PVS-Studio is now available on macOS: 64 weaknesses in the Apple's XNU Kernel

[Andrey Karpov]

A new version of the PVS-Studio analyzer 6.23 is working under macOS, which allows you to check the projects written in C and C++. Our team decided to perform a XNU Kernel check to coincide it with this event. https://www.viva64.com/en/b/0566/

[Rick C. Hodgin]

On Saturday, March 31, 2018 at 2:51:08 PM UTC-4, Andrey Karpov wrote:
> A new version of the PVS-Studio analyzer 6.23 is working under macOS, which allows you to check the projects written in C and C++. Our team decided to perform a XNU Kernel check to coincide it with this event. https://www.viva64.com/en/b/0566/

I downloaded your tool and tried it in Visual Studio 2015. Installed
easily. Was intuitive. Easy to use.

I think it's an excellent tool and I would like to use it for my code,
but it is too expensive and license-restrictive for us small guys.

The code I write is all open source code. I don't make any money off
it. I would be tapping into my regular funds in my day job to pay for
this fee, and I could not justify $60/month or even $30/month for this,
especially if I had to pay a year at a time and never actually owned
the software, but only "rented" it so long as I kept paying.

--
Rick C. Hodgin

[Mr Flibble]

The idea that software shouldn't cost anything is delusional.
Investment in effort requires some form of compensation or the effort is
wasted.

Nobody cares that your god bothering crazy toy software is free or that
you think it isn't free but requires some kind of demented theistic buy-in.

/Flibble

--
"Suppose it’s all true, and you walk up to the pearly gates, and are
confronted by God," Bryne asked on his show The Meaning of Life. "What
will Stephen Fry say to him, her, or it?"
"I’d say, bone cancer in children? What’s that about?" Fry replied.
"How dare you? How dare you create a world to which there is such misery
that is not our fault. It’s not right, it’s utterly, utterly evil."
"Why should I respect a capricious, mean-minded, stupid God who creates
a world that is so full of injustice and pain. That’s what I would say."

[Rick C. Hodgin]

On Monday, April 2, 2018 at 5:50:33 PM UTC-4, Mr Flibble wrote:
> On 02/04/2018 22:02, Rick C. Hodgin wrote:
> > On Saturday, March 31, 2018 at 2:51:08 PM UTC-4, Andrey Karpov wrote:
> >> A new version of the PVS-Studio analyzer 6.23 is working under macOS, which allows you to check the projects written in C and C++. Our team decided to perform a XNU Kernel check to coincide it with this event. https://www.viva64.com/en/b/0566/
> >
> > I downloaded your tool and tried it in Visual Studio 2015. Installed
> > easily. Was intuitive. Easy to use.
> >
> > I think it's an excellent tool and I would like to use it for my code,
> > but it is too expensive and license-restrictive for us small guys.
> >
> > The code I write is all open source code. I don't make any money off
> > it. I would be tapping into my regular funds in my day job to pay for
> > this fee, and I could not justify $60/month or even $30/month for this,
> > especially if I had to pay a year at a time and never actually owned
> > the software, but only "rented" it so long as I kept paying.
>
> The idea that software shouldn't cost anything is delusional.
> Investment in effort requires some form of compensation or the effort is
> wasted.

I believe people should be paid for their labor. I think $240 for the
first year, and $120 for ongoing years is sufficient for PVS-Studio.

> Nobody cares that your god bothering crazy toy software is free or that
> you think it isn't free but requires some kind of demented theistic buy-in.

I want the best for you, Leigh. God wants the best for you. It's why
He reaches out to you and teaches you the way He does.

Christians look to the guidance of Jesus on how to do things. We seek
the necessities of life, and consider ourselves stewards of the things
God has blessed us with. And beyond our necessities, we seek to labor
not for meat that perishes, or Earthly treasure where moths destroy and
thieve steal, but rather to labor for treasure in Heaven where the re-
wards given us by God there are not consumed, even upon use.

The enemy (Satan) tries to get us to focus on money so that we receive
our reward here where it has no eternal value or longevity.

--
Rick C. Hodgin

[Mr Flibble]

On 03/04/2018 00:13, Rick C. Hodgin wrote:
> On Monday, April 2, 2018 at 5:50:33 PM UTC-4, Mr Flibble wrote:
>> On 02/04/2018 22:02, Rick C. Hodgin wrote:
>>> On Saturday, March 31, 2018 at 2:51:08 PM UTC-4, Andrey Karpov wrote:
>>>> A new version of the PVS-Studio analyzer 6.23 is working under macOS, which allows you to check the projects written in C and C++. Our team decided to perform a XNU Kernel check to coincide it with this event. https://www.viva64.com/en/b/0566/
>>>
>>> I downloaded your tool and tried it in Visual Studio 2015. Installed
>>> easily. Was intuitive. Easy to use.
>>>
>>> I think it's an excellent tool and I would like to use it for my code,
>>> but it is too expensive and license-restrictive for us small guys.
>>>
>>> The code I write is all open source code. I don't make any money off
>>> it. I would be tapping into my regular funds in my day job to pay for
>>> this fee, and I could not justify $60/month or even $30/month for this,
>>> especially if I had to pay a year at a time and never actually owned
>>> the software, but only "rented" it so long as I kept paying.
>>
>> The idea that software shouldn't cost anything is delusional.
>> Investment in effort requires some form of compensation or the effort is
>> wasted.
>
> I believe people should be paid for their labor. I think $240 for the
> first year, and $120 for ongoing years is sufficient for PVS-Studio.

