While communicating with people on forums, I noticed there are a few lasting misconceptions concerning the static analysis methodology. I decided to write a series of brief articles where I want to show you the real state of things.
As a PVS-Studio's developer, I am often asked to implement various new diagnostics in our tool. Many of these requests are based on users' experience of working with dynamic code analyzers, for example Valgrind. Unfortunately, it is usually impossible or hardly possible for us to implement such diagnostics. In this article, I'm going to explain briefly why static code analyzers cannot do what dynamic analyzers can and vice versa. Each of these analysis methodologies has its own pros and cons; and one cannot replace the other, but they do complement each other very well.
As a PVS-Studio's developer, I am often asked to implement various new diagnostics in our tool. Many of these requests are based on users' experience of working with dynamic code analyzers, for example Valgrind. Unfortunately, it is usually impossible or hardly possible for us to implement such diagnostics. In this article, I'm going to explain briefly why static code analyzers cannot do what dynamic analyzers can and vice versa. Each of these analysis methodologies has its own pros and cons; and one cannot replace the other, but they do complement each other very well.
Future of Testing, Test Automation and The Quality AnalystAnand Bagmar
In vodQA Hyderabad, I spoke on what I think is the "Future of Testing, Test Automation and the Quality Analyst". This is an evolved presentation from what I did in vodQA Bangalore (http://essenceoftesting.blogspot.in/2014/06/future-of-testing-test-automation-and.html)
Deciding what to build without killing each otherPhilip Likens
Deciding what to build is hard. Making the decision as a team is even tougher. Team members often have differing views on which portions of the prototype are most important and what functionality to include. Tensions from the decision-making process can drive teams apart. In our labs group we have adopted a framework for making prototyping and project decisions. This presentation outlines the framework we use in Sabre Labs, as well as some examples of times we’ve gotten it right, and other times we haven’t.
Get Internet Number Resources from ARIN (IPv4, IPv6, ASNs)ARIN
Getting Internet Number Resources from the American Registry for Internet Numbers (ARIN) Find out how to get resources from ARIN, including Autonomous System Numbers (ASNs), Internet Protocol version 4 (IPv4), and Internet Protocol version 6 (IPv6). PPTX version available at: https://www.arin.net/knowledge/general.html
Tata Motors in the year 2008 acquired two of the most recognized premium segment car brand - Jaguar & Land Rover for a price tag of $2.5 billion. This presentation tells you about the history of Tata Motors, Jaguar and Land Rover, details of the deal, key motives of the merger, challenges in the merger, and both the companies current stage.
InMobi Insights : The State of Mobile App Monetization, Q3 - 2014InMobi
InMobi’s State of App Monetization Series provides network insights for app developers, publishers and advertisers. Through analysis of billions of impressions served each month, these reports showcase the latest trends within the mobile app ecosystem on our network.
Say Cheese! Using Pictures to Teach Reading Jennifer Jones
These are my slides for my presentation, "Say Cheese! Using Pictures to Teach Reading." I am presenting this session in February 2015 at the Southern California Kindergarten Conference. It also coordinates with my product, Describing and Inferring Key Details with Picture of the Day: Reading Photos "Closely" available at www.hellojenjones.com
100 images that can inspire you when you are brainstorming about new products or services. See also our new set with 100 extra images: http://www.slideshare.net/marcnewshoestoday/100-extra-images-for-visual-brainstorming
Apps for the Connected World: Supercharge Customer Data with Code HalosCognizant
By making meaning from the data that swirls around every digital interaction, companies can gain unprecedented insight into what customer and prospects want and value, essentially what makes them "tick."
Difficulties of comparing code analyzers, or don't forget about usabilityPVS-Studio
Users' desire to compare different code analyzers is natural and understandable. However, it's not so easy to fulfill this desire as it may seem at first sight. The point is that you don't know what particular factors must be compared.
Difficulties of comparing code analyzers, or don't forget about usabilityAndrey Karpov
Users' desire to compare different code analyzers is natural and understandable. However, it's not so easy to fulfill this desire as it may seem at first sight. The point is that you don't know what particular factors must be compared.
