Jump to content

  • Log In with Google      Sign In   
  • Create Account


Andrey Karpov

Member Since 19 May 2011
Offline Last Active Apr 22 2014 11:31 PM
-----

Topics I've Started

An Alternative to PVS-Studio at $250

14 January 2014 - 04:56 AM

image1.png

Hello, we are the developers of the PVS-Studio static code analyzer. We have created a new software product CppCat and are going to tell you about it in this article. Some time ago we imagined that we had never had PVS-Studio yet retained the experience of developing static analysis tools for C/C++ code. Our minds thus refreshed, we made a new static analyzer just the way we wanted it to be - simple and easy to use. You will also be glad to know that it costs $250 per installation.


Background of the new product

We always did our best to keep PVS-Studio easy to use and understand. But it inevitably grew to lose its simplicity as it acquired new functionality. For example, such is the ID field in the error table: some find it useful while others are confused by it. People mix it up with the diagnostic number and wonder why there can be IDs like 3, 7, 23, 25 - and what about the rest? The answer is simple and obvious: they are hidden; for example, the "64-bit" diagnostic set is turned off.

Similar issues are with the settings as well. It is important in the case of large projects to have the option of choosing among preprocessors (Clang or Visual C++). It allows a user to greatly enhance the speed of analysis for certain projects. But those who are only getting started with the tool may be confused by this option. They select Clang and expect to get warnings generated by it. Some even send us indignant letters blaming us for selling an expensive add-on for Clang. Just in case, follow this link to find out how exactly we utilize Clang. You know, it's difficult to sell our analyzer to a programmer who mistakenly thinks that it is just a wrapper for Clang smile.png. This is how a vague setting gives rise to great confusion.

We programmers are smart and sensible guys. But when it comes to learning new tools, we often resemble ordinary users. And it's quite okay: there's just too much information around us and you usually don't have enough time and strength to spend on learning every technological innovation. So, although programmers' tools are pretty intricate products, learning them should be as simple as handling a calculator is. Otherwise, you risk your tool just remaining unnoticed. People just won't have enough time to comprehend it. And that's what often happens to PVS-Studio.

It's entirely our own fault that PVS-Studio has grown so complicated. And we have failed to find a way of returning the interface to the simplicity it possessed before. So, we created a new product: CppCat. This tool is so simple and streamlined that you will never get lost among its settings. Learning to use it takes less time than reading this article. Yes, it lacks quite a few features, but those are still there in PVS-Studio that will also remain. We just offer a cheaper carrot grater to those who don't need an expensive multi-function food processor.

Now, let's point out the main idea once again. We've created an easy to learn and use tool for static analysis of C/C++ code. It will make your first steps into the static analysis methodology as simple as possible. And thanks to its simplicity and relatively low price, CppCat should go on to become a popular tool which will be as indespencible to the software developers, as a safety net for the rope-walker!


Functionality

The CppCat tool is designed to detect suspicious fragments in program code written in C/C++. The main functions of the analyzer are:

  • Analysis of projects;
  • Automatic analysis of files after compilation.

That's all. The analyzer does exactly what it is designed for: checking the code and telling the programmer which fragments need closer examination. The tool can only work in Visual Studio (2010, 2012 and 2013).

We decided to drop using the phrase "the analyzer detects bugs" too often. You see, any analyzer produces false positives. But when the analyzer generates warnings on correct code, it doesn't mean that you don't have to do anything with that code at all. We came across an interesting association in one article. The analyzer reveals code fragments with the "smell". "Smelly" code is not necessarily incorrect. It just means that it contains some anomalies that may cause some confusion when the code is maintained by other developers. "Smelly" code may lead to errors after refactoring: a programmer responsible for modifying the code may fail to understand how certain functions work and bring in some defects by a mistake.

Thus, we believe that every code fragment that CppCat finds suspicious must be reviewed and improved. By clearing the code of its "smell", you will greatly help your coworkers. However, warnings do need to be suppressed sometimes. We offer a number of methods to do that - see the CppCat manual.

Readers may still wonder: in what ways exactly is CppCat different from PVS-Studio? Here's the answer in the form of a summary table:


image2.png

Table 1. Comparing features of PVS-Studio against CppCat.

On one hand, CppCat lacks much. But on the other, it retains all the functions necessary for everyday use in your work.

The main ideological difference between CppCat and PVS-Studio is the following:

CppCat licenses are individual. You install it on your computer and start using it. It doesn't provide functionality useful in team work - for example, you cannot set CppCat to run night checks. This and other functions of that kind are provided by PVS-Studio.

PVS-Studio is intended for large, complex projects. CppCat can check large projects too - there's no restriction concerning the project size. It's just that CppCat doesn't have some of the additional functions and ships under a different licensing policy.

CppCat can be used in companies (and large ones as well) in the same way - but you just need to purchase several licenses (and we offer discounts for buying several licenses at a time!).


