To get a trial key
fill out the form below
Team License (standard version)
Enterprise License (extended version)
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
GBP
RUB
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Message submitted.

Your message has been sent. We will email you at


If you haven't received our response, please do the following:
check your Spam/Junk folder and click the "Not Spam" button for our message.
This way, you won't miss messages from our team in the future.

>
>
PVS-Studio Now Supports Any Build Syste…

PVS-Studio Now Supports Any Build System under Windows and Any Compiler. Easy and Right Out of the Box

March 28, 2014

We're currently preparing a bomb in PVS-Studio!

0243_CLMonitoring/image1.png

The next PVS-Studio version 5.15 will be able to analyze projects built by absolutely any build system: Makefile, Visual Studio Project, user-made build systems based on Python, Bash or whatever else... It will allow you to simply "watch" compiler calls and collect all the necessary information to run the analyzer in automatic mode. Moreover, it works with any (sensible) C/C++ compiler under Windows. Want to know more?

The working principles and the limitations of the Visual Studio plugin

PVS-Studio was originally developed as a plugin for Microsoft Visual C++. Interaction between the tool and the development environment is manifested in two aspects: first, tool integration with the user interface, for it is more convenient to work with it from the environment you are used to; second, collecting file compilation parameters for a correct analysis.

Let me remind the working principles of code analyzers (PVS-Studio in particular) to those who are not quite familiar with them. Before you can carry out an analysis of source files, you need to preprocess them, i.e. expand all the #include's and #define's. This is first of all necessary for the analyzer to know additional information about the data types used in the code.

Until recently, the PVS-Studio plugin used to collect compilation parameters with the help of Visual Studio's API and run preprocessing automatically. Now we have learned how to track compilation parameters when the compiler is called and "reproduce" this call with the "perform preprocessing" switch – and only then call the analyzer itself. It doesn't make any difference for the plugin, and it still retains the original mechanism. However, this mechanism couldn't be used with certain projects earlier (even some native Visual C++ projects). What are these cases?

First, the cases when you have a Makefile-project built, for example, with nmake. In this case, Visual Studio's API didn't allow the plugin to get the compilation parameters and call the preprocessor. True, you could embed a PVS-Studio's call into Makefile, but let's admit that it is far from an elegant solution. We do have users who handle PVS-Studio this way, of course, but most were scared off by it.

Second, when you have a self-made build system that calls the compiler from scripts, it only theoretically looks like Makefile. In practice, however, it is usually only the author of this system who can modify it, and he is not always easily accessible, so trying PVS-Studio on such a project may appear almost impossible.

In other words, it was not a rare problem when you had a project well compilable by Visual C++ and you felt like trying PVS-Studio on it but could not do this, and your zest gradually grew weaker and weaker...

How have we solved it?

We have developed a special utility to monitor compiler calls. It works with all the basic compilers under Windows, but we mainly focused on Visual C++ users, as usual.

0243_CLMonitoring/image2.png

The monitoring tool simply taps all the compiler calls and then launches the compiler once again with the "perform file preprocessing" parameter. After that, it calls the analyzer. The nicest thing is that the entire procedure is absolutely transparent for the user and anyone can do it.

Moreover, we offer two different techniques to work with this mechanism.

Technique 1 – Monitoring through the graphic interface

Imagine that you have got access to Unreal Engine 4's source files. You open the solution in Visual Studio and see an nmake-based project which can't be checked by the PVS-Studio plugin. No problem. You just need to do the following:

  • Run PVS-Studio Standalone.
  • Click "Compiler Monitoring" and choose the x64 platform for monitoring, for you want to build a 64-bit version of Unreal Engine 4.
  • Click "Start Monitoring" to turn on the compiler call monitoring mode.
  • Now you switch to Visual Studio and click Build to start building the project. While the build is running, you will see the status in the monitoring window indicating that compiler calls are being tapped. Notice that it is the number of tapped calls which is indicated there, not the number of source files. The reason is that the compiler is often launched with several files as its arguments, so the number of compiler calls is less than or equal to the number of files.
  • Once Visual Studio is finished with the build, click Stop Monitoring. After that, PVS-Studio will be launched. The files will be preprocessed and analyzed, and the diagnostic messages will be displayed in PVS-Studio Standalone's window. You can start working with them from there right away. However, I recommend that you wait until the analysis is over, save the analysis report as the UE4.plog file, then close PVS-Studio Standalone, open the UE4.plog file from within the Visual Studio environment through the PVS-Studio menu and handle the results from there. Why? Because you will be able to use IntelliSense inside Visual Studio, which will make it much easier to navigate through the code, track macros' values, search for variable declarations, and so on. You can also do it all from PVS-Studio Standalone of course, but let's be honest – our tool is far not as convenient as Visual Studio yet.

This simple technique will allow you to easily check projects exploiting the monitoring graphic interface in PVS-Studio. But sometimes it may be more convenient to launch monitoring from the command line. The next section will tell you how to do that.

