Blog

  • Monitoring a program that monitors computer networks

    28.05.2013
    There exists the NetXMS project, which is a software product designed to monitor computer systems and networks. It can be used to monitor the whole IT-infrastructure, from SNMP-compatible devices to server software. And I am naturally going to monitor the code of this project with the PVS-Studio analyzer. Read more

  • Errors detected in C++Builder

    14.05.2013
    We have checked the header files from the Embarcadero C++Builder XE3 project. In fact, it means that we have checked just a small number of inline-functions. Accordingly, quite few issues were found, but they are enough to write a small post. Read more

  • Why Windows 8 drivers are buggy

    30.04.2013
    We have checked the Windows 8 Driver Samples pack with our analyzer PVS-Studio and found various bugs in its samples. There is nothing horrible about it - bugs can be found everywhere, so the title of this article may sound a bit high-flown. But these particular errors may be really dangerous, as it is a usual practice for developers to use demo samples as a basis for their own projects or borrow code fragments from them. Read more

  • How to unite several separate projects into one general Visual Studio solution (.sln file): One Solution to Rule Them All

    26.04.2013
    For the purpose of testing our C/C++ analyzer PVS-Studio, we often check various open-source projects and publish reports about bugs we have found. It is obvious that we seek projects of large sizes (hundreds of thousands of code lines), as there is little to be tested and caught in just a few dozens of files. We already had opportunities to test large collections consisting of hundreds of small open-source projects, for example sets of test samples for various SDKs and Frameworks. We are especially interested in checking such collections to see how the analyzer supports various specific code constructs, Visual C++ project subtypes, and so on. Read more

  • The history of developing the PVS-Studio version for Embarcadero RAD Studio

    23.04.2013
    I suppose most readers of our blog already knew that PVS-Studio is a static analyzer for C/C++ source code. But I believe that few of you really wonder about what a static code analyzer actually is, while studying analysis results under your favorite IDE. But if you come to think of it, an analyzer is but a simple command-line application that requires cumbersome and intricate cfg files to operate properly and a long command line for it to be launched. Besides, it is possible to launch the analyzer to check only one file at a time, so you have to launch it individually for each file if you want to check them all, and the analysis results are generated in the form of a common plain-text log. But these aspects of the analyzer's operation are, of course, hidden from the end user inside an IDE plugin. It is this plugin that, directly interacting with the project loaded in IDE, collects all the necessary parameters, generates command lines, and finally performs the verification of all of the necessary source files - and does so in a parallel mode, exploiting all of the available processor cores on a multi-processor system. And it actually executes all of this by just one simple mouse click on the "check project" command. Read more

  • Static analysis is most efficient when being used regularly. We'll tell you why

    22.04.2013
    Some of our users run static analysis only occasionally. They find new errors in their code and, feeling glad about this, willingly renew PVS-Studio licenses. I should feel glad too, shouldn't I? But I feel sad - because you get only 10-20% of the tool's efficiency when using it in such a way, while you could obtain at least 80-90% if you used it otherwise. In this post I will tell you about the most common mistake among users of static code analysis tools. Read more

  • Using PVS-Studio with huge projects (MSBuild integration)

    18.04.2013
    If your solution includes a lot of large projects, you may find it uncomfortable to operate the PVS-Studio analyzer when checking it. In this small post we'll explain why it happens and how integrating PVS-Studio into MSBuild's build process will help you to improve the situation. Read more

  • PVS-Studio registration key for 5 days

    16.04.2013
    As an experiment, we have decided to offer everyone interested a PVS-Studio registration key for 5 days to study its 64-bit diagnostics more thoroughly. Read more

  • PVS-Studio and open-source software

    09.04.2013
    I've decided to write about the work our team is doing regarding open-source projects. I will give a list of open-source projects we have checked by now with the PVS-Studio analyzer. Then I'll tell you about our plans for the future. Read more

  • Re-checking the ReactOS project - a large report

    02.04.2013
    The ReactOS project is rapidly developing. One of the developers participating in this project suggested that we re-analyzed the source code, as the code base is growing fast. We were glad to do that. We like this project, and we'll be happy if this article helps the developers to eliminate some bugs. Analysis was performed with the PVS-Studio 5.02 code analyzer. Read more