Our website uses cookies to enhance your browsing experience.
Accept
to the top
>
>
Integration of PVS-Studio analysis resu…
menu mobile close menu
Analyzer diagnostics
General Analysis (C++)
General Analysis (C#)
General Analysis (Java)
Micro-Optimizations (C++)
Diagnosis of 64-bit errors (Viva64, C++)
Customer specific requests (C++)
MISRA errors
AUTOSAR errors
OWASP errors (C++)
OWASP errors (C#)
Problems related to code analyzer
Additional information
toggle menu Contents

Integration of PVS-Studio analysis results into CodeChecker

Oct 31 2024

CodeChecker is a static analysis infrastructure on Linux and macOS. It enables you to seamlessly view and handle PVS-Studio analysis results.

How to install CodeChecker

To run CodeChecker, create the Python virtual environment (versions >= 3.8) and install the tool using the pip package manager:

python3 -m venv .venv
source ./.venv/bin/activate
pip3 install codechecker

The PVS-Studio analyzer support in the built-in report-converter tool will appear in the CodeChecker 6.25.0 version, but you can use PVS-Studio with CodeChecker now. To do this, clone the tool source code from the GitHub repository and then install the latest version of the report-converter component from the repository into the virtual environment that was created in the previous step:

cd tools/report-converter/
python setup.py install

To display the severity of the PVS-Studio diagnostic rules correctly, download the CodeChecker.json file and add it to the Python virtual environment at the .venv/share/codechecker/config/labels/analyzers path with the pvs-studio.json name.

To start the CodeChecker web server, run the following command:

CodeChecker server

The default CodeChecker web server address is http://localhost:8001.

Read more about other ways to install and deploy CodeChecker in the checker documentation.

How to convert report to CodeChecker format

To handle a PVS-Studio report in CodeChecker, convert it to the required format. You can use report-converter, a built-in CodeChecker tool.

Note that report-converter can convert only the PVS-Studio JSON report. To convert PVS-Studio report of another format to JSON or filter warnings, use PlogConverter.exe for Windows and plog-converter for Linux/macOS:

An example of the PVS-Studio report conversion command using plog-converter (Linux/macOS):

plog-converter -t json -a 'GA:1,2;OWASP:1' 
   -o /home/user/Logs/PVS-Studio.json PVS-Studio.log

An example of the PVS-Studio report conversion command using PlogConverter.exe (Windows):

PlogConverter.exe -t Json -a 'GA:1,2;OWASP:1' -o /home/user/Logs 
                  -n PVS-Studio PVS-Studio.plog

To convert the PVS-Studio report to the CodeChecker format, run the following command:

report-converter -t pvs-studio -o ./pvs_studio_reports ./PVS-Studio.json

The -t flag indicates the format of the input report, -o indicates the directory with saved converted warnings. Read more about the other features of report-converter in the documentation.

To save the converted report on the web server for further work, run the following command:

CodeChecker store ./codechecker_pvs_studio_reports -n default

After the -n flag, pass the name of the CodeChecker run.

How to view PVS-Studio report

Now a run with the specified name appears in the list of runs for the project.

CodeChecker/image1.png

To view a list of warnings for the project, click its name:

CodeChecker/image2.png

On the page, you can filter and sort warnings by certain parameters, such as severity level or diagnostic rule name.

To see for what code fragment the warning was issued, click the specific warning location:

CodeChecker/image3.png

On the same page, you can change the Review status of the opened warning. The feature can be useful for marking analyzer warnings after the analysis. You can assign one of the following statuses to each warning:

  • Confirmed bug means that the warning is true and needs to be fixed;
  • False positive means that the warning is false;
  • Intentional means that the warning is true but doesn't need to be fixed.

If a warning is marked as False Positive, it will be excluded from the report in all future runs.

New warnings are marked with a special icon in the list. You can also view the difference between individual runs:

CodeChecker/image4.png

After clicking the Diff button, you can see only the list of the warnings that differ from each other:

CodeChecker/image5.png

close form

Fill out the form in 2 simple steps below:

Your contact information:

Step 1
Congratulations! This is your promo code!

Desired license type:

Step 2
Team license
Enterprise license
** By clicking this button you agree to our Privacy Policy statement
close form
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
* By clicking this button you agree to our Privacy Policy statement

close form
Free PVS‑Studio license for Microsoft MVP specialists
* By clicking this button you agree to our Privacy Policy statement

close form
To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

close form
I am interested to try it on the platforms:
* By clicking this button you agree to our Privacy Policy statement

close form
check circle
Message submitted.

Your message has been sent. We will email you at


If you do not see the email in your inbox, please check if it is filtered to one of the following folders:

  • Promotion
  • Updates
  • Spam