Andrey_Karpov - Slashdot User

Comment Re:Poor Practices by PVS Studio and HexRays (Score 1) 169

by Andrey_Karpov on Friday February 19, 2016 @08:29AM (#51540619) Attached to: PVS-Studio Analyzer Spots 40 Bugs In the FreeBSD Kernel

Perhaps, I didn't get you quite right. Could it be that you didn't read the article attentively enough? The things we write about aren't really nonsense. For example, we are aware what is strcpy and memcpy. At times we see that people read our article not very thoroughly and then start arguing. I'll provide such an example concerning memcpy - see Fragment N1 and the comments below. This is a completely different case, I've provided it to show that the readers should carefully look though the code examples we provide.

Comment Re:Another one? (Score 1) 169

by Andrey_Karpov on Friday February 19, 2016 @08:10AM (#51540567) Attached to: PVS-Studio Analyzer Spots 40 Bugs In the FreeBSD Kernel

Static analysis development is an opportunity for us to achieve some success in life. It isn't very interesing just to do outsource work, as we want something more. It feels that we are getting there. :)

Comment Re: "their" company (Score 1) 169

by Andrey_Karpov on Friday February 19, 2016 @07:20AM (#51540461) Attached to: PVS-Studio Analyzer Spots 40 Bugs In the FreeBSD Kernel

I am busy doing many things. I am one of the founders of PVS-Studio. Besides that, I also publish the news and communicate with the audience. I suppose, it's a nice thing that you can discuss technical moments with me.

Comment Re:ahhhh advertising, my good friend! (Score 1) 169

by Andrey_Karpov on Friday February 19, 2016 @05:45AM (#51540249) Attached to: PVS-Studio Analyzer Spots 40 Bugs In the FreeBSD Kernel

It doesn't have any prospects to make a cheap tool. I suggest looking at CppCat story, a tool we were selling for $250.

Submission + - Undefined behavior is closer than you think

Submitted by Andrey_Karpov on Friday February 05, 2016 @08:50AM

Andrey_Karpov writes: Some people think that undefined behavior is caused only by gross errors (accessing outside the bounds of the array, for instance) or inadequate constructions (i = i++ + ++i, for example). That's why it is quite surprising when a programmer sees undefined behavior in the code that used to work correctly, without arousing any suspicion. One should never let his guard down, programming in C/C++. Because hell is closer than you may think.

Submission + - PVS-Studio Team: Sony C#/.NET component set analysis

Submitted by Andrey_Karpov on Wednesday January 27, 2016 @05:26AM

Andrey_Karpov writes: Some of you may know that we have recently released version 6.00 of our analyzer, that now has C# support. The ability to scan C# projects increases the number of open-source projects we can analyze. This article is about one such check. This time it is a ATF project, developed by Sony Computer Entertainment (SCEI).

Submission + - ChakraCore: analysis of JavaScript-engine for Microsoft Edge

Submitted by Andrey_Karpov on Friday January 22, 2016 @08:02AM

Andrey_Karpov writes: On the JSConf US conference in December 2015 the developers announced that they were planning to make open the source code of Chakra key components, a JavaScript-engine, operating in Microsoft Edge. Recently the ChackraCore source code became available under the MIT license in the corresponding repository on GitHub. In this article you will find interesting code fragments that were detected with the help of PVS-Studio code analyzer.

Submission + - Avoid adding a new library to the project (viva64.com) 1

Submitted by Andrey_Karpov on Friday January 15, 2016 @05:11AM

Submission + - A Tribute to Opening Up Dolphin Smalltalk 7's Source Code

Submitted by Andrey_Karpov on Tuesday January 12, 2016 @09:28AM

Andrey_Karpov writes: A few days ago, the ObjectArts company made their source code and the Dolphin Smalltalk IDE open, making it available under the MIT license! Of course, I couldn't miss the chance to try our PVS-Studio code analyzer on the project. Right off, my congratulations go to the developers: they really managed to create high-quality code which has no critical bugs. However, some bugs and smelling code are always to be found in any project, and I hope this article will help make the code a bit better.

