Pull to refresh
360.19

C++ *

General-purpose programming language. It has imperative, object-oriented and generic programming features, while also providing facilities for low-level memory manipulation

Show first
Rating limit
Level of difficulty

PVS-Studio checks the code of Flipper Zero dolphin

Reading time12 min
Views1.8K

Flipper Zero + PVS-Studio


Flipper Zero is an open-source multi-tool for geeks and penetration testers. It so happened that the Flipper Zero project and the PVS-Studio analyzer crossed paths. A philosophical question: should we check the project, if the project developers have already started fixing errors? Let's try to do this.

Read more →

Even small projects have bugs, or how PVS-Studio checked Blend2D

Reading time11 min
Views911

We often check large projects because it's easier to find bugs there. What if we try PVS-Studio on a small project? In this article we analyze Blend2D — a library for vector 2D graphics. Let's look at what we found.


0894_Blend2d/image1.png


Introduction


It's no secret that large projects have fascinating errors. It's not just "the larger the codebase is – the more errors we can find". It's also a known fact that the density of errors grows along with the codebase. That's why we love checking large projects — to treat you with a variety of "yummy" and tricky errors and typos. Besides, it's always interesting to search through a huge project with lots of dependencies, legacy code, and other stuff.


Today I'm moving away from this tradition. I decided to take a small project and see what PVS-Studio can find there. I chose Blend2D — branch master, commit c484790.

Read more →

Virtual function calls in constructors and destructors (C++)

Reading time6 min
Views5.5K

Virtual function calls in constructors (C++)
In different programming languages, the behavior of virtual functions differs when it comes to constructors and destructors. Incorrect use of virtual functions is a classic mistake. Developers often use virtual functions incorrectly. In this article, we discuss this classic mistake.

Read more →

Thanks, Mario, but the code needs fixing — checking TheXTech

Reading time12 min
Views981

It's cool when enthusiastic developers create a working clone of a famous game. It's even cooler when people are ready to continue the development of such projects! In this article, we check TheXTech with PVS-Studio. TheXTech is an open implementation of the game from the Super Mario universe.


0889_TheXTech/image1.png

Read more →

How the Carla car simulator helped us level up the static analysis of Unreal Engine 4 projects

Reading time17 min
Views1.5K

One of the mechanisms of static analysis is method annotations of popular libraries. Annotations provide more information about functions during errors detecting. CARLA is an impressive open-source project in C++ that helped us implement this mechanism to our analyzer. Subsequently, the simulator became a test-target for the improved PVS-Studio static analyzer.


0888_Carla/image2.png

Read more →

PVS-Studio to check the RPCS3 emulator

Reading time10 min
Views1K

RPCS3 is an interesting project that emulates the PS3 console. It is actively evolving. Recently we heard the news that the emulator learned how run all the games from the console's catalog. That's a good excuse to analyze the project. We'll see which errors remained after new fixes were added to the project.


0886_rpcs3/image1.png

Read more →

PVS-Studio searches for bugs in the DuckStation project

Reading time8 min
Views479

We often check retro games. In our company, many developers like to find interesting projects for themselves. They feel nostalgic when they're studying these projects. But we need to run retro games on something, right? This time we checked a project that helps to run old games on modern hardware.


0881_duckstation/image1.png

Read more →

Millions of orders per second matching engine testing

Reading time4 min
Views9.3K

I had some experience in the matching engine development for cryptocurrency exchange some time ago. That was an interesting and challenging experience. I developed it in clear C++ from scratch. The testing of it is also quite a challenging task. You need to get data for testing, perform testing, collect some statistics, and at last, analyze collected data to find weak points and bottlenecks. I want to focus on testing the C++ matching engine and show how testing can give insights for optimizations even without the need to change the code. The matching engine I developed can do more than 1’000’000 TPS (transactions per second) and is 10x times faster than the matching engine of the Binance cryptocurrency exchange (see one post on Binance Blog).

Read more

CWE Top 25 2021. What is it, what is it for and how is it useful for static analysis?

Reading time7 min
Views1K

For the first time PVS-Studio provided support for the CWE classification in the 6.21 release. It took place on January 15, 2018. Years have passed since then and we would like to tell you about the improvements related to the support of this classification in the latest analyzer version.


https://import.viva64.com/docx/blog/0869_CWE_status/image1.png


Read more →

Why we need dynamic code analysis: the example of the PVS-Studio project

Reading time10 min
Views899

In May 2021, CppCast recorded a podcast called ABI stability (CppCast #300). In this podcast, Marshall Clow and the hosts discussed rather old news — Visual Studio compilers support the AddressSantitzer tool. We have already integrated ASan into our testing system a long time ago. Now we want to tell you about a couple of interesting errors it found.


0868_PVS-Studio_ASan/image2.png

Read more →

MISRA C: struggle for code quality and security

Reading time11 min
Views1.3K

A couple of years ago the PVS-Studio analyzer got its first diagnostic rules to check program code compliance with the MISRA C and MISRA C++ standards. We collected feedback and saw that our clients were interested in using the analyzer to check their projects for MISRA compliance. So, we decided to further develop the analyzer in this direction. The article covers the MISRA C/C++ standard and the MISRA Compliance report. It also shows what we already managed to do and what we plan to achieve by the end of the year.


0866_MISRA_C/image1.png

Read more →

Authors' contribution