• The Empire Strikes Back

    Recently there appeared an article "Hackathon 2: Time lapse analysis of Unreal Engine 4", which describes how you can find a great number of bugs in Unreal Engine 4 using Klocwork. I just can't help commenting on this article. The thing is that, once we fixed all the bugs that PVS-Studio analyzer found, we haven't necessarily worked on all bugs existing in the project - only on those that were detected by our analyzer. However, the article creates an impression that the PVS-Studio analyzer skipped too many bugs. Well, I guess now it's my turn to say something. I have also rechecked Unreal Engine 4 and found plenty of another bugs. So I can claim that PVS-Studio can find new bugs in Unreal Engine 4. It's a draw. Read more
  • The First C# Project Analyzed

    The PVS-Studio team is now actively developing a static analyzer for C# code. The first version is expected by the end of 2015. And for now my task is to write a few articles to attract C# programmers' attention to our tool in advance. I've got an updated installer today, so we can now install PVS-Studio with C#-support enabled and even analyze some source code. Without further hesitation, I decided to scan whichever program I had at hand. This happened to be the Umbraco project. Of course we can't expect too much of the current version of the analyzer, but its functionality has been enough to allow me to write this small article. Read more
  • Celebrating 30-th anniversary of the first C++ compiler: let's find bugs in it

    Cfront is a C++ compiler which came into existence in 1983 and was developed by Bjarne Stroustrup. At that time it was known as "C with Classes". Cfront had a complete parser, symbol tables, and built a tree for each class, function, etc. Cfront was based on CPre. Cfront defined the language until circa 1990. Many of the obscure corner cases in C++ are related to the Cfront implementation limitations. The reason is that Cfront performed translation from C++ to C. In short, Cfront is a sacred artifact for a C++ programmer. So I just couldn't help checking such a project. Read more
  • In search of uninitialized class members

    We've already got several requests from our clients (including potential ones) to implement diagnostics that could help search for uninitialized class members. We were quite reluctant to do that as we were aware of the difficulty of the task, but finally we gave in. As a result we've come up with V730 diagnostics. I should say right away, that it's not perfect and I already foresee a number of letters directed to us with complaints about something working incorrectly. That's why I've decided to write a note about technical complexity of this task. I hope this information will give answers to the questions of PVS-Studio users and in general will be beneficial to our readership. Read more
  • Explanation on Diagnostic V595

    Among others, PVS-Studio has diagnostic V595 "The pointer was utilized before it was verified against nullptr". I get lots of questions from our users regarding this diagnostic, so I decided to prepare a detailed answer in advance to help explain the principle behind it to future users. Read more
  • The first step towards PVS-Studio for C#

    The PVS-Studio team would like to share some news and heat up the audience interest a bit. We have started C# analyzer development. From the user's point of view it'll still be our good old PVS-Studio, but now we'll teach it how to look for bugs in C# programs. Read more
  • An Ideal Way to Integrate a Static Code Analyzer into a Project

    One of the most difficult things about using static analysis tools is managing false positives. There are a number of ways to eliminate them using the analyzer's settings or changing the code itself. I took a small project Apple II emulator for Windows as an example to show you how you can handle PVS-Studio's analysis report, and demonstrate by a number of examples how to fix errors and suppress false positives. Read more
  • How Do Programs Run with All Those Bugs At All?

    Our team analyzes lots of open-source projects to demonstrate the diagnostic capabilities of the PVS-Studio analyzer. After reading our articles, people will often ask: "How does the program run with all those bugs at all?" In this article, I will try to answer this question. Read more
  • How to Launch the PVS-Studio Analyzer

    Every now and then, we receive e-mails reading something like "After I have installed the analyzer, I find the PVS-Studio.exe file, launch it, but it wouldn't work". Since these are not rare, single cases, I think we should clarify on the subject. Read more
  • We are Closing Down the CppCat Project

    One odd year ago, we decided to carry out an experiment and release a tool for small teams and single developers as an alternative to the PVS-Studio static code analyzer. This is how a very inexpensive analyzer CppCat was born. Now we can sum up the results of that experiment and admit that it has failed. During its short lifetime, this project has brought us almost as much money as we had put into its development, promotion, and maintenance. Thus, the project has proved unprofitable. And we could have spent all that time (the most valuable resource) on improving PVS-Studio instead, couldn't we? So we have to close down the CppCat project and focus on PVS-Studio. I hope you will find it interesting to learn from someone else's experience of launching a new business idea, for negative experience is still experience. Read more