• Viewing Bug Statistics, or "Look, They've Got Charts in PVS-Studio!"

    This post will be first of all of utmost interest to project and technical managers whose teams use the PVS-Studio code analyzer in their projects. We have recently implemented a new feature to let you monitor the efficiency of the team tool use. You can finally have the necessary figures to prove to your boss that the analyzer which cost your team or company a few thousands of dollars is bringing a real, tangible profit. But don't worry – this article is not about ROI at all. Read more
  • An Ideal Way to Integrate a Static Code Analyzer into a Project

    One of the most difficult things about using static analysis tools is managing false positives. There are a number of ways to eliminate them using the analyzer's settings or changing the code itself. I took a small project Apple II emulator for Windows as an example to show you how you can handle PVS-Studio's analysis report, and demonstrate by a number of examples how to fix errors and suppress false positives. Read more
  • Using IncrediBuild to Assist Analysis of a Large Project by PVS-Studio

    PVS-Studio is a static analyzer that detects errors in source code of C/C++ applications. Like a compiler, the analyzer parses the project source files one by one. However, without the help of auxiliary tools, some projects may take several hours to build and even longer to analyze. When building large projects, some developers use the distributed build technology implemented in the IncrediBuild tool. We will not discuss the details of integrating PVS-Studio into IncrediBuild in this article; instead, I will tell you about the specifics of analyzing a large project, time measurements, and other interesting things. Read more
  • Integrating PVS-Studio with the IncrediBuild Distributed Build System

    PVS-Studio performs analysis of C/C++ code and highlights for the programmer various hidden errors and code fragments that may cause troubles in future. If your project is a large-scale one, its analysis may take quite a while. To speed it up, you can use the IncrediBuild tool. If you already have the PVS-Studio analyzer and the IncrediBuild tool installed on your computer, you will learn from this article how to make them friends and achieve analysis acceleration. In time, we are going to provide an even tighter integration of PVS-Studio with IncrediBuild. But let me point this out once again that it is already possible to parallelize a PVS-Studio launch to a number of machines. It's simple. In this article, we will tell you how to do this. Read more
  • HPX and PVS-Studio

    This article was originally published at STE||AR Group Blog. Republished by the editors' permission.. Read more
  • How Do Programs Run with All Those Bugs At All?

    Our team analyzes lots of open-source projects to demonstrate the diagnostic capabilities of the PVS-Studio analyzer. After reading our articles, people will often ask: "How does the program run with all those bugs at all?" In this article, I will try to answer this question. Read more
  • Why Don't Software Developers Use Static Analysis Tools to Find Bugs?

    Using static analysis tools for automating code inspections can be beneficial for software engineers. Such tools can make finding bugs, or software defects, faster and cheaper than manual inspections. Despite the benefits of using static analysis tools to find bugs, research suggests that these tools are underused. In this paper, we investigate why developers are not widely using static analysis tools and how current tools could potentially be improved. We conducted interviews with 20 developers and found that although all of our participants felt that use is beneficial, false positives and the way in which the warnings are presented, among other things, are barriers to use. We discuss several implications of these results, such as the need for an interactive mechanism to help developers fix defects. Read more
  • How to Launch the PVS-Studio Analyzer

    Every now and then, we receive e-mails reading something like "After I have installed the analyzer, I find the PVS-Studio.exe file, launch it, but it wouldn't work". Since these are not rare, single cases, I think we should clarify on the subject. Read more
  • C++ Tail Recursion Using 64-bit variables - Part 2

    In my previous post I talked about recursion problems in a Fibonacci function using 64-bit variables as function parameters, compiled using the Microsoft Visual C++ compiler. It turned out that while tail recursion was enabled by the compiler using 32-bit types it didn't really when switching to 64-bit ones. Just as a reminder, Tail Recursion is an optimization performed by the compiler. It is the process of transforming certain types of tail calls into jumps instead of function calls. More about tail recursion here. Read more
  • C++ Tail Recursion Using 64-bit variables

    I want to share with you a problem I run into comparing iterative and recursive functions in C++. There are several differences between recursion and iteration, this article explains the topic nicely if you want to know more. In general languages like Java, C, and Python, recursion is fairly expensive compared to iteration because it requires the allocation of a new stack frame. It is possible to eliminate this overhead in C/C++ enabling compiler optimization to perform tail recursion, which transforms certain types of recursion (actually, certain types of tail calls) into jumps instead of function calls. To let the compiler performs this optimization it is necessary that the last thing a function does before it returns is call another function (in this case itself). In this scenario it should be safe to jump to the start of the second routine. Main disadvantage of Recursion in imperative languages is the fact that not always is possible to have tail calls, which means an allocation of the function address (and relative variables, like structs for instance) onto the stack at each call. For deep recursive function this can cause a stack-overflow exception because of a limit to the maximum size of the stack, which is typically less than the size of RAM by quite a few orders of magnitude. Read more