All streams
Search
Write a publication
Pull to refresh
262.03
Global rating
PVS-Studio
Статический анализ кода для C, C++, C# и Java
ProfileArticles257Subscribers93KEmployees28
Show first

MacOS Kernel, How Good Is This Apple?

Reading time19 min
Views1.6K
PVS-Studio corporate blogC++ * Open source * Development for MacOS *

0818_XNU_MacOS_Kernel/image1.png


At the very beginning of this year, Apple released the source code for macOS – Big Sur. It includes XNU, the kernel of the macOS operating system. A few years ago, PVS-Studio has already checked the kernel source code. It coincided with the analyzer release on macOS. It's been a while since then. The new kernel source code has been released. A second check? Why not?

Read more →
Total votes 1: ↑1 and ↓0+1
Comments0

Date Processing Attracts Bugs or 77 Defects in Qt 6

Reading time24 min
Views1.6K
PVS-Studio corporate blogC++ * Qt * Information Security * Programming *

PVS-Studio & Qt 6


The recent Qt 6 release compelled us to recheck the framework with PVS-Studio. In this article, we reviewed various interesting errors we found, for example, those related to processing dates. The errors we discovered prove that developers can greatly benefit from regularly checking their projects with tools like PVS-Studio.

Read more →
Total votes 1: ↑1 and ↓0+1
Comments0

Espressif IoT Development Framework: 71 Shots in the Foot

Reading time28 min
Views1.1K
PVS-Studio corporate blogInformation Security * C++ * C * IOT

0790_Espressif_IoT_Development_Framework/image1.png
One of our readers recommended paying heed to the Espressif IoT Development Framework. He found an error in the project code and asked if the PVS-Studio static analyzer could find it. The analyzer can't detect this specific error so far, but it managed to spot many others. Based on this story and the errors found, we decided to write a classic article about checking an open source project. Enjoy exploring what IoT devices can do to shoot you in the foot.

Read more →
Total votes 1: ↑1 and ↓0+1
Comments0

Did It Have to Take So Long to Find a Bug?

Reading time2 min
Views1.8K
PVS-Studio corporate blogC++ * Game development * Development Management *
image1.png

Have you ever wondered which type of project demonstrates higher code quality – open-source or proprietary? Our blog posts may seem to suggest that bugs tend to concentrate in open-source projects. But that's not quite true. Bugs can be found in any project, no matter the manner of storage. As for the code quality, it tends to be higher in those projects where developers care about and work on it. In this small post, you will learn about a bug that took two years to fix, although it could have been done in just five minutes.
Read more →
Total votes 2: ↑1 and ↓1+1
Comments0

The Code Analyzer is wrong. Long live the Analyzer

Reading time6 min
Views732
PVS-Studio corporate blogProgramming * C++ *
Foo(std::move(buffer), line_buffer - buffer.get());

Combining many actions in a single C++ expression is a bad practice, as such code is hard to understand, maintain, and it is easy to make mistakes in it. For example, one can instill a bug by reconciling different actions when evaluating function arguments. We agree with the classic recommendation that code should be simple and clear. Now let's look at an interesting case where the PVS-Studio analyzer is technically wrong, but from a practical point of view, the code should still be changed.
Read more →
Total votes 2: ↑1 and ↓1+1
Comments0

How static code analysis helps in the GameDev industry

Reading time7 min
Views1.4K
PVS-Studio corporate blogC# * C++ * Unity3D * Unreal Engine *
image1.png

The gaming industry is constantly evolving and is developing faster than a speeding bullet. Along with the growth of the industry, the complexity of development also increases: the code base is getting larger and the number of bugs is growing as well. Therefore, modern game projects need to pay special attention to the code quality. Today we will cover one of the ways to make your code more decent, which is static analysis, as well as how PVS-Studio in practice helps in the game project development of various sizes.
Read more →
Total votes 2: ↑1 and ↓1+1
Comments0

Checking Clang 11 with PVS-Studio

Reading time10 min
Views893
PVS-Studio corporate blogC++ * Open source * Information Security * Compilers *
PVS-Studio: I'm still worthy

Every now and then, we have to write articles about how we've checked another fresh version of some compiler. That's not really much fun. However, as practice shows, if we stop doing that for a while, folks start doubting whether PVS-Studio is worth its title of a good catcher of bugs and vulnerabilities. What if the new compiler can do that too? Sure, compilers evolve, but so does PVS-Studio – and it proves, again and again, its ability to catch bugs even in high-quality projects such as compilers.
Read more →
Total votes 3: ↑2 and ↓1+1
Comments0

