The document summarizes analysis of the Haiku operating system using the PVS-Studio static analyzer. Various bugs and issues were detected, including: incorrect string handling, bad loops, improper use of variables with the same name, array overruns, unsafe memory handling, and other logical errors. The analyzer identified multiple areas for improvement to enhance code quality and eliminate potential bugs.
Checking the Cross-Platform Framework Cocos2d-xAndrey Karpov
Cocos2d is an open source software framework. It can be used to build games, apps and other cross-platform GUI based interactive programs. Cocos2d contains many branches with the best known being Cocos2d-Swift, Cocos2d-x, Cocos2d-html5 and Cocos2d-XNA.
In this article, we are going to discuss results of the check of Cocos2d-x, the framework for C++, done by PVS-Studio 5.18. The project is pretty high-quality, but there are still some issues to consider. The source code was downloaded from GitHub.
[C++] The Curiously Recurring Template Pattern: Static Polymorphsim and Expre...Francesco Casalegno
••• Exploit the full potential of the CRTP! •••
In this presentation you will learn:
▸ what is the curiously recurring template pattern
▸ the actual cost (memory and time) of virtual functions
▸ how to implement static polymorphism
▸ how to implement expression templates to avoid loops and copies
••• Boost your code's performances using C++11 new features! •••
In this presentation you will learn:
▸ the difference between an Lvalue and Rvalue
▸ how to use std::move, std::forward, noexcept
▸ how to implement move semantics to avoid useless copies
▸ how to implement perfect forwarding for the factory pattern
Доклад рассказывает об устройстве и опыте применения инструментов динамического тестирования C/C++ программ — AddressSanitizer, ThreadSanitizer и MemorySanitizer. Инструменты находят такие ошибки, как использование памяти после освобождения, обращения за границы массивов и объектов, гонки в многопоточных программах и использования неинициализированной памяти.
A Spin-off: CryEngine 3 SDK Checked with CppCatAndrey Karpov
We have finished a large comparison of the static code analyzers CppCat, Cppcheck, PVS-Studio and Visual Studio 2013's built-in analyzer. In the course of this investigation, we checked over 10 open-source projects. Some of them do deserve to be discussed specially. In today's article, I'll tell you about the results of the check of the CryEngine 3 SDK project.
••• Learn how to safely manage memory with smart pointers! •••
In this presentation you will learn:
▸ the dangers of using raw pointers for dynamic memory
▸ the difference between unique_ptr, shared_ptr, weak_ptr
▸ how to use factories to increase safety and performance
▸ when raw pointers are still needed
Analysis of Haiku Operating System (BeOS Family) by PVS-Studio. Part 1PVS-Studio
Operating systems are among the largest and most complicated software projects, and that means they perfectly suit the purpose of demonstrating static code analysis' capabilities. After the successful analysis of Linux Kernel, I felt inspired to try analyzing other open-source operating systems as well.
Checking the Cross-Platform Framework Cocos2d-xAndrey Karpov
Cocos2d is an open source software framework. It can be used to build games, apps and other cross-platform GUI based interactive programs. Cocos2d contains many branches with the best known being Cocos2d-Swift, Cocos2d-x, Cocos2d-html5 and Cocos2d-XNA.
In this article, we are going to discuss results of the check of Cocos2d-x, the framework for C++, done by PVS-Studio 5.18. The project is pretty high-quality, but there are still some issues to consider. The source code was downloaded from GitHub.
[C++] The Curiously Recurring Template Pattern: Static Polymorphsim and Expre...Francesco Casalegno
••• Exploit the full potential of the CRTP! •••
In this presentation you will learn:
▸ what is the curiously recurring template pattern
▸ the actual cost (memory and time) of virtual functions
▸ how to implement static polymorphism
▸ how to implement expression templates to avoid loops and copies
••• Boost your code's performances using C++11 new features! •••
In this presentation you will learn:
▸ the difference between an Lvalue and Rvalue
▸ how to use std::move, std::forward, noexcept
▸ how to implement move semantics to avoid useless copies
▸ how to implement perfect forwarding for the factory pattern
Доклад рассказывает об устройстве и опыте применения инструментов динамического тестирования C/C++ программ — AddressSanitizer, ThreadSanitizer и MemorySanitizer. Инструменты находят такие ошибки, как использование памяти после освобождения, обращения за границы массивов и объектов, гонки в многопоточных программах и использования неинициализированной памяти.
A Spin-off: CryEngine 3 SDK Checked with CppCatAndrey Karpov
We have finished a large comparison of the static code analyzers CppCat, Cppcheck, PVS-Studio and Visual Studio 2013's built-in analyzer. In the course of this investigation, we checked over 10 open-source projects. Some of them do deserve to be discussed specially. In today's article, I'll tell you about the results of the check of the CryEngine 3 SDK project.
••• Learn how to safely manage memory with smart pointers! •••
In this presentation you will learn:
▸ the dangers of using raw pointers for dynamic memory
▸ the difference between unique_ptr, shared_ptr, weak_ptr
▸ how to use factories to increase safety and performance
▸ when raw pointers are still needed
Analysis of Haiku Operating System (BeOS Family) by PVS-Studio. Part 1PVS-Studio
Operating systems are among the largest and most complicated software projects, and that means they perfectly suit the purpose of demonstrating static code analysis' capabilities. After the successful analysis of Linux Kernel, I felt inspired to try analyzing other open-source operating systems as well.
A Spin-off: Firebird Checked by PVS-StudioAndrey Karpov
We are currently working on a great task of carrying out a detailed comparison of four code analyzers: CppCat, Cppcheck, PVS-Studio and Visual Studio 2013 (i.e. its built-in code analyzer). As a set of materials to base this comparison on, we decided to check at least 10 open-source projects and study the reports from all the analyzers. This is a very labor-intensive task and it is not over yet. However, we have already checked a few projects and can share some of the results with you. And that's what I'm going to do in this article. We'll start with interesting bugs we have managed to find in Firebird with the help of PVS-Studio.