Future of Testing, Test Automation and The Quality AnalystAnand Bagmar
In vodQA Hyderabad, I spoke on what I think is the "Future of Testing, Test Automation and the Quality Analyst". This is an evolved presentation from what I did in vodQA Bangalore (http://essenceoftesting.blogspot.in/2014/06/future-of-testing-test-automation-and.html)
Deciding what to build without killing each otherPhilip Likens
Deciding what to build is hard. Making the decision as a team is even tougher. Team members often have differing views on which portions of the prototype are most important and what functionality to include. Tensions from the decision-making process can drive teams apart. In our labs group we have adopted a framework for making prototyping and project decisions. This presentation outlines the framework we use in Sabre Labs, as well as some examples of times we’ve gotten it right, and other times we haven’t.
Get Internet Number Resources from ARIN (IPv4, IPv6, ASNs)ARIN
Getting Internet Number Resources from the American Registry for Internet Numbers (ARIN) Find out how to get resources from ARIN, including Autonomous System Numbers (ASNs), Internet Protocol version 4 (IPv4), and Internet Protocol version 6 (IPv6). PPTX version available at: https://www.arin.net/knowledge/general.html
Tata Motors in the year 2008 acquired two of the most recognized premium segment car brand - Jaguar & Land Rover for a price tag of $2.5 billion. This presentation tells you about the history of Tata Motors, Jaguar and Land Rover, details of the deal, key motives of the merger, challenges in the merger, and both the companies current stage.
InMobi Insights : The State of Mobile App Monetization, Q3 - 2014InMobi
InMobi’s State of App Monetization Series provides network insights for app developers, publishers and advertisers. Through analysis of billions of impressions served each month, these reports showcase the latest trends within the mobile app ecosystem on our network.
Say Cheese! Using Pictures to Teach Reading Jennifer Jones
These are my slides for my presentation, "Say Cheese! Using Pictures to Teach Reading." I am presenting this session in February 2015 at the Southern California Kindergarten Conference. It also coordinates with my product, Describing and Inferring Key Details with Picture of the Day: Reading Photos "Closely" available at www.hellojenjones.com
100 images that can inspire you when you are brainstorming about new products or services. See also our new set with 100 extra images: http://www.slideshare.net/marcnewshoestoday/100-extra-images-for-visual-brainstorming
Apps for the Connected World: Supercharge Customer Data with Code HalosCognizant
By making meaning from the data that swirls around every digital interaction, companies can gain unprecedented insight into what customer and prospects want and value, essentially what makes them "tick."
Difficulties of comparing code analyzers, or don't forget about usabilityPVS-Studio
Users' desire to compare different code analyzers is natural and understandable. However, it's not so easy to fulfill this desire as it may seem at first sight. The point is that you don't know what particular factors must be compared.
Difficulties of comparing code analyzers, or don't forget about usabilityAndrey Karpov
Users' desire to compare different code analyzers is natural and understandable. However, it's not so easy to fulfill this desire as it may seem at first sight. The point is that you don't know what particular factors must be compared.
Difficulties of comparing code analyzers, or don't forget about usabilityPVS-Studio
Users' desire to compare different code analyzers is natural and understandable. However, it's not so easy to fulfill this desire as it may seem at first sight. The point is that you don't know what particular factors must be compared.
Regular use of static code analysis in team developmentPVS-Studio
Static code analysis technologies are used in companies with mature software development processes. However, there might be different levels of using and introducing code analysis tools into a development process: from manual launch of an analyzer "from time to time" or when searching for hard-to-find errors to everyday automatic launch or launch of a tool when adding new source code into the version control system.
If the coding bug is banal, it doesn't meant it's not crucialPVS-Studio
Spreading the word about PVS-Studio static analyzer, we usually write articles for programmers. However, some things are seen by programmers quite one-sided. That is why there are project managers who can help manage the process of the project development and guide it to the right direction. I decided to write a series of articles, whose target audience is project managers. These articles will help better understand the use of static code analysis methodology. Today we are going to consider a false postulate: "coding errors are insignificant".
Static analysis as part of the development process in Unreal EnginePVS-Studio
Unreal Engine continues to develop as new code is added and previously written code is changed. What is the inevitable consequence of ongoing development in a project? The emergence of new bugs in the code that a programmer wants to identify as early as possible. One of the ways to reduce the number of errors is the use of a static analyzer like PVS-Studio. Moreover, the analyzer is not only evolving, but also constantly learning to look for new error patterns, some of which we will discuss in this article. If you care about code quality, this article is for you.
Regular use of static code analysis in team developmentPVS-Studio
Static code analysis technologies are used in companies with mature software development processes. However, there might be different levels of using and introducing code analysis tools into a development process: from manual launch of an analyzer "from time to time" or when searching for hard-to-find errors to everyday automatic launch or launch of a tool when adding new source code into the version control system.
