• How Do Programs Run with All Those Bugs At All?

    Our team analyzes lots of open-source projects to demonstrate the diagnostic capabilities of the PVS-Studio analyzer. After reading our articles, people will often ask: "How does the program run with all those bugs at all?" In this article, I will try to answer this question. Read more
  • Why Don't Software Developers Use Static Analysis Tools to Find Bugs?

    Using static analysis tools for automating code inspections can be beneficial for software engineers. Such tools can make finding bugs, or software defects, faster and cheaper than manual inspections. Despite the benefits of using static analysis tools to find bugs, research suggests that these tools are underused. In this paper, we investigate why developers are not widely using static analysis tools and how current tools could potentially be improved. We conducted interviews with 20 developers and found that although all of our participants felt that use is beneficial, false positives and the way in which the warnings are presented, among other things, are barriers to use. We discuss several implications of these results, such as the need for an interactive mechanism to help developers fix defects. Read more
  • How to Launch the PVS-Studio Analyzer

    Every now and then, we receive e-mails reading something like "After I have installed the analyzer, I find the PVS-Studio.exe file, launch it, but it wouldn't work". Since these are not rare, single cases, I think we should clarify on the subject. Read more
  • C++ Tail Recursion Using 64-bit variables - Part 2

    In my previous post I talked about recursion problems in a Fibonacci function using 64-bit variables as function parameters, compiled using the Microsoft Visual C++ compiler. It turned out that while tail recursion was enabled by the compiler using 32-bit types it didn't really when switching to 64-bit ones. Just as a reminder, Tail Recursion is an optimization performed by the compiler. It is the process of transforming certain types of tail calls into jumps instead of function calls. More about tail recursion here. Read more
  • C++ Tail Recursion Using 64-bit variables

    I want to share with you a problem I run into comparing iterative and recursive functions in C++. There are several differences between recursion and iteration, this article explains the topic nicely if you want to know more. In general languages like Java, C, and Python, recursion is fairly expensive compared to iteration because it requires the allocation of a new stack frame. It is possible to eliminate this overhead in C/C++ enabling compiler optimization to perform tail recursion, which transforms certain types of recursion (actually, certain types of tail calls) into jumps instead of function calls. To let the compiler performs this optimization it is necessary that the last thing a function does before it returns is call another function (in this case itself). In this scenario it should be safe to jump to the start of the second routine. Main disadvantage of Recursion in imperative languages is the fact that not always is possible to have tail calls, which means an allocation of the function address (and relative variables, like structs for instance) onto the stack at each call. For deep recursive function this can cause a stack-overflow exception because of a limit to the maximum size of the stack, which is typically less than the size of RAM by quite a few orders of magnitude. Read more
  • How We Tried Static Analysis on Our X-Ray Endovascular Surgery Training Simulator Project

    In this article, I'd like to tell you a story about how we analyzed our project with the PVS-Studio static code analyzer trying to find out how much we could benefit from this tool. I won't be discussing unique and interesting bugs here. In fact, all the bugs and defects found by the analyzer in our code proved to be quite trivial. What I'd like to talk about instead is my personal opinion of this tool as a project manager. Perhaps this point of view is not that accurate and objective as that of a software engineer because it is affected by the specifics of work management in a particular project, but I still believe that the ideas I share in this article will help those who consider trying static analysis in their work; or those who regularly face big resource expenses on fixing bugs found at the testing stage. Read more
  • How the PVS-Studio Team Improved Unreal Engine's Code

    This article was originally published at Unreal Engine Blog. Republished by the editors' permission.. Read more
  • C++ in the modern world

    Debates about the present state of C++ in the programming world divide the participants into two camps: some dislike C++ and predict it's soon death, while others believe that it will persist as it has before. I'd say the truth lies somewhere in the middle but that would mean that C++'s condition is kind of uncertain, like it was between the releases of C++03 and C++11. But it's not actually so. How exactly then? Let's try to figure this out. Read more
  • Static Analysis of Wireshark by PVS-Studio

    In this article, I will tell and show you how to carry out static analysis of C/C++ program code by PVS-Studio by the example of the open-source project Wireshark. We'll start with a brief description of the Wireshark network traffic analyzer and the PVS-Studio product. Then I will tell you about the pitfalls you may encounter when building the project and preparing for the analysis. After that, I'll try to draw a general overview of the PVS-Studio product, its strengths and usability by means of examples of its warnings, the corresponding code samples, and my own comments. Read more
  • A Unicorn Seeking Extraterrestrial Life: Analyzing SETI@home's Source Code

    Two possibilities exist: Either we are alone in the Universe or we are not. Both are equally terrifying. (c) Arthur Charles Clarke. Read more