Static analysis is most useful when it is done on a regular basis. Especially when the project is rapidly developing, like the Blender project, for example. Now it's time to check it once more, and see what suspicious fragments we'll find this time.
Logical Expressions in C/C++. Mistakes Made by ProfessionalsPVS-Studio
In programming, a logical expression is a language construct that is evaluated as true or false. Many books that teach programming "from scratch" discuss possible operations on logical expressions familiar to every beginner. In this article, I won't be talking about the AND operator having higher precedence than OR. Instead, I will talk about common mistakes that programmers make in simple conditional expressions consisting of no more than three operators, and show how you can check your code using truth tables. Mistakes described here are the ones made by the developers of such well-known projects as FreeBSD, Microsoft ChakraCore, Mozilla Thunderbird, LibreOffice, and many others.
Some of you may know that we have recently released version 6.00 of our analyzer, that now has C# support. The ability to scan C# projects increases the number of open-source projects we can analyze. This article is about one such check. This time it is a project, developed by Sony Computer Entertainment (SCEI).
To measure the efficiency of our analyzer, and also to promote the methodology of static analysis, we regularly analyze open source projects for bugs and write articles about the results. 2016 was no exception. This year is especially important as it is the year of the "growth" of the C# analyzer. PVS-Studio has obtained a large number of new C# diagnostics, an improved virtual values mechanism (symbolic execution) and much more. Based on the results of our teamwork, I compiled a kind of chart of the most interesting bugs, found in various C# projects in 2016.
Microsoft opened the source code of Xamarin.Forms. We couldn't miss a chance ...PVS-Studio
You probably already know that the Microsoft Corporation bought the Xamarin Company. Even though Microsoft has started gradually opening the source code of some of its products, the Xamarin.Forms code was a big surprise. I couldn't give it the go-by, and decided to check the code using a static code analyzer.
ChakraCore: analysis of JavaScript-engine for Microsoft EdgePVS-Studio
On the JSConf US conference in December 2015 the developers announced that they were planning to make open the source code of Chakra key components, a JavaScript-engine, operating in Microsoft Edge. Recently the ChackraCore source code became available under the MIT license in the corresponding repository on GitHub. In this article you will find interesting code fragments that were detected with the help of PVS-Studio code analyzer.
Virtual machines are important tools in the arsenal of a software developer. Being an active user of VirtualBox, and checking various open source projects with the help of it, I was personally interested in checking its source code. We did the first check of this project in 2014, and the description of 50 errors barely fit into two articles. With the release of Windows 10 and VirtualBox 5.0.XX the stability of the program got significantly worse, in my humble opinion. So, I decided to check the project again.
Comparing the general static analysis in Visual Studio 2010 and PVS-Studio by...PVS-Studio
The article demonstrates errors detected with the static code analyzer integrated into Visual Studio 2010. The research was performed on five open source projects. The same projects were also checked with PVS-Studio. Results of comparing these two tools are presented at the end of the article.
Comparing the general static analysis in Visual Studio 2010 and PVS-Studio by...Andrey Karpov
The article demonstrates errors detected with the static code analyzer integrated into Visual Studio 2010. The research was performed on five open source projects. The same projects were also checked with PVS-Studio. Results of comparing these two tools are presented at the end of the article.
Logical Expressions in C/C++. Mistakes Made by ProfessionalsPVS-Studio
In programming, a logical expression is a language construct that is evaluated as true or false. Many books that teach programming "from scratch" discuss possible operations on logical expressions familiar to every beginner. In this article, I won't be talking about the AND operator having higher precedence than OR. Instead, I will talk about common mistakes that programmers make in simple conditional expressions consisting of no more than three operators, and show how you can check your code using truth tables. Mistakes described here are the ones made by the developers of such well-known projects as FreeBSD, Microsoft ChakraCore, Mozilla Thunderbird, LibreOffice, and many others.
Some of you may know that we have recently released version 6.00 of our analyzer, that now has C# support. The ability to scan C# projects increases the number of open-source projects we can analyze. This article is about one such check. This time it is a project, developed by Sony Computer Entertainment (SCEI).
To measure the efficiency of our analyzer, and also to promote the methodology of static analysis, we regularly analyze open source projects for bugs and write articles about the results. 2016 was no exception. This year is especially important as it is the year of the "growth" of the C# analyzer. PVS-Studio has obtained a large number of new C# diagnostics, an improved virtual values mechanism (symbolic execution) and much more. Based on the results of our teamwork, I compiled a kind of chart of the most interesting bugs, found in various C# projects in 2016.
Microsoft opened the source code of Xamarin.Forms. We couldn't miss a chance ...PVS-Studio
You probably already know that the Microsoft Corporation bought the Xamarin Company. Even though Microsoft has started gradually opening the source code of some of its products, the Xamarin.Forms code was a big surprise. I couldn't give it the go-by, and decided to check the code using a static code analyzer.
ChakraCore: analysis of JavaScript-engine for Microsoft EdgePVS-Studio
On the JSConf US conference in December 2015 the developers announced that they were planning to make open the source code of Chakra key components, a JavaScript-engine, operating in Microsoft Edge. Recently the ChackraCore source code became available under the MIT license in the corresponding repository on GitHub. In this article you will find interesting code fragments that were detected with the help of PVS-Studio code analyzer.
Virtual machines are important tools in the arsenal of a software developer. Being an active user of VirtualBox, and checking various open source projects with the help of it, I was personally interested in checking its source code. We did the first check of this project in 2014, and the description of 50 errors barely fit into two articles. With the release of Windows 10 and VirtualBox 5.0.XX the stability of the program got significantly worse, in my humble opinion. So, I decided to check the project again.
Comparing the general static analysis in Visual Studio 2010 and PVS-Studio by...PVS-Studio
The article demonstrates errors detected with the static code analyzer integrated into Visual Studio 2010. The research was performed on five open source projects. The same projects were also checked with PVS-Studio. Results of comparing these two tools are presented at the end of the article.
Comparing the general static analysis in Visual Studio 2010 and PVS-Studio by...Andrey Karpov
The article demonstrates errors detected with the static code analyzer integrated into Visual Studio 2010. The research was performed on five open source projects. The same projects were also checked with PVS-Studio. Results of comparing these two tools are presented at the end of the article.
Comparing the general static analysis in Visual Studio 2010 and PVS-Studio by...PVS-Studio
The article demonstrates errors detected with the static code analyzer integrated into Visual Studio 2010. The research was performed on five open source projects. The same projects were also checked with PVS-Studio. Results of comparing these two tools are presented at the end of the article.