Spring RTS is a game engine for real-time strategy (RTS) video games. Spring was originally created to reproduce the Total Annihilation game popular in the 90-0-s. During the later years, a lot of other nice and interesting strategy games, including commercial ones, were developed based on this engine. Spring RTS based games are cross-platform 3D real-time strategies with huge maps and numbers of combat and building units. However, they face certain stability issues. Let's take a look at the source codes (thanks god, this project is open-source).
Presentation with a brief history of C, C++ and their ancestors along with an introduction to latest version C++11 and futures such as C++17. The presentation covers applications that use C++, C++11 compilers such as LLVM/Clang, some of the new language features in C++11 and C++17 and examples of modern idioms such as the new form compressions, initializer lists, lambdas, compile time type identification, improved memory management and improved standard library (threads, math, random, chrono, etc). (less == more) || (more == more)
Virtual machines are used for very different tasks. Personally I have been using VirtualBox for many
years to test software and simply study various Linux distributions. And now, after years of using the
tool and encountering undefined behavior every now and then, I've decided to make use of my
experience in analysis of open-source projects and check the source code of Oracle VM Virtual Box.In
this article, I will continue describing the numerous suspicious fragments found in the project.
The first part of the article: Checking Oracle VM VirtualBox. Part 1.
(5) cpp dynamic memory_arrays_and_c-stringsNico Ludwig
Check out these exercises: http://de.slideshare.net/nicolayludwig/5-cpp-dynamic-memoryarraysandcstringsexercises
- The Heap: Dynamic Memory and dynamic Array Allocation
- Automatic versus Dynamic Arrays
- A Glimpse of the Topic "Stack versus Heap"
-- "Geometric" Properties of the Heap and the Stack
- Lost Pointers and Memory Leaks
- Advanced C-strings: Buffers, Concatenation and Formatting
The new standard for C++ language has been signed in 2011. This new (extended) language, called C++11, has a number of new semantics (in terms of language constructs) and a number of new standard library support. The major language extensions are discussed in this presentation. The library will be taken up in a later presentation.
A class that automates conversion from a C++ recursive function to an iterative function. It allow the recursive function to preserve its structure by reproducing the "call stack" on an std::stack. The examples use combinatorics to illustrate usage.
Checking Wine with PVS-Studio and Clang Static AnalyzerAndrey Karpov
In this article, I'm going to tell you about the check of the Wine project done by the static analyzers for C/C++ code PVS-Studio and Clang Static Analyzer.
This time it was the microcosm that brought us a few interesting bugs. We have checked the open-source project μManager with our analyzer PVS-Studio. This project is a software package for automated microscope image acquisition.
Top 10 bugs in C++ open source projects, checked in 2016PVS-Studio
While the world is discussing the 89th Ceremony of Oscar award and charts of actors and costumes, we've decided to write a review article about the IT-sphere. The article is going to cover the most interesting bugs, made in open source projects in 2016. This year was remarkable for our tool, as PVS-Studio has become available on Linux OS. The errors we present are hopefully, already fixed, but every reader can see how serious are the errors made by developers.
This is a small note on the results of checking the OpenSSL project with the PVS-Studio analyzer. I analyzed the openssl-0.9.8-stable-SNAP-20121208 version.
Fun with Lambdas: C++14 Style (part 1)Sumant Tambe
If virtual functions in C++ imply design patterns, then C++ lambdas imply what? What does it really mean to have lambdas in C++? Frankly, I don't know but I've a hunch: It's BIG.
Just like virtual functions open doors to the OO paradigm, lambdas open doors to a different paradigm--the functional paradigm. This talk is not a praise of functional programming or some elusive lambda-based library. (Although, I'll mention one briefly that tops my list these days.) Instead, the goal is to have fun while working our way through some mind-bending examples of C++14 lambdas. Beware, your brain will hurt! Bring your laptop and code the examples right along because that may be the fastest way to answer the quiz.
A Spin-off: Firebird Checked by PVS-StudioAndrey Karpov
We are currently working on a great task of carrying out a detailed comparison of four code analyzers: CppCat, Cppcheck, PVS-Studio and Visual Studio 2013 (i.e. its built-in code analyzer). As a set of materials to base this comparison on, we decided to check at least 10 open-source projects and study the reports from all the analyzers. This is a very labor-intensive task and it is not over yet. However, we have already checked a few projects and can share some of the results with you. And that's what I'm going to do in this article. We'll start with interesting bugs we have managed to find in Firebird with the help of PVS-Studio.
Spring RTS is a game engine for real-time strategy (RTS) video games. Spring was originally created to reproduce the Total Annihilation game popular in the 90-0-s. During the later years, a lot of other nice and interesting strategy games, including commercial ones, were developed based on this engine. Spring RTS based games are cross-platform 3D real-time strategies with huge maps and numbers of combat and building units. However, they face certain stability issues. Let's take a look at the source codes (thanks god, this project is open-source).
Presentation with a brief history of C, C++ and their ancestors along with an introduction to latest version C++11 and futures such as C++17. The presentation covers applications that use C++, C++11 compilers such as LLVM/Clang, some of the new language features in C++11 and C++17 and examples of modern idioms such as the new form compressions, initializer lists, lambdas, compile time type identification, improved memory management and improved standard library (threads, math, random, chrono, etc). (less == more) || (more == more)
Virtual machines are used for very different tasks. Personally I have been using VirtualBox for many
years to test software and simply study various Linux distributions. And now, after years of using the
tool and encountering undefined behavior every now and then, I've decided to make use of my
experience in analysis of open-source projects and check the source code of Oracle VM Virtual Box.In
this article, I will continue describing the numerous suspicious fragments found in the project.
The first part of the article: Checking Oracle VM VirtualBox. Part 1.
