Well, now PVS-Studio has more code to check and to entertain the readers with reports. :) About the analysis of various open source projects by PVS-Studio Team: https://www.viva64.com/en/insp...

Some developers say that typos are not dangerous and PVS-Studio is not needed. This great tool for typos search: https://www.viva64.com/en/exam... Now I have the argument. :)

I really don't know. We just got several requests to check this project. The more people ask us to check something, the higher the chance that we'll do it. :)

You may just say - hey this is me, psychonaut, I've banned viva64 on Wikipedia. Praise me for that. Because of me you won't see links to really helpful material on viva64.

For example, it's really not necessary for those who are interested in Precompiled header to know that there is a super useful article StdAfx.h. Burn it all! :)

See "An always up-to-date list of articles describing errors that we find in open source projects with PVS-Studio analyzer".

We have checked this projects from the list you've provided:

• Linux kernel
• Chrome (Chromium) 1, 2, 3, 4
• glibc
• OpenSSL, second
• PostgreSQL
• Firefox, second

Well, it's not very likely that we'll be given a chance to run the analysis on Windows. Even if such a thing happens, we can't write an article about that. In general, we like checking Microsoft projects. These programs are of high quality and it's a big achievement for us to find something worthwhile, as well another opportunity to advertise PVS-Studio.

Here are the articles about our project checks:

• Computational Network Toolkit (CNTK) analysis: http://www.viva64.com/en/b/0372/
• ChakraCore: analysis of JavaScript-engine for Microsoft Edge: http://www.viva64.com/en/b/0370/
• CoreCLR analysis: http://www.viva64.com/en/b/0310/
• Windows 8 Driver Samples heck: http://www.viva64.com/en/b/0199/
• Amusing archaeology. Checking Microsoft Word 1.1a: http://www.viva64.com/en/b/0245/
• Also we have found bugs in Visual C++ libraries: http://www.viva64.com/en/b/0163/ , http://www.viva64.com/en/b/0288/
• However, we are not always able to write an article about errors after checking Microsoft projects. Microsoft is known for a reason for their responsible approach to creating software and qualitative code. For example in the Casablanca project I haven't found anything: http://www.viva64.com/en/b/0189/

Here are the checks of C# projetcs:

• Analysis of .NET Core Libraries (CoreFX): http://www.viva64.com/en/b/0365/
• Checking .NET Compiler Platform (Roslyn), on the occasion of the PVS-Studio release with C# support: http://www.viva64.com/en/b/0363/
• Analysis of Microsoft Code Contracts: http://www.viva64.com/en/b/0361/
• It's not our article, but on the same topic. Microsoft Orleans project check: http://shcherbak.me/post/139216516264/checking-microsoft-orleans-with-pvs-studio-for-fun

Perhaps, I didn't get you quite right. Could it be that you didn't read the article attentively enough? The things we write about aren't really nonsense. For example, we are aware what is strcpy and memcpy. At times we see that people read our article not very thoroughly and then start arguing. I'll provide such an example concerning memcpy - see Fragment N1 and the comments below. This is a completely different case, I've provided it to show that the readers should carefully look though the code examples we provide.

Static analysis development is an opportunity for us to achieve some success in life. It isn't very interesing just to do outsource work, as we want something more. It feels that we are getting there. :)

I am busy doing many things. I am one of the founders of PVS-Studio. Besides that, I also publish the news and communicate with the audience. I suppose, it's a nice thing that you can discuss technical moments with me.

It doesn't have any prospects to make a cheap tool. I suggest looking at CppCat story, a tool we were selling for $250.

Some time ago, a vulnerability was revealed in OpenSSL, and I guess there's no programmer who hasn't been talking about it since then. I knew that PVS-Studio could not catch the bug leading to this particular vulnerability, so I saw no reason for writing about OpenSSL. Besides, quite a lot of articles have been published on the subject recently. However, I received a pile of e-mails, people wanting to know if PVS-Studio could detect that bug. So I had to give in and write this article: http://www.viva64.com/en/b/025...