John Carmack, id Software founder and technical director, tells us about his experience of using static analyzers, including our PVS-Studio, in his article "Static Code Analysis".
In particular, this is what he says about PVS-Studio:
The next tool I looked at was PVS-Studio. It has good integration with Visual Studio, and a convenient demo mode (try it!). Compared to /analyze, PVS-Studio is painfully slow, but it pointed out a number of additional important errors, even on code that was already completely clean to /analyze. In addition to pointing out things that are logically errors, PVS-Studio also points out a number of things that are common patterns of programmer error, even if it is still completely sensible code. This is almost guaranteed to produce some false positives, but damned if we didn't have instances of those common error patterns that needed fixing.
There are a number of good articles on the PVS-Studio site, most with code examples drawn from open source projects demonstrating exactly what types of things are found. I considered adding some representative code analysis warnings to this article, but there are already better documented examples present there. Go look at them, and don't smirk and think "I would never write that!"
At the end of the article Carmack recommends users to try some code analyzer:
Everyone else working in Visual Studio, at least give the PVS-Studio demo a try. If you are developing commercial software, buying static analysis tools is money well spent.
We are glad to receive a public response from our users. First of all we want to draw your attention to the recently written post "Tips on speeding up PVS-Studio" that will help you to significantly speed up PVS-Studio.
0