HP UX Web Development Tools 41

Example 44 Reporting options interoperability

$ cadvise report -pdb test.pdb -diag 2549 -exclude b.c

Report generated using "HP Code Advisor C.XX.XX [Release Time]" on <machine> at <Report Time> Report command line: " cadvise report -pdb test.pdb -diag 2549 -exclude b.c"

"a.c", line 14: warning #2549-D: variable "struct_obj" is used before its value is set LocalVar = struct_obj.a

;

$ cadvise report -pdb test.pdb -include "a.c:b.c"

Report generated using "HP Code Advisor C.XX.XX [Release Time]" on <machine> at <Report Time> Report command line: " cadvise report -pdb test.pdb -summary -include a.c:b.c "

"a.c", line 14: warning #2549-D: variable "struct_obj" is used before its value is set LocalVar = struct_obj.a ;

^

"b.c", line 6: warning #2549-D: variable "b" is used before its value is set c = b;

^

"b.c", line 7: warning #2549-D: variable "a" is used before its value is set b = a;

^

In this example if any option, such as -summary, -file_summary, or -allis given in the same command line, then the -includefiltering option is ignored. The following example shows this behaviour:

Example 45 Ignoring the -includeoption

$ cadvise report -pdb test.pdb -summary -include "a.c:b.c"

report: warning: Filtering options do not affect -summary and -file_summary

Report generated using "HP Code Advisor C.XX.XX [Release Time]" on <machine> at <Report Time> Report command line: " cadvise report -pdb test.pdb -summary -include "a.c:b.c"

=============================== SUMMARY REPORT==================================

Unique warnings: 257

Duplicate warnings: 0

Sev. Count		Diagnostic Message
--------------------------------------------------------------------------------
5	1	warning #20111-D: (SECURITY) Tainted data may be used in data length computation%s
5	4	warning #20200-D: Potential null pointer dereference %s%s is detected %s
5	10	warning #20118-D: Tainted value may be used in		pointer	arithmetic expression%s
5	12	warning #20112-D: (SECURITY) Tainted data may be copied to the target buffer%s
5	20	warning #20117-D: (SECURITY) Tainted value may		be used	in array index expression%s
5	23	warning #20114-D: (SECURITY) Tainted value may		be used	in loop exit condition computation%s
3	1	remark	#2193-D: zero used for undefined preprocessing		identifier
3	2	remark	#4315-D: %s loop without body, did you	insert an extra ';'?

6.21 Report options interoperability

41

Contents

Page Page Contents Page About this document Intended audience Document conventions and symbols Related information HP encourages your comments 1 Introduction 1.1Cadvise user interface 1.2 Features 1.2.1Advanced static code analysis 1.2.2 Defect detection 1.2.3 Security vulnerability checks 1.2.4 Porting and migration 1.2.5 Detection of pre-definedor user-definedcoding guideline violation 1.2.7 Supported compilers 2 Using Cadvise 2.1Getting started 2.2 Steps in using cadvise 2.3 Invoking Cadvise 2.4 Using Cadvise as a wrapper around Compiler or Linker 2.5 Integrating Cadvise with the makefiles and build process 2.6 Enabling different categories of diagnostic messages 2.7 Generating code complexity metrics Page Page Page 2.8 Detecting violation of pre-definedor user-definedcoding guidelines Page 3 Using the Program Database (PDB) 3.1 PDB options table 3.2 Specifying the PDB location 3.3 Deleting PDB 3.4 Disabling locks in PDB operations 3.5 Removing object file information from the PDB 3.6 Creating a PDB snapshot at a specified location 3.7 Displaying PDB version 4 Using cross-fileanalysis Page Page 5 Configuring diagnostic messages 5.1 Diagnostic configuration options table 5.2 Suppressing warnings selectively 5.3 Enabling warnings selectively 5.4 Interpreting selective warnings as errors 5.5 Disabling warnings in a macro 5.6 Managing warnings in a source file 6 Generating reports 6.1Report generation options table 6.2 Generating summary reports 6.3 Generating file summary report 6.4 Generating detailed report 6.5 Generating HTML report 6.6 Generating XML report 6.7 Printing diagnostics with specific diagnostic numbers 6.8 Generating reports based on severity 6.9 Suppressing diagnostics for specific files 6.10Reporting diagnostics from specific files 6.11 Reporting program complexity metrics 6.12 Generating report for a module 6.13Suppressing report header 6.14 Modifying the default severity level of a diagnostic 6.15 Generating PDB comparison report 6.15.1 Generating summary diff report 6.15.2 Generating detailed diff report Page Page 6.16 Report options file 6.17 Generate report for migration related warnings 6.18Generating consolidated report from multiple PDBs 6.19 Generating PDB diffs with multiple PDBs 6.20 Recommended process for analyzing the diagnostic messages 6.21 Report options interoperability Page 7 Miscellaneous driver options Page Page 8 Categories of diagnostics with examples 8.1 Categories of diagnostics table 8.2Detecting generic programming errors Page Page Page Page Page 8.3 Detecting 32-bitto 64-bitmigraton issues 8.4 Detecting endianness migration issues 8.5 Detecting potential security vulnerabilities 8.6Detecting multi-threadedprogramming issues 8.7 Detecting potential performance improvement opportunities Page 9 Fixing the warnings by source change 10 Incompatibilities on PA-RISCbased systems Index