The first step towards PVS-Studio for C#

Andrey Karpov
Articles: 368



Picture 1

The PVS-Studio team would like to share some news and heat up the audience interest a bit. We have started C# analyzer development. From the user's point of view it'll still be our good old PVS-Studio, but now we'll teach it how to look for bugs in C# programs.

At this moment (September, 2015) the PVS-Studio analyzer supports Visual Studio 2005-2015 and can analyze C, C++, C++/CLI, C++/CX (WinRT) programs. Also the PVS-Studio Standalone utility allows checking projects which are built not only with Visual C++, but also with MinGW, for instance. There were some experiments in running PVS-Studio on Linux, but it's not of a big interest to us, as it's quite hard to make profit in the Linux world by means of creating developer tools. We have a bigger liking for Windows, that's why we decided to bring some joy to C# developers.

We've said many times that the C# language is less subject to errors. In this language there were changed or removed many constructions that are enough to shoot yourself in the foot by banal or exotic means. But we know that there is no developer who is totally immune to inadvertence, typos and slip ups.

The PVS-Studio is famous for its diagnostics which allow you to detect typos, Copy-Paste related errors and many more. So we've decided to use our experience in analysis and create a nice handy tool for C# as well.

Today we've heard the birth cry of C# PVS-Studio. We have adapted our favorite V501 diagnostic for C#. It has lots of great findings on its credit. And here is the very first result. Having launched PVS-Studio on MSBuild project we found such an issue:

public int Compare(ITaskItem x, ITaskItem y)
{
  if (x.ItemSpec != y.ItemSpec)
  {
    return -1;
  }

  if (x.CloneCustomMetadata().Count !=
      x.CloneCustomMetadata().Count)
  {
    return -1;
  } 
  ....
}

PVS-Studio warning: V3001 There are identical sub-expressions to the left and to the right of the '!=' operator x.CloneCustomMetadata().Count != x.CloneCustomMetadata().Count. Microsoft.Build.Engine.UnitTests TaskItemComparer.cs 51

By accident the 'x' variable is used twice. Correct variant:

if (x.CloneCustomMetadata().Count !=
    y.CloneCustomMetadata().Count)

Of course, it's one of the first steps along the way of creating a great tool for C# programmers. But we feel enough strength and wish to make it to the end.

We plan to have the first C# version released by the New Year. Of course by this time we will have only a several diagnostics implemented which will be mainly taken from the C++ module. But even with the help of this New Year version you'll be able to find quite a number of amusing errors. Then gradually we will implement other diagnostics that can be adapted for C#. Later on there will appear some specific diagnostics, applicable only to C# code.

Note: As soon as C++ & C# version is released we plan to cease supporting Visial Sudio 2005, 2008. It becomes more and more troublesome for us due to some technical and organizational reasons.

Most likely there will be questions concerning the technology that the analyzer will be built upon. Here is the answer. We are using Roslyn.

Thanks a lot for your attention. For those C# programmers who are not aware of what PVS-Studio is and what it's capable of, I'll give a recommendation to visit this section. I'm sure it'll impress you and you'll want to try out the PVS-Studio on your C# projects.



Use PVS-Studio to search for bugs in C, C++, C# and Java

We offer you to check your project code with PVS-Studio. Just one bug found in the project will show you the benefits of the static code analysis methodology better than a dozen of the articles.

goto PVS-Studio;

Andrey Karpov
Articles: 368


Bugs Found

Checked Projects
344
Collected Errors
12 970