Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius -- and a lot of courage -- to move in the opposite direction.
Introduction
I remember back in the day when I started programming C++ on the IBM computer there were a plethora of compilers out there. Borland Turbo C++, Visual Studio, djgpp and my favourite Watcom C++. Watcom was my favourite because it's optimizer and it's powerful inline assembly features allowing you to specify exactly where arguments were passed in registers and dirty registers. The debugger was also good (at least in my memory). We used a freeware extender for flat mode instead of the one supplied with Watcom (which you had to pay money for).
That has always been a sticking point with the open source advocates and people insisting on using the gcc based djgpp environments. Gcc 2.x.x did not impress me that much though, at the time I thought it was horrible. I'd much rather use my two favourite compilers at the time, Sun Workshop and the Borland line of compilers. Visual Studio was kind of always there, but compliance was horrible and the code that it produced was well not that good. Compared to the best that was around at the time (KAI C++ frontend and Workshop backend) it was a pretty dismal sight.
For the longest of time though it was kind of hard for hobbyist to get hold of a compiler and just fool around. Microsoft did at some point start to deliver the DDK with a command line version of their compiler, a little clandestine but there it was. My theory is that they didn't want to kill the compiler market on their platform by just giving their compiler away, I doubt that they made that much money on it to justify holding it back and potentially increase the popularity of their Win32 platform and make it more accessible.
Things turn around
Over the years there has been some great strides in the Microsoft compilers. I remember back when I first read Andrei Alexandrescu's Modern C++ Design. Cool. Templates are really cool (yes I that started that phase of my development as a C++ programmer). Let's try some of these techniques...of course anyone who programmed on the Visual 6 compiler remembers that if you just wrote template, the programmer crashed hard in an ICE (Internal Compiler Error) with the not so helpful compiler source line (no, not your source line) that crashed. Did I mention that my template crazed days were very few? Anyways, today the Visual 8 compiler is actually quite capable compared to the old 6. Better standard conformance, quite cool optimizations (Link Time Code Generation anyone?), more intrinsic etc.
Free of charge
Someone at Microsoft must have been thinking, because suddenly we see a lot of free development tools out there. Really really good ones to boot. Some of the tools that have come out are:
- Visual Studio Express Edition. C#, C++ and Visual Basic IDEs.
- Microsoft Developer Network Library. The most up to date information about Microsoft's APIs, their tools and platforms.
- Game Studio Express (for Xbox 360). Write games for your Xbox 360!
So why would Microsoft come out and just give these tools away? We've touched a little bit on the subject before; platform support. Microsoft has of course interest in seeing developers come aboard and write software for their platform, Win32. The more people that knows how to write for their platform and the more people that do, the better they do.
Of course some of the tools here are to promote their new platform, .NET, and it's understandable. MS have basically bet their company on it and at this point I'm pretty sure they're going to succeed. Enough people have embraced C#, as they did Java back in the day.
The platform SDK
The compiler that comes with the Visual Studio Express Edition is the full optimizing compiler that comes with Visual Studio Professional. It's only the IDE that's somewhat crippled (ok, it's near nigh unusable for us Visual Studio 6 dinosaurs, but for people starting afresh it's probably ok). The next version of the compiler, the Team Edition has some cool features, one of them is the static analysis part. That's basically the same functionality that lint has (which I rant about in this article). But that compiler costs a lot of money... unless you download the SDK and just install the command line version. This can be done easily and it can be used with the vcbuild engine to just run through all the solutions.
The output from the compiler in static analysis mode is varying, I tried just for fun to run some of the code snippets found on gimple's pclint quiz page through the Microsoft one and these are the results:
c:\temp\analyze>\opt\local\ddk\vc\bin\cl /analyze /c /nologo bug671.cpp
bug671.cpp
c:\temp\analyze\bug671.cpp(11) : warning C6211: Leaking memory 'p' due to
an exception. Consider using a local catch block to clean up
memory: Lines: 8, 9, 11, 12
c:\temp\analyze\bug671.cpp(17) : warning C6386: Buffer overrun: accessing
'argument 1', the writable size is '100*4' bytes, but '4294967294'
bytes might be written: Lines: 8, 9, 11, 12, 13, 14, 15,
16, 15, 16, 15, 16, 15, 17
Which is quite good, compared to the pclint warnings.
c:\temp\analyze>\opt\local\ddk\vc\bin\cl /analyze /c /nologo bug437.cpp
bug437.cpp
c:\temp\analyze\bug437.cpp(15) : warning C6284: Object passed as
parameter '2' when string is required in call to 'printf'
Almost as good as the catch pclint is making, at least it does some analysis of the format string and warns. Gosh, I wished this were in a couple of years ago. So many corrupted stacks. My head hurts.
In closing
So if you have not realized it yet, I'm quite the fan of static code analysis. PCLint, gcc and now Visual Studio are providing the tools to find the suspect code and forever burn it out of the codebase. Ok, that's all for today, I'm going off and trying to see if I can make my codebase here at home compile under this new nifty flag. Since the codebase never have been linted, there are probably loads of nice timebombs just lying around and waiting to go off...