(5) cpp dynamic memory_arrays_and_c-stringsNico Ludwig
Check out these exercises: http://de.slideshare.net/nicolayludwig/5-cpp-dynamic-memoryarraysandcstringsexercises
- The Heap: Dynamic Memory and dynamic Array Allocation
- Automatic versus Dynamic Arrays
- A Glimpse of the Topic "Stack versus Heap"
-- "Geometric" Properties of the Heap and the Stack
- Lost Pointers and Memory Leaks
- Advanced C-strings: Buffers, Concatenation and Formatting
The new standard for C++ language has been signed in 2011. This new (extended) language, called C++11, has a number of new semantics (in terms of language constructs) and a number of new standard library support. The major language extensions are discussed in this presentation. The library will be taken up in a later presentation.
A class that automates conversion from a C++ recursive function to an iterative function. It allow the recursive function to preserve its structure by reproducing the "call stack" on an std::stack. The examples use combinatorics to illustrate usage.
Checking Wine with PVS-Studio and Clang Static AnalyzerAndrey Karpov
In this article, I'm going to tell you about the check of the Wine project done by the static analyzers for C/C++ code PVS-Studio and Clang Static Analyzer.
This time it was the microcosm that brought us a few interesting bugs. We have checked the open-source project μManager with our analyzer PVS-Studio. This project is a software package for automated microscope image acquisition.
Top 10 bugs in C++ open source projects, checked in 2016PVS-Studio
While the world is discussing the 89th Ceremony of Oscar award and charts of actors and costumes, we've decided to write a review article about the IT-sphere. The article is going to cover the most interesting bugs, made in open source projects in 2016. This year was remarkable for our tool, as PVS-Studio has become available on Linux OS. The errors we present are hopefully, already fixed, but every reader can see how serious are the errors made by developers.
This is a small note on the results of checking the OpenSSL project with the PVS-Studio analyzer. I analyzed the openssl-0.9.8-stable-SNAP-20121208 version.
Fun with Lambdas: C++14 Style (part 1)Sumant Tambe
If virtual functions in C++ imply design patterns, then C++ lambdas imply what? What does it really mean to have lambdas in C++? Frankly, I don't know but I've a hunch: It's BIG.
Just like virtual functions open doors to the OO paradigm, lambdas open doors to a different paradigm--the functional paradigm. This talk is not a praise of functional programming or some elusive lambda-based library. (Although, I'll mention one briefly that tops my list these days.) Instead, the goal is to have fun while working our way through some mind-bending examples of C++14 lambdas. Beware, your brain will hurt! Bring your laptop and code the examples right along because that may be the fastest way to answer the quiz.
A new version of Firebird DBMS was released not so long ago. This release was one of the most significant in the project's history, as it marked substantial revision of the architecture, addition of multithreading support, and performance improvements. Such a significant update was a good occasion for us to scan Firebird one more time with PVS-Studio static code analyzer.
A new version of Firebird DBMS was released not so long ago. This release was one of the most significant in the project's history, as it marked substantial revision of the architecture, addition of multithreading support, and performance improvements. Such a significant update was a good occasion for us to scan Firebird one more time with PVS-Studio static code analyzer.
100 bugs in Open Source C/C++ projects Andrey Karpov
This article demonstrates capabilities of the static code analysis methodology. The readers are offered to study the samples of one hundred errors found in open-source projects in C/C++.
Virtual machines are used for very different tasks. Personally I have been using VirtualBox for many
years to test software and simply study various Linux distributions. And now, after years of using the
tool and encountering unexpected behavior every now and then, I've decided to make use of my
experience in analysis of open-source projects and check the source code of Oracle VM Virtual Box.
VirtualBox is
After hot discussions on the article about "The Big Calculator" I felt like checking some other projects related to scientific computations. The first program that came to hand was the open-source project OpenMS dealing with protein mass spectrometry. This project appeared to have been written in a very serious and responsible way. Developers use at least Cppcheck to analyze their project. That's why I didn't hope to find anything sensational left unnoticed by that tool. On the other hand, I was curious to see what bugs PVS-Studio would be able to find in the code after Cppcheck. If you want to know this too, follow me.
In most of our articles about project checks, we mention that bugs are found by the PVS-Studio static code analyzer. In certain cases – when dealing with projects of a complex structure – it is this particular analyzer that is needed. However, many developers will also appreciate its lightweight version, the CppCat analyzer. In this connection, we decided to use CppCat this time, when checking the TortoiseGit project.
Rechecking TortoiseSVN with the PVS-Studio Code AnalyzerAndrey Karpov
We gave the TortoiseSVN developers a free registration key for some time so that they could check their project. While they haven't utilized it yet, I've decided to download the TortoiseSVN source codes and check it myself. My interest is obvious: I want to make another article to advertise PVS-Studio.
We already checked the TortoiseSVN project long ago. It was done at the same time as PVS-Studio 4.00 was released, which for the first time included diagnostic rules for general analysis.
OpenCV is a library of computer vision algorithms, picture processing algorithms, and general-purpose numerical algorithms. The library is written in C/C++ and is free both for academic and commercial use, as it is distributed under the BSD license. The time has come to check this library with the PVS-Studio code analyzer.
Tesseract. Recognizing Errors in Recognition SoftwareAndrey Karpov
Tesseract is a free software program for text recognition developed by Google. According to the project description, "Tesseract is probably the most accurate open source OCR engine available". And what if we try to catch some bugs there with the help of the CppCat analyzer?
Intel IPP Samples for Windows - error correctionPVS-Studio
This is one of my posts on how PVS-Studio makes programs safer. That is where and what types of errors it detects. This time it is samples demonstrating handling of the IPP 7.0 library (Intel Performance Primitives Library) we are going to examine.