Pricing policy

It's very simple with the prices. One copy of the product costs $250. The license is not floating - it is bound to one computer (hardware ID).

We offer discounts depending on how many licenses you buy at a time:

  • 1 - 4 licenses: $250.00
  • 5 - 24 licenses: $225.00
  • 25+ licenses: $212.50

The license is valid during 1 year. On the expiration, it can be renewed at 80% of the initial price (i.e. $200).


Downloading, trying and purchasing

Nothing complicated about that too:

The full-function trial version can be used for 7 days.


And what about PVS-Studio?

We go on developing PVS-Studio as well. It is still relevant and all its aspects, as well as the pricing policy, remain the same.


Conclusion

We are launching a sale concurrently with our new product's release. You get a 5% discount when buying CppCat during 5 days (up to January, 19). Follow this link for the bargain.
 


Errors detected in the Visual C++ 2012 libraries

19 September 2012 - 04:03 AM

The Visual Studio development environment allows you to perform static code analysis. This analysis is very useful and easy-to-use. However, we should understand that Visual Studio performs a huge number of functions. It means that each of its functions taken separately cannot compare to specialized tools. The code refactoring and coloring functions are not as good as in Visual Assist. The function of integrated image editing is naturally worse than that in Adobe Photoshop or CorelDRAW. The same is true for the static code analysis function as well.

But this all is theorization. Let's move to practice and see what interesting things the PVS-Studio analyzer has managed to find in Visual Studio 2012 folders.

We didn't actually plan to check the source files included into Visual Studio. It happened by chance: many header files underwent some changes in Visual Studio 2012 because of support for the new language standard C++11. We have faced the task to make sure that the PVS-Studio analyzer can handle these header files.

Continue: http://www.viva64.com/en/b/0163/

All about 64-bit programming in one place

19 May 2011 - 06:04 AM

1. Articles:

A Collection of Examples of 64-bit Errors in Real Programs
About size_t and ptrdiff_t
64 bits
AMD64 (EM64T) architecture
Other articles
2. Lessons on development of 64-bit C/C++ applications

Main page: http://www.viva64.com/en/l/

The course is composed of 28 lessons devoted to introduction to 64-bit systems, issues of building 64-bit applications, methods of searching errors specific to 64-bit code and code optimization. Such questions are also considered as estimate of the cost of moving to 64-bit systems and rationality of this move.

The contents of the course:
  • Lesson 01. What 64-bit systems are.
  • Lesson 02. Support of 32-bit applications.
  • Lesson 03. Porting code to 64-bit systems. The pros and cons.
  • Lesson 04. Creating the 64-bit configuration.
  • Lesson 05. Building a 64-bit application.
  • Lesson 06. Errors in 64-bit code.
  • Lesson 07. The issues of detecting 64-bit errors.
  • Lesson 08. Static analysis for detecting 64-bit errors.
  • Lesson 09. Pattern 01. Magic numbers.
  • Lesson 10. Pattern 02. Functions with variable number of arguments.
  • Lesson 11. Pattern 03. Shift operations.
  • Lesson 12. Pattern 04. Virtual functions.
  • Lesson 13. Pattern 05. Address arithmetic.
  • Lesson 14. Pattern 06. Changing an array's type.
  • Lesson 15. Pattern 07. Pointer packing.
  • Lesson 16. Pattern 08. Memsize-types in unions.
  • Lesson 17. Pattern 09. Mixed arithmetic.
  • Lesson 18. Pattern 10. Storage of integer values in double.
  • Lesson 19. Pattern 11. Serialization and data interchange.
  • Lesson 20. Pattern 12. Exceptions.
  • Lesson 21. Pattern 13. Data alignment.
  • Lesson 22. Pattern 14. Overloaded functions.
  • Lesson 23. Pattern 15. Growth of structures' sizes.
  • Lesson 24. Phantom errors.
  • Lesson 25. Working with patterns of 64-bit errors in practice.
  • Lesson 26. Optimization of 64-bit programs.
  • Lesson 27. Peculiarities of creating installers for a 64-bit environment.
  • Lesson 28. Estimating the cost of 64-bit migration of C/C++ applications.

You may open all the lessons in one file (the print version as well).

3. Knowledge Base

Can I use 32-bit pointers in a 64-bit application?
How can a 32-bit program detect that it is launched in a 64-bit Windows?
Functions of the ntohl/htonl class and 64-bit values
Other...
4. Articles' Reviews

5. Blog

64-bit programs and floating-point calculations
The reasons why 64-bit programs require more stack memory
Searching for explicit conversion of a pointer to a 32-bit type
Other posts...
6. Detect 64-Bit Portability Issues

7. Terminology

/Wp64
Address arithmetic
Data alignment
Data model
Other terms...
8. Our 64-bit reddit

9. Contact

My E-Mail: karpov[del]@viva64.com
Feedback page
Twitter - http://twitter.com/Code_Analysis


PARTNERS