Checking the code of Valgrind dynamic analyzer by a static analyzerPVS-Studio
This statement would be incorrect, as well as the reverse idea. The tools of static and dynamic analysis complement each other, they do not compete with each other. Both of these methods have strengths and weaknesses. Some errors cannot be detected by dynamic analyzers, some - by static ones. That's why I suggest treating this post as another demonstration of the abilities of PVS-Studio, not the comparison of two methodologies.
Python and Ruby implementations compared by the error densityPVS-Studio
Which programming language to start learning? Python or Ruby? Which one is better? Django or Ruby on Rails? Such questions can often be found on IT forums around the world. I suggest comparing not the languages themselves, but their reference implementations: CPython and MRI. In this article, we are going to cover the errors that were found by PVS-Studio in these projects.
Dusting the globe: analysis of NASA World Wind projectPVS-Studio
Sometimes it is useful to look back to see how helpful the analyzer was to old projects, and which errors can be avoided in good time, if the analyzer is regularly used. This time our choice was NASA World Wind project, which was being developed on C# until 2007.
Checking the Source Code of FlashDevelop with PVS-StudioPVS-Studio
To assess the quality of our static analyzer's diagnostics and to advertise it, we regularly analyze various open-source projects. The developers of FlashDevelop project contacted us on their own initiative and asked us to check their product, which we have gladly done.
OpenCV is a library of computer vision algorithms, picture processing algorithms, and general-purpose numerical algorithms. The library is written in C/C++ and is free both for academic and commercial use, as it is distributed under the BSD license. The time has come to check this library with the PVS-Studio code analyzer.
Checking the Code of LDAP-Server ReOpenLDAP on Our Readers' RequestPVS-Studio
In this article, I'd like to talk about the analysis of ReOpenLDAP project. It was developed to help solve issues that PAO (PJSC) MegaFon, Russia's largest mobile network operator, was faced with when employing OpenLDAP in their infrastructure. ReOpenLDAP is now successfully used in MegaFon affiliates all over Russia, so we thought it would be interesting to check such a high-load project as this one with our static analyzer PVS-Studio.
A Spin-off: CryEngine 3 SDK Checked with CppCatAndrey Karpov
We have finished a large comparison of the static code analyzers CppCat, Cppcheck, PVS-Studio and Visual Studio 2013's built-in analyzer. In the course of this investigation, we checked over 10 open-source projects. Some of them do deserve to be discussed specially. In today's article, I'll tell you about the results of the check of the CryEngine 3 SDK project.
Tesseract. Recognizing Errors in Recognition SoftwareAndrey Karpov
Tesseract is a free software program for text recognition developed by Google. According to the project description, "Tesseract is probably the most accurate open source OCR engine available". And what if we try to catch some bugs there with the help of the CppCat analyzer?
Date Processing Attracts Bugs or 77 Defects in Qt 6Andrey Karpov
The recent Qt 6 release compelled us to recheck the framework with PVS-Studio. In this article, we reviewed various interesting errors we found, for example, those related to processing dates. The errors we discovered prove that developers can greatly benefit from regularly checking their projects with tools like PVS-Studio.
In this article, I'm going to tell you about my experience of analyzing the Octave project. It is quite a popular one, especially among students who need to scan their math task solutions yet don't feel like buying a Matlab license.
Linux version of PVS-Studio couldn't help checking CodeLitePVS-Studio
As is already known to our readers, PVS-Studio static analyzer is exploring a new development direction - the Linux platform; as you may have noticed from the previous articles, it is doing well. This article shows how easily you can check a project with the help of the Linux version of the analyzer, because the simpler PVS-Studio for Linux is, the more supporters it will have. This time our choice was the CodeLite project. CodeLite was compiled and tested in Linux. Let's see what results we got.
How to make fewer errors at the stage of code writing. Part N4.PVS-Studio
This is the fourth post in which I want to share with you some useful observations on error patterns and the ways of fighting them. This time I will touch upon the subject of handling rare and emergency conditions in programs. While examining a number of applications, I came to a conclusion that the error handling code is one of the most unreliable parts in C/C++ programs' sources. What are the consequences of such defects? An application must generate the message "file X is not found" but instead it crashes and forces the user to make guesses about what he/she is doing wrong. A program handling a data base produces an incomprehensible message instead of telling the user that there is just a field filled in incorrectly. Let's try to fight against this type of errors that haunt our users.
Media Portal 2 is open software of a media center class, allowing the user to listen to music, watch videos, viewing pictures, and much more. For us, the developers of PVS-Studio static analyzer, this is another chance to check an interesting project, tell people (and developers) about the errors we find, and demonstrate the abilities of our analyzer of course.
Rechecking TortoiseSVN with the PVS-Studio Code AnalyzerAndrey Karpov
We gave the TortoiseSVN developers a free registration key for some time so that they could check their project. While they haven't utilized it yet, I've decided to download the TortoiseSVN source codes and check it myself. My interest is obvious: I want to make another article to advertise PVS-Studio.
We already checked the TortoiseSVN project long ago. It was done at the same time as PVS-Studio 4.00 was released, which for the first time included diagnostic rules for general analysis.
PHP is a server-side scripting language designed for web development but also used as a general-purpose programming language. As of January 2013, PHP was installed on more than 240 million websites (39% of those sampled) and 2.1 million web servers. Originally created by Rasmus Lerdorf in 1994, the reference implementation of PHP (powered by the Zend Engine) is now produced by The PHP Group. While PHP originally stood for Personal Home Page, it now stands for PHP: Hypertext Preprocessor, which is a recursive acronym.
When developing compilers and interpreters, their source code and its testing procedure are demanded to comply with especially strict quality and reliability requirements. However, there are still some suspicious fragments found in the PHP interpreter's source code.
In this article, we are going to discuss the results of the check of the PHP interpreter by PVS-Studio 5.18.
Intel IPP Samples for Windows - error correctionPVS-Studio
This is one of my posts on how PVS-Studio makes programs safer. That is where and what types of errors it detects. This time it is samples demonstrating handling of the IPP 7.0 library (Intel Performance Primitives Library) we are going to examine.
We have checked the Windows 8 Driver Samples pack with our analyzer PVS-Studio and found various bugs in its samples. There is nothing horrible about it - bugs can be found everywhere, so the title of this article may sound a bit high-flown. But these particular errors may be really dangerous, as it is a usual practice for developers to use demo samples as a basis for their own projects or borrow code fragments from them.
Errors detected in the Visual C++ 2012 librariesPVS-Studio
Static code analysis is one of the error detection methodologies. We are glad that this methodology is becoming more and more popular nowadays. Visual Studio which includes static analysis as one of its many features contributes to this process to a large extent. This feature is easy to try and start using regularly. When one understands one likes static code analysis, we are glad to offer a professional analyzer PVS-Studio for the languages C/C++/C++11.
