Tuesday, 23 August 2011

Static Analysis with C/C++ and Rational Team Concert

To recap: As i have done with my previous posts, this one is also building upon the previous post.  As this chain of posts is getting quite large now, I think its a good time to list them again here:
  1. OSLC Development using C/C++ and Rational Team Concert (Part 1)
  2. Open Services for Lifecycle Collaboration (OSLC) (a short intro)
  3. OSLC Development using C/C++ and Rational Team Concert (Part 2)
  4. Automated builds using C/C++ and Rational Team Concert
In the last post, (4), I went over how to create an automated build with the Jazz build engine and Rational Team Concert. In this post we will enhance that build to include a static analysis of the code. To be honest, the sample code is not very interesting from this perspective but we will get some reports which is the important thing for this demonstration.

There are other static analysis tools out there that plug into eclipse including CODAN (include in CDT 8.0), cppcheck as well as commercial ones. You could actually use any of them in this scenario if you understand how to launch them from the command line and generate some interesting output. For the purposes of this exercise I will use Rational Software Analyzer (RSAR) 7.1 Enterprise Edition which is a plugin for eclipse 3.4. I am using it because it produces some nice output that I can attach to the build in two ways: 1) Through a link to the RSAR server and 2) I also have a package of results in XML format without needing to do much. 3) Comes with a 30 day trial so you can start with it right away.

RTC 3.0.1 only works with 3.5/Galileo, 3.6/Helios (I even got it to work on 3.7/Indigo) but not 3.4/Ganymede so we will need to install RTC client into RSAR 7.1 to be able to open RTC projects (even though you will not be able to connect to the RTC 3.0.1 server).

Ok.. first we need to set up our environment.

-Default options are perfect

2. Download and Install RTC into the SAME package group as RSAR 7.1

You may need to tweak the server.xml for RSAR 7.1 Enterprise server to change the SHUTDOWN port. For example in this file:

C:\Program Files \IBM\RSAREE\tomcat\conf\server.xml

<Server port="9005" shutdown="SHUTDOWN">


<Server port="9006" shutdown="SHUTDOWN">

3. Start the RSAR Enterprise server.

Now we need to prepare our project:

1. Let create a rule file for the static analysis. Launch RSAR and select the same workspace you loaded the OSLC Consumer project into. Mine is C:\workspace for example.Also:
- You may need to shutdown the RTC 3.0.1 client if it is running. 
- If you have the RTC client installed into RSAR properly you RSAR will error telling you that you cannot connect RTC to RTC 3.0.1 server. That's ok, we dont care. Ignore it and Press "OK".
- If RSAR pops up large dialog complaining about workspace consistency.. also ignore it and select "Repair Later"

2. At this point you should see the OSLC Consumer Project.. if not switch to the C/C++ perspective.

3. Right click on the project->Software Analyzer->Software Analyzer Configurations...

4. Create a new configuration call "OSLC Consumer". Make sure the OSLC Consumer Project is in Scope.

5. Select all the C/C++ rules as below:

6. Now click the "Export" button and save the project into the OSLC Consumer Project directory as "OSLC Consumer.dat"

7. Click Close. (You could analyze here if you want but we will do it as part of our build.)

8. Close RSAR 7.1.

We are done it terms of configuration RSAR to analyze our code. If we wanted to change the rules or create different rules we would follow the same procedure as above. We need to check in the .dat file into RTC and modify our build to run a static analysis after compilation. After compilation makes more sense because if the code doesn't compile, its not worth to do a static analysis on it anyway.

1. Launch RTC 3.0.1 Client

2. You may again see the large dialog with the "Crash detected' message. This time you should click "Repair Now".

3.  We will create a new makefile for the JBE build that includes the static analysis
-We could also include this as part of our local build as it is a subset of the build file we will use here.

4. Download the new JBEMakefile, copy it into your OSLC Consumer Project directory and add it to the project and deliver it into the SCM.

Lets review the changes we have made here. You may need to tweak the JBEMakefile including:

CLASSPATH = C:/jazz/buildsystem/buildengine/eclipse/plugins/org.apache.ant_1.7.1.v20090120-1145/lib/ant-launcher.jar
JAZZ_TOOLKIT = C:/jazz/buildsystem/buildtoolkit
JAVA = C:\Progra~2\IBM\Java60\bin\java

You should adjust these according to your environment.  Also note that we could of made these build properties in the same way as "repositoryAddress" is but we will leave it live this for now and you can do it later.

5. Download the build.xml file and do the same as above (save to project and deliver).

You will also need to adjust this particular file to your environment. In particular:

<property name="userId" value="ADMIN" />
<property name="password" value="password" />

This should be the same as your build user name and password.

Search and replace:


to point to your RSAR installation. Again, it would of been better to put this as a build property. I leave this as an exercise for you.

6. Go to your CDT Build definition created in the previous post and change the Command line as follows. Note the build proprieties. This is where you would set the other ones. Also note the make command is now using the JBEMakefile.

7. One last thing you need to do! You need to load the build workspace and accept the changes you have delivered. First unload your current workspace to prevent confusion.

You can load it the build workspace by issuing a load command on the workspace.
Now accept the changes in the pending changes view. That's it!

You can peruse the files at your will. The end result is that the Makefile will launch a static analysis using ant command to interact with the Jazz build engine so as to update the build result and notify on progress. This is done using ant tags. For information on those tags go to the CLM 3.0.1 information center.

The build result should look something like this,  with a link the RSAR server with the static analysis web pages and an attachment with the analysis results in XML format.
That's it for today.. Next time I will expand the build and add some unit tests!

1 comment:

  1. Hi,
    I have got few doubts, do we have the capability do run static checks on code using sonarqube every time a chekin made to RTC before delivering