---

About the benefits of a static code analyzer for programs

A lot of programmers make errors when writing the code and regardless of the size of the project, no one is immune to inattentiveness or unawareness of some new features. Static code analyzers are of great help in these cases. There is quite a number of such tools, but today we’ll inspect PVS-Studio.

PVS-Studio is a tool for bug detection in the source code of programs, written in C, C++ and C#. The analyzer is available for programmers who are used to working on Windows OS and on Linux, where it can be embedded into any development environment due to the output similar to the compiler one.

In order to improve the quality of the product and the diagnostics in it, which find bugs; the developers tirelessly check new open-source projects and post the results of the checks in their blog (http://www.viva64.com/en/b/).

PVS-Studio team found for more than 10000 bugs in various projects, among which there are many well-known projects, for example: Unreal Engine, React OS, Unity 3D, CryEngine 5, Open JDK, Serious Engine, GCC, Mono and many more.

Some bugs were quite indsignificant and happily lived in the analyzer projects without anybody noticing them. While others were very serious, arising questions like “How on Earth can a programmer code like that???”.

For example,

A bug in the GCC compiler:

static bool
dw_val_equal_p (dw_val_node *a, dw_val_node *b)
{
….
case dw_val_class_vms_delta:
return (!strcmp (a-v.val_vms_delta.lbl1,
b-v.val_vms_delta.lbl1)
&& !strcmp (a-v.val_vms_delta.lbl1,
b-v.val_vms_delta.lbl1));
….
}

PVS-Studio warning: V501 There are identical sub-expressions ‘!strcmp(a-v.val_vms_delta.lbl1, b-v.val_vms_delta.lbl1)’ to the left and to the right of the ‘&&’ operator. dwarf2out.c 1428

A bug in Mono project:

static bool AreEqual (VisualStyleElement value1,
VisualStyleElement value2)
{
return
value1.ClassName == value1.ClassName && //