The Chromium browser is developing very fast. When we checked the solution for the first time in 2011, it included 473 projects. Now it includes 1169 projects. We were curious to know if Google developers had managed to keep the highest quality of their code with Chromium developing at such a fast rate. Well, they had.
Comparing the general static analysis in Visual Studio 2010 and PVS-Studio by...PVS-Studio
The article demonstrates errors detected with the static code analyzer integrated into Visual Studio 2010. The research was performed on five open source projects. The same projects were also checked with PVS-Studio. Results of comparing these two tools are presented at the end of the article.
Checking the code of Valgrind dynamic analyzer by a static analyzerPVS-Studio
This statement would be incorrect, as well as the reverse idea. The tools of static and dynamic analysis complement each other, they do not compete with each other. Both of these methods have strengths and weaknesses. Some errors cannot be detected by dynamic analyzers, some - by static ones. That's why I suggest treating this post as another demonstration of the abilities of PVS-Studio, not the comparison of two methodologies.
Python and Ruby implementations compared by the error densityPVS-Studio
Which programming language to start learning? Python or Ruby? Which one is better? Django or Ruby on Rails? Such questions can often be found on IT forums around the world. I suggest comparing not the languages themselves, but their reference implementations: CPython and MRI. In this article, we are going to cover the errors that were found by PVS-Studio in these projects.
Dusting the globe: analysis of NASA World Wind projectPVS-Studio
Sometimes it is useful to look back to see how helpful the analyzer was to old projects, and which errors can be avoided in good time, if the analyzer is regularly used. This time our choice was NASA World Wind project, which was being developed on C# until 2007.
Checking the Source Code of FlashDevelop with PVS-StudioPVS-Studio
To assess the quality of our static analyzer's diagnostics and to advertise it, we regularly analyze various open-source projects. The developers of FlashDevelop project contacted us on their own initiative and asked us to check their product, which we have gladly done.
OpenCV is a library of computer vision algorithms, picture processing algorithms, and general-purpose numerical algorithms. The library is written in C/C++ and is free both for academic and commercial use, as it is distributed under the BSD license. The time has come to check this library with the PVS-Studio code analyzer.
Checking the Code of LDAP-Server ReOpenLDAP on Our Readers' RequestPVS-Studio
In this article, I'd like to talk about the analysis of ReOpenLDAP project. It was developed to help solve issues that PAO (PJSC) MegaFon, Russia's largest mobile network operator, was faced with when employing OpenLDAP in their infrastructure. ReOpenLDAP is now successfully used in MegaFon affiliates all over Russia, so we thought it would be interesting to check such a high-load project as this one with our static analyzer PVS-Studio.
A Spin-off: CryEngine 3 SDK Checked with CppCatAndrey Karpov
We have finished a large comparison of the static code analyzers CppCat, Cppcheck, PVS-Studio and Visual Studio 2013's built-in analyzer. In the course of this investigation, we checked over 10 open-source projects. Some of them do deserve to be discussed specially. In today's article, I'll tell you about the results of the check of the CryEngine 3 SDK project.
Tesseract. Recognizing Errors in Recognition SoftwareAndrey Karpov
Tesseract is a free software program for text recognition developed by Google. According to the project description, "Tesseract is probably the most accurate open source OCR engine available". And what if we try to catch some bugs there with the help of the CppCat analyzer?
Date Processing Attracts Bugs or 77 Defects in Qt 6Andrey Karpov
The recent Qt 6 release compelled us to recheck the framework with PVS-Studio. In this article, we reviewed various interesting errors we found, for example, those related to processing dates. The errors we discovered prove that developers can greatly benefit from regularly checking their projects with tools like PVS-Studio.
In this article, I'm going to tell you about my experience of analyzing the Octave project. It is quite a popular one, especially among students who need to scan their math task solutions yet don't feel like buying a Matlab license.
Linux version of PVS-Studio couldn't help checking CodeLitePVS-Studio
As is already known to our readers, PVS-Studio static analyzer is exploring a new development direction - the Linux platform; as you may have noticed from the previous articles, it is doing well. This article shows how easily you can check a project with the help of the Linux version of the analyzer, because the simpler PVS-Studio for Linux is, the more supporters it will have. This time our choice was the CodeLite project. CodeLite was compiled and tested in Linux. Let's see what results we got.
How to make fewer errors at the stage of code writing. Part N4.PVS-Studio
This is the fourth post in which I want to share with you some useful observations on error patterns and the ways of fighting them. This time I will touch upon the subject of handling rare and emergency conditions in programs. While examining a number of applications, I came to a conclusion that the error handling code is one of the most unreliable parts in C/C++ programs' sources. What are the consequences of such defects? An application must generate the message "file X is not found" but instead it crashes and forces the user to make guesses about what he/she is doing wrong. A program handling a data base produces an incomprehensible message instead of telling the user that there is just a field filled in incorrectly. Let's try to fight against this type of errors that haunt our users.
Media Portal 2 is open software of a media center class, allowing the user to listen to music, watch videos, viewing pictures, and much more. For us, the developers of PVS-Studio static analyzer, this is another chance to check an interesting project, tell people (and developers) about the errors we find, and demonstrate the abilities of our analyzer of course.
Rechecking TortoiseSVN with the PVS-Studio Code AnalyzerAndrey Karpov
We gave the TortoiseSVN developers a free registration key for some time so that they could check their project. While they haven't utilized it yet, I've decided to download the TortoiseSVN source codes and check it myself. My interest is obvious: I want to make another article to advertise PVS-Studio.
We already checked the TortoiseSVN project long ago. It was done at the same time as PVS-Studio 4.00 was released, which for the first time included diagnostic rules for general analysis.
PHP is a server-side scripting language designed for web development but also used as a general-purpose programming language. As of January 2013, PHP was installed on more than 240 million websites (39% of those sampled) and 2.1 million web servers. Originally created by Rasmus Lerdorf in 1994, the reference implementation of PHP (powered by the Zend Engine) is now produced by The PHP Group. While PHP originally stood for Personal Home Page, it now stands for PHP: Hypertext Preprocessor, which is a recursive acronym.
When developing compilers and interpreters, their source code and its testing procedure are demanded to comply with especially strict quality and reliability requirements. However, there are still some suspicious fragments found in the PHP interpreter's source code.
In this article, we are going to discuss the results of the check of the PHP interpreter by PVS-Studio 5.18.
Intel IPP Samples for Windows - error correctionPVS-Studio
This is one of my posts on how PVS-Studio makes programs safer. That is where and what types of errors it detects. This time it is samples demonstrating handling of the IPP 7.0 library (Intel Performance Primitives Library) we are going to examine.
