Main Content

Interpret Bug Finder Results in Polyspace Desktop User Interface

This topic shows how to review Bug Finder results in the user interface of the Polyspace desktop products.

When you open the results of a Polyspace® Bug Finder™ analysis, you see a list on the Results List pane. The results consist of defects, coding rule violations or code metrics.

You can first narrow down the focus of your review:

  • Use filters on the results list columns to narrow down the list. For instance, you can focus on the high-impact defects.

  • Organize results by file or result family. Use the icon above the list.

Once you narrow down the list, you can begin reviewing individual results. This topic describes how to review a result.

To begin your review, select a result in the list.

Interpret Result Details Message

Interpret Message

The first step is to understand what is wrong. Read the message on the Result Details pane and the related line of code on the Source pane.

Seek Additional Resources for Help

Sometimes, you need additional help for certain results. Click the icon to open a help page for the selected result. See code examples illustrating the result. Check external standards such as CWE or CERT-C that provide additional rationale for fixing the issue.

At this point, you might be ready to decide whether to fix the issue or not. Once you identify a fix, it might help to review all results of that type together.

Find Root Cause of Result

Sometimes, the root cause might be far from the actual location where the result is displayed. For instance, a variable that you read might be non-initialized because the initialization is not reachable. The defect is shown when you read the variable, but the root cause is perhaps a previous if or while condition that is always false.

Navigate to Related Events

Typically, the Result Details pane shows one sequence of events that leads to the result. The Source pane also highlights these events.

In the above event traceback, this sequence is shown:

  1. A variable value is declared.

  2. The execution path bypasses an if statement. This information might be relevant if the variable is initialized inside the if block.

  3. Location of the current defect: Non-initialized variable

Typically, the traceback shows major points in the control flow: entering or bypassing conditional statements or loops, entering a function, and so on. For specific defects, the traceback shows other kinds of events relevant to the defect. For instance, for a Declaration mismatch defect, the traceback shows the two locations with conflicting declarations.

Create Your Own Navigation Path

If the event traceback is not available, use other navigation tools to trace your own path through the code.

Before you begin navigating through pathways in your code, ask the question: What am I looking for? Based on your answer, choose the appropriate navigation tool. For instance:

  • To investigate a Non-initialized variable defect, you might want to make sure that the variable is not initialized at all. To look for previous instances of the variable, on the Source pane, right-click the variable and select Search For All References. Alternatively, double-click the variable. These options show only instances of a specific variable and not other variables with the same name in other scopes.

  • To investigate a violation of MISRA C:2012 Rule 17.7:

    The value returned by a function having non-void return type shall be used.
    you might want to navigate from a function call to the function definition. Right-click the function and select Go To Definition.

After you navigate away from the current result, use the icon on the Result Details pane to come back.

If you click a source code token containing a result, the previous result selection on the Results List and the details on the Result Details pane do not change. You can keep the result in the results list and the result details pinned while navigating in the source code. Sometimes, you might want to see the result associated with a token. To update the result selection and the details, Ctrl-click the token or right-click and select Select Results At This Location.

Navigate in Separate Window

If reviewing a result requires deeper navigation in your source code, you can create a duplicate source code window that focuses on the result while you navigate in the original source code window.

Right-click on the Source pane and select Create Duplicate Code Window. Right-click on the tab showing the duplicate file name (ending with -spawn 1) and select New Vertical Group.

Perform the navigation steps in the duplicate file window while the defect still appears on the original file window. After the investigation is over, close the duplicate window.

Related Topics