It costs what it costs not what you think it should cost you batshit
crazy pretentious cockwomble.

[Rick C. Hodgin]

On Saturday, March 31, 2018 at 2:51:08 PM UTC-4, Andrey Karpov wrote:

> A new version of the PVS-Studio analyzer 6.23 is working under macOS, which allows you to check the projects written in C and C++. Our team decided to perform a XNU Kernel check to coincide it with this event. https://www.viva64.com/en/b/0566/

I've used your PVS-Studio add-in for Visual Studio now for a couple
days and am thoroughly impressed. I think it's a fantastic tool and
I would highly recommend it to people to use to improve their source
code. It found some very obscure bugs in my code. And I do believe
I've found where it reported one false positive.

The product is too pricey in my opinion. I think you're missing out
on a much larger user base by targeting only $720/year per person.
For small projects that's too much.

I would like to buy a license for $240 first year, and renew each year
for $120.

I would be willing to pay that fee to receive a hobbled version of
your product, such that it allowed me to only use PVS-Studio once per
day, and only during a single session in Visual Studio, with maybe
only three analyze cycles allowed per day (analyze, fix, re-analyze,
fix, re-analyze, fix, done for the day). You could still keep the
full $720 version available for full anytime use, but sell the hobbled
version for less.

My opinion. I think you'd reach many more users with a lower price
point. You'd also be helping many more projects achieve fewer bugs,
which in turn helps all of the users of those products.

--
Rick C. Hodgin

[Mr Flibble]

Pretentious cockwomble.

[Rick C. Hodgin]

On Wednesday, April 4, 2018 at 8:58:16 AM UTC-4, Mr Flibble wrote:
> Pretentious .. .

I'm trying to improve Andrey Karpov's product and business model.
I'm offering my opinion and advice toward that end. He's free to
disregard it, but I am trying to make things better for more
people, Leigh.

What are you trying to do with these personal-insult-laden replies
of yours?

--
Rick C. Hodgin

[Mr Flibble]

I am pointing out your self rightious self importance when you think you
can suggest (dictate) a price for someone else's work. You are indeed a
fucktarded pretentious cockwomble.

[Rick C. Hodgin]

On Wednesday, April 4, 2018 at 10:10:49 AM UTC-4, Mr Flibble wrote:
> On 04/04/2018 14:57, Rick C. Hodgin wrote:
> > What are you trying to do with these personal-insult-laden replies
> > of yours?
>
> I am pointing out your self rightious self importance when you think you
> can suggest (dictate) a price for someone else's work. You are indeed a

> .. pretentious .. .

I am not self righteous or self important. And I do not dictate.
I indicate what I, as a consumer, am willing to pay given my products
and customers.

I truly think it's a fantastic tool. On my ~35K line relatively new
app, it found 59 major issues and 1 false positive. The major issues
varied from conditions where the if.. and else.. code blocks were
identical, but those were mainly identical due to debug blocks which
were commented out, as well as me validating a parameter twice, which
is mostly due to refactoring and forgetting to take out the prior
validation, to a handful of legitimate bugs. The one false positive
I really can't figure out. I don't see how it reports or concludes
what it has because it's not evident from source code.

As I say, he's free to disregard my input. I would still recommend
his tool for others to use. And, for what it's worth, Leigh, I
would still recommend people to use your excellent GUI framework.

-----
You have a very wrong opinion and view of me. It's colored by your
personal hatred of God, and the teachings I have to people regarding
their sin. You think of me as something negative when I am teaching
people that which they need to have eternal life. Someday you will
understand.

--
Rick C. Hodgin

[Mr Flibble]

On 04/04/2018 15:22, Rick C. Hodgin wrote:
[snip]

> You have a very wrong opinion and view of me. It's colored by your
> personal hatred of God, and the teachings I have to people regarding
> their sin.

I don't hate God because I know God doesn't exist. Speed of light mate.

[Daniel]

On Wednesday, April 4, 2018 at 10:22:12 AM UTC-4, Rick C. Hodgin wrote:
>
> It's colored by your personal hatred of God

That makes about as much sense as would someone suggesting you hated Zeus or Thor or Viracocha :-)

Best regards,
Daniel

[Rick C. Hodgin]

On Saturday, March 31, 2018 at 2:51:08 PM UTC-4, Andrey Karpov wrote:

> A new version of the PVS-Studio analyzer 6.23 is working under macOS, which allows you to check the projects written in C and C++. Our team decided to perform a XNU Kernel check to coincide it with this event. https://www.viva64.com/en/b/0566/

I continued to use this tool for a few more days and remain thoroughly
and completely impressed. All told it found about 300 things in my
35K line app. About 6 of them were legitimate bugs. The rest were
cases where I was double-testing a variable, using memcmp() without
comparing an entire buffer, copying more data to a structure than did
exist in the structure definition (when the structure pointed to a 512-
byte block, but only had a few bytes which are the start of the fixed
portion of the structure, and the remaining 400+ bytes were always
variable).

It actually helped solidify one of my projects. It's made it more
stable by finding a case where I did this:

memset(ptr, 0, sizeof(ptr));

Rather than:

memset(ptr, 0, sizeof(*ptr));

And a few others like that.

-----
Bottom line: I recommend this tool to everyone who does C/C++ code.
It integrated seamlessly with Visual Studio, and was very easy to use.

--
Rick C. Hodgin