Getting started with Klocwork Desktop for Java

Klocwork Desktop helps you detect and fix issues before check-in.

Klocwork Desktop is a GUI alternative to the command-line desktop analysis tool, kwcheck. Like kwcheck, Klocwork Desktop is for developers using IDEs and text editors that aren't supported in the form of an IDE plug-in.

If you access your source code and compilers remotely, use Klocwork Desktop in remote mode .

Set up a local project

For each coherent, buildable component that you work on, create a local project -- a repository for your analysis results and settings. You need to set up a project only once for each component you work on.

You get the most from static code analysis when you connect a small local project to a larger project on the Klocwork Server. The small local project is analyzed quickly while incorporating Klocwork knowledge bases generated on the server where additional source files were analyzed (for example, shared libraries). Connecting to a server project also allows you to share issue status information with the integration build analysis and among team members. You can run a standalone desktop analysis, but the analysis only derives knowledge from the local project's source files.

You perform this step only once for each project.

Project setup includes capturing build settings. Klocwork uses a build specification to perform an analysis. The build specification contains a list of the project's source files and their compiler options (includes and defines).

  1. From the command line, run kwgcheck or use the desktop shortcut.
  2. From the toolbar, click Image:KD_create_project_icon.png.
  3. Enter a name for your project.
  4. If desired, specify a location for your project. By default, Klocwork creates the project in <home_directory>/klocwork_projects/<project_name>. Make sure the location you choose has sufficient storage space, because the project can become large over time.
  5. In the Type section, Connected project is automatically selected.
  6. Enter the Klocwork Server host and port information if required and click Next.
  7. In the Server project name list, select the server project to connect to.
  8. Enable the Use secure connection checkbox if a secure connection to the Klocwork Server has been set up.
  9. Click Next.
  10. The Build Settings dialog appears with the message: The project has no build settings.

    Copy the command line beginning with "kwant" from this message, and run the command.

    The command will capture build settings for your module, create a build specification, and store it in the .kwlp directory, so that Klocwork Desktop will find it.

    Important: If you have already created a build specification with kwant and stored it elsewhere, you need to import the build specification into this project on the command line with kwcheck import.

    More on build specifications

Analyze your code

In Klocwork Desktop, you should now see a list of files in the Project Navigator.

  1. Click Image:Klocwork check icon_new.png in the toolbar.

    The Configure Working Set dialog appears.

  2. Select all files in your project by checking the root directory. (Later, you may want to create a smaller working set).
  3. Give your working set a name (such as "All").
  4. Click Run.

You see the analysis output in the Log Console, and if issues are detected, you see the Issues view with a list of issues.

Investigate detected issues

  1. Double-click an issue in the Issues view to display the Details view.
  2. Use Traceback information to investigate the issue. To see traceback, click Image:Orange_rectangle_Eclipse.png or Image:defect_icon_Eclipse.png . Traceback lines link to events that contributed to the issue. Clicking a line in the traceback brings up the location in the file where the issue appears, with a bug marker on the left.
  3. Get help on an issue type by right-clicking the issue in the Issues view and selecting More information.

Fix defects and ignore the rest

For a real defect:

  1. Fix the issue in your code and save your changes.
  2. Run the analysis again by clicking Image:Klocwork check icon_new.png.

    If the issue disappears from the list, it's fixed.

For an issue that doesn't need to be fixed:

  1. Right-click the issue in the list and select Change Status > Ignore.
  2. Enter a comment and click OK.

If you're connected to a project on the Klocwork Server, your changes are now visible to other developers, and in Klocwork Static Code Analysis. Your desktop project is also updated with any changes made by other developers. This happens even before another integration build analysis has been run.

Keep your build specification up to date

Whenever you add files or change build settings, recreate your build specification with kwant. Save the build specification to your .kwlp directory. If your build specification is out of date, the analysis will not be accurate.