Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Monday October 23 2017, @06:48AM   Printer-friendly
from the MY-code-is-perfect! dept.

I am really astonished by the capabilities of static code analysis. The tool surprised me the other day as it turned out to be smarter and more attentive than I am. I found I must be careful when working with static analysis tools. Code reported by the analyzer often looks fine and I'm tempted to discard the warning as a false positive and move on. I fell into this trap and failed to spot bugs...Even I, one of the PVS-Studio developers.

So, appreciate and use static code analyzers! They will help save your time and nerve cells.

[Ed note: I debated running this story as there was an element of self-promotion (aka Bin Spam), but the submitter has been with the site for a while and has posted informative comments. Besides, I know there have been far too many times when I've seen a compiler complain about some section of my code and I'm thinking there is nothing wrong with it — and then I, finally, see my mistake. Anyone have samples of code where you just knew the compiler or static analyzer was wrong, only to find out otherwise? --martyb]


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Informative) by ataradov on Monday October 23 2017, @07:26AM (5 children)

    by ataradov (4776) on Monday October 23 2017, @07:26AM (#586220) Homepage

    Those PVS guys are annoying as hell. They spam forums with their overt advertising.

    Starting Score:    1  point
    Moderation   +2  
       Interesting=1, Informative=1, Total=2
    Extra 'Informative' Modifier   0  

    Total Score:   3  
  • (Score: 1) by Andrey_Karpov on Monday October 23 2017, @09:09AM (2 children)

    by Andrey_Karpov (6589) on Monday October 23 2017, @09:09AM (#586242) Homepage

    A program product or a company is mentioned in a half of the news. So, each second news can be called advertising. It's not very clear for me why some people are so bothered by PVS-Studio analyzer. Moreover, very few programmers know about it, I'm making sure in it every time when I visit a conference. P.S. "Again this PVS-Studio team. They are everywhere..." - https://www.viva64.com/en/b/0428/ [viva64.com]

    • (Score: 2, Interesting) by Anonymous Coward on Monday October 23 2017, @09:40PM

      by Anonymous Coward on Monday October 23 2017, @09:40PM (#586599)

      The only people I have found that have a negative reaction to these sorts of tools are the very ones who need them, desperately. They want to pretend they do not make errors. Once you accept you are not a walking encyclopedia of the different C/C++ specifications and the nuances of each compiler. Then the easy to find abuses of those specifications you realize you need these tools to help you. I have over the years humbled more than one super wizz kid cowboy programer with these sorts of tools. Then showing them in nice easy examples (usually provided by the tools). Of how big a fuckup to the code they are making. I usually bring them in once a project has spent about a week 'finding that crashing/memory leak' bug. Usually finds them in under a day. Plus a STACK of other issues. Usually knocks off the top bugs the code base was having. Usually for little to no effort. These tools are easy to use and well worth paying for. I have saved several multimillion dollar projects by using these sorts of things.

      It can actually be kind of fun. You take a crashy, memory hungry program and turn it into something that works. Usually it was some code smashed out at 2AM because the feature just had to be done 'right now'.

      The only ones who discount these sorts of tools are ones who do not bother to use them. Or have used them a couple of times and did not understand what the output meant. So they chuck it up to 'false positives' and then continue to pretend they know better.

    • (Score: 2) by realDonaldTrump on Tuesday October 24 2017, @12:57PM

      by realDonaldTrump (6614) on Tuesday October 24 2017, @12:57PM (#586823) Homepage Journal

      We are all businessmen and women, whether you see it that way yet or not. All of us, even Russians. If you like art and can’t make money at it, you eventually realize that everything is business, even your art. That’s why I like Warhol’s statement about good business being the best art. It’s a fact. Part of business is getting your message out, getting your honest and unfiltered message out. And there's always someone who will hate your message. Always someone who will want it watered down. Don't listen to them. Never listen to them.

  • (Score: 3, Informative) by The Mighty Buzzard on Monday October 23 2017, @10:47AM (1 child)

    by The Mighty Buzzard (18) Subscriber Badge <themightybuzzard@proton.me> on Monday October 23 2017, @10:47AM (#586262) Homepage Journal

    This almost got chucked as spam but martyb thought we could make a decent discussion out of it. Don't look for him to go pushing out anything they submit though.

    --
    My rights don't end where your fear begins.
    • (Score: 0) by Anonymous Coward on Tuesday October 24 2017, @12:05AM

      by Anonymous Coward on Tuesday October 24 2017, @12:05AM (#586658)

      Yeah. When I saw it in the queue, I wondered if it would make the cut.
      It has stirred some interesting discussion, so it appears that the proper choice was made.

      What I was hoping to see was the names of some tools in use.
      Comparisons by folks who had tried multiple apps would be especially interesting.

      Licenses (FOSS|proprietary) and license costs would add a dimension as well.
      (Envying the larger userbase of the other site here.)

      The Wikipedia page linked in TFS has an External links section, but I was hoping to see a link to a "Comparison of..." Wikipedia page there.

      -- OriginalOwner_ [soylentnews.org]