What's new in Klocwork 2026.2
Released June 2026
Here are the highlights for Klocwork 2026.2. If you're upgrading Klocwork, see the Limitations for items that might affect your upgrade or use.
New features and enhancements
This release includes the following enhancements.
Query multiple defects with the MCP Desktop server
The MCP Desktop server now includes the kw_list_defects tool, which allows you to use natural language for queries across multiple defects. Where previously you could only fetch a single defect by its ID, now agents can respond to requests such as Show me all critical defects in this file or How many unresolved CERT issues are there?
kw_list_defects supports filtering by severity, status, taxonomy, scope, file path, and checker code. It returns structured results with a summary suitable for agent-driven workflows.
To learn more, see List Klocwork defects.
Enjoy enhanced usability for quality gate configuration
You can now assign quality gates during project creation or editing in Validate. A quality gate is applied only to valid terms; unsupported terms are excluded during evaluation. Both the unsupported terms and the effective quality gate parameters are displayed in Validate.
For more information, see CI quality gates.
Experience better storage efficiency for MySQL entity data
MySQL entity data storage and loading has been optimized to improve load times and reduce database storage use. You may notice performance gains in both speed and size; benefits vary by project. Due to required data transformations, some project migrations may take longer in this release.
Discover faster load times and improved storage efficiency
You can now skip loading entity signatures in projects, by setting skip_entity_signatures=true as a project setting with kwadmin set-project-property. This improves build load performance and reduces total disk usage.
When this option is enabled, entity signatures (for example, method signatures) are not shown in XRef views or the Complexity Details report; only entity names are displayed.
For more information, see Reference for integration project and build properties.
Find added support for IntelliJ IDEA up to 2025.3.5
Klocwork now supports IntelliJ IDEA 2025.3 (up to 2025.3.5). You can dismiss messages stating that RuntimeExceptionWithAttachments has occurred, since this does not affect plugin configuration, analysis, or defect display.
For more information on supported Java IDEs, see Supported IDEs.
Static analysis improvements
Performance
In this release, you'll find performance improvements for the following:
-
A new option that enables parallel processing for trace file–to–build specification conversion
-
Issue suppression configuration (sconf) files
Coding standards
In this release, you'll find enhancements to the following taxonomy rules and recommendations:
-
MISRA C:2023 required rules (100% coverage)
-
C++ Core Guidelines (new community support)
Checkers
New checkers
| Checker | Description |
|---|---|
|
MISRA.ATOMIC.MEMBER.ACCESS.2023 |
This MISRA checker flags direct access to structure or union members of atomic objects, which can bypass atomic protections and introduce data races. |
|
MISRA.ATOMIC.VOID.QUALIFIER.2023 |
This MISRA checker detects use of the |
|
MISRA.C_SYNTAX.ANONYMOUS.UNION.2012 |
This MISRA checker flags use of anonymous unions because they are not permitted by standard C syntax for the applicable language. |
|
These MISRA checkers flag when the program contains violations of the standard C syntax and constraints, and exceeds the implementation's translation limits. |
|
MISRA.CONC.RESOURCE.DESTROY_WHILE_USE.MIGHT.2023 |
This MISRA checker flags cases where thread synchronization objects or thread-specific storage are destroyed before all threads that access them have terminated. |
|
MISRA.ETYPE.INAPPR.OPERAND.2023 |
This MISRA checker adds a restriction on the use of essentially complex floating-point types with relational and increment or decrement operators. This checker is applicable only to the modern engine. |
|
MISRA.MEMORDER.SEQ_CST.2023 |
This MISRA checker executes memory synchronization operations in a sequentially consistent order. |
|
MISRA.MTX_TIMEDLOCK.TYPE.2023 |
This MISRA checker requires that the Standard Library function |
|
MISRA.STDLIB.MUTEX.DBL_LOCK.2023 |
These MISRA checkers flag when non-recursive mutexes are recursively locked. |
|
MISRA.STDLIB.MUTEX.NO_LOCK.2023 |
This C checker flags cases where a thread unlocks a mutex or calls |
|
MISRA.STDLIB.MUTEX.NO_UNLOCK.2023 |
This MISRA checker flags paths where a thread locks a mutex but can exit before explicitly unlocking that same mutex, which can leave the lock held indefinitely and cause undefined behavior. |
|
MISRA.THREAD.JOIN.DETACH.2023 |
This MISRA checker flags thread objects that are joined or detached more than once, or subjected to one operation after the other, because rejoining or redetaching a previously handled thread causes undefined behavior. |
|
MISRA.THREAD.SYNC.CONDITION.SINGLE_MUTEX.2023 |
This MISRA checker requires that a condition variable shall be associated with at most one mutex object to prevent undefined behavior when the same condition variable is used with different mutexes by multiple threads. |
|
MISRA.THREAD_OBJ.STORAGE.DURATION.2023 |
This MISRA checker flags C11 thread objects, synchronization objects, and thread-specific storage pointers that use automatic or thread storage duration, because their lifetime can become invalid across thread execution and lead to dangling accesses. This checker is applicable only to the modern engine. |
Modified checkers
| Checker | Description |
|---|---|
|
AUTOSAR.LAMBDA.REF_LIFETIME |
Reduced false positives for the checker |
|
CXX.ID_VIS.GLOBAL_VARIABLE.* |
Fixed a defect-matching issue for the checkers to prevent inconsistent IDs across streams |
|
FUNCRET.GEN |
Reduced false positives for the checker |
|
INVARIANT_CONDITION.* |
Reduced false positives for the checkers |
| MISRA.INIT.DESIGNATOR_LIST.2023 |
Reduced false positives for the checker |
|
MISRA.OBJ.FUNC.PARAMS.IDENT. |
Fixed an unhandled exception in the linker caused by the checker |
| MISRA.THREAD.OBJECT.MUTEX.2023 | Improved the trace message |
|
PY3.C0204 |
Reduced false positives for the checker |
Taxonomies
As part of the installation, you will find several custom taxonomy files that map Klocwork checkers to coding standards such as MISRA, CWE, OWASP, and DISA STIG.
