Main Content

Review Polyspace Bug Finder Results in Polyspace Platform User Interface

Polyspace® Bug Finder™ checks C/C++ code for defects, coding rule violations, and security vulnerabilities. After you run an analysis, you can open and review the results in the Polyspace Platform user interface.

This topic shows how to review some Bug Finder results in the Polyspace Platform user interface. Polyspace provides some additional ways to review results.

Example Files

To follow the steps in this tutorial, in the Polyspace Platform user interface, open the example results by selecting Help > Find defects in your C code.

Interpret Results

Review each Polyspace Bug Finder result. Find the root cause of the issue.

Open your results in the Review perspective. When you first select your result file from the Results pane, the Project Overview dashboard opens. Select Review from the toolbar to open the Review perspective containing all results and details.

Start from the list of results on the Results List pane. If the Results List pane covers the entire window, select Layout > Reset in the toolstrip.

Click the Check column header to sort the results alphabetically. Select the Non-initialized variable result with the ID value 8381.

Results List pane with Non-initialized variable result selected

View code information on the Source Code pane and further information about the result on the Result Details pane.

The Result Details pane also highlights a sequence of events leading to the result. For example, for the Non initialized variable result, you see these events:

  • The variable value is declared.

  • The if statement where value is initialized is skipped.

  • The variable value is read.

Sometimes, these events can be located far apart in the source code. Click an event on the Result Details pane to navigate to the corresponding location on the source code. This highlights the related code in the Source Code pane.

Additional Information

For more information on interpreting results, see:

Address Results Through Bug Fix or Comments

Once you understand the root cause of a Polyspace result, you can fix your code. Alternatively, you can add comments to your results to fix the code later or to justify the result. You can use the comments to keep track of your review progress.

If you do not want to fix the defect immediately, assign a status to the result in the Result Details pane. For example, set the status of the Non-initialized variable result to To investigate. Optionally, add comments with further explanation.

Result Details pane with review information set such as Status, Severity, and Comments.

If you assign the status No action planned, the result does not appear in subsequent runs on the same project.

Additional Information

For more information on addressing results through bug fixes or comments, see:

Manage Results

When you open the results of a Bug Finder analysis, you see a list of defects, coding rule violations, and other results. To organize your review, you can narrow down the list or group results by file or result type.

For example, you can:

  • Review only high impact defects.

    In the toolstrip, select Defects > High to show only high-impact defects.

    An Impact: High filter applied to a Results List

  • Review only the new results since the last analysis.

    On the Filters section of the toolstrip, click the drop-down arrow and select New from the Resolution section.

  • Review results in certain files or functions.

    On the Results List pane, right-click a result in the File column and select Show only: "filename.c" to view only the results in that file. You can use this method on any column in the Results List pane. Additionally, select the header of any column to sort the Results List pane by the information in the column.

Additional Information

For more information on managing results, see: Filter and Sort Results in Polyspace Platform User Interface.