Intel IPP Samples for Windows - error correctionAndrey Karpov
This is one of my posts on how PVS-Studio makes programs safer. That is where and what types of errors it detects. This time it is samples demonstrating handling of the IPP 7.0 library (Intel Performance Primitives Library) we are going to examine.
What has to be paid attention when reviewing code of the library you developAndrey Karpov
Developers of libraries have to be more diligent than «classic» application programmers. Why? You never know where and when the library will be used: Platforms; Compilers; Optimizations; Usage scenarios.
20145-5SumII_CSC407_assign1.htmlCSC 407 Computer Systems II.docxeugeniadean34240
20145-5SumII_CSC407_assign1.html
CSC 407: Computer Systems II: 2015 Summer II, Assignment #1
Last Modified 2015 July 21Purpose:
To go over issues related to how the compiler and the linker
serve you, the programmer.
Computing
Please ssh into ctilinux1.cstcis.cti.depaul.edu, or use your own Linux machine.
Compiler optimization (45 Points)
Consider the following program.
/* q1.c
*/
#include <stdlib.h>
#include <stdio.h>
#define unsigned int uint
#define LENGTH ((uint) 512*64)
int initializeArray (uint len,
int* intArray
)
{
uint i;
for (i = 0; i < len; i++)
intArray[i] = (rand() % 64);
}
uint countAdjacent (int maxIndex,
int* intArray,
int direction
)
{
uint i;
uint sum = 0;
for (i = 0; i < maxIndex; i++)
if ( ( intArray[i] == (intArray[i+1] + direction) ) &&
( intArray[i] == (intArray[i+2] + 2*direction) )
)
sum++;
return(sum);
}
uint funkyFunction (uint len,
int* intArray
)
{
uint i;
uint sum = 0;
for (i = 0; i < len-1; i++)
if ( (i % 8) == 0x3 )
sum += 7*countAdjacent(len-2,intArray,+1);
else
sum += 17*countAdjacent(len-2,intArray,-1);
return(sum);
}
int main ()
{
int* intArray = (int*)calloc(LENGTH,sizeof(int));
initializeArray(LENGTH,intArray);
printf("funkyFunction() == %d\n",funkyFunction(LENGTH,intArray));
free(intArray);
return(EXIT_SUCCESS);
}
(8 Points) Compile it for profiling but with no extra optimization with:
$ gcc -o q1None -pg q1.c # Compiles q1.c to write q1None to make profile info
$ ./q1None # Runs q1None
$ gprof q1None # Gives profile info on q1None
Be sure to scroll all the way to the top of gprof output!
What are the number of self seconds taken by:
FunctionSelf secondsinitializeBigArray()__________countAdjaceent()__________funkyFunction()__________
(8 Points)
How did it do the operation (i % 8) == 0x3?
Was it done as a modulus (the same as an expensive division, but returns the remainder instead of the quotient) or something else?
Show the assembly language for this C code
using gdb to dissassemble
funkyFunction() of q1None.
Hint: do:
$ gdb q1None
. . .
(gdb) disass funkyFunction
Dump of assembler code for function funkyFunction:
. . .
and then look for the code that sets up the calls to countAdjacent().
The (i % 8) == 0x3 test is done before either countAdjacent() call.
(8 Points) Compile it for profiling but with optimization with:
$ gcc -o q1Compiler -O1 -pg q1.c # Compiles q1.c to write q1Compiler to make profile info
$ ./q1Compiler # Runs q1Compiler
$ gprof q1Compiler # Gives profile info on q1Compiler
What are the number of self seconds taken by:
FunctionSelf secondsinitializeBigArray()__________countAdjacent()__________funkyFunction()__________(8 Points) Use gdb to dissassemble countAdjacent() of both q1None and q1.
"Why is there no artificial intelligence yet?" Or, analysis of CNTK tool kit ...PVS-Studio
Microsoft have given open access to the source code of a tool kit that is used in the company to speed up the development of artificial intelligence: Computational Network Toolkit is now available at Github. The developers had to create their own custom solution, because the existing tools did not work fast enough.
PVS-Studio delved into the FreeBSD kernelPVS-Studio
About a year ago we checked the Linux core. It was one of the most discussed articles at that time. We also got quite a number of requests to check FreeBSD, so finally we decided to take the time to do it.
We have successfully created and continue developing PVS-Studio analyzer for C/C++ languages. Over the time, it became clear that many of the diagnostics that we have implemented are not related to a specific programming language, so we decided to apply our experience to another programming language, namely C#. In this article, we are talking about the analysis of Code Contracts project by Microsoft done by our C# analyzer
A Check of the Open-Source Project WinSCP Developed in Embarcadero C++ BuilderAndrey Karpov
We regularly check open-source C/C++ projects, but what we check are mostly projects developed in the Visual Studio IDE. For some reason, we haven't paid much attention to the Embarcadero C++ Builder IDE. In order to improve this situation, we are going to discuss the WinSCP project I have checked recently.
P.S. C++ Builder support in PVS-Studio had been dropped after version 5.20. If you have any questions, feel free to contact our support.
Checking the Open-Source Multi Theft Auto GameAndrey Karpov
We haven't used PVS-Studio to check games for a long time. So, this time we decided to return to this practice and picked out the MTA project. Multi Theft Auto (MTA) is a multiplayer modification for PC versions of the Grand Theft Auto: San Andreas game by Rockstar North that adds online multiplayer functionality. As Wikipedia tells us, the specific feature of the game is "well optimized code with fewest bugs possible". OK, let's ask our analyzer for opinion.
PHP is a server-side scripting language designed for web development but also used as a general-purpose programming language. As of January 2013, PHP was installed on more than 240 million websites (39% of those sampled) and 2.1 million web servers. Originally created by Rasmus Lerdorf in 1994, the reference implementation of PHP (powered by the Zend Engine) is now produced by The PHP Group. While PHP originally stood for Personal Home Page, it now stands for PHP: Hypertext Preprocessor, which is a recursive acronym.
