Typical errors in code on the example of C++, C#, and Java

Typical errors in code on the example of
C++, C#, and Java
Information Technology Video Developer Network
Информационный
видеосервис
для
разработчиков
программного
обеспечения
http://itvdn.com

Георгий Грибков
About the speaker
Information Technology Video Developer Network http://itvdn.com
ITVDN
C++ developer of the PVS-Studio static code analyzer
• Develops the analyzer core, new diagnostics, supports users.
• Introduced PVS-Studio in the godbolt.org online compiler.
• Wrote articles for the Habr website and gave talks at IT conferences,
related to searching for bugs in code.
Typical errors in code on the example of C++, C#, and Java

Agenda
ITVDN
1. Objectives of this webinar
2. How we detected error patterns
3. Patterns themselves and how to avoid them:
3.1 Copy-paste and last line effect
3.2 if (A) {...} else if (A)
3.3 Errors in checks
3.4 Array index out of bounds
3.5 Operator precedence
3.6 Typos that are hard to spot
4. How to use static analysis properly
5. Conclusion
6. Q&A
Заключение

ITVDN
More than 50 video courses for C# developers at ITVDN
C# Basics
Author: Alexander Shevchuk
Duration: 16 h 3 mins
9 lessons
C# Basic (OOP)
Author: Alexander Shevchuk
18 lessons
C# for professionals
Author: Oleg Kulygin
17 lessons
C# Generics
Author: Nikolay Melnichuk
7 lessons
Unit testing in C#
Author: Dmitry Okhrimenko
3 lessons
.NET Apps
Refactoring
Author: David Boyarov
Duration: 6 h 41 mins, 5 lessons

ITVDN
More than 26 video courses for Java developers at ITVDN
Java Starter
Author: Evgeny Tikhonov
9 lessons
Java Essential
Author: Evgeny Tikhonov
10 lessons
Java Professional
Author : Evgeny Tikhonov
15 lessons
SOLID principles in Java
Author: Andrey Fok
5 lessons
Unit testing in Java with JUnit
Author: Mikhail Skafenko
7 lessons
Java EE Basics
Author: Andrey Bondarenko
12 lessons

ITVDN
Video courses for C++ developers at ITVDN
C++ Starter
Author: Vladimir Vinogradov
13 lessons
QT Framework
Author: Ruslan Larionenko
10 lessons
C++ Essential
Author: Kirill Chernega
8 lessons
C++Advanced
Author: Kirill Chernega
11 lessons
Complete practical tasks in C++
Author: Naumenko Alexander
STL - Standard Template Library
Author: Pavlenko Alexander

ITVDN

ITVDN
*

ITVDN
BUGS ARE EVERYWHERE!

How to avoid errors
ITVDN
• Warn developers of typical problems
• Use tools to automatically search for errors

Objectives of this webinar
ITVDN
• Demonstrate typical error patterns in code
• Show how to use static analysis properly

2. How we detected error patterns
ITVDN

What is static analysis
ITVDN
Static analysis is automated code review.

What is static analysis
ITVDN

Examples of static analyzers
ITVDN
• PVS-Studio
• Cppcheck
• Infer
• IntelliJ IDEA
• Clang Static Analyzer
• FindBugs
• ...
Long list of static analyzers:

How we detected error patterns
ITVDN
Found errors
380 13747
Checked
projects
Detected
errors

Check out the base of errors we found:
ITVDN

3. Patterns themselves and how to avoid them
ITVDN

Pattern № 1:
Copy-paste and last line effect
ITVDN

Elasticsearch (Java)
ITVDN

ITVDN
PVS-Studio warning:
V6039 There are two 'if' statements with identical
conditional expressions. The first 'if' statement
contains method return. This means that the
second 'if' statement is senseless.

ITVDN
Clang (C++)

ITVDN
Clang (C++)
PVS-Studio warning: V501 There are identical sub-expressions
SM.getExpansionColumnNumber(ContainerREnd)' to the left and to the right of the '>=' operator.

Xenko Game Engine (C#)
ITVDN

Xenko Game Engine (C#)
ITVDN
PVS-Studio warning: V3001 There are
identical sub-expressions 'box.Maximum.X
- box.Minimum.X > sphere.Radius' to the
left and to the right of the '&&' operator.

Pattern № 1: Copy-paste and last line effect
ITVDN
• We selected 84 examples of erroneous code
written with copy-paste
• 43 of them had an error in the last line!
• It is more than 50%!

