Klocwork Reviews

Our main test case is to check for some of our internal standards which we usually do manually. But when we got Klocwork, it completely changed the scenario. We are writing a simple logic for checking our internal standards without much overhead. 

One more is on the fly analysis which is the most important feature which Klocwork provides I believe. 

• It has reduced the manual analysis for a lot of scenarios like checking for internal standards.
• It has saved a lot of time in developing a code through on the fly analysis mode.
• Klocwork team is regularly updating their checkers which is the good one where we can get more accurate and new kind of issues or bugs in our code can be identified.

First will be the on the fly analysis as it is reducing the time for developing a code. One more best thing is the reports section which is very nice to understand. Also the support which is available for Industry Standards as well as we can also write our own internal standards and we can check during the analysis.

Not much as of now. But I am feeling Klocwork should support more number of languages like other static code analyzers do. Right now Klocwork has supportability available only to C, C++, Java, and C#. 

Very good.

I evaluated some other tools, but I don't want to reveal the names of these tools. I didn't find them as good tools when compared with Klocwork. 

It has a straightforward setup from my scenario. Just installing a few .exe files. Not much complexity is involved in this.

Vendor team. Very good, and they are friendly.

I don't know much about cost and licensing as my management is looking at these things.

I evaluated some other tools, but I don't want to reveal the names of these tools. I didn't find them as good tools when compared with Klocwork.

Not much as of now.

We currently use Klocwork mainly for static code analysis.

Now the only issue we have is that whenever we need to get the code we have to build it first. Then we can get the report. Without building the source code we have to get the static code and the source code. That's what we are looking into. It would be better if they could provide a solution for this issue, regarding code building, when compiling the report.

I would like to see a dashboard added to provide a clear look and feel. The dashboard would then supplement the users to enable them to get a quick view of the content, as long is it is clear. A presentational dashboard would be good.

The stability is good. We can run it on multiple machines without an issue.

We have a server license here for two servers and ten users.

The technical support is good. They support us whenever we need it.

The initial setup was straightforward, not too complicated.

Klocwork is a good product, but keep in mind that before building the code you have to get a report. Then you use the code. If you don't need to get a report after building the source code then this is a good solution for you. I prefer this tool.

I would rate Klocwork as eight out of ten.

My primary case would be checking for memory related issues and some null pointer issues where Klocwork is too strong in this section. We used to check these issues most often, and Klocwork is the one which provides us this clear way.

We are very concerned about these issues for some of the critical projects which are very important for us. Using Klocwork, we have cleared all these issues without much difficulty.

• Its vast checkers supportability
• Custom checker creation
• Industry standards supportability
• Support to a vast number of IDEs and so on.

Nothing much as of now. I feel Klocwork is going in a great way. The one thing I personally feel is that Klocwork must increase their support to some other languages.

We are using Klocwork to perform static code analysis of our solutions towards an embedded project. The project is built on an RTOS, and the relevant middleware and applications are developed in C++.

The tool helps the team to think beforehand about corner cases or potential bugs that might arise in real-time. This, in turn, increases the efficiency of the project as well as the team.

We like using the static analysis and code refactoring, which are very valuable because of our requirements to meet safety critical levels and reliability.

The way to define the rules is too complex. The definition/rules for static analysis could be automated according to various SILs, so as to avoid confusion. 

It should be semi-flexible. However, this may be due to my limited experience.

The tool has good support for static analysis.