• Searching for bugs in Mono: there are hundreds of them!

    It's very interesting to check large projects. As a rule, we do manage to find unusual and peculiar errors, and tell people about them. Also, it's a great way to test our analyzer and improve all its different aspects. I've long been waiting to check 'Mono'; and finally, I got the opportunity. I should say that this check really proved its worth as I was able to find a lot of entertaining things. This article is about the bugs we found, and several nuances which arose during the check. Read more
  • GDB - a tough nut to crack: only a few bugs found by PVS-Studio

    GDB is a tool that is hard to live without. Of course, as Brooks says: "The quality in software development is achieved through proper design, not by endless testing". However, proper design doesn't protect from logical errors, typos, null pointers, and so on. That's why various debugging tools, like GDB, come to help. My aim is to show that static code analyzers are also very useful tools which help to detect errors at the early stages of development. It's much better if the bug is fixed in the code before the testing and debugging stage. To demonstrate the benefits of static code analysis, let's delve inside GDB and look for errors, using PVS-Studio. Read more
  • How to avoid bugs using modern C++

    One of the main problems with C++ is having a huge number of constructions whose behavior is undefined, or is just unexpected for a programmer. We often come across them when using our static analyzer on various projects. But, as we all know, the best thing is to detect errors at the compilation stage. Let's see which techniques in modern C++ help writing not only simple and clear code, but make it safer and more reliable. Read more
  • "Again this PVS-Studio team. They are everywhere..."

    I've written this post as some moral support for my colleague Andrey Karpov. Once he came to me and said that he was so tired to repeat that only few people in the world are aware that PVS-Studio exists. For him it's a fact and there is no doubt in it. The problem is that it's hard to convey this message to people and support this idea. There are always people on the net who have heard about us, and they start writing something like this:. Read more
  • Rechecking Apache HTTP Server

    Apache HTTP Server project continues to develop, and so does PVS-Studio analyzer, growing even more powerful with every new version. Let's see what we've got this time. Read more
  • A space error: 370.000.000 $ for an integer overflow

    Start. 37 seconds of flight. KaBOOM! 10 years and 7 billion dollars are turning into dust. Read more
  • Bugs found in GCC with the help of PVS-Studio

    I regularly check various open-source projects to demonstrate the abilities of the PVS-Studio static code analyzer (C, C++, C#). Now it is time for the GCC compiler to get checked. Unquestionably, GCC is a very qualitative and well-tested project, that's why it's already a great achievement for a tool to find any errors in it. Fortunately, PVS-Studio coped with this task. No one is immune to typos or carelessness. This is why the PVS-Studio can become an additional line of defense for you, on the front of the endless war against bugs. Read more
  • Checking the Source Code of MSBuild with PVS-Studio

    As we continue developing PVS-Studio static code analyzer, we often have to check large open-source projects by renowned developers. The fact that even such projects contain a certain amount of bugs adds even more sense and weight to our work. Unfortunately, everybody makes mistakes. No matter how carefully you control your code's quality, there is just no way to avoid "human error". As long as software is developed by humans, analysis tools like PVS-Studio will remain relevant and needed. Today, we are going to discuss errors found in the source code of MSBuild, which is, unfortunately, not perfect either. Read more
  • Discussing Errors in Unity3D's Open-Source Components

    Unity3D is one of the most promising and rapidly developing game engines to date. Every now and then, the developers upload new libraries and components to the official repository, many of which weren't available in as open-source projects until recently. Unfortunately, the Unity3D developer team allowed the public to dissect only some of the components, libraries, and demos employed by the project, while keeping the bulk of its code closed. In this article, we will try to find bugs and typos in those components with the help of PVS-Studio static analyzer. Read more
  • Checking the Code of LDAP-Server ReOpenLDAP on Our Readers' Request

    In this article, I'd like to talk about the analysis of ReOpenLDAP project. It was developed to help solve issues that PAO (PJSC) MegaFon, Russia's largest mobile network operator, was faced with when employing OpenLDAP in their infrastructure. ReOpenLDAP is now successfully used in MegaFon affiliates all over Russia, so we thought it would be interesting to check such a high-load project as this one with our static analyzer PVS-Studio. Read more