When developing compilers and interpreters, their source code and its testing procedure are demanded to comply with especially strict quality and reliability requirements. However, there are still some suspicious fragments found in the PHP interpreter's source code.
In this article, we are going to discuss the results of the check of the PHP interpreter by PVS-Studio 5.18.
We are regularly asked to check various open-source projects with the PVS-Studio analyzer. If you want to offer some project for us to analyze too, please follow this link. Another project we have checked is Dolphin-emu.
Similar to Analysis of Haiku Operating System (BeOS Family) by PVS-Studio. Part 2 (20)
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
Unleash Unlimited Potential with One-Time Purchase
BoxLang is more than just a language; it's a community. By choosing a Visionary License, you're not just investing in your success, you're actively contributing to the ongoing development and support of BoxLang.
Top 7 Unique WhatsApp API Benefits | Saudi ArabiaYara Milbes
Discover the transformative power of the WhatsApp API in our latest SlideShare presentation, "Top 7 Unique WhatsApp API Benefits." In today's fast-paced digital era, effective communication is crucial for both personal and professional success. Whether you're a small business looking to enhance customer interactions or an individual seeking seamless communication with loved ones, the WhatsApp API offers robust capabilities that can significantly elevate your experience.
In this presentation, we delve into the top 7 distinctive benefits of the WhatsApp API, provided by the leading WhatsApp API service provider in Saudi Arabia. Learn how to streamline customer support, automate notifications, leverage rich media messaging, run scalable marketing campaigns, integrate secure payments, synchronize with CRM systems, and ensure enhanced security and privacy.
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Shahin Sheidaei
Games are powerful teaching tools, fostering hands-on engagement and fun. But they require careful consideration to succeed. Join me to explore factors in running and selecting games, ensuring they serve as effective teaching tools. Learn to maintain focus on learning objectives while playing, and how to measure the ROI of gaming in education. Discover strategies for pitching gaming to leadership. This session offers insights, tips, and examples for coaches, team leads, and enterprise leaders seeking to teach from simple to complex concepts.
Globus Connect Server Deep Dive - GlobusWorld 2024Globus
We explore the Globus Connect Server (GCS) architecture and experiment with advanced configuration options and use cases. This content is targeted at system administrators who are familiar with GCS and currently operate—or are planning to operate—broader deployments at their institution.
GraphSummit Paris - The art of the possible with Graph TechnologyNeo4j
Sudhir Hasbe, Chief Product Officer, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Crescat
Crescat is industry-trusted event management software, built by event professionals for event professionals. Founded in 2017, we have three key products tailored for the live event industry.
Crescat Event for concert promoters and event agencies. Crescat Venue for music venues, conference centers, wedding venues, concert halls and more. And Crescat Festival for festivals, conferences and complex events.
With a wide range of popular features such as event scheduling, shift management, volunteer and crew coordination, artist booking and much more, Crescat is designed for customisation and ease-of-use.
Over 125,000 events have been planned in Crescat and with hundreds of customers of all shapes and sizes, from boutique event agencies through to international concert promoters, Crescat is rigged for success. What's more, we highly value feedback from our users and we are constantly improving our software with updates, new features and improvements.
If you plan events, run a venue or produce festivals and you're looking for ways to make your life easier, then we have a solution for you. Try our software for free or schedule a no-obligation demo with one of our product specialists today at crescat.io
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeAftab Hussain
Understanding variable roles in code has been found to be helpful by students
in learning programming -- could variable roles help deep neural models in
performing coding tasks? We do an exploratory study.
- These are slides of the talk given at InteNSE'23: The 1st International Workshop on Interpretability and Robustness in Neural Software Engineering, co-located with the 45th International Conference on Software Engineering, ICSE 2023, Melbourne Australia
Software Engineering, Software Consulting, Tech Lead, Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Transaction, Spring MVC, OpenShift Cloud Platform, Kafka, REST, SOAP, LLD & HLD.
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Globus
The U.S. Geological Survey (USGS) has made substantial investments in meeting evolving scientific, technical, and policy driven demands on storing, managing, and delivering data. As these demands continue to grow in complexity and scale, the USGS must continue to explore innovative solutions to improve its management, curation, sharing, delivering, and preservation approaches for large-scale research data. Supporting these needs, the USGS has partnered with the University of Chicago-Globus to research and develop advanced repository components and workflows leveraging its current investment in Globus. The primary outcome of this partnership includes the development of a prototype enterprise repository, driven by USGS Data Release requirements, through exploration and implementation of the entire suite of the Globus platform offerings, including Globus Flow, Globus Auth, Globus Transfer, and Globus Search. This presentation will provide insights into this research partnership, introduce the unique requirements and challenges being addressed and provide relevant project progress.
May Marketo Masterclass, London MUG May 22 2024.pdfAdele Miller
Can't make Adobe Summit in Vegas? No sweat because the EMEA Marketo Engage Champions are coming to London to share their Summit sessions, insights and more!
This is a MUG with a twist you don't want to miss.
Enterprise Resource Planning System includes various modules that reduce any business's workload. Additionally, it organizes the workflows, which drives towards enhancing productivity. Here are a detailed explanation of the ERP modules. Going through the points will help you understand how the software is changing the work dynamics.
To know more details here: https://blogs.nyggs.com/nyggs/enterprise-resource-planning-erp-system-modules/
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxrickgrimesss22
Discover the essential features to incorporate in your Winzo clone app to boost business growth, enhance user engagement, and drive revenue. Learn how to create a compelling gaming experience that stands out in the competitive market.
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Analysis of Haiku Operating System (BeOS Family) by PVS-Studio. Part 2
1. Analysis of Haiku Operating System (BeOS
Family) by PVS-Studio. Part 2
Author: Svyatoslav Razmyslov
Date: 24.04.2015
This is the second and last part of the large article about analysis of the Haiku operating system. In the
first article, we discussed a variety of possible errors all of which one way or another deal with
conditions. In this article, we will discuss the remaining analyzer warnings I have selected for you. The
bug examples are grouped into several categories.
