Main Content

Classification of Defects by Impact

To prioritize your review of Polyspace® Bug Finder™ defects, you can use the Impact attribute assigned to the defect. The attribute allows you to filter results that require more immediate attention. For more information, see:

The Impact attribute is assigned to a defect based on the following considerations:

  • Criticality, or whether the defect is likely to cause a code failure.

    If a defect is likely to cause a code to fail, it is treated as a high impact defect. If the defect currently does not cause code failure but can cause problems with code maintenance in the future, it is a low impact defect.

  • Certainty, or the rate of false positives.

For instance, the defect Integer division by zero is a high-impact defect because it is almost certain to cause a code crash. On the other hand, the defect Dead code has low impact because by itself, presence of dead code does not cause code failure. However, the dead code can hide other high-impact defects.

You cannot change the impact assigned to a defect.

High Impact Defects

The following list shows the high-impact defects.

C++ Exception

Concurrency

Data Flow

Dynamic Memory

Numerical

Object Oriented

Performance

Programming

Resource Management

Security

Static Memory

Tainted Data

Medium Impact Defects

The following list shows the medium-impact defects.

C++ Exception

Concurrency

Cryptography

Data Flow

Dynamic Memory

Libraries Misuse

Numerical

Object Oriented

Performance

Programming

Resource Management

Security

Static Memory

Tainted Data

Low Impact Defects

The following list shows the low-impact defects.

Concurrency

Data Flow

Dynamic Memory

Good Practice

Numerical

Object Oriented

Performance

Programming

Security

Static Memory

Tainted Data

Related Topics