In life of the PVS-Studio analyzer the important event took place — in the latest version verifiability of the code written on C# was added. Being one of developers of this analyzer, I just could not pass by, without having checked some project. It is clear, that it will be interesting to very few people to read about verification of small and unknown projects therefore it was necessary to select something known, and the choice fell on MonoDevelop.
1 year, 1 month ago
About a year ago Microsoft uploaded publicly the source code of such projects as CoreCLR and CoreFX. The last project was not interesting to us until recently because it is written in the C# language, but not C ++. But with an output of the new PVS-Studio 6.00 version supporting projects and in the C# programming language I decided to return to CoreFX and to write article.
.NET Core is modular implementation of libraries and runtime environment which includes a. net Framework subset. .NET Core consists of a set of libraries, called "CoreFX" and the small optimized working environment of "CoreCLR".
.NET Core extends open source which is available on GitHub:
1 year, 2 months ago The long-awaited event came. We released the release version of a static code analyzer PVS-Studio 6.00 supporting check C#-проектов. Now check of the code written in the following languages is performed: C, C ++, C + + / CLI, C + + / CX, C#. We dated verification of the open Roslyn project for release of the sixth version of the analyzer. Exactly thanks to Roslyn in the PVS-Studio analyzer support C# appeared, and we are very grateful to the Microsoft company for implementation and development of this project.
I want to leave a number of comments. Their main sense that it is not similar to terrible tabs. This code reminds me some test prototype, but not the ready application more. So perhaps not everything is as terrible as the author in article presents. First, the code contains an error and random numbers are used always. In reality by it hardly took place in process system testing. And secondly, there is such concept as "certification of programs". And the given code fragment — the first candidate for detection.
1 year, 2 months ago
On open spaces of a network the blog "No Marketing Bullshit" is located. The unknown author of the blog most likely is one of our admirers what couple of notes on PVS-Studio code analyzer testify to. I decided to translate one of these notes. Just in case I will note that we have no relation to this blog. It is not our style. If we are going to write advertizing article, then we do not mask, and and we write - it is advertizing article.
1 year, 2 months ago Checking many years different C/C ++ projects, I declare: the most unsuccessful and dangerous function — memset (). When using memset function () allow the greatest number of errors, in comparison with use of other functions. I understand that my output will hardly shake bases of the universe or is incredibly valuable. However I think, it will be interesting to readers to learn why I came to such conclusion.
My name is Andrey Karpov. I combine many positions and occupations. But the basic that I do, I tell it to programmers about advantage which static analysis of a code can bring. Naturally I do it with a mercenary motive, trying to interest readers in the PVS-Studio analyzer. However, it does not reduce an interesnost and usefulness of my articles.
The only type of advertizing which can punch scaly armor of programmers is demonstration of examples of errors which PVS-Studio is able to find. For this purpose I check a large number of open projects and I write articles about results of researches. General benefit. Open projects become a little better, and our company has new clients.
Now it will become clear to what I conduct. Being engaged in verification of open projects, I saved up big base of examples of errors. And now, based on it, I can find interesting patterns.
For example, one of interesting supervision was that programmers make mistakes at Copy-Paste most often right at the end. On this subject I bring to attention the article "Effect of the Last Line".
1 year, 2 months ago We had an experimental version of the PVS-Studio analyzer which is able to analyze C#-проекты and which can be shown to the world. It is not Release, and even not Beta. It is just current assembly of PVS-Studio. We want as soon as possible to begin to receive comments from our users or potential users concerning support C#. Therefore we suggest enthusiasts to try the new PVS-Studio version on the C#-проектах and to tell us about results, shortcomings and to state the wishes. Ah yes, and of course in article results of verification of the next project — SharpDevelop will be described.
1 year, 3 months ago Now the PVS-Studio command actively is engaged in development of the static C# analyzer of a code. We are going to release the first version of the analyzer by the end of 2015. For now my task — to write several articles in advance to interest C# programmers in the PVS-Studio tool. Today issued me the updated installer. Now became possible to set PVS-Studio with support C# and even to check something. I was not slow to use it and decided to check the first that will turn up under a hand. The first the Umbraco project turned up. Of course, so far the current version of the analyzer is able a little, but I will have enough it for writing of small article already now.
1 year, 3 months ago Recently there was article "Hackathon 2: Time lapse analysis of Unreal Engine 4" in which it is told how having taken the Klocwork tool can find a set of errors in the Unreal Engine 4 project. I cannot pass by this article. The matter is that in due time we corrected all errors which were found in this project by the PVS-Studio analyzer. It is clear, that all errors but only found by the analyzer were corrected not in general. However article makes impression that the PVS-Studio analyzer passed too much. Well, now my course. I too again rechecked Unreal Engine 4 and found the mass of errors. Thus I can declare that PVS-Studio can find in Unreal Engine 4 new errors now too. Draw.
1 year, 3 months ago Our company (OOO "Siprover", the PVS-Studio developer) held a competition at the SECR2015 conference. The essence of tender was in finding of the most interesting error in the code. Actually to tell, in general, there is nothing as exactly 1 person took part in tender. Nevertheless, a number of people asked to tell, than tender ended, and I decided to write a tiny note on this subject.