- The recommended approach is to use Bug Finder first (and more frequently), and fix the simpler bugs found. Then, use Code Prover to perform the more exhaustive checks. If you have Polyspace as You Code, it can be run even prior to running Bug Finder.
- You can skip the checkers of Bug Finder if you review the results of the equivalent checkers in Code Prover. In general, if a Bug Finder checker can find an issue, the equivalent checker in Code Prover can also find the issue (as long as the same options are used for the Bug Finder and Code Prover analysis - for instance, if the tools are run on the same project in the UI or using the same options file). Of course, as you know, Bug Finder can also find many, many other types of issues that Code Prover does not even look for (because finding those issues do not require mathematical proof). But I am assuming that in this question, you were only asking about those checkers of Bug Finder that overlap with Code Prover.
How should I verify ”overlapping” results from Code Prover and Bug Finder?
17 views (last 30 days)
Show older comments
At my company, we use Bug Finder in tandem with Code Prover to check for potential bugs/violations of coding standards and some specific run-time errors.
Normally, I skip through some of the Bug Finder check results (namely zero-division, integers overflow, out-of-bound-access pointers/arrays/loops, etecera) if there's already "overlapping" checkers from Code Prover to save time. For example, if I had confirmed the validity for all Code Prover's overflow checks against a piece of code (which also produced another set of overflow check results in Bug Finder as well), then regardless of whether the Bug Finder results are duplicates or different checks from Code Prover, I'd automatically assume those are not defects and ignore them totally.
My question are as following:
- What is your approach when verifying results of categories that are checked in both tools?
- Is it safe to justify only the result from Coder Prover and totally ignore the "less" exhaustive check results from Bug Finder in such cases where both tools offer the same check? If not, then what are potential risks if I only rely on Code Prover results for run-time errors detection? (As stated in the offical documents, Bug Finder's main usage is to quickly detect and rectify bugs and it might not detect all the possible causes for run-time errors, which is one of Coder Prover's strong points so I think it's would be fine to just solely rely on Code Prover)
Thanks in advance for reading and it would be great if someone can give some pointers!
0 Comments
Accepted Answer
Anirban
on 6 Feb 2023
Edited: Anirban
on 6 Feb 2023
5 Comments
Anirban
on 15 Feb 2023
Edited: Anirban
on 15 Feb 2023
(1) Yes.
I would add some caveats: it can be sometimes easier to review Bug Finder results. For instance, in Bug Finder, a lot of results are supported by an event traceback showing one path leading to an issue. So, you might incorrectly mark something as a false positive in Code Prover, but when you see it in Bug Finder, it would be clear it's not a false positive. But if you are sure that the results you marked as false positives in Code Prover are indeed false positives, then yes, there's not much reason to review the results of the equivalent Bug Finder checkers.
(2) I am not sure to understand what you mean by 'defect flagging conditions'. So I will give a two-part answer (I think the second part will be useful to you, but I am not sure):
- For Code Prover to find the same things as Bug Finder (and then some more), the analysis options used must be the same. More precisely, the options in the categories Target & Compiler, Macros, Environment Settings, Inputs & Stubbing must be the same. One easy way to make sure the options are same is to run Bug Finder and Code Prover on the same project (or using the same options file).
- For the subset of checkers that are common to Bug Finder and Code Prover, essentially the same analysis algorithms are used, except that in Bug Finder, certain heuristics are used to minimize false positives and minimize the analysis time. These heuristics prevent certain things from being shown in Bug Finder while they appear as orange checks in Code Prover (the orange checks might be real issues, especially the critical orange checks, or false positives). So yes, for the equivalent checkers, the issues found by Code Prover should be a superset of the ones found by Bug Finder.
More Answers (0)
See Also
Categories
Find more on MISRA C:2012 Directives and Rules in Help Center and File Exchange
Community Treasure Hunt
Find the treasures in MATLAB Central and discover how the community can help you!
Start Hunting!