Blog

  • Analyzing the Source Code of UEFI for Intel Galileo by PVS-Studio

    25.05.2015
    Firmware development, even when done not in assembler for exotic architectures but in plain C for i386/amd64, is a pretty tough job, where a single bug can cost too much - up to a major failure of the target hardware platform. So it is just vitally necessary to use various techniques to avoid errors at the earliest firmware development stages.Unfortunately, we can only dream of formal verification or application of MISRA C in case of UEFI firmwares (on the other hand, no one feels like spending a couple of years and 50% of the project budget on firmware development), so today we will talk about static analysis - to be more exact, about the PVS-Studio static analyzer quite popular at Habrahabr. With its help, we will try to find whatever bugs we can in the open code of UEFI for Intel Galileo.Welcome to read further to find out the analysis results. Read more
  • 64-Bit Code in 2015: New in the Diagnostics of Possible Issues

    21.05.2015
    64-bit issues are pretty hard to detect because they are like a timebomb: it may take quite a while before they show up. The PVS-Studio static analyzer makes it easier to find and fix such errors. But we have made even a few more steps forward: we have recently revised with more care the 64-bit diagnostics implemented in our tool, which resulted in changing their distribution among severity levels. In this article, I'm going to tell you about these changes and how it affected the tool handling and bug search. You will also find real-life examples of 64-bit errors. Read more
  • Criticizing the Rust Language, and Why C/C++ Will Never Die

    12.05.2015
    We liked the article "Criticizing the Rust Language, and Why C/C++ Will Never Die" very much. We offer the author that we will do the translation on our own, and publish it in our blog. He agreed, and we represent this article in Russian and English with great pleasure. The origin of the article is here. Read more
  • I've Finally Figured Out Unit Economics!

    03.05.2015
    This article was originally published In Russian at towave.ru. Republished and translated by the editors' permission.. Read more
  • Analyzing FreeCAD's Source Code and Its "Sick" Dependencies

    30.04.2015
    This article was initially meant as a review of bugs found in the FreeCAD open-source project but eventually took a bit different direction. It happened because a considerable portion of the warnings had been generated for the third-party libraries employed by the project. Extensive use of third-party libraries in software development is highly beneficial, especially in the open-source software domain. And bugs found in these libraries are no good reason to reject them. But we still should keep in mind that third-party code we use in our projects may contain bugs, so we must be prepared to meet and, if possible, fix them, thus improving the libraries. Read more
  • Analysis of Godot Engine's Source Code

    30.04.2015
    In February 2014, the Argentinian studio OKAM made public the source code of their multi-platform game engine Godot Engine and not so long ago, version 1.0 was released. As you have already guessed, in this article we will talk about the analysis of this project's source code and its results. Analysis was done with the PVS-Studio static code analyzer. Besides the introductory purpose, this article also pursues some practical aims: the readers can learn something new while the project developers can fix errors and bottlenecks. But first things first. Read more
  • We are Closing Down the CppCat Project

    26.04.2015
    One odd year ago, we decided to carry out an experiment and release a tool for small teams and single developers as an alternative to the PVS-Studio static code analyzer. This is how a very inexpensive analyzer CppCat was born. Now we can sum up the results of that experiment and admit that it has failed. During its short lifetime, this project has brought us almost as much money as we had put into its development, promotion, and maintenance. Thus, the project has proved unprofitable. And we could have spent all that time (the most valuable resource) on improving PVS-Studio instead, couldn't we? So we have to close down the CppCat project and focus on PVS-Studio. I hope you will find it interesting to learn from someone else's experience of launching a new business idea, for negative experience is still experience. Read more
  • Comparing Analysis Capabilities of PVS-Studio and Visual Studio 2015's Analyzer

    25.04.2015
    In one of the articles at Visual C++ Team Blog, the developer team were discussing the static code analyzer that would ship with Visual Studio 2015. According to their data, there will be no difference in the static analysis capabilities between Visual Studio 2013's and Visual Studio 2015's versions. Read more
  • Analysis of Haiku Operating System (BeOS Family) by PVS-Studio. Part 2

    24.04.2015
    This is the second and last part of the large article about analysis of the Haiku operating system. In the first article, we discussed a variety of possible errors all of which one way or another deal with conditions. In this article, we will discuss the remaining analyzer warnings I have selected for you. The bug examples are grouped into several categories. Read more
  • Analysis of Haiku Operating System (BeOS Family) by PVS-Studio. Part 1

    22.04.2015
    Operating systems are among the largest and most complicated software projects, and that means they perfectly suit the purpose of demonstrating static code analysis' capabilities. After the successful analysis of Linux Kernel, I felt inspired to try analyzing other open-source operating systems as well. Read more