Read & Write Reviews About The Tools You Use.
Sign up for free to start sharing your opinion today!
jowen's Profile
jowen
User Reviews
-
Version Reviewing: XE
"Code intelligence of the Delphi IDE"
Summary:
Delphi XE works wonders. The enhanced code generation from the modeler gives you higher quality code, while allowing you to generate sequence diagrams from methods in your Delphi applications. I was also impressed with the improved search capabilities and IDE Insight. One feature that is sure to receive rave reviews is the new editor shortcuts for navigating between changed lines of code. One problem though: bear in mind that, in order to use the interactive multi-touch gestures for panning, zooming and rotating you have to have a multi-touch enabled OS – which I don’t have. Define irritation?Report post
Was this review helpful? (2)
(1)
-
"Effective"
Summary:
Coverity’s static analysis tools have always been reliable, and their flagship, Coverity 5, has done a great deal to shore up our security. A few years ago, we worked with a white hat on several different occasions, so he was pretty familiar with what he needed to do when we came to him again last spring. Coverity 5 did a few simple things, such as point out some faulty syntax, but it also found a hole that was created when we had to do a rewrite for our exec team. After we patched the hole, the white hat made us pretty confident in what we had.Report post
Was this review helpful? (1) (0) -
"Great to have in the toolbox"
Summary:
Dmalloc is an open source tool for finding problems with memory—allocation, leaks, etc. It comes with Montevista Linux, but it is also useful for Ubuntu. Memory leaks are both destructive and difficult to spot, so Dmalloc is always at the ready in my toolbox. If you use it for dynamic analysis, be sure that you use another comparable debugger first, because Dmalloc is best at this specific niche of the test process, though it was originally designed for debugging large programs. Note that you may be able to find some, but not all of the memory leaks that Dmalloc finds through looking for collection classes, but that becomes tedious after a while. I’ve also been warned against using Dmalloc for C++, so I’ll leave that out there. Dmalloc was created by a single programmer, whose site is still up for support.Report post
Was this review helpful? (0) (0) -
"Power changes everything"
Summary:
Polyspace was very highly recommended, and it does not disappoint. Polyspace has been an effective programming tool. There are several different flavors, but we do a significant amount of our coding (and hence our testing) using C++. It isn’t really a dynamic analysis tool, but it is powerful enough to fake it, and its unique program analysis (abstract interpretation) means that it occupies a rare space in our shop. It is built for embedded systems, though it can probably tackle anything that uses C, C++, or Java. That said, it can be tedious, as the program will sometimes label functioning code as faulty code, even if it accomplishes what it needs to do. This can be tedious, especially if you’ve been running it for four days straight or have a hundred thousand lines of code (or more) to run, check, and rerun. Because of this, it doesn’t hurt to run another, smaller code analysis tool first, one that you know is reliable. This will save some time, and will save Polyspace for what it is really designed to do.Report post
Was this review helpful? (0) (0) -
"Strong Tool"
Summary:
Like Insure++, JTest is intended for a large enterprise. If you’re a one person shop, you probably want to turn to some sort of open source ware. That said, if cost is not an issue, Jtest is not a scary proposition. Jtest largely accomplishes what you need it to do. It observes security rules, and finds unclosed resources. Overall, it is a strong dynamic testing tool.Report post
Was this review helpful? (0) (0) -
"Good Customization"
Summary:
VB Watch Standard Edition is not free, but it is at a reasonable enough price to consider it for its three functions: performance analysis, dynamic analysis, and debugging. It is an emulator, and the code injections that it uses for dynamic analysis can find errors in coding, exploitable weaknesses, and performance. While there are a lot of ways in which it makes the analysis process (mostly dynamic, though it still reasonably accomplishes static) easier, the customizable automated functions are the best. VB Watch allows for an easy user interface that will make end users feel a lot better about themselves in the circumstance that they come across the errors before you do. It does not support VB .NET.Report post
Was this review helpful? (1) (0) -
Version Reviewing: 0.4
"Transparency is a plus!"