The article discusses different levels of using static code analysis technologies in team development and shows how to "move" the process from one level to another. The article refers to the PVS-Studio code analyzer developed by the authors as an example.
Regular use of static code analysis in team developmentAndrey Karpov
Static code analysis technologies are used in companies with mature software development processes. However, there might be different levels of using and introducing code analysis tools into a development process: from manual launch of an analyzer "from time to time" or when searching for hard-to-find errors to everyday automatic launch or launch of a tool when adding new source code into the version control system.
The article discusses different levels of using static code analysis technologies in team development and shows how to "move" the process from one level to another. The article refers to the PVS-Studio code analyzer developed by the authors as an example.
Static analysis is most efficient when being used regularly. We'll tell you w...Andrey Karpov
Some of our users run static analysis only occasionally. They find new errors in their code and, feeling glad about this, willingly renew PVS-Studio licenses. I should feel glad too, shouldn't I? But I feel sad - because you get only 10-20% of the tool's efficiency when using it in such a way, while you could obtain at least 80-90% if you used it otherwise. In this post I will tell you about the most common mistake among users of static code analysis tools.
An ideal static analyzer, or why ideals are unachievablePVS-Studio
Being inspired by Eugene Laspersky's post about an ideal antivirus, I decided to write a similar post about an ideal static analyzer. And meanwhile think how far from being it our PVS-Studio is.
Searching for bugs in Mono: there are hundreds of them!PVS-Studio
It's very interesting to check large projects. As a rule, we do manage to find unusual and peculiar errors, and tell people about them. Also, it's a great way to test our analyzer and improve all its different aspects. I've long been waiting to check 'Mono'; and finally, I got the opportunity. I should say that this check really proved its worth as I was able to find a lot of entertaining things. This article is about the bugs we found, and several nuances which arose during the check.
Static analysis is most efficient when being used regularly. We'll tell you w...PVS-Studio
Some of our users run static analysis only occasionally. They find new errors in their code and, feeling glad about this, willingly renew PVS-Studio licenses. I should feel glad too, shouldn't I? But I feel sad - because you get only 10-20% of the tool's efficiency when using it in such a way, while you could obtain at least 80-90% if you used it otherwise. In this post I will tell you about the most common mistake among users of static code analysis tools.
We continue checking Microsoft projects: analysis of PowerShellPVS-Studio
It has become a "good tradition" for Microsoft to make their products open-source: CoreFX, .Net Compiler Platform (Roslyn), Code Contracts, MSBuild, and other projects. For us, the developers of PVS-Studio analyzer, it's an opportunity to check well-known projects, tell people (including the project authors themselves) about the bugs we find, and additionally test our analyzer. Today we are going to talk about the errors found in another project by Microsoft, PowerShell.
Testing parallel software is a more complicated task in comparison to testing a standard program. The programmer should be aware both of the traps he can face while testing parallel code and existing methodologies and toolkit.
At some moment, long ago, we somehow started to cover in our articles any subject but the PVS-Studio tool itself. We told you about the projects we checked and the C++ language's subtle details; we told you how to create plugins in C# or how to launch PVS-Studio from the command line... But PVS-Studio is first of all meant for developers working in Visual Studio. We've done quite a lot to make it easier and more comfortable for them to use our tool. Yet this particular aspect usually stays off screen. Now I decided to improve that and tell you about the PVS-Studio plugin from scratch. If you are a Visual C++ user, this article is for you.
Three Interviews About Static Code AnalyzersAndrey Karpov
The author invites you to read three interviews with representatives of three large, modern and
interesting projects to learn about their software development methodologies and about how they use
static code analyzers in particular. The author hopes that you will find this article interesting. The
following companies took part as interviewees: Acronis, AlternativaPlatform, Echelon Company.
Sincerely yours, Aleksandr Timofeev
Adaptation of the technology of the static code analyzer for developing paral...PVS-Studio
In the article the question of use of the static code analyzers in modern parallel program development processes is considered. Having appeared in 70-80s as an addition to compilers, the static analyzers stopped to be popular with the developers in 90s. The reason was probably the increase of the errors diagnostics quality by the compilers. But in 2000s the interest to the static code analyzers started to increase again. It is explained by the fact that new static code analyzers were created, which started to detect quite difficult errors in programs. If the static code analyzers of the past made it possible, for example, to detect an uninitialized variable, modern static code analyzers tend to detect an unsafe access to data from several threads. The modern tendency of static code analyzers development became their use for diagnosing errors in parallel programs. In the work the situations are considered, where the use of such tools makes it possible to considerably simplify the process of creating parallel program solutions.
