To get a trial key
fill out the form below
Team License (standard version)
Enterprise License (extended version)
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
GBP
RUB
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
I am interested to try it on the platforms:
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Message submitted.

Your message has been sent. We will email you at


If you haven't received our response, please do the following:
check your Spam/Junk folder and click the "Not Spam" button for our message.
This way, you won't miss messages from our team in the future.

>
>
PVS-Studio: Engine of Progress

PVS-Studio: Engine of Progress

Aug 20 2019
Author:

A PVS-Studio team and our product make a great contribution to upgrading of software quality. Moreover, in addition to detecting errors in closed and open source projects, there is an indirect contribution to the development of compilers and other tools of code analysis. We are pleased that in some cases we are trendsetters and we decided to dedicate a small note to this in our blog.

0659_PVS_Studio_engine_of_progress/image1.png

PVS-Studio is a static code analyzer for detecting errors and potential vulnerabilities in source code of programs, written in C, C ++, C# and Java.

To popularize the methodology of static code analysis and our tool, we write articles on checks of various open projects. In addition, we check various compilers once in a while. For example, we've tested and found bugs in projects such as: GCC, LLVM, PascalABC.NET, Roslyn.

More than once we've come across an interesting fact. As soon as we check, let's say, LLVM or GCC, a couple of new diagnostics appear in these compilers in the next or in the next but one release. And they detect errors that PVS-Studio managed to find in their code :). Unfortunately, we haven't noted the dates and links to corresponding improvements, so you'll have to take our word for it. Various C++ compilers borrow some of our diagnostics and we think it's perfectly normal, right and useful!

In addition to C++ compilers, C# analyzers have also started adopting ideas of our diagnostics. Which means, the C# analyzer, implemented in PVS-Studio, has become another lodestar! It's nice and cool to be aware of it.

In this case, I can track how it happened, let's say, in real time. On August 13, 2019 we posted a large article on the check of .NET Core Libraries (CoreFX). Among other things, this article describes an error pattern related to usage of interpolated strings (see the V3138 diagnostic). CoreFX developers took an interest in our publication and began to correct the errors we found. And on August 14, they got to the errors we found related to these very interpolated strings: Fix a few missing $s for string interpolation in tracing.

Here starts the most interesting part. In that very day, a new task appeared in the Roslyn Analyzers project on implementing a new diagnostic "New rule: Interpolated strings that are missing the $ special character #2767", related right to errors, fixed in CoreFX. We're so glad that our efforts turned out to be useful for CoreFX developers and our diagnostics have become a role model for Roslyn Analyzers developers. It is a bit unfortunate that the PVS-Studio tool isn't mentioned anywhere in the discussion. It seems as if they found those errors and came up with the idea to make diagnostics themselves. Of course, we would be flattered, if we were mentioned as the original source. Well, that's fine.

Why did we decide to write about all this? We are very pleased and we are even a bit proud of ourselves! By studying our experience, other compilers implement new diagnostics, it improves the quality of developed software as a whole. I understand that we aren't the only one who influence the development of compiler's error-finding capabilities. However, we are pleased to know that we are contributing to this process.

Are we concerned that other tools are gradually learning to find the same bugs as PVS-Studio? No. Our tool exists and is sold right for the reason that we are always ahead of compilers' capabilities. Our purpose is to always stay ahead. The awareness that someone is constantly making up for us doesn't leave us the right to relax, and it benefits everyone. In addition, it should be understood that PVS-Studio is not only warnings, but also:

  • Fast high-quality support (only programmers respond to mail);
  • Integration with Visual Studio, IntelliJ IDEA, SonarQube, Jenkins, IncrediBuild;
  • The ability to use the tool both locally and in the cloud (Docker, Travis CI);
  • Tools to integrate analysis into big old projects (Mass Suppression);
  • Detailed documentation with examples for each error pattern;
  • The mechanism for sending mails to developers (BlameNotifier);
  • Compiler runs monitoring (Compiler Monitoring);
  • And so on.

Thank you for your attention. Hopefully, you share our joy for PVS-Studio. Try our analyzer for continuous code quality control of your projects.

Additional links:

Popular related articles
The Ultimate Question of Programming, Refactoring, and Everything

Date: Apr 14 2016

Author: Andrey Karpov

Yes, you've guessed correctly - the answer is "42". In this article you will find 42 recommendations about coding in C++ that can help a programmer avoid a lot of errors, save time and effort. The au…
The Last Line Effect

Date: May 31 2014

Author: Andrey Karpov

I have studied many errors caused by the use of the Copy-Paste method, and can assure you that programmers most often tend to make mistakes in the last fragment of a homogeneous code block. I have ne…
Appreciate Static Code Analysis!

Date: Oct 16 2017

Author: Andrey Karpov

I am really astonished by the capabilities of static code analysis even though I am one of the developers of PVS-Studio analyzer myself. The tool surprised me the other day as it turned out to be sma…
Technologies used in the PVS-Studio code analyzer for finding bugs and potential vulnerabilities

Date: Nov 21 2018

Author: Andrey Karpov

A brief description of technologies used in the PVS-Studio tool, which let us effectively detect a large number of error patterns and potential vulnerabilities. The article describes the implementati…
How PVS-Studio Proved to Be More Attentive Than Three and a Half Programmers

Date: Oct 22 2018

Author: Andrey Karpov

Just like other static analyzers, PVS-Studio often produces false positives. What you are about to read is a short story where I'll tell you how PVS-Studio proved, just one more time, to be more atte…
PVS-Studio for Java

Date: Jan 17 2019

Author: Andrey Karpov

In the seventh version of the PVS-Studio static analyzer, we added support of the Java language. It's time for a brief story of how we've started making support of the Java language, how far we've co…
Free PVS-Studio for those who develops open source projects

Date: Dec 22 2018

Author: Andrey Karpov

On the New 2019 year's eve, a PVS-Studio team decided to make a nice gift for all contributors of open-source projects hosted on GitHub, GitLab or Bitbucket. They are given free usage of PVS-Studio s…
Characteristics of PVS-Studio Analyzer by the Example of EFL Core Libraries, 10-15% of False Positives

Date: Jul 31 2017

Author: Andrey Karpov

After I wrote quite a big article about the analysis of the Tizen OS code, I received a large number of questions concerning the percentage of false positives and the density of errors (how many erro…
The way static analyzers fight against false positives, and why they do it

Date: Mar 20 2017

Author: Andrey Karpov

In my previous article I wrote that I don't like the approach of evaluating the efficiency of static analyzers with the help of synthetic tests. In that article, I give the example of a code fragment…
The Evil within the Comparison Functions

Date: May 19 2017

Author: Andrey Karpov

Perhaps, readers remember my article titled "Last line effect". It describes a pattern I've once noticed: in most cases programmers make an error in the last line of similar text blocks. Now I want t…

Comments (0)

Next comments

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
This website uses cookies and other technology to provide you a more personalized experience. By continuing the view of our web-pages you accept the terms of using these files. If you don't want your personal data to be processed, please, leave this site.
Learn More →
Accept