“Why is there no artificial intelligence yet?” Or, analysis of CNTK tool kit from Microsoft Research.

Microsoft have given open access to the source code of a tool kit that is used in the company to speed up the development of artificial intelligence: Computational Network Toolkit is now available at Github. The developers had to create their own custom solution, because the existing tools did not work fast enough.

Let’s have a look at the analysis results of the source code of this project, as done by our static code analyzer.

1e4e9l

Continue reading

R-17 VS Patriot: a Rounding Issue. Bugs in a Missile Defense System

This is another piece in our series of articles where we talk about the importance of high-quality code in computer systems whose failure can cause huge expenses or casualties. This time we will talk about reliability of embedded software in military equipment.

1dtzlq

Continue reading

Linux version of PVS-Studio couldn’t help checking CodeLite

As is probably known to our readers, PVS-Studio static analyzer is exploring a new development direction – the Linux platform; as you may have noticed from the previous articles, it is doing well. This article shows how easily you can check a project with the help of the Linux version of the analyzer, because the simpler PVS-Studio for Linux is, the more supporters it will have. This time our choice was the CodeLite project. CodeLite was compiled and tested in Linux. Let’s see what results we got.

1dc2ac

Continue reading

Finding bugs in the code of LLVM project

About two months ago I wrote an article about the analysis of GCC using PVS-Studio. The idea of the article was as follows: GCC warnings are great, but they’re not enough. As proof of my words I showed errors that PVS-Studio was able to find the GCC code. A number of readers have noticed that the quality of the GCC code, and its diagnosis, aren’t really great; while Clang compiler is up to date, of high quality, and fresh. In general Clang is awesome! Well, apparently, it’s time to check LLVM project.

image1

Continue reading

Chromium, the 5th Check

We checked Chromium more than once before, and those who follow our blog could reasonably ask, “Why another check? Weren’t there enough of them?” Sure, Chromium’s source code is particularly clean, which was shown by each of the previous checks, but new errors inevitably continue to appear. Repeated checks prove that the more often you use static analysis, the better. A good practice is to use the analyzer every day. An even better practice is to analyze the new code right after you finish writing it (automatic analysis of recently modified code).

1d2fla

Continue reading

PVS-Studio: 25 Suspicious Code Fragments in CoreCLR

The Microsoft Corporation has recently published, for free, access the source code of the CoreCLR engine, which is a key component of .NET Core. We couldn’t help but pay attention to this event. The wider a project’s audience is, the worse defects found in the code will seem, won’t they? Despite Microsoft themselves being the authors of the product, there are still some issues to examine and think over in their code – just like in any other large project.

image1 Continue reading

ChakraCore: analysis of JavaScript-engine for Microsoft Edge

On the JSConf US conference in December 2015 the developers announced that they were planning to make open the source code of Chakra key components, a JavaScript-engine, operating in Microsoft Edge. Recently the ChackraCore source code became available under the MIT license in the corresponding repository on GitHub. In this article you will find interesting code fragments that were detected with the help of PVS-Studio code analyzer.

image1 Continue reading

PVS-Studio Delved into Linux Kernel (3.18.1)

Our team decided to analyze the Linux kernel with our static code analyzer. The difficulty of this task makes it especially interesting. Linux source code has been checked, and is still checked, by a number of different tools. So, finding anything new was hardly probable. Still, we managed to find quite a number of bugs.

linux-kernel Continue reading