Andrey Karpov

Dec 15

2 min read

11 years of debate: Do expert developers make silly mistakes?

The “PVS-Studio and RPCS3: the best warnings in one click” article provoked a debate. Here’s what people say in comments:

Reader: This article shows that a static analyzer will be useless for expert developers.

My reply: Myths about static analysis. The second myth is that expert developers do not make silly mistakes (p.s. probably I should rewrite this article, because the content looks outdated. But nothing has actually changed since 2011 :)

Reader: There are “myths” and there is practice, like this article or my experience of running projects with your analyzer.

My next comment turned out to be quite lengthy, so I decided to write a separate post. I’ve been carrying on this debate for more than 11 years. Time after time, we detect errors in the code, and time after time, we get comments that expert programmers do not make such mistakes :). I wonder who then makes them…. :)

It is my belief that static analysis greatly helps developers to find errors at the early stages of the product’s development. Both beginners and experts make silly mistakes. For example, I’ve already mentioned that I occasionally check the Blender project for new bugs. Here’s the last article: “0,1,2, Freddy came for Blender”. I notice how PVS-Studio detects new bugs in the updated Blender code, or at least smelly code fragments almost every check. Of course, I won’t describe them every time. That is boring both for me and for the readers. However, the project would benefit if developers start using PVS-Studio on a regular basis.

Here’s what I noticed yesterday:

The fragment above shows that the developer hurried and made a typo during the refactoring process. Most likely, developers would reveal this error later. But it is better if the static analyzer detects errors for them. Moreover, the analyzer can detect errors at the early stages, not at the testing stage or even after the release.

What to do if after the run, the analyzer issues very few warnings? Does it mean that the analyzer has little value? Of course, it doesn’t. It means you use the analyzer in a bit wrong way. Static code analysis tools are beneficial when used on a regular basis. A one-time check may not show the tool’s full potential. Would you like to learn more? Read my coworker’s detailed article on this topic: “Errors that static code analysis does not find because it is not used”.

Programming
Software Development
Software Engineering
Software Testing
Cpp

--

--

More from Andrey Karpov

Microsoft MVP. Founder and DevRel of PVS-Studio static code analyzer for C, C++, C# and Java.

Love podcasts or audiobooks? Learn on the go with our new app.

Try Knowable

AboutHelpTermsPrivacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Andrey Karpov

Andrey Karpov

1.1K Followers

Microsoft MVP. Founder and DevRel of PVS-Studio static code analyzer for C, C++, C# and Java.

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech