Bug of the month: relay race from PC-Lint to PVS-Studio
Recently we published 2 articles about TOP 10 errors in open projects C ++ and C # for the previous 2016. The readers liked the articles and this suggested an idea: why not make such a TOP for each month? After all, our site has a huge database of errors, which is well structured and from which you can choose the most interesting bugs found in a certain period of time. This post will tell you about the new rubric “The bug of the month” and about what we proceeded from when we prepared a list of errors for her.
Someone may say that Gimpel Software already had such a rubric and we borrowed the idea. This is not true. The only thing we have in common is the name and the fact that for each month we have a specific bug.
To begin with, although Gimpel Software’s diagnostic number for the month’s bug really exists, the code that is presented under it is artificially created as a puzzle with an amusing description, for example: “Santa and his elves automate their Christmas delivery system, but one of the elves made a critical an error that caused the action to occur in unpredictable order in some code fragments, ”or:“ Sean O'Flaherty may have been a little tipsy when he wrote the program for the annual celebration of St. Patrick’s Day in his pub. Although he did not finish it, there is still a small problem. ” Immediately offered to find this bug yourself, but below you can check yourself and see what was the problem.
')
We took real mistakes that contain the projects we have tested for Open Source over several years. And they tried to choose obvious bugs that would be understandable not only to the most prepared reader. For example, everyone's favorite copy-paste, which is found in almost every project, or various kinds of typos. In addition to a piece of code with an error, the diagnostics is also given, with which PVS-Studio has found it and an explanation of what the actual problem is. Below is added a link to the article about checking this project, where you can see what other bugs it contained.
As written on the official website of Gimpel Software, their first “bug of the month” was found in March 1991 and the list continued to grow over 21 years. At one time, they were very popular and well advertised PC-Lint. Since 2012, the update of this section has stopped, but the developers hope that the "bug of the month" can be resurrected in the future.
In the meantime, this did not happen, we decided, so to speak, to take the baton from PC-Lint and create our own “bug of the month” withblackj .. Open Source projects and errors found in them.
So, a large number of projects that we checked from January 2014 to March 2017 were viewed and 54 interesting errors were selected: 39 for C / C ++ language and 15 for C #, since support for C # started only from 2016. The updated table of bugs can be found at this link https://hownot2code.com/bug-of-the-month/ .
As mentioned above, to compile this section, we analyzed our existing database of errors and a regularly growing list of verified Open Source projects . Perhaps these materials will also be interesting and useful to readers, since they can be used as recommendations for how not to make the same mistakes, can help in research related to improving the reliability of software and contribute to the development of a coding standard.
The prevalence of most such errors (especially their presence in large projects) can be explained by the fact that in practice it is not always possible to be attentive and to keep every line of code under control, especially when there are hundreds of thousands of them. This is where Copy-Paste errors, undefined behavior, null pointer dereferencing, typos, and various other bugs that static code analysis can deal with appear.
In order to make such errors smaller, and to improve the quality of the code, we suggest downloading and using PVS-Studio on your project. You may be able to find your interesting bug of the month, about which you can later tell the developer community and keep them from such an error. In the meantime, you can practice and try to independently find errors in well-known Open Source projects - http://q.viva64.com/ .
Note. The recently released version of PVS-Studio 6.14 introduces support for Visual Studio 2017, Roslyn 2.0 / C # 7.0 for the C # analyzer (see version history ).
So welcome: Bug of the month!
If you want to share this article with an English-speaking audience, then please use the link to the translation: Ekaterina Milovidova. Bug of the month: taking the bat from PC-Lint to PVS-Studio
Someone may say that Gimpel Software already had such a rubric and we borrowed the idea. This is not true. The only thing we have in common is the name and the fact that for each month we have a specific bug.
To begin with, although Gimpel Software’s diagnostic number for the month’s bug really exists, the code that is presented under it is artificially created as a puzzle with an amusing description, for example: “Santa and his elves automate their Christmas delivery system, but one of the elves made a critical an error that caused the action to occur in unpredictable order in some code fragments, ”or:“ Sean O'Flaherty may have been a little tipsy when he wrote the program for the annual celebration of St. Patrick’s Day in his pub. Although he did not finish it, there is still a small problem. ” Immediately offered to find this bug yourself, but below you can check yourself and see what was the problem.
')
We took real mistakes that contain the projects we have tested for Open Source over several years. And they tried to choose obvious bugs that would be understandable not only to the most prepared reader. For example, everyone's favorite copy-paste, which is found in almost every project, or various kinds of typos. In addition to a piece of code with an error, the diagnostics is also given, with which PVS-Studio has found it and an explanation of what the actual problem is. Below is added a link to the article about checking this project, where you can see what other bugs it contained.
As written on the official website of Gimpel Software, their first “bug of the month” was found in March 1991 and the list continued to grow over 21 years. At one time, they were very popular and well advertised PC-Lint. Since 2012, the update of this section has stopped, but the developers hope that the "bug of the month" can be resurrected in the future.
In the meantime, this did not happen, we decided, so to speak, to take the baton from PC-Lint and create our own “bug of the month” with
So, a large number of projects that we checked from January 2014 to March 2017 were viewed and 54 interesting errors were selected: 39 for C / C ++ language and 15 for C #, since support for C # started only from 2016. The updated table of bugs can be found at this link https://hownot2code.com/bug-of-the-month/ .
As mentioned above, to compile this section, we analyzed our existing database of errors and a regularly growing list of verified Open Source projects . Perhaps these materials will also be interesting and useful to readers, since they can be used as recommendations for how not to make the same mistakes, can help in research related to improving the reliability of software and contribute to the development of a coding standard.
The prevalence of most such errors (especially their presence in large projects) can be explained by the fact that in practice it is not always possible to be attentive and to keep every line of code under control, especially when there are hundreds of thousands of them. This is where Copy-Paste errors, undefined behavior, null pointer dereferencing, typos, and various other bugs that static code analysis can deal with appear.
In order to make such errors smaller, and to improve the quality of the code, we suggest downloading and using PVS-Studio on your project. You may be able to find your interesting bug of the month, about which you can later tell the developer community and keep them from such an error. In the meantime, you can practice and try to independently find errors in well-known Open Source projects - http://q.viva64.com/ .
Note. The recently released version of PVS-Studio 6.14 introduces support for Visual Studio 2017, Roslyn 2.0 / C # 7.0 for the C # analyzer (see version history ).
So welcome: Bug of the month!
If you want to share this article with an English-speaking audience, then please use the link to the translation: Ekaterina Milovidova. Bug of the month: taking the bat from PC-Lint to PVS-Studio
Source: https://habr.com/ru/post/324704/
All Articles