Hi all,
Andrey Karpov of "SiProVer" Ltd (www.viva64.com/ ), the authors of PVS-Studio, a statical source code analyzer/checker wrote (in Russian, this translation is conducted by me):
"Have checked source code of ReactOS with PVS-Studio, I fulfilled three wishes of mine at once: Firstly, for a long time I wanted to write an article about ordinary project. It is not so interesting to check source code of such projects as Chromium, It is of too high quality and resources are spending for keeping this level of quality, resources which are unavailable to ordinary projects. Secondly, ReactOS appears to be a good example of project, for which high need of statical analysis of source code can be shown, especially as project being developed with distributed team of developers with diversely different experience. Thirdly, I got confirmation of PVS-Studio getting better and better and more useful all along the way..."
Full text of original Russian article is here: http://habrahabr.ru/blogs/os/127493/ titled on Russian as "PVS-Studio: analysing ReactOS operating system source code".
Evgeniy Ryzhkov of "SiProVer" adds: "Soon we will translate and publish article on English. But if you have questions now - we are ready for discussion. If some of English-speaking comrades of ReactOS would like to work with errors list, generated with PVS-Studio we have prepared for them translation of errors explanations, here it is: http://www.viva64.com/external-pictures/txt/PVS-Studio-vs-ReactOS-en-unicode... ".
Original article refers to long list of generated errors with manually added explanations for errors found by their static checker, so this is translated version of that list.
--- Looking backward to few applied patches, it turns out that not all of them were absolutely useful, some patches were reversed, etc. But nevertheless, I think it makes sense to use this tool. They promised to donate some version of PVS-Studio to project, and it is to ROS developers to decide is it worth of taking.
What I would suggest: anybody working with some module or part of code can take corresponding part of messages (or in future, possibly check with tool only these parts of interest) and work with them. Also Karpov gave good advise to check newly written code, since it is still of interest to developer: write and time for time test with it.
P.S. Disclaimer: I am not in any connection with "SiProVer"
Regards, M.A.