tools.cdt Plugin PmdAnalysis

PMD Results analysis for tools.cdt

PMD is a great and widely-used source code analyzer which finds common programming flaws and bad coding practices in source code projects. This document intends to help users make a better use of this helpful tool, by proposing simple yet effective corrective actions to improve the project quality according to PMD XML results.

  • The quick summary helps users understand the reports generated by the tool
  • The fix by files section lists files that sould be fixed, given their number of high-priority violations.
  • The fix by rules section proposes to acquire and secure practices by fixing violations for high-priority, yet actionable rules to improve the project quality.

The version of PMD used is 5.3.1 and the PMD run was executed on the 2018-11-17 00:31:46.

You can learn more about this module on its documentation page on the project web site.

Quick Summary

PMD raised a total of 181408 violations to checked rules, including:

  • 1152 with priority 1,
  • 2017 with priority 2,
  • 175733 with priority 3,
  • 2506 with priority 4.

Rules can be considered as coding practices. They represent what the community believes to be right or wrong, althougth it heavily depends on your own context. In this very case:

  • A total of 87 rules have been checked.
  • The analysis found 71 broken rules, and 16 respected rules.
  • So the rate of acquired practices is 18.4 %.

This plot shows the proportion of rules violated (NOK: red) and clean (OK: blue). The lightness decreases with the priority (P1 -> p4).

Improving your project

Once you have selected the right rules, and made sure you understand them, then you should strive to keep the number of violations low, or even null. For each violation, you should either fix it or acknowledge it. As you will see, there will always be cases where the rule is smart, but doesn't apply to a specific instance in your code – because there is simply no bullet-proof generic truth. But once you know the rules, you know when to bend them, and it is ok: PMD allows you to ignore or suppress the incriminated warnings if you know what you are doing.

There are a few things to keep in mind when using PMD to improve your code:

  • Improve the rate of acquired practices.
  • Reduce the number of violations.
  • For rules that you want to apply, but that show too many violations, at least do not let them grow up.

From there, the next practical thing to do is either to:

  • Work on files: select a few files that have a lot of violations, and fix all important violations (e.g. with priority 1 and 2).
  • Work on practices: select a few rules with a high priority and a low number of violations, so you can make sure that the corresponding practices are acquired. Then you should pay attention to not let them appear again.

Fixing files with high-priority violations

The table on the right shows the 10 top files with high-priority violations. NCC P1 is the number of violations with priority 1 in the file, and NCC P2 is the number of violation with priority 2 in the file. Fixing them would be a good start. When you are over, re-run the analysis and fix the 10 next, until all high-priority violations are fixed.

You should start with files that have a lot of high-priority violations. The current analysis unveils:

  • 3169 violations with priority 1 or 2, distributed in 1401 files. Those are further decomposed in:
  • 1152 violations with priority 1, distributed in 821 files, and
  • 2017 violations with priority 2, distributed in 693 files.
Files with a high number of high-priority violations.
File NCC P1 NCC P2
. . /cdt/internal/core/dom/parser/cpp/semantics/ 0 45
. . se/cdt/internal/core/dom/parser/cpp/semantics/ 0 43
. . /core/dom/parser/cpp/semantics/ 1 40
. . org/eclipse/cdt/internal/core/parser/scanner/ 0 36
. . t/internal/autotools/ui/editors/automake/ 0 31
. . ipse/cdt/make/internal/core/makefile/gnu/ 0 30
. . rser/org/eclipse/cdt/internal/core/dom/parser/c/ 1 23
. . /cdt/internal/core/dom/parser/cpp/semantics/ 0 19
. . ipse/cdt/internal/core/dom/parser/cpp/ 0 19
. . se/cdt/internal/autotools/core/ 0 19

Fixing rules to improve practices

Another approache is to work on practices acquisition: select a few rules that you consider as really important, with an actionable number of violations, and fix them wherever they appear. The current analysis has 4 rules with priority 1 or 2 that show less than 50 violations. The graphic below on the left shows the 5 top rules with a low number of violations and a priority with either 1 or 2. The table on the rigth provides the corresponding data.

High-priority rules with a low number of violations
Mnemo priority vol
DoubleCheckedLocking 1 2
BooleanInstantiation 2 5
AbstractClassWithoutAnyMethod 1 5
BrokenNullCheck 2 11
AvoidBranchingStatementAsLastInLoop 2 50


The visualisations on this page can be exported and easily reused on an external web site. You can find more information on iframes and pictures reuse in the project's web site. Remember to change the server name in the code samples provided.

Pie chart of checked and broken rules

<iframe src="http://server/projects/tools.cdt/PmdAnalysis/pmd_analysis_pie.html" frameborder="0" style="width: 100%; height: 320px"></iframe>

Files with high priority violations

<img src="http://server/projects/tools.cdt/PmdAnalysis/pmd_analysis_files_ncc1.svg" frameborder="0" style="width: 100%; height: 600px" />

Top 5 high-priority rules

<img src="http://server/projects/tools.cdt/PmdAnalysis/pmd_analysis_top_5_rules.svg" frameborder="0" style="width: 100%; height: 370px" />

The visualisations used in this document rely on a number of flat CSV and JSON data files, that were extracted from the PMD XML results file. You can download and play with them if you want to thereafter:

  • Generic information about the project : PMD version, timestamp of analysis, number of non-conformities, number of rules checked, number of rules violated, number of clean rules, rate of acquired practices [ Download CSV ]
  • Rules: number of non-conformities for each category of rules and priority [ Download CSV ].
  • Violations: foreach violated rule, its priority, the ruleset it belongs to, and the volume of violations [ Download CSV ]
  • Files: for each non-conform file, its name, total number of non-conformities, number of non-conformities for each priority, number of broken and clean rules, and the rate of acquired practices [ Download CSV ]
  • Rulesets detected in the analysis output, with number of violations for each priority [ Download CSV (wide format) | Download CSV (long format) ]
  • List of violated rules, with priority, ruleset and number of non-conformities [ Download CSV | Download JSON ]

Page generated by Alambic 3.3.3-dev on Wed Jan 27 07:56:54 2021.