Under the Hood of PVS-Studio for Java: How We Develop Diagnostics

Reading time8 min
Views513
PVS-Studio corporate blogJava *

To keep it interesting, this time I'd like to tell about our approach to developing and polishing diagnostic rules for PVS-Studio Java. You will learn how we keep existing warnings consistent across releases and why the new ones aren't too weird. I'll also share a bit of inside information on what plans we, the Java team, have for the future, and show you a few interesting (and a few plain) bugs we found using the diagnostics from the upcoming release.
Read more →
Total votes 2: ↑1 and ↓1+1
Comments0

PVS-Studio is now in Compiler Explorer

Reading time4 min
Views1.2K
PVS-Studio corporate blogProgramming * Compilers * C++ * C *
image1.png

Not so long ago, a landmark event has happened: PVS-Studio appeared in Compiler Explorer! Now you can quickly and easily analyze the code for errors right on the godbolt.org site (Compiler Explorer). This feature opens up a large number of new possibilities – from quenching curiosity about the analyzer's abilities to being able to quickly share check results with a friend. This article will cover the topic on how to use these features. Caution – large GIFs!
Read more →
Total votes 1: ↑1 and ↓0+1
Comments0

How to introduce a static code analyzer in a legacy project and not to discourage the team

Reading time8 min
Views1.8K
PVS-Studio corporate blogDevOps * Programming * Perfect code * Product Management *


It is easy to try a static code analyzer. But it requires skills to introduce it in the development of an old large project. If the approach is incorrect, the analyzer can add work, slow down development, and demotivate the team. Let's briefly discuss how to properly integrate static analysis into the development process and start using it as part of CI/CD.
Read more →
Total votes 1: ↑1 and ↓0+1
Comments0

A Bug Caused by the #line Directive in the Visual C++ Compiler

Reading time3 min
Views996
PVS-Studio corporate blog
image1.png

The #line directive is added by the preprocessor and can then be used to help the developer understand which file and line a particular code fragment in the preprocessed file refers to. The #line directive tells code-processing tools to change the compiler's internally stored line number and filename to a given line number and filename. Subsequent lines will be numbered relative to that position. Explicit preprocessing is mostly used for debugging or by various generators. In any case, a bug breaking this functionality may have a variety of negative effects. One of our users was faced with such a problem in Visual Studio 2019.
Read more →
Total votes 1: ↑1 and ↓0+1
Comments0

How does strange code hide errors? TensorFlow.NET Analysis

Reading time15 min
Views915
PVS-Studio corporate blogMachine learning * Open source * C# * .NET *

PVS-Studio and TensorFlow.NET

Static analysis is an extremely useful tool for any developer, as it helps to find in time not only errors, but also suspicious and strange code fragments that may cause bewilderment of programmers who will have to work with it in the future. This idea will be demonstrated by the analysis of the TensorFlow.NET open C# project, developed for working with the popular TensorFlow machine learning library.
Read more →
Total votes 3: ↑2 and ↓1+1
Comments0

PVS-Studio Is Now in Chocolatey: Checking Chocolatey under Azure DevOps

Reading time9 min
Views657
PVS-Studio corporate blogC# * DevOps * Open source * Development for Windows *

Рисунок 1

We continue making the use of PVS-Studio more convenient. Our analyzer is now available in Chocolatey, the package manager for Windows. We believe this will make it easier to deploy PVS-Studio, particularly in cloud services. So right off the bat, we also checked the source code of the same Chocolatey. Azure DevOps took on the role of the CI system.
Read more →
Total votes 1: ↑1 and ↓0+1
Comments0

Top 10 Bugs Found in C++ Projects in 2019

Reading time8 min
Views2K
PVS-Studio corporate blogC * C++ *

Picture 7

Another year is drawing to an end, and it's a perfect time to make yourself a cup of coffee and reread the reviews of bugs collected across open-source projects over this year. This would take quite a while, of course, so we prepared this article to make it easier for you. Today we'll be recalling the most interesting dark spots that we came across in open-source C/C++ projects in 2019.
Read more →
Total votes 1: ↑1 and ↓0+1
Comments2
12 ...
78
9
ThereBack

Information

Website
pvs-studio.ru
Registered
Founded
2008
Employees
51–100 employees
Location
Россия
Representative
Андрей Карпов

Your account

Sections

Information

Services

Support
© 2006–2025, Habr