Pull to refresh
413.03
PVS-Studio
Static Code Analysis for C, C++, C# and Java

Best warnings of static analyzer

Reading time3 min
Views977

Everyone who runs the static analyzer on a project for the first time is slightly shocked by hundreds, thousands or even tens of thousands of warnings. It may be frustrating. Is my code so terrible? Or is the analyzer lying? In any case, filtering by the severity changes the situation, not completely though. That's why we thought about how we could improve the first experience with the analyzer. Let me show you the new feature step by step...

Intelligence Diagnostic Filter

What does a person, who runs code through a static analyzer for the first time, encounter? When run on large projects, a static analyzer produces a huge number of warnings for various code fragments.

Yes, it may be an enormous number of warnings. Of course, there will be false positives among them. Alas, static analysis cannot exist without false positives. Therefore, it was necessary to create a new approach that would simplify the process when one is just starting out with the analyzer.

That's how we got the idea to develop a special mechanism that would analyze a list of warnings and find the most interesting ones among them. We named it the Intelligence Diagnostic Filter or IDF for short.

I will not go into the details of its implementation in this article. The developer who created the mechanism will explain it better. So, don't forget to subscribe to our Habr account so as not to miss his article :)

Let's look at the top ten warnings

Well, you have installed the analyzer – what's next? Of course, you need to run it on a large project. Otherwise, the picture will be incomplete. There is a simple pattern here – the more code lines you have, the more difficult it is to maintain the code quality. Accordingly, the more difficult it is to maintain the code quality, the more bugs this code contains.

This is what the first run of the analyzer may look like...
This is what the first run of the analyzer may look like...

We have to admit, it's not so exciting to appreciate the capabilities of the analyzer by looking through these warnings all at once. So open the additional toolbar and click on Best Warnings button:

Example of the button in the PVS-Studio plugin for Visual Studio
Example of the button in the PVS-Studio plugin for Visual Studio

After a short processing pause, you get a list of the most significant code problems according to the IDF. This mechanism was also developed to demonstrate various features of the analyzer. Therefore, we limited the number of similar warnings in the output. This helps look at various types of code problems at once. This will also simplify further study of the remaining warnings.

Note. Remember to mark the most interesting warnings with a star! It will be easier to find them later :)

What's next?

Of course, do not ignore other warnings. The Analyzer Best Warnings mode was made to help you see how PVS-Studio benefits your project. This mode also demonstrates the abilities of static analysis. Therefore, after studying the most significant code problems according to the IDF mechanism, let's go back to other warnings.

To do this, just click on the Best Warnings button one more time:

Example of a button in the PVS-Studio plugin for Visual Studio
Example of a button in the PVS-Studio plugin for Visual Studio

Now it's time to study all the remaining warnings. In fact, this is an optional step – you don't have to view ALL the remaining warnings, you can view only High level ones, for example:

How to filter warnings in the PVS-Studio plugin for Visual Studio
How to filter warnings in the PVS-Studio plugin for Visual Studio

New warnings can get lost among the remaining ones. Also, the remaining warnings can distract you from the further use of the analyzer. In this case. So, I advise you to use the mechanism of warning suppression.

Click on the Suppress All Messages button:

How to suppress warnings in the Visual Studio plugin
How to suppress warnings in the Visual Studio plugin

Now you will see the warnings strictly for the new code. This is a super useful mechanism, so don't be afraid to use it. You can always bring these warnings back to the log from the suppression file.

Note. Warnings do not disappear without a trace! If you edit the code next to a suppressed warning, it will show up again.

IDF development

Of course, we will further develop this intelligent filtering mechanism. Analyzer Best Warnings is the first feature that is based on IDF, but it's not the last one :)

We have various thoughts and ideas on how else we can use it. For example, we may add the ability to sort the entire report. This feature would be convenient, since later you can hide the least reliable warnings according to the IDF. Or we may add the ability to adjust the user-specific settings for projects...

In a word, there are a huge number of ideas! However, the real driving force of changes and improvements is not developers, but users. This is one of our most important principles – we take into account the wishes of our audience.

Try the new feature and send us your thoughts and ideas! That way, we will not only find out what you think about the new mechanism, but also find the right vector of its development.

Additional links

Tags:
Hubs:
Total votes 2: ↑2 and ↓0+2
Comments0

Articles

Information

Website
pvs-studio.com
Registered
Founded
2008
Employees
31–50 employees