
OpenJDK source code (C++) check by PVS-Studio tool - Tatyanazaxarova
https://medium.com/@Coder_HarryLee/openjdk-check-by-pvs-studio-f25a2187b8a0
======
harry8
"It’s always amusing to check a project which is used and maintained by a
large number of people."

I wonder how serious the bugs they've found are. Are they in little used
corners of little used aspects of the api or something more insidious? But
yes, I can see why a salesperson would find such spectacular displays of their
tool amusing. I'm amused myself.

~~~
dfox
It seems that most of the warnings in the article are not in the JVM proper,
but in AWT.

------
btrask
Can PVS-Studio actually find any buffer overflows? These logic errors are
important but they're not what people are typically most concerned about these
days.

~~~
AndreyKarpov
Yes.

Examples: [http://www.viva64.com/en/b/0154/](http://www.viva64.com/en/b/0154/)
, [http://www.viva64.com/en/b/0360/](http://www.viva64.com/en/b/0360/)

------
pvinis
That was a great read. Fun and informative. We use the static analyzer in
Xcode, which is not that advanced as PVS by the looks of it, but still finds a
few things to improve.

Are there analyzers for languages like say Ruby or Clojure?

~~~
pfg
RuboCop is what most Ruby projects use.

------
gravypod
Are there open source linters and analyzers for C?

~~~
jpfr
[http://clang-analyzer.llvm.org/](http://clang-analyzer.llvm.org/)

[http://cppcheck.sourceforge.net/](http://cppcheck.sourceforge.net/)