Introduction
Haiku is a free and open-source operating system for PC designed to be binary compatible with the
BeOS operating system and embodying the basic ideas of BeOS. It's a modular system with the hybrid-
kernel architecture - microkernel architecture capable of dynamical module linking.
2. The project was analyzed on the Haiku user community's request with the PVS-Studio 5.24 static
analyzer.
String handling
V527 It is odd that the '0' value is assigned to 'char' type pointer. Probably meant: *scratchPtr = '0'.
TextGapBuffer.cpp 228
const char*
TextGapBuffer::Text()
{
const char* realText = RealText();
if (fPasswordMode) {
....
char* scratchPtr = fScratchBuffer;
for (uint32 i = 0; i < numChars; i++) {
memcpy(scratchPtr, B_UTF8_BULLET, bulletCharLen);
scratchPtr += bulletCharLen;
}
scratchPtr = '0'; //<==
return fScratchBuffer;
}
return realText;
}
After handling the string, the programmer most likely wanted to add a terminal null character to its end
instead of zeroing the pointer. The correct version of this code is as follows: "*scratchPtr = '0';".
V692 An inappropriate attempt to append a null character to a string. To determine the length of a
string by 'strlen' function correctly, a string ending with a null terminator should be used in the first
place. PoorManWindow.cpp 254
void
PoorManWindow::MessageReceived(BMessage* message)
{
....
if (inet_ntop(AF_INET, &sin_addr, addr, sizeof(addr)) != NULL){
addr[strlen(addr)] = '0'; //<==
line << '(' << addr << ") ";
}
....
}
To write the terminal null character at the end of the string, the programmer used the strlen() function
in this code, but the result of this is unpredictable, for the string must already be null-terminated for the
strlen() function to work properly. It is that very cell where 0 is found that the new zero will be written
into. At the same time, the strlen() function can reach far beyond the buffer's bounds, which will cause
an undefined-behavior issue. To fix this code, we need to use some different means to calculate the
string length.
3. Bad loops
V529 Odd semicolon ';' after 'for' operator. ringqueue.cpp 39
int
compute_order(unsigned long size)
{
int order;
unsigned long tmp;
for (order = 0, tmp = size; tmp >>= 1; ++order); //<==
if (size & ~(1 << order))
++order;
return order;
}
Something is wrong with this function - a loop left without its body because of a semicolon at the end.
Code formatting suggests that the condition should be included into the loop body. On the other hand,
the 'tmp' variable still won't be used anywhere.
Perhaps what the programmer wanted to do is the following:
int
compute_order(unsigned long size)
{
int order;
unsigned long tmp;
for (order = 0, tmp = size; tmp >>= 1; ++order)
if (tmp & ~(1 << order))
++order;
return order;
}
However, changing the counter of a for(;;) loop inside the body is not a very good style.
V535 The variable 'k' is being used for this loop and for the outer loop. Check lines: 3598, 3610. rules.c
3610
void
solver_get_unneeded(Solver *solv, Queue *unneededq, int filtered)
{
....
if (dep_possible(solv, *dp, &installedm))
{
Queue iq;
Id iqbuf[16];
queue_init_buffer(&iq, iqbuf, sizeof(iqbuf)/sizeof(*iqbuf));
dep_pkgcheck(solv, *dp, 0, &iq);
for (k = 0; k < iq.count; k++) //<==
{
Id p = iq.elements[k];
Solvable *sp = pool->solvables + p;
if (....)
continue;
for (j = 0; j < count; j++)
if (p == unneededq->elements[j])
break;
4. /* now add edge from j + 1 to i + 1 */
queue_insert(....);
/* addapt following edge pointers */
for (k = j + 2; k < count + 2; k++) //<==
edges.elements[k]++;
}
queue_free(&iq);
}
....
}
The code formatting is so terrible that if there is any error at all here, it surely has been made due to the
formatting. It is a bad style to use one counter in nested for(;;) loops.
Another issue of this kind:
V535 The variable 'i' is being used for this loop and for the outer loop. Check lines: 2319, 2349.
solver.c 2349
V634 The priority of the '*' operation is higher than that of the '<<' operation. It's possible that
parentheses should be used in the expression. RAW.cpp 1141
void
DCRaw::_WaveletDenoise()
{
....
for (i = 0; i < (1 << dim * 2); i++) { //<==
if (fimg[i] < -fThreshold)
fimg[i] += fThreshold;
else if (fimg[i] > fThreshold)
fimg[i] -= fThreshold;
else
fimg[i] = 0;
}
....
}
The multiplication operation has a higher precedence than the shift operation. I don't know what exactly
the code's authors wanted to do here, so they need to check the operator sequence and put
parentheses to explicitly define the operation execution order and make it more transparent.
Another similar issue:
V634 The priority of the '*' operation is higher than that of the '<<' operation. It's possible that
parentheses should be used in the expression. RAW.cpp 1099
V696 The 'continue' operator will terminate 'do { ... } while (FALSE)' loop because the condition is always
false. Check lines: 1939, 1945. Roster.cpp 1939
status_t
BRoster::_LaunchApp(....) const
{
....
do {
// find the app
....
if (appType.InitCheck() == B_OK
5. && appType.GetAppHint(&hintRef) == B_OK
&& appRef == hintRef) {
appType.SetAppHint(NULL);
// try again
continue;
}
...
} while (false);
....
}
The 'continue' operator in the "do { ... } while( ... )" loop makes a transition to calculating the loop
termination condition, but it is always false - in fact it is unconditional loop termination and the "try
again" comment will only confuse anyone who reads this code in future.
