Sidebar
Bugs in code
karpov2007.medium.com
This is a continuation of a small note series about regular checks of the Blender project with the PVS-Studio static analyzer. The aim of these publications is to demonstrate how it is beneficial to use static code analysis tools regularly. In doing so, many errors can be found at the earliest stage, and fixing them will be cheap and fast.
Recently, we have been monitoring changes in the Blender project, or rather, what errors appear in the new code. This compels us to write notes and discuss interesting topics. Here is one question I’d like to cover.
There is an open project COVID-19 CovidSim Model, written in C++. There is also a PVS-Studio static code analyzer that detects errors very well. One day they met. Embrace the fragility of mathematical modeling algorithms and why you need to make every effort to enhance the code quality.
www.viva64.com
Server-side network applications rarely get the chance to join the ranks of our reviews of errors found in open source software. This is probably due to their popularity. After all, we try to pay attention to the projects that readers themselves offer us. At the same time, servers often perform very important functions, but their performance and benefits remain invisible to most users. So, by chance, the code of ONLYOFFICE Community Server was checked. It turned out to be a very fun review.
www.viva64.com
My first encounter with Open XML SDK took place when I was looking for a library that I could use to create some accounting documents in Word. After more than 7 years of working with Word API, I wanted to try something new and easier-to-use. That's how I learned that Microsoft offered an alternative solution. As tradition has it, before our team adopts any program or library, we check them with the PVS-Studio analyzer.
www.viva64.com
Static analyzer PVS-Studio can detect bugs in pretty complex and intricate parts of code, and coming up with appropriate fixes for such bugs may be a tough task even for human developers. That's exactly the reason why we should avoid offering any options for automatic fixing at all. Here are a couple of examples.
Code reviews are definitely necessary and useful. It's a way to impart knowledge, educate, control a task, improve code quality and formatting, fix bugs. Moreover, you can notice high-level errors related to the architecture and algorithms used. So it's a must-have practice, except that people get tired quickly. Therefore, static analysis perfectly complements reviews and helps to detect a variety of inconspicuous errors and typos. Let's look at a decent example on this topic.
Static code analysis is a way of debugging that automatically examines source code before it compiles or is run. It does this by comparing the code code to a set of rules or standards. It is a way of automating code reviews and can be used in conjuncture with peer reviews. Yuri Minaev is working in the PVS-Studio company as one of developers of the C++ static analyzer. His primary responsibility is to keep low-level stuff in order and add new features to the core module. It’s been almost 2 years since he joined the team after about 12 years of IT experience. Apart from that, he periodically gives talks at various conferences – mainly on topics related to static analysis and C++. PVS-Studio is cross platform, working on Windows, Linux and MacOS 64-bit environments. It can analyze code designed for 32-bit and 64-bit systems as well as embedded ARM platforms. It generates reports that help developers to find and fix bugs before they become a problem. Keeping a codebase clean and detecting problems before they occur will make your life better as a developer. When you can avoid getting nailed by simple problems, you can think about your software at a higher level, vastly improving your effectiveness as a software developer. It’s not just about avoiding bugs, although that’s important, but about what you can do with the time, money, and attention you save.
www.viva64.com
The #line directive is added by the preprocessor and can then be used to help the developer understand which file and line a particular code fragment in the preprocessed file refers to. The #line directive tells code-processing tools to change the compiler's internally stored line number and filename to a given line number and filename. Subsequent lines will be numbered relative to that position. Explicit preprocessing is mostly used for debugging or by various generators. In any case, a bug breaking this functionality may have a variety of negative effects. One of our users was faced with such a problem in Visual Studio 2019.
This post continues the series of articles, which can well be called "horrors for developers". This time it will also touch upon a typical pattern of typos related to the usage of numbers 0, 1, 2. The language you're writing in doesn't really matter: it can be C, C++, C#, or Java. If you're using constants 0, 1, 2 or variables' names contain these numbers, most likely, Freddie will come to visit you at night. Go on, read and don't say we didn't warn you.