Issues identified by cppcheck (v. 1.6.2) and saved in an xml file (version 1) are not being loaded to SonarQube v.4.0.
Details:
I'm prototyping adding C++ support to our SonarQube installation. We've been inspecting Java with Sonar for over a year, and are ready to start looking at our legacy C++ code as well. My SonarQube prototype installation is on my Windows machine, running against the H2 database. The C++ is on a linux machine, code accessible to Windows via NetApp as my L: drive.
I'm running cppcheck and sonar-runner from the windows side. I'm seeing some issues with include files not found, I think probably because our build is under Linux and there are symbolic links that Windows isn't understanding. That doesn't appear to be affecting the cppcheck issue, but I mention it just in case.
cppcheck run as:
>cppcheck -v -enable=warning,performance --xml --xml-version=1 -I ..\include . 2> cppcheck.xml
results in (snippet>
<?xml version="1.0" encoding="UTF-8"?>
<results>
<error file="BarcodePattern_sql.cxx" line="2947" id="uninitMemberVar" severity="style" msg="Member variable '__pthread_cleanup_class::__cancel_type' is not initialized in the constructor."/>
<error file="CircCluster.cxx" line="2960" id="uninitMemberVar" severity="style" msg="Member variable '__pthread_cleanup_class::__cancel_type' is not initialized in the constructor."/>
...
<error id="toomanyconfigs" severity="style" msg="The checking of the file will be interrupted because there are too many #ifdef configurations. Checking of all #ifdef configurations can be forced by --force command line option or from GUI preferences. However that may increase the checking time. For more details, use --enable=information."/>
</results>
After cppcheck is complete, I run sonar-runner.bat (v2.3). The cppcheck property is configured as
sonar.cxx.cppcheck.reportPath=L:\\sandbox\\s2009.0.0\\circ\\cppcheck.xml
The rest of the sonar-project.properties file appears to be configured well enough, as I'm getting source code and metrics such as line count, complexity, comment count loaded into SonarQube.
Running sonar-running.bat with the -X parameter gives me output including
...
15:56:24.651 DEBUG - Using pattern 'coverage-reports/overall-coverage-*.xml' to find reports
15:56:24.653 INFO - Sensor CxxCoverageSensor done: 6 ms
15:56:24.653 INFO - Sensor CxxCppCheckSensor...
15:56:24.654 DEBUG - Using pattern 'L:\sandbox\s2009.0.0\circ\cppcheck.xml' to find reports
15:56:24.655 INFO - Sensor CxxCppCheckSensor done: 2 ms
15:56:24.655 INFO - Sensor CxxPCLintSensor...
15:56:24.656 DEBUG - Using pattern 'pclint-reports/pclint-result-*.xml' to find reports
15:56:24.657 INFO - Sensor CxxPCLintSensor done: 2 ms
...
Based on one suggestion I found searching the net, I've tried adding a full path to the cppcheck.xml results data, but it made no difference.
I have enabled all rules in C++ Sonar Way.
I'm out of things to try - why are no issues being reported?