After we posted a small note, “Everybody makes mistakes when writing comparison functions”, we got an active discussion at the Hacker News website. Unfortunately, in the original note, I did not talk about how the diagnostic, that detected the error in OpenSSL, worked.

So I want to add an explanation…


Recently the OpenSSL 3.0.0 library was released. We decided to look at the project’s code quality and checked it with the PVS-Studio static analyzer. The code quality is excellent. Thus, we cannot write a long article about errors, as we usually do. …


PVS-Studio is a tool that finds potential vulnerabilities and code errors in C\C++\C#\Java code. Starting its journey with Windows systems, the analyzer has come to the world of Linux and macOS. It has not been fully adapted to these ecosystems until now, but the situation has changed. …


From the book by David J. Anderson “Kanban — An Alternative Path to Agility”

Capers Jones reports that in 2000, during the dot-com bubble, he evaluated the quality of programs for North American teams. The quality ranged from six errors per function point to less than three errors per 100…


This is a continuation of a small note series about regular checks of the Blender project with the PVS-Studio static analyzer. The aim of these publications is to demonstrate how it is beneficial to use static code analysis tools regularly. …


Recently, we have been monitoring changes in the Blender project, or rather, what errors appear in the new code. This compels us to write notes and discuss interesting topics. Here is one question I’d like to cover.

Based on the post “PVS-Studio, Blender: Series of Notes on Advantages of Regular…


Recently, we wrote an article Just for Fun: PVS-Studio Team Came Up With Monitoring Quality of Some Open Source Projects. Now it’s time to write about the errors found. I will not write about all shortcomings that I notice, but only about the interesting ones. …


I know that many programmers keep track of our articles and the development of our static code analyzer, PVS-Studio, but never actually tried it on their own projects. I know this from emails that go along the lines of “I’ve been reading your articles for a year, and it was…


In January, the EU is launching another big hunt for bugs in open-source software projects with the total bounty amount of about €850,000. Now, here’s a hint: static analysis is one of the means to track down bugs in software’s source code. …


I offer for your attention the article prototype titled “Free PVS-Studio for everyone who develops open source projects on GitHub”. I’d like you to approach this topic in a meaningful manner, express constructive criticism and positive suggestions. We’d like to have opinions to what extent the option we suggested is…

Andrey Karpov

Co-founder of the PVS-Studio project. Microsoft MVP in the ‘Developer Technologies’ nomination and PhD in Physics and Mathematics.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store