Sonar read xml file of CppCheck check by MISRA2012;But there is no corresponding misra warning

[gaolonglong11]

cppcheck checks the code using misra rules; The generated xml file; sonar reads xml files; But there is no corresponding misra warning

[guwirth]

Hi @gaolonglong11,

please have a look to
https://github.com/SonarOpenCommunity/sonar-cxx/wiki/Troubleshooting-Reports
https://github.com/SonarOpenCommunity/sonar-cxx/wiki/Manage-Quality-Profiles
Is the rule activated in your profile?

Only rules listed in the XML file are supported
https://github.com/SonarOpenCommunity/sonar-cxx/blob/master/cxx-sensors/src/main/resources/cppcheck.xml

Regards,

[vscodeenv]

Thank you very much for your reply. I confirm that the XML file generated by cppckeck command contains items that do not conform to MISRA rules, but the format of XML is different from what you said. I would like to ask if there is an xml format conversion tool

[vscodeenv]

cppcheck --addon="/home/cppcheck/cppcheck-1.90/addons/misra.py" --enable=all --inconclusive --xml-version=2 --platform=unix32 ./user 1>cppcheck-result.xml 2>&1

The above is the result of checking by using cppcheck1.9 command in linux, but this result shows that sonar can not see misra related problems

[guwirth]

Hi @vscodeenv,

for me the resulting XML reports seems to have the same format: https://github.com/SonarOpenCommunity/sonar-cxx/wiki/sonar.cxx.cppcheck.reportPaths#example-of-a-report-file

In https://github.com/SonarOpenCommunity/sonar-cxx/blob/master/cxx-sensors/src/main/resources/cppcheck.xml I found the error id:

Is the rule enabled in your quality profile?
https://github.com/SonarOpenCommunity/sonar-cxx/wiki/Manage-Quality-Profiles

Turn debug information on to get more information:
https://github.com/SonarOpenCommunity/sonar-cxx/wiki/Get-Debug-Information

Regards,

[vscodeenv]

Thank you for your reply. Here are some screenshots of my Settings

[vscodeenv]

[vscodeenv]

I have checked that the output xml file by cppcheck contains some information about MISRA rules, and sonarqube has also done some Settings through some network tutorials, so I can see some code smells, but there is no corresponding MISR rule conflict prompt, please help me to check whether other places need to be set, thank you very much! Looking forward to your reply!

[vscodeenv]

I see MISRA rules in the rules created by sonarqube. My sonarqube version is 8.9.10; Plugin-sona-xx-plugin-2.0.7.3119; Gotlab16.3

[vscodeenv]

[guwirth]

Hi @vscodeenv,

I would start with turning debug info on and than look into the .LOG file.
https://github.com/SonarOpenCommunity/sonar-cxx/wiki/Get-Debug-Information

How to interpret the result is described here:
https://github.com/SonarOpenCommunity/sonar-cxx/wiki/Scan-Report-Files#understanding-the-scanner-log-file

Regards,

[vscodeenv]

感谢您的提醒，我在输出里面看到了这个，改了路径以后好像就可以看到违反misra的规则在sonarqube里面

[vscodeenv]

[vscodeenv]

Thanks for your reminding. I saw this in the output. After changing the path, it seems that misra's rules are violated in sonarqube
Please see if there is no problem in this way. Thank you very much! Thank you very much! It's been bothering me for a long time!