ITVDN
• Stop copy-pasting
• Copy-pasting in programming is pure evil!
• If you dare to – be extremely attentive
How to avoid

Pattern № 2.
if (A) {...} else if (A)
ITVDN

ITVDN
PVS-Studio warning:
V6003 The use of 'if (A) {....} else if (A)
{....}' pattern was detected. There is a
probability of logical error presence.

Chromium (C++)
ITVDN

Chromium (C++)
ITVDN
PVS-Studio warning:
V517 The use of 'if (A) {...} else if (A)
{...}' pattern was detected. There is a
Check lines: 61, 63.

CryEngine V (C++)
ITVDN

CryEngine V (C++)
ITVDN
PVS-Studio warning:
V517 The use of 'if (A) {...} else if (A)
{...}' pattern was detected. There is a
Check lines: 266, 268.

MonoDevelop (C#)
ITVDN

MonoDevelop (C#)
ITVDN
PVS-Studio warning:
V3021 There are two 'if' statements
with identical conditional
expressions. The first 'if' statement
contains method return. This means
that the second 'if' statement is
senseless.

ITVDN
• Try to do best not to copy-paste
• If you’re still going to copy-paste, copy non-compiled constructions.
• Example:
if (value == _)
return _;
How to avoid?

Pattern № 3.
Errors in checks
ITVDN

Unity (C#)
ITVDN

Unity (C#)
ITVDN
PVS-Studio warning:
V3063 A part of conditional
expression is always true if it is
evaluated: pageSize <= 1000.

Bullet - the engine of Red Dead Redemption (C++)
ITVDN

Bullet - the engine of Red Dead Redemption (C++)
ITVDN
PVS-Studio warning:
V709 Suspicious comparison found:
'f0 == f1 == m_fractureBodies.size()’.
Remember that
'a == b == c’
is not equal to
'a == b && b == c'.

Apache Hive (Java)
ITVDN

Apache Hive (Java)
ITVDN
PVS-Studio warning: V6030 The method located to the right of the '|' operator will be called regardless of
the value of the left operand. Perhaps, it is better to use '||'.

Chromium (C++)
ITVDN
PVS-Studio warnings:
 V547 Expression
'time.month <=
kDaysInMonth[time.month] + 1' is
always true.
 V547 Expression
'time.month <=
kDaysInMonth[time.month]’
is always true.

ITVDN
• «Pay attention!» won’t work every time 
• Try backup tools
How to avoid

Pattern № 4.
Array index out of bounds
ITVDN

Stickies (C++)
ITVDN

Stickies (C++)
ITVDN
PVS-Studio warning:
V557 Array overrun is possible. The
'64' index is pointing beyond array
bound. stickies stickies.cpp

ITVDN
PVS-Studio warning: V6025 Possibly index '(int) x' is out of bounds.

IPP Samples (C++)
ITVDN

IPP Samples (C++)
ITVDN
PVS-Studio warning:
V557 Array overrun is possible. The '30'
index is pointing beyond array bound.

FastReport (C#)
ITVDN

FastReport (C#)
ITVDN
PVS-Studio warning:
V3106 Possible negative index value. The value
of 'idx' index could reach -1.

ITVDN
• Be careful when you add '0’ to the end of the string
• Do you get an external index? Make sure you check it!
• Don’t mix up '>' ('<‘) and '>=' ('<=‘) when comparing the index with the array size
How to avoid

4. How to use static analysis properly
ITVDN

When you should perform static analysis
ITVDN

When you should perform static analysis
ITVDN
Static analysis

How to make the most of static analysis
ITVDN
• Apply static analysis at early stages
• Analyze regularly

Proprietary development
ITVDN

Corporate development
ITVDN

Open-source development
ITVDN

More about analysis of commits and pull-requests
ITVDN

5. Conclusion
ITVDN

Typical error patterns in code
ITVDN
• Copy-paste and last line effect
• if (A) {...} else if (A)
• Errors in checks
• Array index out of bounds
• … (the list gradually expands)

How to avoid typical errors
ITVDN
• Stop copy-pasting!
• Seriously, stop copy-pasting!
• Pay attention to checks, even small and short ones.
• Carefully check array indexes.
• Regularly use static analysis.

Free PVS-Studio license for students
ITVDN
https://bit.ly/pvs-student

ITVDN
Q&A

ITVDN
Watch our video lessons on C++
At ITVDN you’ll find a collection of video courses and webinars for C++ developers.
Go to ITVDN.com and watch our video lessons right now!

IT VIDEO DEVELOPERS NETWORK
ITVDN

Typical errors in code on the example of C++, C#, and Java

More Related Content

Similar to Typical errors in code on the example of C++, C#, and Java (20)

More from Andrey Karpov (20)

Recently uploaded (20)

Typical errors in code on the example of C++, C#, and Java