PVS-Studio's incremental analysis mode

Introduction

One of the main problems when using a static analyzer is the necessity to spend much time on analyzing project files after each project modification. It is especially relevant to large projects that are actively developing.

Total analysis can be launched regularly in separate cases - for instance, once a day during night builds. But the greatest effect of using the analyzer can be achieved only through earlier detection and fix of found defects. The earlier you can find an error, the less amount of code you will have to fix. That is, the most proper way to use a static analyzer is to analyze a new code right after it is written. Having to launch analysis of all the modified files manually and waiting for it to finish each time surely complicates this scheme. It is incompatible with the intense development and debugging of new code. It's just inconvenient, after all. But PVS-Studio offers a solution of this issue.

Two tasks solved by incremental analysis

  • Automation of the analyzer launch procedure right after compilation on the developer's computer.
  • Gaining profit from integrating static analysis in a large project WITHOUT having to analyze the whole project. You can virtually start integrating static code analysis checking only that code (those files) currently modified by developers and don't get into a heap of old files which are not modified.

Using incremental analysis

PVS-Studio's incremental analysis mode allows you to solve problems regarding regular launch of static analysis. The user starts getting practical benefit without having to perform primary analysis of the whole project and marking a lot of false positives in unused code. This mode virtually makes PVS-Studio similar to the /analyze switch in certain Visual Studio versions regarding usability. It also provides you with a more convenient interface and use cases. Now you can just work on your code, compile it and get messages from time to time about possible issues. Since the analyzer works in background (you can set the number of processor cores to perform analysis using the ThreadCount option), PVS-Studio doesn't interfere with work of other programs. And it means that you can easily install the tool on computers of many (or all) developers in your department to detect issues in the code right after they appear.

You can turn on the afterbuild incremental analysis in the PVS-Studio menu: Incremental Analysis After Build/Incremental Analysis After Make (Figure 1). This option is on by default.

Figure 1 — Managing PVS-Studio's incremental analysis mode

Figure 1 — Managing PVS-Studio's incremental analysis mode

Once the incremental analysis option is enabled, PVS-Studio will automatically perform background analysis of all the modified files after building the project. If PVS-Studio detects such modifications, incremental analysis will be launched automatically, and an animated PVS-Studio icon will appear in the notification area (Figure 2). Note that new icons may be often hidden in Windows's notification area.

Figure 2 — PVS-Studio performing incremental analysis

Figure 2 — PVS-Studio performing incremental analysis

The notification area's shortcut menu allows you to pause or abort current check (commands Pause and Abort respectively). You may find it useful sometimes to turn off incremental analysis for some time. For instance, you may need it when editing base h-files, which causes recompilation of many files. If you wish to turn off incremental analysis just for some time, you may use commands of the shortcut menu and PVS-Studio's main menu 'Disable incremental analysis until IDE restart' (Figures 1 and 2).

If the analyzer detects errors in code while performing incremental analysis, the number of detected errors will be shown in the title of the PVS-Studio's window tab in background. Clicking on the icon in the notification area (or the window itself) opens the PVS-Studio Output window where you can start handling the errors without even waiting for analysis to finish.

Figure 3 – The result of incremental analysis: 15 suspect fragments of code are found

Figure 3 – The result of incremental analysis: 15 suspect fragments of code are found

Keep in mind that after the first total check of your project you should review all the diagnostic messages for the required files and fix the errors found in your code. Regarding the rest messages, you should either mark them as false positives or disable those messages or analyzer types which are not relevant to your project. This approach will allow you to get a message list clear of meaningless and unnecessary messages.

Incremental analysis workflow in the IDE

To determine the presence of modifications in the source code files, PVS-Studio controls the state of object files (obj/o files), generated by the C++ compiler for every C/C++ file, or the state of assemblies for C# projects. Before the actual build in the environment, the PVS-Studio plugin for Visual Studio captures the object files and their modifications for all the compilable files of the project. To determine the modified files in the C/C++ projects, which require incremental analysis, the analyzer uses MSBuild tools to work with the file tracking logs (*.tlog files). This approach, firstly, enables us to obtain modified files to be analyzed incrementally, in the same way as MSBuild does, and secondly, eliminates the need to make the correspondence between the header files and the source code. The file tracking logs aren't created for C# projects. That's why, to determine the files which require the incremental analysis, the plugin makes the correspondence between the source code and the binary assembly file, which is the result of the project compilation and captures those files that were modified after the assembly was built. After the build, the incremental analysis starts automatically in the background mode.

Incremental analysis support in the command line module

The incremental analysis mode for Visual Studio solutions is also available in the command line module (PVS-Studio_Cmd.exe). This mode allows increasing the speed of the static analysis on the continuous integration server. Consider the following scenario of using the static analyzer. PVS-Studio static analyzer is installed on the machines of the developers, who do the incremental analysis after the local build of the solution, and on the continuous integration server, where the static analysis is performed for the whole code during the night build. Suppose, that also the system of continuous integration is configured for the automatic incremental build of the solution after the changes get detected in the version control system. In other words, the build of the solution on the continuous integration server occurs several times a day. In this case, performing the static analysis of the whole code will significantly increase the build time, which will make the use of static analysis during numerous daily builds almost impossible. Then we may have a situation when a developer makes an error in the code and commits it to the version control system without checking the code with the static code analyzer; the same say the build goes to the testers who detect this defect. In this case, the cost of eliminating this defect goes up. The incremental analysis mode that implements the approaches similar to the approaches of MSBuild for the incremental build, allows to solve this problem.

There are following modes of incremental analysis available:

  • Scan – analyze all dependencies to determine, which files will be analyzed incrementally. There will be no immediate analysis. This step should be done right before the solution of the project is built. The scan results will be written to the temporary directories .pvs-studio, located in the same directories as the project files.
  • Analyze – perform incremental analysis. This step should be done after Scan and can be performed both before and after the build of the solution or the project. The static analysis will be performed only for the files that have been modified since the previous build. If the option Remove Intermediate Files is set as True in the PVS-Studio settings, then the temporary .pvs-studio directories will be removed.
  • ScanAndAnalyze – analyze all the dependencies to determine which files should be analyzed incrementally and perform incremental analysis of the modified files with the source code. This step should be performed before the build of the project/solution.

The arguments of the command line module (PVS-Studio_Cmd.exe) to start the incremental analysis are given in the section Analyzing Visual C++ (.vcxproj) and Visual C# (.csproj) projects from the command line.

Disadvantages of incremental analysis in Microsoft Visual Studio

If PVS-Studio uses the CL.exe C++ preprocessor integrated into Visual Studio, an unpleasant file lock issue might occur in rare cases. This is how it may look: you edit a file and compile it. Incremental analysis is launched. At this moment you notice some small defect, fix it quickly and try to recompile the file again. Visual Studio warns you that the edited file cannot be written because some program has locked it. This is CL.exe which is performing the preprocessing operation now. Unfortunately, we cannot manage this lock in any way. If you come across this issue, you should wait a few seconds and continue the aborted work. Note that this situation is much rarer when using the Clang preprocessor (Preprocessor settings option). That's why you'd better use Clang as the preprocessor when possible.


Do you make errors in the code?

Check your code
with PVS-Studio

Static code analysis
for C, C++ and C#

goto PVS-Studio;