www.digitalmars.com         C & C++   DMDScript  

digitalmars.D - Potential low hanging fruit from PVS-Studio

reply Andrej Mitrovic <andrej.mitrovich gmail.com> writes:
http://www.viva64.com/en/b/0113/
linked from: http://www.reddit.com/r/programming/comments/lhfji/static_analyzer_found_errors_in_chrome_again/

There was this kind of code:

void main()
{
    int x = -1;
    x =- 2;
    assert(x == -3);  // fail
}

This was apparently a typo in the Chrome source code. Perhaps the
compiler could detect this and emit a warning or stop compilation. To
work around it, you would have to add a space immediately after the
equals token if the next token is a minus or plus token. E.g.:

void main()
{
    int x = -1;

    x =-2;    // ng
    x =- 2;   // ng
    x = -2;   // ok
    x = - 2;  // ok

    x =+2;    // ng
    x =+ 2;   // ng
    x = +2;   // ok
    x = + 2;  // ok
}

Alternatively a simple warning could be emitted.

However I don't know if this is a common enough bug to worry about, or
if it could potentially hurt metaprogramming.
Oct 19 2011
next sibling parent bearophile <bearophileHUGS lycos.com> writes:
Andrej Mitrovic:

 Perhaps the
 compiler could detect this and emit a warning or stop compilation. To
 work around it, you would have to add a space immediately after the
 equals token if the next token is a minus or plus token. E.g.:
 
 void main()
 {
     int x = -1;
 
     x =-2;    // ng
     x =- 2;   // ng
     x = -2;   // ok
     x = - 2;  // ok
 
     x =+2;    // ng
     x =+ 2;   // ng
     x = +2;   // ok
     x = + 2;  // ok
 }
 
 Alternatively a simple warning could be emitted.
 
 However I don't know if this is a common enough bug to worry about, or
 if it could potentially hurt metaprogramming.

It's a cute/scary bug. I think I have never done this bug in recent years, but I'd like to know how much common it is. Google has said it will remove its Google Code Search, so it will get harder to know how often a code pattern is. --------------------------- "Fragment N3" is caught by the not yet implemented: http://d.puremagic.com/issues/show_bug.cgi?id=5409 "Fragment N3": #define SEC_ASN1_CHOICE 0x100000 typedef struct sec_ASN1Template_struct { unsigned long kind; ... } SEC_ASN1Template; PRBool SEC_ASN1IsTemplateSimple( const SEC_ASN1Template *theTemplate) { ... if (!theTemplate->kind & SEC_ASN1_CHOICE) { ... } A related case ("Fragment N4"): bool GetPlatformFileInfo(...) { ... info->is_directory = file_info.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY != 0; ... } I have updated the issue 5409 with the Fragment N4. I hope to see eventually see issue 5409 implemented. Bye, bearophile
Oct 19 2011
prev sibling next sibling parent reply Walter Bright <newshound2 digitalmars.com> writes:
On 10/19/2011 12:01 PM, Andrej Mitrovic wrote:
 This was apparently a typo in the Chrome source code.

Sure, but what the article didn't say was how many false positives of this were generated. Presumably they filtered all those out and left just the actual bugs. Some people legitimately write: x=-3; and breaking all that shouldn't be considered lightly.
Oct 19 2011
next sibling parent Walter Bright <newshound2 digitalmars.com> writes:
On 10/19/2011 4:09 PM, Andrej Mitrovic wrote:
 But yeah, it could be very rare and not worth complicating the
 compiler codebase.

The case in the article is the only one I've even heard of in 30 years.
Oct 19 2011
prev sibling parent Brad Roberts <braddr slice-2.puremagic.com> writes:
On Wed, 19 Oct 2011, Walter Bright wrote:

 On 10/19/2011 12:01 PM, Andrej Mitrovic wrote:
 This was apparently a typo in the Chrome source code.

Sure, but what the article didn't say was how many false positives of this were generated. Presumably they filtered all those out and left just the actual bugs. Some people legitimately write: x=-3; and breaking all that shouldn't be considered lightly.

Additionally, existence proof that someone somewhere made the mistake is pointless as evidence that the language must prevent it. Occurrances per million lines of code starts to be useful data. Give up programming altogether if your goal is to rule out the possibility to write wrong code.
Oct 19 2011
prev sibling parent Andrej Mitrovic <andrej.mitrovich gmail.com> writes:
In hindsight I think the only suspicious case is this one:
x =- 3;

'=+' is quite a bit harder to screw up on most keyboards, having to
hold shift for the plus token to appear.

But yeah, it could be very rare and not worth complicating the
compiler codebase.
Oct 19 2011