Submission + - .NET Core Libraries (CoreFX) issues (viva64.com)

Submitted by Anonymous Coward on Monday December 28, 2015 @09:51AM

An anonymous reader writes: About a year ago Microsoft made the CoreCLR and CoreFX source code open. The latter project wasn't of a big interest for PVS-Studio Team, as it was written in C#, not in C++. But with the release of a new version of PVS-Studio 6.00 that now supports C# PVS-Studio Team went back to the CoreFX and wrote an article about its analysis.

Submission + - New Year PVS-Studio 6.00 Release: Scanning Roslyn

Submitted by Andrey_Karpov on Wednesday December 23, 2015 @02:42PM

Andrey_Karpov writes: The long wait is finally over. We have released a static code analyzer PVS-Studio 6.00 that supports analysis of C# projects. Now it can analyze projects written in languages C, C++, C++/CLI, C++/CX, and C#. For this release, we have prepared a report about analysis of open-source project Roslyn. It is thanks to Roslyn that we were able to add the C# support to PVS-Studio, and we are very grateful to Microsoft for this project.

Submission + - Issues found in Roslyn (.NET Compiler Platform) (viva64.com)

Submitted by Anonymous Coward on Wednesday December 23, 2015 @09:10AM

An anonymous reader writes: PVS-Studio team released v.6.00 version with C# support. As always they tell not only about their instrument, but show its value by analyzing open source projetcs. Today Roslyn has been scanned and the issues found are presented with details.

Submission + - Static code analyzer PVS-Studio has now C# support

Submitted by Andrey_Karpov on Monday December 21, 2015 @01:49PM

Andrey_Karpov writes: PVS-Studio used to be known only among C/C++ programmers. This is an analyzer that finds bugs on the phase of writing the code. The number of diagnostics increases every day. It is also useful to search for typos and errors caused by inaccurate Copy-Paste method. Articles about open-source project checks clearly demonstrate the abilities of the analyzer.

A very important event happened. Now, starting with the 6.00 version of our analyzer tool has C# support. We invite C# developers to try it on your code with the help of this analyzer.

We would like to get feedback from the developers about our new tool. We would be grateful to anybody who will find time to try PVS-Studio in the project and write to us about the flaws and ideas about the implementation of new diagnostics.

Submission + - Celebrating 30-th anniversary of the first C++ compiler: let's find bugs in it

Submitted by Andrey_Karpov on Thursday November 05, 2015 @04:36AM

Andrey_Karpov writes: Cfront is a C++ compiler which came into existence in 1983 and was developed by Bjarne Stroustrup ("30 YEARS OF C++"). At that time it was known as "C with Classes". Cfront had a complete parser, symbol tables, and built a tree for each class, function, etc. Cfront was based on CPre. Cfront defined the language until circa 1990. Many of the obscure corner cases in C++ are related to the Cfront implementation limitations. The reason is that Cfront performed translation from C++ to C. In short, Cfront is a sacred artifact for a C++ programmer. So I just couldn't help checking such a project.

Submission + - CppHints is a service of C/C++ programming hints (cpphints.com)

Submitted by Anonymous Coward on Thursday August 20, 2015 @04:59AM

An anonymous reader writes: The PVS-Studio team has analyzed over 200 open-source projects with their static code analyzer. Among them are such titles as Unreal Engine, Php, Haiku, Qt, and even Linux. In each of these projects, bugs of varying severity were detected. The team regularly reports the analysis results in their blog. Each post is a separate article of several pages, describing in detail each of the bugs found and giving recommendations on how to fix them.

The PVS-Studio team decided to go further to create a service of hints and recommendations on C/C++ usage, CppHints.com. Within the scope of this service, the team publishes 1 hint per every business day. Each publication delivers concentrated information on C/C++ programming approaches and techniques used in various situations and includes examples of correct and incorrect language use from over 200 open-source projects.

The service is absolutely free; every programmer willing to get useful tips from the PVS-Studio team can subscribe to the service mailing list.

Slashdot Top Deals