Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Submission + - We Checked the Android Source Code by PVS-Studio, or Nothing is Perfect

Submitted by Andrey_Karpov
Andrey_Karpov writes: Development of large complex projects is impossible without the use of programming techniques and tools helping to monitor the quality of the code. First, it requires a literate coding standard, code reviews, unit tests, static and dynamic code analyzers. All this helps to detect defects in code at the earliest stages of development. This article demonstrates the abilities of a static analyzer in detecting bugs and security weaknesses in code of the Android operating system. We hope that the article will attract readers' attention to the methodology of static code analysis, and they will be willing to embed it in the process of developing their own projects.

Submission + - The Evil within the Comparison Functions

Submitted by Andrey_Karpov
Andrey_Karpov writes: Perhaps, readers remember my article titled "Last line effect". It describes a pattern I've once noticed: in most cases programmers make an error in the last line of similar text blocks. Now I want to tell you about a new interesting observation. It turns out that programmers tend to make mistakes in functions comparing two objects. This statement looks implausible; however, I'll show you a great number of examples of errors that may be shocking to a reader. So, here is a new research, it will be quite amusing and scary.

Submission + - Checking the code of Valgrind dynamic analyzer by a static analyzer

Submitted by Andrey_Karpov
Andrey_Karpov writes: We regularly check various projects to spread the word about static analysis methodology in general, and about our tool PVS-Studio in particular, so I couldn't miss a chance to check the Valgrind project. It is a kind of a challenge to us to find errors in it. This is a high-quality, well-tested project that is already being checked by Coverity. In general, I am sure that this code was checked by enthusiasts and various tools. Even several errors found would be a great success. Let's see if there was anything interesting that PVS-Studio managed to find in the code of Valgrind.

Submission + - Search for bugs in C, C++ and C# on Windows and Linux (PVS-Studio Free)

Submitted by Anonymous Coward
An anonymous reader writes: PVS-Studio team want to help the software world improve the quality of their code, and get to know static analysis tools better. They are giving the opportunity to use PVS-Studio static code analyzer for free, for educational purposes, so that individual developers and enthusiastic teams could also fully use it.

Instruction: How to use PVS-Studio for Free.

P.S. PVS-Studio is a tool for bug detection in the source code of programs, written in C, C++ and C#. It works in Windows and Linux environment. Examples: bugs found in open source projects.

Submission + - How to find a bug in your Linux project

Submitted by Anonymous Coward
An anonymous reader writes: A team of developers of PVS-Studio analyzer that is designed to search for errors in programs written in C, C++ and C# has released a version of their tool for Linux. Previously there was a possibility to do the analysis of the projects only in Windows, now the support is added also for the second most popular platform.

PVS-Studio detects potential errors of three main groups: general analysis, optimizations and 64-bit issues. The diagnostic set of general analysis allows detecting logic errors, typos, code fragments, causing access violation, incorrect usage of algorithms from STL libraries and a lot more.

The new version of PVS-Studio for GNU/Linux OS, in addition to the native version of the analyzer, offers convenient variants of the integration to the projects, using CMake and QMake and the display of the analysis results in the QtCreator and CLion IDE. Also there is now a possibility to check any project that uses one of the compilers, supported by the analyzer, with the help of the universal compilation tracking system.

The distribution kit of the analyzer Linux version as an archive and deb/rpm packages is available at this link: http://www.viva64.com/en/pvs-studio-download-linux/.

It is also necessary for the users to read a short instruction How to run PVS-Studio on Linux .

Submission + - Apparantly, soon we'll hear about a large number of bugs from the Linux world.

Submitted by Anonymous Coward
An anonymous reader writes: There are restless developers of PVS-Studio code analyzer. This is such a tool that will draw the attention of the programmer to those code fragments that most likely contain an error. We can say that this is kind of a virtual assistant that does the code review and warns if he doesn't like something. And does it quite successfully. For example, not so long ago the guys reported that they found more than 10000 bugs in open-source projects.

The main point of the news is in the following. Until recently, the PVS-Studio tool was only available to Windows developers. Although the authors have written several articles about the check of Linux projects as an experiment, that doesn't count. Now the distribution kit is available for Linux developers as well.

Those who are willing to try out the new tool can find it on the download page. Here you can read the information of how to check your project.

I think this event is quite important and interesting. Soon we will probably see a lot of mentioning of this product: how this tool will find another bug in a popular Linux project. On the website of the authors you may find their blog and Twitter where they will most likely describe those interesting moments, connected with the Linux version. They have quite a funny blog that can be called "Bugs, bugs are everywhere!" Their logo is hilarious, by the way.

