Category: General
-
In this article, I share a simple trick that reduces warnings in your Static Analysis tool, without compromising safety. You will learn how to inject new facts into your Static Analyzer, which can save you many hours of review work, as well as the pitfalls that must be avoided. Static Analysis can create a lot…
-
After Static Analysis has found a bug, it must make assumptions about how to continue the analysis. In this article, we learn about a common “filtering effect” and the pitfalls around it. At the end of this article, you will not only understand why bugs can hide other bugs, but also why that is not…
-
GenAI will not replace Static Analysis. Yes, GenAI can understand code in any language, and also knows about unsafe programming patterns. But it is not reliable enough to reason about bugs in your code, just like humans. Instead, it has other strengths that make it a powerful companion for Static Analysis. In the past years,…
-
Defensive coding improves software quality, but it has downsides. In this article we discuss why it fits well together with Static Analysis, and how both make each other stronger. The result is more robust software, and less warnings from your Static Analysis tool. Defensive coding has crossed my way during my early career when I…
-
The big weakness of Static Analysis is, that it can throw needless warnings, even if our software is “perfect”. In this article, we learn why Static Analysis must do that, why it can be wiser to change your code instead of managing warnings, and some tricks to keep your sanity in the process. I often…
-
Since there is “Static” Analysis, does “Dynamic” Analysis also exist? Yes, it does. However, Static Analysis is much better suited to help writing better software. It is truly independent from human limitations, and can easily be used during early development. But Dynamic Analysis has its place, too… Let’s start with a concrete task. Assume I…
-
Memory safety is often tragically misunderstood. Claims like “it eliminates all memory errors” are at best misleading, and can be a recipe for disaster. In this article, I will explain what it really means, where it has limits, and why Static Analysis is the best way to eliminate memory errors. This post is a bit…
-
In this article, you will learn what Static Analysis is, why it is loved and hated by developers at the same time, and how it can be used for writing better software or to annoy your colleagues. Imagine you have a tiny detective constantly inspecting your code, searching for hidden mistakes before they cause real…
-
Software has too many stupid bugs. Some for technical reasons, and some for human reasons. However, many of them are easily avoidable, if we only use the right technology. With this blog, I want to talk about that technology, and how to apply it in “more human” ways that make our life easier, not harder.…