Address Results in Polyspace User Interface Through Bug Fixes or Justifications

This topic describes how to add review information to Polyspace results in the user interface of the Polyspace desktop products. For a similar workflow in the Polyspace Access web interface, see Address Results in Polyspace Access Through Bug Fixes or Justifications (Polyspace Access).

Once you understand the root cause of a Polyspace^® finding, you can fix your code. Otherwise, add review information to the Polyspace result to mark it for fixing later or to justify the result. You can use the review information to keep track of your review progress and avoid reviewing the same finding twice.

Flowchart detailing fix or justify finding process

If you add review information to your results file, they carry over to the results of the next analysis on the same project. If you add the same information as comments to your code (annotate), they carry over to any subsequent analysis of the code, whether in the same project or not. You can also hide results using code annotations.

Add Review Information to Results File

You can add review information either on the Results List or Result Details pane. Select a result, then set the Severity and Status fields, and optionally, enter notes with more explanations.

Example of set Severity and Status fields

The status indicates your response to the Polyspace result. If you do not plan to fix your code in response to a result, assign one of the following statuses:

Justified
No Action Planned
Not a Defect

These statuses indicate that you have given due consideration and justified that result (retained the code despite the result). Note that subsequent analyses continue to show justified results as before. For instance, a Code Prover result that was previously orange does not turn green after justification. However, during review, you can filter out justified results in one click and focus only on results that are not justified. See Filter and Group Results in Polyspace Desktop User Interface.

You can also create your own statuses to assign. See Create Custom Review Status.

Comment or Annotate in Code

You can also add specific code comments or annotations in response to Polyspace results. If you enter code comments or annotations in a specific syntax, on the next analysis of the code, the software can read them and populate the Severity, Status, and Comment fields in the result details.

Add annotation to code workflow

You can either type the annotation directly or copy it from the user interface:

In the user interface, to copy annotations, right-click a result and select Add Pre-Justification To Clipboard. Open your source code in an editor and paste on the same line as the result.
Type the annotation on on the same line as the result. See the annotation syntax in Annotate Code and Hide Known or Acceptable Results.

If you copy or type the annotation without explicitly assigning a status, Polyspace assumes that you have set a status of No Action Planned. The software hides the result from all places (except reports needed for certification¹ ). The only exceptions are the safety-critical Code Prover run-time checks, which are hidden from the results list but not the source code. If you want to explicitly set a status, first fill the Status field for a result and then copy the annotation to your code. Paste on the line containing the result.

To unhide the hidden results, from the Showing menu, clear the box Hide results justified in code.

hide results justified in code box