <tid>1</tid>
  <kind>InvalidWrite</kind>
  <what>Invalid write of size 4</what>
  <stack>
    <frame>
      <ip>0x511DF59</ip>
      <obj>/home/user/bin/64/debug/libMODULE_d.so.1.0.0</obj>
      <fn>ns::Clazz::method(float)</fn>
      <dir>/home/user/code/modules/MODULE/src/MODULE</dir>
      <file>Clazz.cpp</file>
      <line>114</line>
    </frame>
  </stack>
  <auxwhat>Details0</auxwhat>
  <auxwhat>Details1</auxwhat>
</error>
<status>
  <state>FINISHED</state>
  <time>00:00:00:04.967 </time>
</status>
<errorcounts>
  <pair>
    <count>1</count>
    <unique>0x0</unique>
  </pair>
</errorcounts>
<suppcounts>
</suppcounts>
</valgrindoutput>

Configure cxx plugin

  1. First check if the file extensions read in by the cxx plugin are set (sonar.cxx.file.suffixes).
  2. The rules for which you want to generate issue must be activated in the Quality Profile of your project. You can find instructions on how to do this under Manage Quality Profiles.
  3. Set the analysis parameter sonar.cxx.valgrind.reportPaths in the configuration file sonar-project.properties of your project. The Report Paths link describes the configuration options.
  4. Execute the SonarScanner to transfer the project with the report to the SonarQube Server.
  5. With CXX Custom Template Rules it's possible to extend the rule repository.
  6. It is also possible to display unknown rules on the SonarQube Server.

Sample for sonar-project.properties:

sonar.cxx.valgrind.reportPaths=valgrind.xml

Troubleshooting

            Wiki Home             Issue Tracker             Releases             Contributors             License

Clone this wiki locally