Technique 2 – Monitoring through the command line interface

The graphic interface is not always convenient for monitoring. Imagine you want to check Qt 5.2. To do this, we need to download the distribution package in the archive and unpack it. Then we launch Visual Studio 2012 Command Promt (to set up the environment correctly), go to the folder with Qt and do the following:

  • Turn on the monitoring mode:

"C:\Program Files (x86)\PVS-Studio\CLMonitor.exe" monitor

The program will terminate right away but it will leave a "tracking module" running in background.

  • Run configure.exe – this is a program from the Qt package which prepares a build script.
  • Run nmake – and now settle back into your chair waiting for the Qt to finish with the build.
  • Once it is done, you need to tell the monitoring module to stop tapping and start analysis (and save the results into a log file for the Win32 platform):

"C:\Program Files (x86)\PVS-Studio\CLMonitor.exe" analyze C:\Qt5.plog Win32

  • Once the analysis is over, the report will be saved into a log file. I do not recommend you to handle the log directly. It is better to open it in PVS-Studio Standalone as it is much more convenient to view and handle it from there.

As you can see, checking projects built by any build system from the command line is as easy as through the user interface – the algorithm includes the same 5 simple steps.

Known issues and limitations

We haven't revealed (yet?) any fundamental problems in the monitoring mechanism, but there are certain nuances you should know about.

First, the monitoring module taps every single compiler call. It means that if you run several different build processes at once, each of them will be tapped – and analyzed. That is, you will get a mess of analysis results for the project you need and some wrong project. Keep that in mind and be sure not to run any other build processes while the monitoring module is active.

Second, you may sometimes face subtle issues with precompiled headers. It is not a rare thing when the path to the precompiled headers is absent from the list of include folders. While the compiler can find these headers, the preprocessor (which is a part of the compiler!) cannot. The solution is a simple one – you just need to explicitly specify the path to certain include files in the list of include folders.

Trial Mode

And finally, a small bug in the butter. PVS-Studio has a trial mode which sets a limited number of clicks you can make in the list of diagnostic messages. However, when using PVS-Studio in the monitoring mode from the command line, file names are not shown at all. Instead, the messages "Trial Restriction" are displayed. However, you can still study the compiler monitoring while in the trial mode by using the PVS-Studio Standalone UI application (the 'Tools -> Analyze your files..' menu item).

Popular related articles
Appreciate Static Code Analysis!

Date: 10.16.2017

Author: Andrey Karpov

I am really astonished by the capabilities of static code analysis even though I am one of the developers of PVS-Studio analyzer myself. The tool surprised me the other day as it turned out to be sma…
PVS-Studio for Java

Date: 01.17.2019

Author: Andrey Karpov

In the seventh version of the PVS-Studio static analyzer, we added support of the Java language. It's time for a brief story of how we've started making support of the Java language, how far we've co…
Static analysis as part of the development process in Unreal Engine

Date: 06.27.2017

Author: Andrey Karpov

Unreal Engine continues to develop as new code is added and previously written code is changed. What is the inevitable consequence of ongoing development in a project? The emergence of new bugs in th…
PVS-Studio ROI

Date: 01.30.2019

Author: Andrey Karpov

Occasionally, we're asked a question, what monetary value the company will receive from using PVS-Studio. We decided to draw up a response in the form of an article and provide tables, which will sho…
The way static analyzers fight against false positives, and why they do it

Date: 03.20.2017

Author: Andrey Karpov

In my previous article I wrote that I don't like the approach of evaluating the efficiency of static analyzers with the help of synthetic tests. In that article, I give the example of a code fragment…
How PVS-Studio Proved to Be More Attentive Than Three and a Half Programmers

Date: 10.22.2018

Author: Andrey Karpov

Just like other static analyzers, PVS-Studio often produces false positives. What you are about to read is a short story where I'll tell you how PVS-Studio proved, just one more time, to be more atte…
The Last Line Effect

Date: 05.31.2014

Author: Andrey Karpov

I have studied many errors caused by the use of the Copy-Paste method, and can assure you that programmers most often tend to make mistakes in the last fragment of a homogeneous code block. I have ne…
Characteristics of PVS-Studio Analyzer by the Example of EFL Core Libraries, 10-15% of False Positives

Date: 07.31.2017

Author: Andrey Karpov

After I wrote quite a big article about the analysis of the Tizen OS code, I received a large number of questions concerning the percentage of false positives and the density of errors (how many erro…
The Evil within the Comparison Functions

Date: 05.19.2017

Author: Andrey Karpov

Perhaps, readers remember my article titled "Last line effect". It describes a pattern I've once noticed: in most cases programmers make an error in the last line of similar text blocks. Now I want t…
Technologies used in the PVS-Studio code analyzer for finding bugs and potential vulnerabilities

Date: 11.21.2018

Author: Andrey Karpov

A brief description of technologies used in the PVS-Studio tool, which let us effectively detect a large number of error patterns and potential vulnerabilities. The article describes the implementati…

Comments (0)

Next comments

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
This website uses cookies and other technology to provide you a more personalized experience. By continuing the view of our web-pages you accept the terms of using these files. If you don't want your personal data to be processed, please, leave this site.
Learn More →
Accept