We have checked the Windows 8 Driver Samples pack with our analyzer PVS-Studio and found various bugs in its samples. There is nothing horrible about it - bugs can be found everywhere, so the title of this article may sound a bit high-flown. But these particular errors may be really dangerous, as it is a usual practice for developers to use demo samples as a basis for their own projects or borrow code fragments from them.
Errors detected in the Visual C++ 2012 librariesPVS-Studio
Static code analysis is one of the error detection methodologies. We are glad that this methodology is becoming more and more popular nowadays. Visual Studio which includes static analysis as one of its many features contributes to this process to a large extent. This feature is easy to try and start using regularly. When one understands one likes static code analysis, we are glad to offer a professional analyzer PVS-Studio for the languages C/C++/C++11.
The Chromium browser is developing very fast. When we checked the solution for the first time in 2011, it included 473 projects. Now it includes 1169 projects. We were curious to know if Google developers had managed to keep the highest quality of their code with Chromium developing at such a fast rate. Well, they had.
Analyzing the Blender project with PVS-StudioPVS-Studio
We go on analyzing open source projects and making the software world better. This time we have checked the Blender 2.62 package intended for creating 3D computer graphics.
Analysis of Haiku Operating System (BeOS Family) by PVS-Studio. Part 1PVS-Studio
Operating systems are among the largest and most complicated software projects, and that means they perfectly suit the purpose of demonstrating static code analysis' capabilities. After the successful analysis of Linux Kernel, I felt inspired to try analyzing other open-source operating systems as well.
A Spin-off: Firebird Checked by PVS-StudioAndrey Karpov
We are currently working on a great task of carrying out a detailed comparison of four code analyzers: CppCat, Cppcheck, PVS-Studio and Visual Studio 2013 (i.e. its built-in code analyzer). As a set of materials to base this comparison on, we decided to check at least 10 open-source projects and study the reports from all the analyzers. This is a very labor-intensive task and it is not over yet. However, we have already checked a few projects and can share some of the results with you. And that's what I'm going to do in this article. We'll start with interesting bugs we have managed to find in Firebird with the help of PVS-Studio.
Headache from using mathematical softwarePVS-Studio
It so happened that during some period of time I was discussing on the Internet, one would think, different topics: free alternatives of Matlab for universities and students, and finding errors in algorithms with the help of static code analysis. All these discussions were brought together by the terrible quality of the code of modern programs. In particular, it is about quality of software for mathematicians and scientists. Immediately there arises the question of the credibility to the calculations and studies conducted with the help of such programs. We will try to reflect on this topic and look for the errors.
ReactOS is intensively developing, and its codebase is steadily growing in size. On February 16, 2016, a new version of the operating system was released, and we thought it was a good occasion to run it through our static analyzer one more time. The new scan was done with PVS-Studio, version 6.02.
Re-checking the ReactOS project - a large reportPVS-Studio
The ReactOS project is rapidly developing. One of the developers participating in this project suggested that we re-analyzed the source code, as the code base is growing fast. We were glad to do that. We like this project, and we'll be happy if this article helps the developers to eliminate some bugs. Analysis was performed with the PVS-Studio 5.02 code analyzer.
One of the programs, which allows you to solve the problem of data compression, is a popular file archiver 7-Zip, which I often use myself. Our readers have long asked us to check the code of this application. Well, it's time to look at its source code, and see what PVS-Studio is able to detect in this application.
After hot discussions on the article about "The Big Calculator" I felt like checking some other projects related to scientific computations. The first program that came to hand was the open-source project OpenMS dealing with protein mass spectrometry. This project appeared to have been written in a very serious and responsible way. Developers use at least Cppcheck to analyze their project. That's why I didn't hope to find anything sensational left unnoticed by that tool. On the other hand, I was curious to see what bugs PVS-Studio would be able to find in the code after Cppcheck. If you want to know this too, follow me.
PVS-Studio delved into the FreeBSD kernelPVS-Studio
About a year ago we checked the Linux core. It was one of the most discussed articles at that time. We also got quite a number of requests to check FreeBSD, so finally we decided to take the time to do it.
Every now and then, we have to write articles about how we've checked another fresh version of some compiler. That's not really much fun. However, as practice shows, if we stop doing that for a while, folks start doubting whether PVS-Studio is worth its title of a good catcher of bugs and vulnerabilities. What if the new compiler can do that too? Sure, compilers evolve, but so does PVS-Studio – and it proves, again and again, its ability to catch bugs even in high-quality projects such as compilers.
A Slipshod Check of the Visual C++ 2013 Library (update 3)Andrey Karpov
Someone suggested to me recently that I check the libraries from Visual Studio 2013. I haven't found
anything of much interest, just a few small errors and slip-ups. They wouldn't make an interesting,
attractive article, but I've still decided to describe all those defects. I just hope it will help make the
libraries a bit better and stimulate the authors to carry out a more thorough analysis. I don't have the
project files necessary to build the libraries, so my analysis had to be superficial and I could have missed
a lot.
An important event has taken place in the PVS-Studio analyzer's life: support of C#-code analysis was added in the latest version. As one of its developers, I couldn't but try it on some project. Reading about scanning small and little-known projects is not much interesting of course, so it had to be something popular, and I picked MonoDevelop.
Errors that static code analysis does not find because it is not usedAndrey Karpov
Readers of our articles occasionally note that the PVS-Studio static code analyzer detects a large number of errors that are insignificant and don't affect the application. It is really so. For the most part, important bugs have already been fixed due to manual testing, user feedback, and other expensive methods. At the same time, many of these errors could have been found at the code writing stage and corrected with minimal loss of time, reputation and money. This article will provide several examples of real errors, which could have been immediately fixed, if project authors had used static code analysis.
One of the Microsoft development teams already uses PVS-Studio analyzer in their work. It's great, but it's not enough. That's why I keep demonstrating how static code analysis could benefit developers, using Microsoft projects as examples. We scanned Casablanca project three years ago and found nothing. As a tribute to its high quality, the project was awarded with a "bugless code" medal. As time went by, Casablanca developed and grew. PVS-Studio's capabilities, too, have significantly improved, and now I've finally got the opportunity to write an article about errors found by the analyzer in Casablanca project (C++ REST SDK). These errors are few, but the fact that their number is still big enough for me to make this article, does speak a lot in favor of PVS-Studio's effectiveness.
"Why is there no artificial intelligence yet?" Or, analysis of CNTK tool kit ...PVS-Studio
Microsoft have given open access to the source code of a tool kit that is used in the company to speed up the development of artificial intelligence: Computational Network Toolkit is now available at Github. The developers had to create their own custom solution, because the existing tools did not work fast enough.
