bugs

Интересные результаты могут выдавать научные исследования, основанные на неинициализированных переменных

Если честно, я не знаю, для чего предназначен проект TPP. Как мне кажется, это набор инструментов для изучения белков и их взаимодействия в живых организмах. Впрочем, это не так важно. Главное, что исходные коды открыты. Значит, я могу проверить их с помощью статического анализатора PVS-Studio. А я люблю это делать.

Итак, был проверен проект Trans-Proteomic Pipeline (TPP) версии 4.5.2. Подробнее о проекте можно узнать по следующим ссылкам:

Myths about static analysis. The third myth - dynamic analysis is better than static analysis.

While communicating with people on forums, I noticed there are a few lasting misconceptions concerning the static analysis methodology. I decided to write a series of brief articles where I want to show you the real state of things.

The third myth is: "Dynamic analysis performed by tools like valgrind for C/C++ is much better than static code analysis".

90 errors in open-source projects

There are actually 91 errors described in the article, but number 90 looks nicer in the title. The article is intended for C/C++ programmers, but developers working with other languages may also find it interesting.
  • C/C++
  • errors
  • bugs
  • PVS-Studio
  • code review
  • static code analyzer
  • Security Community
  • Code source libre
  • Informatique parallèle
  • Myths about static analysis. The second myth - expert developers do not make silly mistakes.

    While communicating with people on forums, I noticed there are a few lasting misconceptions concerning the static analysis methodology. I decided to write a series of brief articles where I want to show you the real state of things.

    The second myth is: "Expert developers do not make silly mistakes that are mostly caught by static code analyzers".

    This is how this statement looks in discussions on forums (this is a collective image):
    S’abonner à bugs