As software developers, we always want our software to work properly. We’ll do everything to improve the software quality. To find the best solution, we are ready to use parallelizing or applying any various optimization techniques. One of these optimization techniques is the so-called string interning. It allows users to reduce memory usage. It also makes string comparison faster. However, everything is good in moderation. Interning at every turn is not worth it. Further, I’ll show you how not to slip up with creating a hidden bottleneck in the form of the String.Intern method for your application.

In case you’ve…


At the very beginning of this year, Apple released the source code for macOS — Big Sur. It includes XNU, the kernel of the macOS operating system. A few years ago, PVS-Studio has already checked the kernel source code. It coincided with the analyzer release on macOS. It’s been a while since then. The new kernel source code has been released. A second check? Why not?

What kind of project is it: Apple and open-source?

XNU — X is Not Unix — is developed by Apple for use in Mac OS X operating system. Source code of this kernel was published 20 years ago under APSL (the Apple Public…


Most influential programmers say that code must be self-documenting. They find comments useful only when working with something uncommon. Our team shares this opinion. Recently we came across a code snippet that perfectly proves it.

We wrote out the following code while working with the article “Date Processing Attracts Bugs or 77 Defects in Qt 6”.

The PVS-Studio analyzer highlighted this code snippet and issued the warning: V575 [CWE-628] The ‘memcpy’ function doesn’t copy the whole string. Use ‘strcpy / strcpy_s’ function to preserve terminal null. qplaintestlogger.cpp 253. Actually, here it is:

const char *msgFiller = msg[0] ? " "…

Users sometimes ask how new diagnostics appear in the PVS-Studio static analyzer. We answer that we draw inspiration from a variety of sources: books, coding standards, our own mistakes, our users’ emails, and others. Recently we came up with an interesting idea of a new diagnostic. Today we decided to tell the story of how it happened.

It all started with a review of the COVID-19 CovidSim Model project and an article about an uninitialized variable. The project turned out to be small and written using the modern C++ language standard. …


Hello, everyone. This short article, once again, is about the practical benefit of writing articles about open-source project checks along with the advantage of communication with projects’ authors.

It’s no secret that most of our articles are of advertising nature. We develop PVS-Studio, a static code analyzer. So, one of the ways to promote it is writing articles. Articles about projects checks are no exception. There’s a separate page for them on our site.

Well, we don’t only write the articles. Our team also try to reach the projects’ authors and inform them about the errors found. …


Having only programming background, it is impossible to develop software in some areas. Take the difficulties of medical software development as an example. The same is with music software, which will be discussed in this article. Here you need an advice of subject matter experts. However, it’s more expensive for software development. That is why developers sometimes save on code quality. The example of the MuseScore project check, described in the article, will show the importance of code quality expertise. Hopefully, programming and musical humor will brighten up the technical text.

Introduction

MuseScore is a computer program, a scorewriter for Windows…


C# capabilities keep expanding from year to year. New features enrich software development. However, their advantages may not always be so obvious. For example, the good old yield. To some developers, especially beginners, it’s like magic — inexplicable, but intriguing. This article shows how yield works and what this peculiar word hides. Have fun reading!

Why You Need yield

The yield keyword is used to build generators of element sequences. These generators do not create collections. Instead, the sequence stores the current state — and moves on to the next state on command. Thus, memory requirements are minimal and do not depend on the…


In our articles, we regularly repeat an important idea: a static analyzer should be used regularly. This helps detect and cheaply fix many errors at the earliest stage. It looks nice in theory. As we know, actions still speak louder than words. Let’s look at some recent bugs in new code of the Blender project.

Recently, we set up a regular check of the Blender project, as my colleague described in the article “Just for Fun: PVS-Studio Team Came Up With Monitoring Quality of Some Open Source Projects”. In the future, we plan to start monitoring some more interesting projects.


The recent Qt 6 release compelled us to recheck the framework with PVS-Studio. In this article, we reviewed various interesting errors we found, for example, those related to processing dates. The errors we discovered prove that developers can greatly benefit from regularly checking their projects with tools like PVS-Studio.

This is a standard article that reports the results of an open-source project check. This article will add to our “evidence base” that demonstrates how useful and effective PVS-Studio is in code quality control. Though we have already checked the Qt project in the past (in 2011, 2014, and 2018), rechecking…


Recently we found out that the new version of the fheroes2 project was released. In our company there are many fans of Heroes of Might and Magic game series. So, we couldn’t pass it up and checked the project by PVS-Studio.

Introduction to the project

Free Heroes of Might and Magic II is an open source implementation of the Heroes of Might and Magic II game engine. To play the updated version, you need the original Heroes of Might and Magic II or at least its demo version. The latter is available by the script distributed with the source code. …

Unicorn Developer

The developer, the debugger, the unicorn. I know all about static analysis and how to find bugs and errors in C++, C#, and Java source code.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store