“The ReactOS project is rapidly developing. One of the developers participating in this project suggested that we re-analyzed the source code, as the code base is growing fast. We were glad to do that. We like this project, and we’ll be happy if this article helps the developers to eliminate some bugs. Analysis was performed with the PVS-Studio 5.02 code analyzer.”
Re-checking the ReactOS project
About The Author
Follow me on Twitter @thomholwerda
2013-04-02 4:00 pmjimmmy
I think it would be interesting to know what percentage of errors caught by the analyzer are not caught by other analyzers.
Oh well. I suppose it doesn’t matter anyway because I don’t develop for Windows.
2013-04-02 4:07 pmdrcoldfoot
The advertising also is in ReactOS’ favor. So I see it as a win on both fronts.
2013-04-02 4:53 pmebasconp
Advertising or not, I would like to see more static code analysis for more open source projects.
It is good advertising for the product, good advertising for the open source projects and makes you think: “Hey! I can help right there!”
2013-04-02 5:09 pmValhalla
Yep, apart from possibly having to wade through ‘false positives’ there’s really no downside to running your codebase through a static analyzer.
I know Haiku has used Coverity and as I recall so had ReactOS before this aswell.
2013-04-02 8:37 pmmoondevil
I usually advocate to always enable warnings as errors and use a syntactic analyzer in the continuous build server, specially in languages where it is so easy to write insecure code.
Locally a developer can do whatever s/he wants, but into source control, only sane content gets in.
2013-04-03 6:14 pmbert64
A number of open source packages ship with warnings-as-errors enabled by default in the build process… This can be EXTREMELY annoying, especially when it isn’t easy to turn off…
Warnings can occur due to newer compilers, architecture/os differences etc, and in many cases warnings don’t stop the program working. Sure in an ideal world code would all compile without any warnings on any platform, but in reality many warnings are false positives and noone writes perfect code.
2013-04-03 8:00 pmebasconp
Maybe you are right when talking about compiling third-party code you did not write but you are sure enough that it works, but for writing your own code, creating it with 0 warnings means two possitive things:
– You tried to keep your code quality as high as you could.
– You removed some unused variables and verified (and fix) some issues reported by the compiler that be potential errors right now or in the future.
2013-04-03 3:06 amideasman42
Im sure reactos guys already use compiler warnings, so to answer your Q – Probably none,
Compiler warnings often won’t find these kinds of mistakes in most cases (of course depends on your compiler – my experience is with gcc,clang,icc,msvc)
Not even a 0.0.01 version bump in over a year?
It’s dead, Jim.
2013-04-02 8:36 pmstabbyjones
That’s like saying e17 will never get released.
2013-04-03 3:29 amozonehole
I’ve been wondering about this myself. But I really hope it’s not dead. Although I’m a Linux user 99.9% of the time, there is that rare instance where I’ve got to go to Windows to do something for which a Linux app doesn’t exist. I recently had to retrieve a video file from a dash-cam that formats micro-SD cards in a proprietary format, and the only way to do it was to run a Windows application. That sucks, and the manufacturer (Abee) should be crucified for that, but it’s these situations that make a market for ReactOS. If it was usable, I’d put it on a spare partition for those rare situations when it’s needed.
Edited 2013-04-03 03:30 UTC
Looks like some company felt like using ReactOS to get free advertising to me…
Also wondering how many of these potential problems would’ve been caught by simply enabling the compiler’s warnings.