Andrey Karpov
  • PVS-Studio for Linux

    Finally! Today we released the first version of PVS-Studio analyzer for Linux. Now Linux developers are getting a new powerful tool to fight bugs in the code. We ask you to spread this news in the world. Tell your colleagues, post it on Twitter and Facebook! Let the programs be more stable and safe!. Read more
  • A brief note about MISRA

    We are often asked whether the PVS-Studio analyzer supports MISRA standard. I decided to write a short note to make it easy to answer the letters, giving the link. A brief answer - we do not currently support standards MISRA C, MISRA C++ and do not plan to do that. Here is a detailed explanation of our position concerning this question. Read more
  • I just had to check ICQ project

    I just cannot pass by the source code of ICQ messenger. It is a kind of a cult project, and when I saw the source code on GitHub, it was just a matter of time, when we will check it with PVS-Studio. Of course, we have a lot of other interesting projects that are waiting to be checked. For example, we have recently checked GCC, GDB, Mono. Finally, it's the turn of ICQ. Read more
  • GDB - a tough nut to crack: only a few bugs found by PVS-Studio

    GDB is a tool that is hard to live without. Of course, as Brooks says: "The quality in software development is achieved through proper design, not by endless testing". However, proper design doesn't protect from logical errors, typos, null pointers, and so on. That's why various debugging tools, like GDB, come to help. My aim is to show that static code analyzers are also very useful tools which help to detect errors at the early stages of development. It's much better if the bug is fixed in the code before the testing and debugging stage. To demonstrate the benefits of static code analysis, let's delve inside GDB and look for errors, using PVS-Studio. Read more
  • Bugs found in GCC with the help of PVS-Studio

    I regularly check various open-source projects to demonstrate the abilities of the PVS-Studio static code analyzer (C, C++, C#). Now it is time for the GCC compiler to get checked. Unquestionably, GCC is a very qualitative and well-tested project, that's why it's already a great achievement for a tool to find any errors in it. Fortunately, PVS-Studio coped with this task. No one is immune to typos or carelessness. This is why the PVS-Studio can become an additional line of defense for you, on the front of the endless war against bugs. Read more
  • We found over 10000 bugs in various open source projects

    In order to promote a static analysis methodology at large and static analyzer PVS-Studio in particular we regularly verify various open source projects. The bugs we found demonstrate that nobody is immune from misprints, inattention or other mistakes. Absolutely nobody, and we find confirmations to this point in such projects as Microsoft Code Contracts, Qt, Linux kernel, CryEngine, VirtualBox, LibreOffice, Firefox, Boost, Tor and so on. At the moment we inspected 262 projects. It's official! We found and logged 10000 bugs!. Read more
  • PVS-Studio confesses its love for Linux

    This post is about love. About the love of the static code analyzer PVS-Studio, for the great open source Linux operating system. This love is young, touching and fragile. It needs help and care. You will help greatly if you volunteer to help testing the beta-version of PVS-Studio for Linux. Read more
  • The Little Unicorn That Could

    One of the Microsoft development teams already uses PVS-Studio analyzer in their work. It's great, but it's not enough. That's why I keep demonstrating how static code analysis could benefit developers, using Microsoft projects as examples. We scanned Casablanca project three years ago and found nothing. As a tribute to its high quality, the project was awarded with a "bugless code" medal. As time went by, Casablanca developed and grew. PVS-Studio's capabilities, too, have significantly improved, and now I've finally got the opportunity to write an article about errors found by the analyzer in Casablanca project (C++ REST SDK). These errors are few, but the fact that their number is still big enough for me to make this article, does speak a lot in favor of PVS-Studio's effectiveness. Read more
  • Showing abilities of PVS-Studio analyzer by examples of Microsoft open-source projects

    Microsoft gradually started to open the code of some projects. Our team is very happy about this. We support the view that Microsoft Company has really high-quality code. What's more, Microsoft developers are already using static code analyzers. That's why finding bugs in their code is a great way to demonstrate the abilities of the analyzer. Read more
  • Explanation about the PVS-Studio demo-version limitations

    Usually limitations have two purposes. The first - to show a potential user that a static analyzer is able to find bugs in the code. The second - to prompt the user to communicate with us via e-mail so that we could help use the tool correctly. I am convinced that this interrelation is not clear yet, that's why I've decided to write this little note. Read more