Accord.Net: Looking for a Bug that Could Help Machines Conquer HumankindPVS-Studio
Articles discussing the results of analysis of open-source projects are a good thing as they benefit everyone: some, including project authors themselves, can find out what bugs lurk in a project; others discover for themselves the static analysis technology and start using it to improve their code's quality. For us, it is a wonderful means to promote PVS-Studio analyzer, as well as to put it through some additional testing. This time I have analyzed Accord.Net framework and found lots of interesting issues in its code.
This time it was the microcosm that brought us a few interesting bugs. We have checked the open-source project μManager with our analyzer PVS-Studio. This project is a software package for automated microscope image acquisition.
A Unicorn Seeking Extraterrestrial Life: Analyzing SETI@home's Source CodePVS-Studio
Debates on whether or not we are alone in the Universe have been exciting our minds for many decades. This question is approached seriously by the SETI program whose mission is to search for extraterrestrial civilizations and ways to contact them. It is the analysis of one of this program's projects, SETI@home, that we are going to talk about in this article.
Similar to PVS-Studio team is about to produce a technical breakthrough, but for now let's recheck Blender (20)
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdfJay Das
With the advent of artificial intelligence or AI tools, project management processes are undergoing a transformative shift. By using tools like ChatGPT, and Bard organizations can empower their leaders and managers to plan, execute, and monitor projects more effectively.
May Marketo Masterclass, London MUG May 22 2024.pdfAdele Miller
Can't make Adobe Summit in Vegas? No sweat because the EMEA Marketo Engage Champions are coming to London to share their Summit sessions, insights and more!
This is a MUG with a twist you don't want to miss.
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Shahin Sheidaei
Games are powerful teaching tools, fostering hands-on engagement and fun. But they require careful consideration to succeed. Join me to explore factors in running and selecting games, ensuring they serve as effective teaching tools. Learn to maintain focus on learning objectives while playing, and how to measure the ROI of gaming in education. Discover strategies for pitching gaming to leadership. This session offers insights, tips, and examples for coaches, team leads, and enterprise leaders seeking to teach from simple to complex concepts.
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Globus
The U.S. Geological Survey (USGS) has made substantial investments in meeting evolving scientific, technical, and policy driven demands on storing, managing, and delivering data. As these demands continue to grow in complexity and scale, the USGS must continue to explore innovative solutions to improve its management, curation, sharing, delivering, and preservation approaches for large-scale research data. Supporting these needs, the USGS has partnered with the University of Chicago-Globus to research and develop advanced repository components and workflows leveraging its current investment in Globus. The primary outcome of this partnership includes the development of a prototype enterprise repository, driven by USGS Data Release requirements, through exploration and implementation of the entire suite of the Globus platform offerings, including Globus Flow, Globus Auth, Globus Transfer, and Globus Search. This presentation will provide insights into this research partnership, introduce the unique requirements and challenges being addressed and provide relevant project progress.
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Anthony Dahanne
Les Buildpacks existent depuis plus de 10 ans ! D’abord, ils étaient utilisés pour détecter et construire une application avant de la déployer sur certains PaaS. Ensuite, nous avons pu créer des images Docker (OCI) avec leur dernière génération, les Cloud Native Buildpacks (CNCF en incubation). Sont-ils une bonne alternative au Dockerfile ? Que sont les buildpacks Paketo ? Quelles communautés les soutiennent et comment ?
Venez le découvrir lors de cette session ignite
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxrickgrimesss22
Discover the essential features to incorporate in your Winzo clone app to boost business growth, enhance user engagement, and drive revenue. Learn how to create a compelling gaming experience that stands out in the competitive market.
Listen to the keynote address and hear about the latest developments from Rachana Ananthakrishnan and Ian Foster who review the updates to the Globus Platform and Service, and the relevance of Globus to the scientific community as an automation platform to accelerate scientific discovery.
How Recreation Management Software Can Streamline Your Operations.pptxwottaspaceseo
Recreation management software streamlines operations by automating key tasks such as scheduling, registration, and payment processing, reducing manual workload and errors. It provides centralized management of facilities, classes, and events, ensuring efficient resource allocation and facility usage. The software offers user-friendly online portals for easy access to bookings and program information, enhancing customer experience. Real-time reporting and data analytics deliver insights into attendance and preferences, aiding in strategic decision-making. Additionally, effective communication tools keep participants and staff informed with timely updates. Overall, recreation management software enhances efficiency, improves service delivery, and boosts customer satisfaction.
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
Unleash Unlimited Potential with One-Time Purchase
BoxLang is more than just a language; it's a community. By choosing a Visionary License, you're not just investing in your success, you're actively contributing to the ongoing development and support of BoxLang.
Enterprise Resource Planning System includes various modules that reduce any business's workload. Additionally, it organizes the workflows, which drives towards enhancing productivity. Here are a detailed explanation of the ERP modules. Going through the points will help you understand how the software is changing the work dynamics.
To know more details here: https://blogs.nyggs.com/nyggs/enterprise-resource-planning-erp-system-modules/
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
Software Engineering, Software Consulting, Tech Lead.
Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Security,
Spring Transaction, Spring MVC,
Log4j, REST/SOAP WEB-SERVICES.
PVS-Studio team is about to produce a technical breakthrough, but for now let's recheck Blender
1. PVS-Studio team is about to produce a
technical breakthrough, but for now let's
recheck Blender
Author: Alexander Chibisov
Date: 21.07.2016
Static analysis is most useful when it is done on a regular basis. Especially when the project is rapidly
developing, like the Blender project, for example. Now it's time to check it once more, and see what
suspicious fragments we'll find this time.
Introduction
Blender is a free, open source professional 3D creation suite. It supports the entirety of the 3D
pipeline—modeling, rigging, animation, simulation, rendering, compositing, and motion tracking; even
video editing and game creation.
We have already checked this project before. You may find the results of the previous check of v2.62 in
the article "Analyzing the Blender project with PVS-Studio".
Since the last time we checked it, the size of the source code, including additional libraries, increased to
77 mb. Its codebase is now 2206 KLOC. At the time of the previous check the project was 68 mb (2105
KLOC).
The SourceMonitor utility was a great help to me in evaluating the codebase size. This utility is able to
analyze the code in C++, C, C #, VB.NET, Java, and Delphi, and is able to evaluate various metrics. For
example, it can determine the cyclomatic complexity of your projects, as well as generate detailed
statistics for each of the project files, and show the results as a table or diagrams.
