Blog

  • Let's Play a Game

    18.09.2014
    The authors of the PVS-Studio analyzer invite you to test your attentiveness. Read more
  • Overlapping Between PVS-Studio and Cppcheck

    15.09.2014
    We have been asked many times about the degree of overlapping between diagnostics of our PVS-Studio analyzer and the Cppcheck analyzer. I've decided to write a small article about it to refer to as a quick answer in future. To put it brief, the overlapping is very little – only 6% of the total number of errors is detected by both analyzers. In this article, I will tell you how we got this figure. Read more
  • Valgrind: Good but Not Enough

    10.09.2014
    Not so long ago we tried to demonstrate the benefit of using the PVS-Studio static analyzer to one company. We failed, but while corresponding with them, I prepared a detailed answer about the static and dynamic analysis methodologies. Now I've decided to publish this answer in the form of a small article. I think the readers will find it interesting, and I also will be able to use this article later on to refer our new potential customers to. Read more
  • Checking GIMP's Source Code with PVS-Studio

    15.08.2014
    To check GIMP, we should first find a way to get it compile successfully. This task is far from easy, that's why we had been constantly delaying the check. However, the project is too famous, and we were very interested to find out its quality. So we have conquered our laziness and completed the analysis. Read more
  • Can We Trust the Libraries We Use?

    11.08.2014
    Any large modern application consists of numerous third-party libraries, and I'd like to discuss the topic of our trust in these libraries. In books and articles, there are lots of debates about code quality, testing methods, development methodologies, and so on. But I don't remember anyone discussing the quality of bricks applications are built from. So let's talk about it today. For example, there is the Medicine Insight Segmentation and Registration Toolkit (ITK). I find it to be implemented pretty well. At least, I have noticed just a few bugs in its code. But I cannot say the same about the code of the third-party libraries used there. So the question is: how much can we trust such systems? Much food for thought. Read more
  • Checking PVS-Studio with Clang

    08.08.2014
    Yes, you've read it right. This time we are writing an "opposite" article: it's not about us checking some third-party project but about our own tool checked by another tool. We actually had performed such verifications before. For instance, we checked PVS-Studio with Cppcheck, Visual Studio static analyzer, inspected Intel C++ warnings. But there were no grounds for writing such an article: none of those tools found anything of interest. But Clang has managed to attract our attention with its diagnostic messages. Read more
  • Checking Bitcoin

    29.07.2014
    Don't expect anything epic from this article. We have checked the Bitcoin project's source code with PVS-Studio and found just a couple of suspicious fragments. Which is no wonder: I guess there are few programmers who haven't checked it already. But since we have done our check too, we need to write a small post about it, pro forma, so to say. Read more
  • stdafx.h for Novices

    25.06.2014
    This article is meant for those programmers who are only getting started with the Visual Studio environment and trying to compile their C++ projects under it. Everything looks strange and complicated in an unfamiliar environment, and novices are especially irritated by the stdafx.h file that causes strange errors during compilation. Pretty often it all ends in them diligently turning off all precompiled headers in every project. We wrote this article to help Visual Studio newcomers to figure it all out. Read more
  • PVS-Studio and CppCat Team Expanding Their Horizons Through Outsourcing

    23.06.2014
    As you know, our main activity is development of the code analyzers PVS-Studio and CppCat. Although we have been doing this for a long time now and - as we believe - quite successfully, an unusual idea struck us recently. You see, we do not use our own tools in exactly the same way our customers do. Well, we analyze the code of PVS-Studio by PVS-Studio of course, but, honestly, the PVS-Studio project is far from large. Also, the manner of working with PVS-Studio's code is different from that of working with Chromium's or LLVM's code, for example. Read more
  • Handling False Positives in PVS-Studio and CppCat

    20.06.2014
    It occurred to me recently to reanalyze the Newton Game Dynamics physics engine. The project's code is very high-quality, so there were almost no genuine bugs detected, but I did get a few dozens of false positives. Seems like there's nothing to write about, doesn't it? Well, I thought I should write about how to handle false positives and how to avoid them. I found the Newton Game Dynamics project a good example to demonstrate that on. Read more