What do static analysis and search engines have in common? A good "top"!PVS-Studio
Developers of search engines like Google/Yandex and developers of static code analysis tools to some extent solve the same task. Both have to provide users with a certain selection of resources that meet users' wishes. Well, of course search engines' developers would like to confine themselves just to the button "I'm Feeling Lucky!", while developers of static code analysis tools want to generate a list of real errors only. But reality imposes constrains, as usual. Do you want to know how we fight the cruel reality while developing PVS-Studio?
Many of our articles are concentrated on anything but the PVS-Studio analyzer itself. We tell our readers about projects we have checked, nuances of C++ language, creation of plugins in C#, running PVS-Studio from the command line... But PVS-Studio was first of all designed for Visual Studio users. We have done a lot to make their work with the tool as comfortable as possible. But this particular fact is very often left outside the frame. I've decided to improve the situation and tell you about the PVS-Studio plugin from scratch. If you work in Visual C++, this article is for you.
Similar to Myths about static analysis. The third myth - dynamic analysis is better than static analysis (20)
Myths about static analysis. The third myth - dynamic analysis is better than static analysis
1. Myths about static analysis. The third
myth - dynamic analysis is better than
static analysis
Author: Andrey Karpov
Date: 03.11.2011
While communicating with people on forums, I noticed there are a few lasting misconceptions
concerning the static analysis methodology. I decided to write a series of brief articles where I want to
show you the real state of things.
The third myth is: "Dynamic analysis performed by tools like valgrind for C/C++ is much better than
static code analysis".
The statement is rather strange. Dynamic and static analyses are just two different methodologies which
supplement each other. Programmers seem to understand it, but I hear it again and again that dynamic
analysis is better than static analysis.
Let me list advantages of static code analysis.
Diagnostics of all the branches in a program
Dynamic analysis in practice cannot cover all the branches of a program. After these words, fans of
valgrind tell me that one should create appropriate tests. They are right in theory. But anyone who tried
to create them understands how complicated and long it is. In practice, even good tests cover not more
than 80% of program code.
It is especially noticeable in code fragments handling non-standard/emergency situations. If you take an
old project and check it with a static analyzer, most errors will be detected in these very places. The
reason is that even if the project is old, these fragments stay almost untested. Here is a brief example to
show you what I mean (FCE Ultra project):
fp = fopen(name,"wb");
int x = 0;
if (!fp)
int x = 1;
The 'x' flag will not be equal to one if the file wasn't opened. It is because of such errors that something
goes wrong in programs: they crash or generate meaningless messages instead of adequate error
messages.
2. Scalability
To be able to check large projects through dynamic methods regularly, you have to create a special
infrastructure. You need special tests. You need to launch several instances of an application in parallel
with different input data.
Static analysis is scaled several times easier. Usually you need only a multi-core computer to run a tool
performing static analysis.
Analysis at a higher level
One of the advantages of dynamic analysis is that it knows what function and with what arguments is
being called. Consequently, it can check if the call is correct. Static analysis can't know it and can't check
arguments' values in most cases. This is a disadvantage of this method. But static analysis performs
analysis at a higher level than dynamic analysis. This feature allows a static analyzer to detect issues
which are correct from the viewpoint of dynamic analysis. Here is a simple example (ReactOS project):
void Mapdesc::identify( REAL dest[MAXCOORDS][MAXCOORDS] )
{
memset( dest, 0, sizeof( dest ) );
for( int i=0; i != hcoords; i++ )
dest[i][i] = 1.0;
}
Everything is good here from the viewpoint of dynamic analysis, while static analysis gives the alarm
because it is very suspicious that the number of bytes being cleared in an array coincides with the
number of bytes the pointer consists of.
Here you are another example from the Clang project:
MapTy PerPtrTopDown;
MapTy PerPtrBottomUp;
void clearBottomUpPointers() {
PerPtrTopDown.clear();
}
void clearTopDownPointers() {
PerPtrTopDown.clear();
}
Is there anything here dynamic analysis may find suspicious? Nothing. But a static analyzer can suspect
there is something wrong. The error is this: inside clearBottomUpPointers() there must be this code:
"PerPtrBottomUp.clear();".