IntelliJ IDEA, ReSharper, SonarLint and SonarQube find the same errors as PVS-Studio - so why do we need PVS-Studio?

Sometimes people ask a question, which, at first glance, about one thing, but actually about another. As they say, a well-posed question contains half the answer.

The other day I returned from the JPoint conference, at which our new PVS-Studio analyzer for Java was first introduced. Interest in static analysis has been growing strongly in the past few years, so the audience took PVS-Studio with a bang. In addition to positive feedback, of course, I had to work with objections. The most frequent objection to the proposal to try PVS-Studio is: “Well, why should we try PVS-Studio? We use IntelliJ IDEA, ReSharper, SonarLint and SonarQube. We recently launched PVS-Studio, and it found errors that IntelliJ IDEA already highlights! ”

I just can not not write a short note-response to this comment. More precisely, I even have two answers to this objection. And yes, I specifically pointed out ReSharper here, as to our analyzer for C #, such questions also exist. Well, I will gladly answer.

First of all, we do NOT do PVS-Studio by copying competitor diagnostics. Blind copying without understanding the essence leads nowhere. The value of static code analysis, the value of its diagnostics is not where to generate an error. And where it does not issue. For each of our diagnostics, we have 10, 20, or even more exceptions, when it is not necessary to trigger. Copying diagnostics from other products only according to their description in the documentation is like trying to build the same building one photo at a time. Strong photo of the Colosseum will help you, if suddenly "the gods force" you to build the same?
')
Therefore, we never copy. “But you have the same diagnostics!” - you will say. Of course have. The ideas of many mistakes lie on the surface. It is absolutely obvious. But often diagnostics with the same description even behave differently.

In other words, if you use any of the products listed in the header, then when you start PVS-Studio it may very well be that you find a bunch of NEW errors that were not detected by other products. The experience of our clients and the experience of checking open projects confirm this.

Secondly, even if you use IntelliJ IDEA, ReSharper and SonarLint / SonarQube, and they find the same errors in your code as PVS-Studio, then I have bad news for you. You are using tools that find errors, OK. But why does PVS-Studio find errors in your code that, like, are found with all these tools? Why, when using tools that “just like PVS-Studio will find everything”, the errors are not fixed? Maybe these tools allow them not to edit?

Both IntelliJ IDEA, and ReSharper and SonarLint with SonarQube are very good tools. They are made by highly qualified teams. And if you use them - you do everything right. The higher the level of engineering culture on the project, the better for business.

But if all these tools “find the same errors as PVS-Studio”, and the errors are still in the code, then you are doing something wrong. Implement the practice of using PVS-Studio regularly in the team. And then the errors will not only be, but also corrected. The implementation of PVS-Studio will make developers fix bugs. And not just find them.

If you want to share this article with an English-speaking audience, then please use the link to the translation: Evgeniy Ryzhkov. Intellis IDEA, ReSharper, SonarLint and SonarQube?