2. So this article is about errors and suspicious fragments that were found in Blender, v2.77a. To do the
analysis, we used PVS-Studio 6.05
Typos
During the active usage of copying mechanism and automatic code completion, you may have errors in
the names of various variables and constants. Such errors can result in incorrect evaluation results or
unexpected program behavior. In the Blender project there were several such examples. Let's take a
closer look.
A typo in the condition
CurvePoint::CurvePoint(CurvePoint *iA, CurvePoint *iB, float t3)
{
....
if ((iA->getPoint2D() - //<=
iA->getPoint2D()).norm() < 1.0e-6) { //<=
....
}
....
}
V501 There are identical sub-expressions to the left and to the right of the '-' operator: iA->getPoint2D()
- iA->getPoint2D() curve.cpp 136
Inside the CurvePoint function the program handles two objects with similar names - iA and iB. Different
methods of these objects get intersected all the time in various operations in quite a long tree of
conditions. There is a typo in one of these conditional blocks. As a result we have a subtraction
operation between the properties of one and the same object. Without knowing the peculiarities of the
code, it's quite hard to say, in which operand we have an error. I can suggest two variants of how to fix
it:
if ((iA->getPoint2D()-iB->getPoint2D()).norm()<1.0e-6)....
or
if ((iB->getPoint2D()-iA->getPoint2D()).norm()<1.0e-6)....
The following error was also hiding inside a conditional statement.
template<typename MatrixType, int QRPreconditioner>
void JacobiSVD<MatrixType, QRPreconditioner>::allocate(....)
{
....
if(m_cols>m_rows)m_qr_precond_morecols.allocate(*this);
if(m_rows>m_cols)m_qr_precond_morerows.allocate(*this);
if(m_cols!=m_cols)m_scaledMatrix.resize(rows,cols); //<=
}
3. V501 There are identical sub-expressions to the left and right of the '!=' operator: m_cols != m_cols
jacobisvd.h 819
In the given fragment, you can see the equalization of the number of rows and columns inside some
matrix. If the quantity isn't the same, the program allocates memory for new elements and creates
them. Later, if new cells are added, there is an operation of altering the matrix size. Unfortunately, due
to the error in the conditional statement the operation will never be executed, because the condition
m_cols!=m_cols is always false. In this case it doesn't matter which part is changed, so I suggest the
following variant:
if(m_cols!=m_rows) m_scaledMatrix.resize(rows,cols)
Several more problem areas were detected by the V501 diagnostic:
V501 There are identical sub-expressions to the left and to the right of the '==' operator:
left.rows() == left.rows() numeric.cc 112
V501 There are identical sub-expressions to the left and to the right of the '>' operator:
(from[0][3]) > (from[0][3]) stereoimbuf.c 120
V501 There are identical sub-expressions to the left and to the right of the '>' operator:
(from[0][3]) > (from[0][3]) stereoimbuf.c 157
V501 There are identical sub-expressions to the left and to the right of the '==' operator: out->y
== out->y filter.c 209
Null pointer handling
The typo in the names had more serious consequences.
int QuantitativeInvisibilityF1D::operator()(....)
{
ViewEdge *ve = dynamic_cast<ViewEdge*>(&inter);
if (ve) {
result = ve->qi();
return 0;
}
FEdge *fe = dynamic_cast<FEdge*>(&inter);
if (fe) {
result = ve->qi(); //<=
return 0;
}
....
}
V522 Dereferencing of the null pointer 've' might take place. functions1d.cpp 107
This function is fairly short, but typos can trap us, even in simple functions. We can see in the code that
two objects get created and checked. However, after the check of the second object, an error occurred,
and even if fe was successfully created, instead of it, the result of function work from the first object is
4. written to the result; according to the previous conditions, this object wasn't created at all. This will
most likely lead to a crash of the program if this exception isn't caught by a handler of a higher level.
Apparently, the second code fragment was written using Copy-Paste. By accident the programmer
forgot to change the variable name ve. The correct code should probably be like this:
FEdge *fe = dynamic_cast<FEdge*>(&inter);
if (fe) {
result = fe->qi();
return 0;
}
Null pointer usage
static ImBuf *accessor_get_ibuf(....)
{
ImBuf *ibuf, *orig_ibuf, *final_ibuf;
....
/* First try to get fully processed image from the cache. */
ibuf = accesscache_get(accessor,
clip_index,
frame,
input_mode,
downscale,
transform_key);
if (ibuf != NULL) {
return ibuf;
}
/* And now we do postprocessing of the original frame. */
orig_ibuf = accessor_get_preprocessed_ibuf(accessor,
clip_index,
frame);
if (orig_ibuf == NULL) {
return NULL;
}
....
if (downscale > 0) {
if (final_ibuf == orig_ibuf) {
final_ibuf = IMB_dupImBuf(orig_ibuf);
5. }
IMB_scaleImBuf(final_ibuf,
ibuf->x / (1 << downscale), //<=
ibuf->y / (1 << downscale)); //<=
}
....
if (input_mode == LIBMV_IMAGE_MODE_RGBA) {
BLI_assert(ibuf->channels == 3 || //<=
ibuf->channels == 4); //<=
}
....
return final_ibuf;
}
Warnings:
V522 Dereferencing of the null pointer 'ibuf' might take place. tracking_util.c 765
V522 Dereferencing of the null pointer 'ibuf' might take place. tracking_util.c 766
V522 Dereferencing of the null pointer 'ibuf' might take place. tracking_util.c 783
In the fragment given above, you can see that the check of ibuf variable interrupts the function much
sooner than this variable is used if the object was created. We could probably stop here and confirm the
fact of a pointer dereferencing. At the same time, if we do a more painstaking examination of the code
and the comments to it, we see a true reason for the error. This is a typo, again. In the fragments
indicated by the analyzer, the programmer should have used the variable orig_ibuf instead of ibuf.
Incorrect variable type
typedef enum eOutlinerIdOpTypes {
OUTLINER_IDOP_INVALID = 0,
OUTLINER_IDOP_UNLINK,
OUTLINER_IDOP_LOCAL,
....
} eOutlinerIdOpTypes;
typedef enum eOutlinerLibOpTypes {
OL_LIB_INVALID = 0,
OL_LIB_RENAME,
OL_LIB_DELETE,
} eOutlinerLibOpTypes;
6. static int outliner_lib_operation_exec(....)
{
....
eOutlinerIdOpTypes event; //<=
....
event = RNA_enum_get(op->ptr, "type");
switch (event) {
case OL_LIB_RENAME: //<=
{
....
}
case OL_LIB_DELETE: //<=
{
....
}
default:
/* invalid - unhandled */
break;
}
....
