SourceCode

Static code analysis is a way of debugging that automatically examines source code before it compiles or is run. It does this by comparing the code code to a set of rules or standards. It is a way of automating code reviews and can be used in conjuncture with peer reviews.

Yuri Minaev is working in the PVS-Studio company as one of developers of the C++ static analyzer. His primary responsibility is to keep low-level stuff in order and add new features to the core module. It’s been almost 2 years since he joined the team after about 12 years of IT experience. Apart from that, he periodically gives talks at various conferences – mainly on topics related to static analysis and C++.

PVS-Studio is cross platform, working on Windows, Linux and MacOS 64-bit environments. It can analyze code designed for 32-bit and 64-bit systems as well as embedded ARM platforms. It generates reports that help developers to find and fix bugs before they become a problem.

Keeping a codebase clean and detecting problems before they occur will make your life better as a developer. When you can avoid getting nailed by simple problems, you can think about your software at a higher level, vastly improving your effectiveness as a software developer. It’s not just about avoiding bugs, although that’s important, but about what you can do with the time, money, and attention you save.

C# 9.0 is taking shape, and I’d like to share our thinking on some of the major features we’re adding to this next version of the language.

The #line directive is added by the preprocessor and can then be used to help the developer understand which file and line a particular code fragment in the preprocessed file refers to. The #line directive tells code-processing tools to change the compiler's internally stored line number and filename to a given line number and filename. Subsequent lines will be numbered relative to that position. Explicit preprocessing is mostly used for debugging or by various generators. In any case, a bug breaking this functionality may have a variety of negative effects. One of our users was faced with such a problem in Visual Studio 2019.

The purpose of this article is to give a general overview of the features of the PVS-Studio static analyzer. The simplest and most informative way to do this is to show the tool in action. We'll be sharing examples demonstrating the analysis process using the Visual Studio plugin, the algorithm of running the analyzer under Linux, and analysis log import into SonarQube.

Due to a series of different events, the beginning of beta testing of the plugin for the Rider and C# analyzer for Linux / macOS was a little delayed. However, we are pleased to announce that this day has come — today we are launching the beta test.

The GCC compiler is written with copious use of macros. Another check of the GCC code using PVS-Studio once again confirms the opinion of our team that macros are evil in the flesh. Not only does the static analyzer struggle with reviewing such code, but also a developer. GCC developers are certainly used to the project and are well versed in it. Nonetheless, it is very difficult to understand something on the third hand. Actually, due to macros, it was not possible to fully perform code checking. However, the PVS-Studio analyzer, as always, showed that it can find errors even in compilers.

This post continues the series of articles, which can well be called "horrors for developers". This time it will also touch upon a typical pattern of typos related to the usage of numbers 0, 1, 2. The language you're writing in doesn't really matter: it can be C, C++, C#, or Java. If you're using constants 0, 1, 2 or variables' names contain these numbers, most likely, Freddie will come to visit you at night. Go on, read and don't say we didn't warn you.

We’re happy to announce the next release of PlatformIO Core 4.2.0

DevOps is a methodology aiming at establishing closer collaboration between programmers and system administrators in the software development process. A DevOps engineer is a specialist working on the intersection of these two fields. A DevOps engineer's primary objective is to take the predictability, efficiency, and security of software development to the highest level possible. DevSecOps is a further development of the DevOps concept that, besides automation, addresses the issues of code quality and reliability assurance.

There are many ways that can assist in improvement the program’s quality. In this article, we invite you to consider one of them – static code analysis.

Emby is quite a popular media server along with Plex and Kodi. In this article, we'll discuss the bugs found in its source code with the static analyzer PVS-Studio. The remark "Built with ReSharper" on the project's official website makes the analysis even more interesting.

Hi to all fans of bugs! The New Year is coming soon, so it is time to take stock of the the outgoing year. By tradition, we're glad to present the top list of errors found by the PVS-Studio team in open C# projects in 2019. Ready? Then let's get going.