| Taxonomy | Improvements |
|---|---|
|
cpp_core_guidelines_community.tconf and cpp_core_guidelines_community_ja.tconf |
Added new taxonomies for the C++ Core Guidelines. |
|
cwe_all_cxx.tconf and cwe_all_cxx_ja.tconf |
Added or modified checker mappings to the following rules:
|
|
disa_stig_v5_cxx.tconf and disa_stig_v5_cxx_ja.tconf |
Added or modified checker mappings to the following rules:
|
|
misra_c_2012_with_amd2_c11.tconf and misra_c_2012_with_amd2_c11_ja.tconf misra_c_2012_with_amd2_c90.tconf and misra_c_2012_with_amd2_c90_ja.tconf misra_c_2012_with_amd2_c99.tconf and misra_c_2012_with_amd2_c99_ja.tconf |
Added or modified checker mappings to the following rules:
|
|
misra_c_2023_c11.tconf and misra_c_2023_c11_ja.tconf misra_c_2025_c11.tconf and misra_c_2025_c11_ja.tconf |
Added or modified checker mappings to the following rules:
|
|
misra_c_2023_c90.tconf and misra_c_2023_c90_ja.tconf misra_c_2023_c99.tconf and misra_c_2023_c99_ja.tconf misra_c_2025_c90.tconf and misra_c_2025_c90_ja.tconf misra_c_2025_c99.tconf and misra_c_2025_c99_ja.tconf |
Added or modified checker mappings to the following rules:
|
|
perforce_qac.tconf and perforce_qac_ja.tconf |
Renamed the taxonomies from perforce_qac_c_cpp.tconf and perforce_qac_c_cpp_ja.tconf to perforce_qac.tconf and perforce_qac_ja.tconf |
Compilers
You'll find additional or improved support for the following compilers:
- Clang
- Clang-cl
- cl (Microsoft Visual Studio compiler)
- GCC
- ccac (Synopsys ARC MetaWare compiler)
- icc, icpc
- llvm-ar mcx (Microtec compiler)
- qdsp-gcc, qdsp-g++, hexagon-gcc, hexagon-g++, qdsp6-gcc, qdsp6-g++ (Hexagon)
-
rustc (Rust compiler)
-
Tensilica Xtensa C/C++
For the full list of supported C and C++ compilers, see C/C++ compilers supported for build integration.
Licensing
Klocwork supports Reprise License Manager (RLM).
- 2025 licenses are not compatible with Klocwork 2026.1 or newer. To use the latest version of the product, obtain a new license by contacting license@perforce.com. For more information, see Supported versions of RLM and Operating systems that support RLM dongles.
- The RLM command line utility
rlmstatcan be installed from the Validate or RLM license server package.
Changes to system requirements
We added support for the following environments:
-
Amazon Linux 2 (2.0.20260515.0 Update)
-
Ant 1.10.17
-
CLion 2025.2 (up to 2025.2.6.1) 2025.3 (up to 2025.3.5) 2026.1 (up to 2026.1.2)
-
Debian 12.14, 13.0 to 13.5
-
Eclipse 4.39 (2026-03)
-
glibc 2.43
-
Google Chrome 137.x to 148.x
-
Gradle 8.14.5
-
IntelliJ IDEA 2024.3 (up to 2024.3.7.1), 2025.3 (up to 2025.3.5)
-
Java 21
-
Maven 3.9.16
-
Microsoft Edge 137.x to 148.x
-
Mozilla Firefox 140.x to 151.x
-
openSUSE Leap 16.0
-
RHEL 9.8, 10.2
-
SUSE Enterprise 16.0
-
Ubuntu 26.04 LTS
-
Visual Studio 2017 up to 15.9.79, 2019 up to 16.11.56, 2022 up to 17.14.33
-
Visual Studio Code 1.121
We ended support for the following environments:
-
Google Chrome 134.x to 136.x
-
Microsoft Edge 134.x to 136.x
-
Mozilla Firefox 136.x to 139.x
-
openSUSE Leap 15.6
-
SUSE Enterprise 15 SP5 to SP6
-
Visual Studio Code 1.100.3
-
Windows 10 v22H2
-
Windows Server 2016
For the complete list of supported versions, see the System Requirements.
Deprecations
-
Release
2026.2+: Support for Structure101 ended in 2024.3 and has been removed in 2026.2. -
Release
2026.1+: The hybrid analysis engine has been removed from the Klocwork plugin for Visual Studio. -
Release
2025.4+: The Klocwork Static Analysis plugin for Visual Studio is no longer provided or supported for Visual Studio 2015 in alignment with Microsoft's end of extended support for Visual Studio 2015.