V706 Suspicious division: sizeof (kBaudrates) / sizeof (char *). Size of every element in 'kBaudrates' array
does not equal to divisor. SerialWindow.cpp 162
const int SerialWindow::kBaudrates[] = { 50, 75, 110, .... };
SerialWindow::SerialWindow() : ....
{
....
for(int i = sizeof(kBaudrates) / sizeof(char*); --i >= 0;)//<==
{
message = new BMessage(kMsgSettings);
message->AddInt32("baudrate", kBaudrateConstants[i]);
char buffer[7];
sprintf(buffer, "%d", kBaudrates[i]); //<==
BMenuItem* item = new BMenuItem(buffer, message);
fBaudrateMenu->AddItem(item);
}
....
}
To find out the number of items in the 'kBaudrates' array, the programmer for some reason divides its
size by the pointer size, so it turns out that in the 32-bit version, the entire array will be indexed, while in
the 64-bit one, only half of it.
Arrays
V548 Consider reviewing type casting. TYPE X[][] in not equivalent to TYPE **X. RAW.cpp 1668
void
DCRaw::_AdobeCoefficients(const char *make, const char *model)
{
static const struct {
const char *prefix;
short black, trans[12];
} table[] = {
{ "Canon EOS D2000", 0,
{ 24542,-10860,-3401,-1490,11370,-297,2858,-605,3225 }},
{ "Canon EOS D6000", 0,
{ 20482,-7172,-3125,-1033,10410,-285,2542,226,3136 }},
6. ....
};
double cameraXYZ[4][3];
for (uint32 i = 0; i < sizeof table / sizeof *table; i++) {
if (!strncasecmp(model, table[i].prefix, strlen(....))) {
if (table[i].black)
fMeta.black = table[i].black;
for (uint32 j = 0; j < 12; j++) {
((double**)cameraXYZ)[0][j] = table[i].trans[j] /10000.0;
}
_CameraXYZCoefficients(cameraXYZ);
break;
}
}
}
The 'cameraXYZ' array declared as "double cameraXYZ[4][3]" is cast to the "double **" type. This type
conversion, I guess, makes no sense at all and can be a source of some bugs.
The types "type[a][b]" and "type **" are different data structures. Type[a][b] is a single memory area
that can be handled as a two-dimensional array, while type ** is an array of pointers to some memory
areas.
V554 Incorrect use of auto_ptr. The memory allocated with 'new []' will be cleaned using 'delete'.
DefaultCatalog.cpp 208
status_t
DefaultCatalog::ReadFromFile(const char *path)
{
....
auto_ptr<char> buf(new(std::nothrow) char [sz]);
....
}
The analyzer has detected an issue when using a smart pointer may cause undefined behavior. The
'auto_ptr' class is not intended for array handling: it uses the 'delete' operator to free memory and if
you specify 'delete[]', the code simply won't compile.
The fixed code:
status_t
DefaultCatalog::ReadFromFile(const char *path)
{
....
unique_ptr<char[]> buf(new(std::nothrow) char[sz]);
....
}
Another issue of this kind:
V554 Incorrect use of auto_ptr. The memory allocated with 'new []' will be cleaned using
'delete'. DefaultCatalog.cpp 249
V557 Array overrun is possible. The '8' index is pointing beyond array bound. floppy_ctrl.c 637
V557 Array overrun is possible. The '9' index is pointing beyond array bound. floppy_ctrl.c 638
7. typedef struct floppy {
....
uint8 result[8]; /* status of the last finished command */
....
};
void
floppy_dump_reg(floppy_t *flp) {
....
//uint8 result[10]; //<== This was correct!
uint8 *result = flp->result; //<== Bad fix! :)
....
dprintf(FLO "gap=%d wg=%d eis=%d fifo=%d poll=%d thresh=%d
pretrk=%dn",
(result[7] & 0x02) >> 1, result[7] & 0x01,
(result[8] & 0x40) >> 6,
(result[8] & 0x20) >> 5, (result[8] & 0x10) >> 4,
result[8] & 0x0f, result[9]);
....
}
Two analyzer warnings refer to array overruns. The comments suggest that the 'result[]' array used to
comprise 10 items in the past and after modification, its size was reduced to 8 items. At the same time,
the program still tries to address ten items, with indexes from 0 to 9.
Variable names
V672 There is probably no need in creating the new 'path' variable here. One of the function's
arguments possesses the same name and this argument is a reference. Check lines: 348, 429.
translate.cpp 429
status_t
Translator::FindPath(const translation_format *format,
BPositionIO &stream, TypeList &typesSeen, TypeList &path, ....)
{
....
TypeList path;
double quality;
if (FindPath(...) == B_OK) {
if (bestQuality < quality * formatQuality) {
bestQuality = quality * formatQuality;
bestPath.SetTo(path);
bestPath.Add(formats[j].type);
status = B_OK;
}
}
....
}
Coincidence of the local 'path' variable's name with the function parameter (and not just function
parameter but a reference like in this case) may cause a loss of local changes in this variable as well as
other logical errors.
V711 It is dangerous to create a local variable within a loop with a same name as a variable controlling
this loop. ipv4.cpp 514
8. static int
dump_ipv4_multicast(int argc, char** argv)
{
MulticastState::Iterator it = sMulticastState->GetIterator();
while (it.HasNext()) {
....
int count = 0;
IPv4GroupInterface::AddressSet::Iterator it
= state->Sources().GetIterator();
while (it.HasNext()) {
....
}
kprintf("}> sock %pn", state->Parent()->Socket());
}
return 0;
}
A declaration of the 'it' variable was detected in the loop body, its name coinciding with that of a
variable used as a loop counter. This code may contain certain logical errors, to the extent that you may
end up with an infinite loop.