}
Warnings:
V556 The values of different enum types are compared: switch(ENUM_TYPE_A) { case
ENUM_TYPE_B: ... }. outliner_tools.c 1286
V556 The values of different enum types are compared: switch(ENUM_TYPE_A) { case
ENUM_TYPE_B: ... }. outliner_tools.c 1295
In this example you can see two types that are enumerations. It's quite an expected fact that there was
a typo in the names that are almost the same.
In fact, the code works correctly. At the same time it confuses us by the mismatch of the types. The
variable gets a value of an enumeration, and is compared with the constants of a different one. To
correct this error it's enough to change the type of the variable event to eOutlinerLibOpTypes.
Operation precedence error
static void blf_font_draw_buffer_ex(....)
{
....
cbuf[3] = (unsigned char)((alphatest = ((int)cbuf[3] +
7. (int)(a * 255)) < 255) ? alphatest : 255);
....
}
V593 Consider reviewing the expression of the 'A = B < C' kind. The expression is calculated as following:
'A = (B < C)'. blf_font.c 414
Failure to comply with the operation precedence is one of the most common errors when working with
complex expressions. In this case it's just a typo, but it led to a breach of the logic of the ternary
operator. Due to an incorrectly put parentheses, there was an operation precedence error. On top of
that, the value of alphatest variable also gets damaged. Instead of the value, which is evaluated by the
ternary operator, the alphatest variable is assigned with a value of bool-type that was obtained in the
result of a comparison operation. Only after that the ternary operator works with the value of the
alphatest variable, and the result doesn't get saved. To fix this bug, we should change the expression as
follows:
cbuf[3] = (unsigned char)(alphatest = (((int)cbuf[3] +
(int)(a * 255)) < 255) ? alphatest : 255);
Invalid constant
bool BKE_ffmpeg_alpha_channel_is_supported(RenderData *rd)
{
int codec = rd->ffcodecdata.codec;
if (codec == AV_CODEC_ID_QTRLE)
return true;
if (codec == AV_CODEC_ID_PNG)
return true;
if (codec == AV_CODEC_ID_PNG)
return true;
....
}
V649 There are two 'if' statements with identical conditional expressions. The first 'if' statement
contains function return. This means that the second 'if' statement is senseless. Check lines: 1672, 1675.
writeffmpeg.c 1675
We see a successive check of the variable value to match the flag with the help of single-line conditions.
Because of the typo one of the flags gets checked twice. Most likely, a different constant should have
been checked instead of a repeated check. There are a lot of variants of these constants that's why it's
hard to say how this code should be fixed.
Using one variable in an outer and inner loop
bool BM_face_exists_overlap_subset(...., const int len)
{
int i;
8. ....
for (i = 0; i < len; i++) {
BM_ITER_ELEM (f, &viter, varr[i], BM_FACES_OF_VERT) {
if ((f->len <= len) && (....)) {
BMLoop *l_iter, *l_first;
if (is_init == false) {
is_init = true;
for (i = 0; i < len; i++) { //<=
BM_ELEM_API_FLAG_ENABLE(varr[i], _FLAG_OVERLAP);
}
}
....
}
}
}
}
V535 The variable 'i' is being used for this loop and for the outer loop. Check lines: 2204, 2212.
bmesh_queries.c 2212
Using the same variable in the outer and inner loop may lead to incorrect execution of the outer loop. In
this case this will less likely be an error, as the loop is probably looking for the necessary element and
exits, and the second loop is triggered only in this case. But still, using a single variable is a dangerous
trick and may lead to real errors if there is a necessity to optimize this code fragment.
Redundant code
Excessive code fragments can be found in any program. Sometimes this is old code that was forgotten
after refactoring. But at times those extra fragments serve as a way to keep up the project style. Such
fragments can be quite dangerous. In other words, duplicate code often indicates the presence of logical
errors.
Double check
static void knife_add_single_cut(....)
{
....
if ((lh1->v && lh2->v) && //<=
(lh1->v->v && lh2->v && lh2->v->v) && //<=
(e_base = BM_edge_exists(lh1->v->v, lh2->v->v)))
{
9. ....
return;
}
....
}
V501 There are identical sub-expressions 'lh2->v' to the left and right of the '&&' operator.
editmesh_knife.c 781
This is one of the variants of a condition that wasn't thought out well. It's certainly not a mistake, just an
extra check, but that doesn't mean that the code does not need additional review. The condition
consists of several expressions. At the same time a part of the second expression is the same as the
check of one variable from the first expression, so it's not needed here. To fix this code we need to
remove the excessive check lh2->v from the second expression. After that the code will become much
easier to read.
Another example:
static int edbm_rip_invoke__vert(....)
{
....
if (do_fill) {
if (do_fill) {
....
}
}
....
}
V571 Recurring check. The 'if (do_fill)' condition was already verified in line 751. editmesh_rip.c 752
One more variant of a logical error. Absolutely identical expressions are checked inside an outer and
inner condition. The double check will always give the same result, which makes no sense. Of course,
this code does not affect the program work in any way. But it's not clear how this code will change over
time, and extra checks can mislead a person in the future.
Unnecessary checks can be found in several fragments of the project. Here are several more spots,
detected by the analyzer:
V571 Recurring check. The 'but' condition was already verified in line 9587. interface_handlers.c
9590
V571 Recurring check. The '!me->mloopcol' condition was already verified in line 252.
paint_vertex.c 253
V571 Recurring check. The 'constinv == 0' condition was already verified in line 5256.
transform_conversions.c 5257
V571 Recurring check. The 'vlr->v4' condition was already verified in line 4174. convertblender.c
4176
10. V571 Recurring check. The 'ibuf == ((void *) 0)' condition was already verified in line 3557.
sequencer.c 3559
And the third example is obviously redundant code:
static void writedata_do_write(....)
{
if ((wd == NULL) || wd->error ||
(mem == NULL) || memlen < 1) return;
if (wd->error) return;
....
}
V649 There are two 'if' statements with identical conditional expressions. The first 'if' statement
contains function return. This means that the second 'if' statement is senseless. Check lines: 331, 332.
writefile.c 332
The string if (wd->error) return; is excessive, and the function will exit earlier than this condition will be
handled. And so, it should just be removed.
Opposite condition blocks
static int select_less_exec(....)
{
....
if ((lastsel==0)&&(bp->hide==0)&&(bp->f1 & SELECT)){
if (lastsel != 0) sel = 1;
else sel = 0;
....
}
....
}
V637 Two opposite conditions were encountered. The second condition is always false. Check lines: 938,
939. editcurve_select.c 938
In the fragment we can see that there is an extra condition inside an outer condition block. The inner
condition is opposite the main one and always gives the same result; the sel variable will never be 1.
Therefore, it is enough to simply write sel = 0 without additional check. Although this error may have
been fixed by changing one of the expressions. Since I didn't take part in the creation of this project, it's
hard for me to say for sure.
