Author: Gilad David Maayan
Code quality is a set of practices and standards that can help you achieve structural and functional software quality. You can use code quality metrics, tools, and practices to standardize collaboration attributes and maintain high product quality through continuous testing.
Code quality can also help promote the use of best practices through regularly updated documentation, as well as help you enforce standard refactoring practices. Read on to learn nine methods of implementing and improving code quality practices and processes.
PVS-Studio warning: V504 It is highly probable that the semicolon ‘;’ is missing after ‘return’ keyword. AdvancedSettings.cpp:1476
void CAdvancedSettings::SetExtraArtwork(const TiXmlElement* arttypes,
const TiXmlNode* arttype = arttypes->FirstChild("arttype");
The code formatting suggests the following execution logic:
- if arttypes is a null pointer, the method returns;
- if arttypes is a non-null pointer, the artworkMap vector gets cleared and some actions are then performed.
But the missing ‘;’ character breaks it all, and the actual execution logic is as follows:
- if arttypes is a null pointer, the artworkMap vector gets cleared and the method returns;
- if arttypes is a non-null pointer, the program executes whatever actions come next but the artworkMap vector doesn’t get cleared.
To cut a long story short, this situation does look like a bug. After all, you hardly expect anyone to write expressions like return artworkMap.clear(); :).
Please click here to see more bugs from this project.
Every developer knows about a debugger, version control system or, for example, unit-tests. Nevertheless, not all developers are familiar with the methodology of static code analysis. Meanwhile, the technology becomes an integral part of the development cycle of programs. I would like to suggest a small introductory course for anyone interested in modern development trends.
This is how this statement looks in discussions on forums (this is a collective image):
I’ve written a special program, its size is 100 code lines. But the analyzer doesn’t generate anything although all the warning levels are enabled. This [tool of yours] / [static analysis] in general is just rubbish.
No, they don’t. They actually want to solve some tasks of searching for particular language constructs. It is not the same thing as creating diagnostic rules.
The statement is rather strange. Dynamic and static analyses are just two different methodologies which supplement each other. Programmers seem to understand it, but I hear it again and again that dynamic analysis is better than static analysis.
Let me list advantages of static code analysis.
Today we will talk about the second myth about static analysis.
While communicating with people on forums, I noticed there are a few lasting misconceptions concerning the static analysis methodology. I decided to write a series of brief articles where I want to show you the real state of things.
Static code analysis is the process of detecting errors and defects in a software’s source code. Static analysis can be viewed as an automated code review process. Let’s speak about the code review now.
The authors of the PVS-Studio analyzer invite you to test your attentiveness.
Code analyzers never get tired and can find errors a human’s eye cannot easily notice. We have picked a few code fragments with errors revealed by PVS-Studio, all the fragments taken from well-known open-source projects.