Memory handling
V597 The compiler could delete the 'memset' function call, which is used to flush 'password' buffer. The
RtlSecureZeroMemory() function should be used to erase the private data. login.cpp 126
static status_t
login(const char* user, struct passwd** _passwd)
{
....
bool ok = verify_password(passwd, spwd, password);
memset(password, 0, sizeof(password));
if (!ok)
return B_PERMISSION_DENIED;
*_passwd = passwd;
return B_OK;
}
Unfortunately, the password may remain uncleared in this code. Note that after the 'password' array is
cleared at the end, it is not used anymore. Therefore, when building the release version, the compiler is
very likely to remove the call of the memset() function. It has the full authority to do so. The analyzer
suggests using an analogous function for Windows, but in the Haiku operating system, we need to find
some other means to avoid the harmful compiler-driven optimization.
Other dangerous issues of this kind:
V597 The compiler could delete the 'memset' function call, which is used to flush 'finalcount'
buffer. The RtlSecureZeroMemory() function should be used to erase the private data. sha1.c
228
9. V597 The compiler could delete the 'memset' function call, which is used to flush
'encoded_block' buffer. The RtlSecureZeroMemory() function should be used to erase the
private data. dst_api.c 446
V597 The compiler could delete the 'memset' function call, which is used to flush 'in_buff'
buffer. The RtlSecureZeroMemory() function should be used to erase the private data. dst_api.c
916
V597 The compiler could delete the 'memset' function call, which is used to flush
'repeatedPassword' buffer. The RtlSecureZeroMemory() function should be used to erase the
private data. passwd.cpp 171
V630 The 'malloc' function is used to allocate memory for an array of objects which are classes
containing constructors. PDFWriter.cpp 117
status_t
PDFWriter::PrintPage(int32 pageNumber, int32 pageCount)
{
....
pictures =
(BPicture **)malloc(pictureCount * sizeof(BPicture *));
picRects =
(BRect *)malloc(pictureCount * sizeof(BRect)); //<==
picPoints =
(BPoint *)malloc(pictureCount * sizeof(BPoint)); //<==
picRegion = new BRegion();
....
}
When using malloc to allocate memory for an array of objects of some class, neither a constructor is
called when creating an object, nor a destructor is called when destroying it. Code like this may result in
handing uninitialized variables and other issues.
V512 A call of the 'memset' function will lead to underflow of the buffer 'context'. sha2.c 623
#define MEMSET_BZERO(p,l) memset((p), 0, (l))
void solv_SHA256_Final(sha2_byte digest[], SHA256_CTX* context) {
....
/* Clean up state data: */
MEMSET_BZERO(context, sizeof(context));
usedspace = 0;
}
The size of the memory area to be cleared equals the pointer size, not the structure size.
Other issues of this kind:
V512 A call of the 'memset' function will lead to underflow of the buffer 'context'. sha2.c 644
V512 A call of the 'memset' function will lead to underflow of the buffer 'context'. sha2.c 953
V512 A call of the 'memset' function will lead to underflow of the buffer 'context'. sha2.c 973
V512 A call of the 'memset' function will lead to underflow of the buffer 'context'. sha2.c 1028
V512 A call of the 'memset' function will lead to underflow of the buffer 'context'. sha2.c 1048
Miscellaneous
V591 Non-void function should return a value. pc.c 1031
10. ULONG
set_var(char *name, ULONG val)
{
variable *v;
v = lookup_var(name);
if (v != NULL)
v->value = val;
else
add_var(name, val);
}
Most likely, the returned value is not used in any way when calling the set_var() function. But if anyone
does use it someday, the result will be undefined behavior.
V671 It is possible that the 'swap' function interchanges the 'std::declval < _Alloc & > ()' variable with
itself. alloc_traits.h 191
static constexpr bool _S_nothrow_swap()
{
using std::swap;
return !_S_propagate_on_swap()
|| noexcept(
swap(std::declval<_Alloc&>(), std::declval<_Alloc&>()));
}
Strange use of the swap() function: identical arguments.
V519 The 'data->error' variable is assigned values twice successively. Perhaps this is a mistake. Check
lines: 222, 223. repo_solv.c 223
static unsigned char *
data_read_idarray(.... , Repodata *data)
{
....
data->error = pool_error( //<==
data->repo->pool, SOLV_ERROR_ID_RANGE,
"data_read_idarray: id too large (%u/%u)", x, max);
data->error = SOLV_ERROR_ID_RANGE; //<==
....
}
Assigning different values to one and the same variable on end. Looks like a typo.
V568 It's odd that the argument of sizeof() operator is the 'sizeof (struct tlv_header_t)' expression. print-
slow.c 255
void
slow_print(register const u_char *pptr, register u_int len) {
....
if (vflag > 1)
print_unknown_data(tptr+sizeof(sizeof(struct tlv_header_t)),
"nt ", tlv_len-sizeof(struct tlv_header_t));
....
}
11. The argument of the sizeof() operator is sizeof(), too. This operator calculates the type of an expression
and returns the size of this type, while the expression itself is not evaluated, i.e. the structure size
doesn't affect anything in this code.
There are lots of fragments like that:
V568 It's odd that the argument of sizeof() operator is the 'sizeof (struct lmp_object_header)'
expression. print-lmp.c 872
V568 It's odd that the argument of sizeof() operator is the 'sizeof (struct tlv_header_t)'
expression. print-slow.c 182
V568 It's odd that the argument of sizeof() operator is the 'sizeof (struct eigrp_tlv_header)'
expression. print-eigrp.c 283
V568 It's odd that the argument of sizeof() operator is the 'sizeof (struct eigrp_tlv_header)'
expression. print-eigrp.c 471
Conclusion
Haiku is a large and unusual project. I enjoyed analyzing it and making my small contribution to its
development. Despite my pretty rich experience of working with open-source projects, I still was
encountering some rare warnings when checking this project. In this article, I discussed what I think to
be the most suspicious and interesting code samples. All the other fragments I haven't mentioned here
or simply overlooked can be investigated by the authors themselves - we will send them a complete
analysis log.