Redundant expressions
DerivedMesh *fluidsimModifier_do(....)
{
....
11. if (!fluidmd || (fluidmd && !fluidmd->fss))
return dm;
....
}
V728 An excessive check can be simplified. The '||' operator is surrounded by opposite expressions
'!fluidmd' and 'fluidmd'. mod_fluidsim_util.c 528
Opposite values of one and the same variable are checked under one condition. Such conditions are
often found of different kinds and variations. They don't cause any harm to the software, but they can
complicate the code. This expression can be simplified and written as follows:
if (!fluidmd || !fluidmd->fss)) ....
Similar fragments:
V728 An excessive check can be simplified. The '||' operator is surrounded by opposite
expressions '!render_only' and 'render_only'. drawobject.c 4663
V728 An excessive check can be simplified. The '||' operator is surrounded by opposite
expressions '!parent' and 'parent'. kx_scene.cpp 1667
One more such a condition:
void ED_transverts_create_from_obedit(....)
{
....
if ((tipsel && rootsel) || (rootsel)) {....}
....
}
V686 A pattern was detected: (rootsel) || ((rootsel) && ...). The expression is excessive or contains a
logical error. ed_transverts.c 325
As in the example given above, the same variable is checked twice inside one expression. This
expression is not an erroneous one, but it definitely has an extra check. Let's simplify it to make it more
compact and easy-to-read.
if ((tipsel || rootsel) {....}
There were such errors in other places in the project.
V686 A pattern was detected: (!py_b_len) || ((!py_b_len) && ...). The expression is excessive or
contains a logical error. aud_pyapi.cpp 864
V686 A pattern was detected: (xn == 0.0f) || ((xn == 0.0f) && ...). The expression is excessive or
contains a logical error. renderdatabase.c 993
V686 A pattern was detected: (xn == 0.0f) || ((xn == 0.0f) && ...). The expression is excessive or
contains a logical error. renderdatabase.c 1115
Iterative assignment
static bool find_prev_next_keyframes(....)
{
12. ....
do {
aknext = (ActKeyColumn *)BLI_dlrbTree_search_next(
&keys, compare_ak_cfraPtr, &cfranext);
if (aknext) {
if (CFRA == (int)aknext->cfra) {
cfranext = aknext->cfra; //<-
}
else {
if (++nextcount == U.view_frame_keyframes)
donenext = true;
}
cfranext = aknext->cfra; //<-
}
} while ((aknext != NULL) && (donenext == false));
....
}
V519 The 'cfranext' variable is assigned values twice successively. Perhaps this is a mistake. Check lines:
447, 454. anim_draw.c 454
The assignment inside conditional blocks makes no sense, because its value is assigned again in the end
of the loop without any condition. A loop, placed in the code right after the given fragment helps us
draw the conclusion that the excessive string is placed above. It differs only in the prev variables, and
the absence of this string in the condition. Moreover, assuming that the extra string is underneath, and
the condition CFRA == (int)aknext->cfra turns out to be false, then this loop will become an infinite one.
This fragment really needs some fixing, but how to do it exactly - only the developers of the project
know.
Extra or unused variables
There were many such fragments with initialized, but unused, variables in the project. Some of them can
be considered as logical errors and excessive checks, but we have already spoken about them a lot.
There are also constants that probably should have been changed inside the functions. But as a result
they are just checks, always returning the same result. An example of such a fragment:
static int rule_avoid_collision(....)
{
....
int n, neighbors = 0, nearest = 0; //<=
....
if (ptn && nearest==0) //<=
13. MEM_freeN(ptn);
return ret;
}
V560 A part of conditional expression is always true: nearest == 0. boids.c 361
I'll just provide the other fragments as a list. Perhaps some of them are debatable, but they are worth
paying attention to.
V560 A part of conditional expression is always true: edit == 0. particle.c 3781
V560 A part of conditional expression is always true: !error. pointcache.c 154
V560 A part of conditional expression is always true: !error. pointcache.c 2742
V560 A part of conditional expression is always false: col. drawobject.c 7803
V560 A part of conditional expression is always false: !canvas_verts. dynamicpaint.c 4636
V560 A part of conditional expression is always true: (!leaf). octree.cpp 2513
V560 A part of conditional expression is always true: (!leaf). octree.cpp 2710
V560 A part of conditional expression is always false: (1 == i). basicstrokeshaders.cpp 67
V560 A part of conditional expression is always true: (0 == i). basicstrokeshaders.cpp 69
V560 A part of conditional expression is always false: (1 == i). basicstrokeshaders.cpp 84
V560 A part of conditional expression is always true: (0 == i). basicstrokeshaders.cpp 86
V560 A part of conditional expression is always false: (1 == i). basicstrokeshaders.cpp 155
V560 A part of conditional expression is always true: (0 == i). basicstrokeshaders.cpp 157
V560 A part of conditional expression is always true: (!radmod). solver_control.cpp 557
V560 A part of conditional expression is always true: done != 1. context.c 301
V560 A part of conditional expression is always true: is_tablet == false. ghost_systemwin32.cpp
665
V560 A part of conditional expression is always true: mesh >= 0. kx_gameobject.cpp 976
Extra clearing of the list
int TileManager::gen_tiles(bool sliced)
{
....
state.tiles.clear(); //<=
....
int tile_index = 0;
state.tiles.clear();
state.tiles.resize(num);
....
}
V586 The 'clear' function is called twice for deallocation of the same resource. Check lines: 149, 156.
tile.cpp 156
14. In this case, it might just be the extra line. There probably used to be some code between the two list
clearings, but in this case it's just another useless fragment that should be removed so that the code
isn't cluttered up. This string can be a consequence of the fact that some other object should be cleared
in it, which is not seen at first glance. In this case the fragment will be a real error that may lead to
unexpected results for the program.
Very often such seemingly redundant code may lead to really serious errors, or my help avoiding them
in the future during further modifications. This is why you should pay attention to these analyzer
warnings, and not mark them as "unimportant".
Intrigue
PVS-Studio Team is now actively working on a new direction in development. And I am covering backs,
filling the information field with articles about the rechecking of some open source projects. What is the
direction that we are talking about? I cannot say. I'll just leave a picture here that you are free to
interpret as you wish.
Conclusion
The analyzer detected quite a number of troublesome spots in the project. However, at times, the
coding style in Blender is quite strange and we cannot say for sure that these are errors. In my opinion,
dangerous errors often occur because of typos. PVS-Studio is especially good at catching such bugs.
Those bugs, described in this article reflect the personal opinion of the author which is quite subjective.
To see the full range of analyzer abilities, you should download it, and try it out yourself.