Submission + - Chatbots, and how will Microsoft help us with this? (viva64.com)

Submitted by El_programmer
El_programmer writes: Generally, a chatbot is a program that can imitate a meaningful dialogue with the user via text or speech in the language known to the user. The goal of such a dialogue, is often to answer the user requests and execute bot commands. Not being something substantially new, chatbots however, are positioned in the marketplace as a sort of know-how activity. Of course, the fuss created around such bots as smart and often an indispensable assistant for the users, plays a huge role.

Chat bots won't let you get bored while interacting with other users of Messenger, entertaining with a fresh joke or game; they can send the current weather forecast; help with ordering pizza; advise about healthy eating in response to a message about your weight and blood pressure; dialogue with you on legal services websites, simulating a real interlocutor; can ask you in a pleasant voice about your mood and, based on analysis of your response, select a musical composition on your smartphone; can easily cope with the role of a support service specialist of any service by e-mail. These are just a few small examples of what smart bots can do. There is also a separate group of corporate bots, solving important corporate tasks.

Like any new technology, chatbots are a logical development of the more familiar methods of communication with, and conveying of information to, an end-user: web sites, applications, push notifications, etc. This technology is attractive, first of all, due its end-user focus, integration into the final platform, ease of use, intellectualism, and friendliness.

Major IT players (primarily on the market of online communications) have already evaluated the potential and possible benefits of using chatbots in their solutions a long time ago. Bots in one form or another are used extensively in all popular messengers, Internet platforms, and mobile devices.

Microsoft is actively involved in the development, working in several directions: mobile assistant Cortana; not a very successful, but certainly an interesting experiment with a female bot. Tay on Twitter; a more successful experiment in China with a female bot Xiaoice (Sâois); bots for Skype; and finally, the Microsoft Bot Framework for creation and integration of its own bots into various platforms.

This overview article is devoted to the study of a trend which is growing rapidly in popularity in the IT industry — chatbots, and the role of Microsoft in their development process. The article will cover the history of chatbots, peculiar properties of bots, the main, and also some unexpected spheres of their application, perspectives and technology limits.

Submission + - Over 10000 bugs in various open source projects

Submitted by Andrey_Karpov
Andrey_Karpov writes: In order to promote a static analysis methodology we regularly verify various open source projects. The bugs we found demonstrate that nobody is immune from misprints, inattention or other mistakes. Absolutely nobody, and we find confirmations to this point in such projects as Microsoft Code Contracts, Qt, Linux kernel, CryEngine, VirtualBox, LibreOffice, Firefox, Boost, Tor and so on. At the moment we inspected 262 projects. It's official! We found and logged 10000 bugs!

As a rule, we write an article when we find fairly large number of issues in a project. You may refer to the list of our articles using the link. If we find just a few issues, we report them to contributors of a project and get engaged with other matters.

Of course, 10000 issues in 262 projects is not too much. It makes 38 issues per project at an average. I should notice that indeed this amount does not mean anything. Code base and quality may vary from project to project. For example, in some projects we find just one issue, while other projects contain hundreds of issues.

It is time now to share a link to the logged errors:

Errors detected in Open Source projects

This collection of issues can be used as a unique data for thinking of coding standards development, writing articles about programming rules, and assist in other research on improving software reliability, for example, "The Last Line Effect". Wish you interesting findings.

Submission + - PVS-Studio Team: Analysis of PHP7

Submitted by Andrey_Karpov
Andrey_Karpov writes: It's quite amusing to hear the news about new trending programming languages and the debates about the most useful ones. Nevertheless, C and C++ are still there, quietly doing their job. For example, PHP7 is written in C, so there is a cause to run the PVS-Studio analyzer and see which bugs can be found in the PHP Interpreter.

Comment Re:Oh, Karpov, you inveterate spammer... (Score 3, Interesting) 169

by Andrey_Karpov (#51540979) Attached to: PVS-Studio Analyzer Spots 40 Bugs In the FreeBSD Kernel

You may just say - hey this is me, psychonaut, I've banned viva64 on Wikipedia. Praise me for that. Because of me you won't see links to really helpful material on viva64.

For example, it's really not necessary for those who are interested in Precompiled header to know that there is a super useful article StdAfx.h. Burn it all! :)

Comment Re:Another one? (Score 1) 169

by Andrey_Karpov (#51540793) Attached to: PVS-Studio Analyzer Spots 40 Bugs In the FreeBSD Kernel

Well, it's not very likely that we'll be given a chance to run the analysis on Windows. Even if such a thing happens, we can't write an article about that. In general, we like checking Microsoft projects. These programs are of high quality and it's a big achievement for us to find something worthwhile, as well another opportunity to advertise PVS-Studio.

Here are the articles about our project checks:

Here are the checks of C# projetcs:

Slashdot Top Deals

Time is the most valuable thing a man can spend. -- Theophrastus

Close