Todd

Hi, it's Todd here, and as usual I'm joined by Alen. Today we're going to look at how Klocwork helps find and fix defects using Visual Studio.

So, Alen, I know you've got Visual Studio open. Why don't you tell us what we're going to talk about here today.

Alen

Yeah, today we want to show you how Klocwork plugs right into Visual Studio so you can work as part of your typical workflow, find and fix defects.

Todd

All right. I think the best way to see this is to actually see it in action. So can you give us an example?

Alen

Well, let's first take a look at a couple of quick things. I've already brought up a file here. I have one file here on an open source project called Notepad++. It has an issue that's immediately identified. It's called "uninitialized variable," where it says, "closing tag is uninitialized." You can see I've got the bug marker on the left along with the little squiggly line. Think of this like your spellchecking squiggly line. We can just quickly take a look here. I see that indeed a closing tag is not initialized. Let's just do that, and what you'll notice now is, as I go to this, the uninitialized variable, it just disappears and it's that immediate.

The plug-in that we're providing here is just being able to show you immediately with those left bug markers and in this case I just fixed one. Then I can jump to the right marker, which just shows us all the actual defects throughout the file. So here's another one where I have a null-pointer dereference, and you have all sorts of great information about this.

Todd

Okay. So how do I know that what we're looking at here is a real defect?

Alen

Well, yeah, so this is a good example, the null-pointer dereference, where now if I hover over you see as well we're presented with what we call our trace back. This helps me step through the code to understand the conditions that actually make this happen. So as I step through I find out where said error is and why it's returning null. Then ultimately, I can come back to the actual error itself and then just say, "Okay, obviously this was the convention." I can see it just a few lines below and just apply that immediately and you see the error disappears.

Todd

Okay, so you mentioned a couple of minutes ago about a spell check type model. So that's something that's new in this release. Obviously, that will give users instant feedback on new defects. Why don't you tell us a little bit more about it and perhaps show us it in action as well?

Alen

Right. So the really important thing here--and so far I've shown you just a couple of issues that are just there--what we want to do is show you what's the value of this so called spell check model. Well, let's say, I'm just going to do a little check here. I want to, maybe, encompass this in an IF statement. I'm just going to check that "if A is less than 0"; whoa, just a second. Just as I'd done that, you see immediately, as I was typing in the so called spell check model, we've immediately identified this issue. Here we have a comparison of unassigned value. It's always false because A in this case is probably unassigned, and indeed it is. So that is the value you get in spell check immediately, while you type.

Todd

That's awesome, Alen. It's really a major shift in defect detection and source code analysis, I would guess.

Alen

Absolutely.

Todd

Yeah. Users are really going to take notice of the squiggly lines that are there and clean up their code as they go. I really think this is going to eliminate users having to go back into their code when they're under the impression that they're actually done. So thanks again, Alen, for the demo.

Alen

No problem.

Todd

For more information, visit our website at www.Klocwork.com.