To get a trial key
fill out the form below
Team License (a basic version)
Enterprise License (an extended version)
* By clicking this button you agree to our Privacy Policy statement

Request our prices
New License
License Renewal
--Select currency--
USD
EUR
RUB
* By clicking this button you agree to our Privacy Policy statement

Free PVS-Studio license for Microsoft MVP specialists
* By clicking this button you agree to our Privacy Policy statement

To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

I am interested to try it on the platforms:
* By clicking this button you agree to our Privacy Policy statement

Message submitted.

Your message has been sent. We will email you at


If you haven't received our response, please do the following:
check your Spam/Junk folder and click the "Not Spam" button for our message.
This way, you won't miss messages from our team in the future.

>
>
We found over 10000 bugs in various ope…

We found over 10000 bugs in various open source projects

Aug 18 2016
Author:

In order to promote a static analysis methodology at large and static analyzer PVS-Studio in particular we regularly verify various open source projects. The bugs we found demonstrate that nobody is immune from misprints, inattention or other mistakes. Absolutely nobody, and we find confirmations to this point in such projects as Microsoft Code Contracts, Qt, Linux kernel, CryEngine, VirtualBox, LibreOffice, Firefox, Boost, Tor and so on. At the moment we inspected 262 projects. It's official! We found and logged 10000 bugs!

0421_10000_bugs_in_various_open_source_projects/image1.png

As a rule, we write an article when we find fairly large number of issues in a project. You may refer to the list of our articles using the link. If we find just a few issues, we report them to contributors of a project and get engaged with other matters.

Of course, 10000 issues in 262 projects is not too much. It makes 38 issues per project at an average. I should notice that indeed this amount does not mean anything. Code base and quality may vary from project to project. For example, in some projects we find just one issue, while other projects contain hundreds of issues.

Another important point to note is that to promote static analysis and PVS-Studio we do not need to find as many bugs as possible. We need to find enough interesting issues to write an article. That is why we always suggest contributors of projects to examine their code more carefully. In fact, non-recurrent inspections are good for demonstration of analyzer capabilities, but in real development process they are of very little use. The whole point of the static analysis is to run it on a regular basis. In this case most of errors can be detected during code writing, and not after 50 hours of debugging or after user's complaints.

It is time now to share a link to the logged errors:

Errors detected in Open Source projects

This collection of issues can be used as a unique data for thinking of coding standards development, writing articles about programming rules, and assist in other research on improving software reliability, for example, "The Last Line Effect". Wish you interesting findings.

Popular related articles

Comments (0)

Next comments
This website uses cookies and other technology to provide you a more personalized experience. By continuing the view of our web-pages you accept the terms of using these files. If you don't want your personal data to be processed, please, leave this site.
Learn More →
Accept