Summary:
Avalanche is an open source tool that they present as detecting “inputs of death,” or bugs that are fatal to your Linux-based programs. They released v.0.4 about six months ago, using a recent release of Valgrind, which is also free. The website advertises some interesting bugs that it has caught, such as infinite loops and segmentation faults, either of which could really ruin your day if the application was deployed unchecked. Avalanche is generally useful, but it is not without its faults. Luckily, Avalanche is pretty good about being transparent, communicating their own faults and their potential fixes. It used to crash when run from PATH, which was a huge headache. A recent patch updated that, and I haven’t seen that problem for several months. It doesn’t catch everything, and they don’t profess to. It isn’t a static analysis tool, and dynamic checking can still take over a week to complete.Report post
Was this review helpful? (2) (0) -
"Saves time"
Summary:
Intel has improved their templates a lot from their 2007 release (when it was still Thread Checker). Though they’re still trying to make parallelism the only necessary means of managing scalability, they’ve managed to greatly reduce the need for virtualization. It has helped reduce the amount of time between design and production.Report post
Was this review helpful? (2) (0) -
"More than just a security tool"
Summary:
You’ve probably used WebInspect before, and someone will probably add WebInspect as a security tool. They’re right; WebInspect is part of the HP Security Suite, and is generally a security tool, but it also fits as a dynamic analyzer—and, barring some coding catastrophe, the result is better security. It was easy to use, and it will help us ensure that we keep up with the state Department of Education’s compliance guidelines. We spent the summer updating our intranet, which is also linked to an outward facing website. We did a lot of custom work, trying to integrate our attendance and grading programs with the standardized testing information that we get from the state. We also had to make sure that our site and databases communicated with the databases located at the remote sites (schools in our district). Our vendor recommended WebInspect above HP’s other offerings, so we decided to bite the bullet. It’ll probably seem pretty basic, but our intranet’s uptime is absolutely mission critical, especially after our latest project. WebInspect is easy to use, which is great for us, because it allows us to test and retest anything before we’re ready to deploy to our intranet. If we need to take anything down to upgrade, update, or (heaven forbid) fix, then it’s easy enough to do that, retest, and get it back up and running. However, as a friend in the private sector warned (and was reflected in some helpful blogs, too) make sure that you’re using a sandbox or, if not, that you’ve removed the connection to some of your inputs or your database! You don’t want to deal with a lot of junk data! As far as our district was concerned, the biggest hurdle was price. For what we do and what we use WebInspect for, it was a little bit hard to justify, though it was within our budget. We elected not to pay for the complete package of support, but that is another consideration when talking about cost.Report post
Was this review helpful? (0) (0) -
"Sanity is important."
Summary:
Independent and freeware static analysis tools are fine if you want something that easy and cheap for small projects, but when you want to do heavy lifting for something that is seen across your company, or used by a few hundred / thousand employees, I’d recommend looking at IBM’s Rational Software Analyzer. Though no software analyzer will get everything, nobody does it better than IBM. It is automated, which is good and bad. I don’t like automated analyzers when they fix things on their own, but Rational offers solutions and quick fixes, and it doesn’t take very long to perform its analysis. For massive, multi-day projects (aren’t they all?), it’s easy enough to send what code that you’ve already done through the analyzer. Unless you’ve done something stupid like end in the middle of a loop, it’s a good sanity check. In the end, isn't that just what we need?Report post
Was this review helpful? (0) (0)
Embarcadero Delphi XE
Company: EmbarcaderoCoverity 5
Company: CoverityDmalloc
Company: Gray WatsonPolyspace
Company: MathWorksJTest
Company: ParasoftVB Watch SE
Company: AivostoAvalanche
Company: ISP RASIntel Inspector XE
Company: Intel CorporationWebInspect 9
Company: HPRational Software Analyzer
Company: IBMJoin the Evans Data Developer Panel!
2. Receive points for every validated survey submission.
3. Redeem award points for cash.
SOLVE THIS CODE
What does this code do?
public class Demo {
public void method1() {
synchronized (String.class) {
System.out.println("on String.class object");
synchronized (Integer.class) {
System.out.println("on Integer.class object");
}
}
} Programming Language: Java