To get a trial key
fill out the form below
Team License (standard version)
Enterprise License (extended version)
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
GBP
RUB
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Message submitted.

Your message has been sent. We will email you at


If you haven't received our response, please do the following:
check your Spam/Junk folder and click the "Not Spam" button for our message.
This way, you won't miss messages from our team in the future.

>
>
Bug of the month: taking the baton from…

Bug of the month: taking the baton from PC-Lint to PVS-Studio

March 23, 2017

Recently we published 2 articles about TOP 10 errors in C++ and C# projects found in 2016. We got very positive feedback and that made us think - why not to make such a top rating of bugs for a month? Our site has a huge base of errors that is well-structured and that we can use to choose bugs, which were detected during a certain period of time. In this article you will learn about the new blog section "Bug of the month" and how we prepared articles for it.

0490_The_bug_of_the_month/image1.png

Some may say that Gimpel Software has already had such a blog and we just borrowed their idea. But this is really not the case. What we have in common is the title and the fact that we make a post about a bug once a month.

But, although, in Gimpel Software there is really a number next to the diagnostic, the code provided there is artificially created as some kind of a puzzle with quite an amusing description. For example: "Santa and his elves are automating their Christmas delivery system. But one of the elves has made a critical error causing, in some areas, the actions to appear in an unexpected order". or: "Shawn O'Flaherty, perhaps a bit tipsy when he wrote this, is preparing a program for his pub's annual St. Patrick's Day celebration. Although not finished, there's already a bit of a problem". Also, they suggest finding this bug and checking yourself if you were right in solving the problem.

What we do is that we show bugs found only in open source projects, checked in several past years. We also tried choosing those bugs that would be understandable for all readers, not only experts. For example, these can be all favorite copy-paste or various typos that we find almost in all projects. Besides the code fragment, we also cite the text of the diagnostic, which the analyzer used to detect the problem. Below the post there is a link to the article about the check of the project, where you can see other bugs found in this project.

As it is written on the official site of Gimpel Software, their first "bug of the month" was found in March 1991 and the list continued to be replenished for 21 years. At one time they were very popular and promoted PC-Lint rather actively. Since 2012, the updates for this blog stopped, but the developers hope that "bug of the month" can be started again in the future.

In the meantime, we decided to take the baton from PC-Lint and create our own "bug of the month" with blackja.. using open source projects and errors we find in them.

0490_The_bug_of_the_month/image2.png

So, we reviewed a large number of projects that we checked from January 2014 to March and selected 54 interesting bugs: 39 for the C/C++ language and 15 for C#, because we started the C# support only in 2016. The table gets constantly updated and it can be found by this link: https://hownot2code.com/bug-of-the-month/.

As it was already said, we reviewed our existing error base and the always up-to-date list of open source projects. Perhaps, these materials would be interesting and also useful to the readers, as they can be used as recommendations of how to avoid the same errors, they may also help in doing some researches, related to the improvement of the software reliability and even for working on the code standards.

The existence of a large amount of errors in the code (especially in big projects) can be explained by the fact that it's not always possible to hold the attention and control every line of code, especially when there are thousands of them. This is how Copy-paste errors, undefined behavior, null pointer dereference, typos and other errors get in the code. They could all be avoided with the help of static analysis.

To make the number of such bugs less and improve the quality of the code, we suggest downloading and trying PVS-Studio on your project. Who knows, may be you will find your own bug of the month and will tell about it the community of developers to protect them from such errors. For now, you could also practise your bug searching skills and look for bugs in well-known Open Source projects.

Note. Recently, in the newly released version of PVS-Studio 6.14 we have added the support of Visual Studio 2017, Roslyn 2.0/C# 7.0 for the C# analyzer (see the release history).

So, welcome: Bug of the month!

Popular related articles
The Last Line Effect

Date: 05.31.2014

Author: Andrey Karpov

I have studied many errors caused by the use of the Copy-Paste method, and can assure you that programmers most often tend to make mistakes in the last fragment of a homogeneous code block. I have ne…
Characteristics of PVS-Studio Analyzer by the Example of EFL Core Libraries, 10-15% of False Positives

Date: 07.31.2017

Author: Andrey Karpov

After I wrote quite a big article about the analysis of the Tizen OS code, I received a large number of questions concerning the percentage of false positives and the density of errors (how many erro…
PVS-Studio ROI

Date: 01.30.2019

Author: Andrey Karpov

Occasionally, we're asked a question, what monetary value the company will receive from using PVS-Studio. We decided to draw up a response in the form of an article and provide tables, which will sho…
Appreciate Static Code Analysis!

Date: 10.16.2017

Author: Andrey Karpov

I am really astonished by the capabilities of static code analysis even though I am one of the developers of PVS-Studio analyzer myself. The tool surprised me the other day as it turned out to be sma…
Technologies used in the PVS-Studio code analyzer for finding bugs and potential vulnerabilities

Date: 11.21.2018

Author: Andrey Karpov

A brief description of technologies used in the PVS-Studio tool, which let us effectively detect a large number of error patterns and potential vulnerabilities. The article describes the implementati…
The Evil within the Comparison Functions

Date: 05.19.2017

Author: Andrey Karpov

Perhaps, readers remember my article titled "Last line effect". It describes a pattern I've once noticed: in most cases programmers make an error in the last line of similar text blocks. Now I want t…
Static analysis as part of the development process in Unreal Engine

Date: 06.27.2017

Author: Andrey Karpov

Unreal Engine continues to develop as new code is added and previously written code is changed. What is the inevitable consequence of ongoing development in a project? The emergence of new bugs in th…
The Ultimate Question of Programming, Refactoring, and Everything

Date: 04.14.2016

Author: Andrey Karpov

Yes, you've guessed correctly - the answer is "42". In this article you will find 42 recommendations about coding in C++ that can help a programmer avoid a lot of errors, save time and effort. The au…
PVS-Studio for Java

Date: 01.17.2019

Author: Andrey Karpov

In the seventh version of the PVS-Studio static analyzer, we added support of the Java language. It's time for a brief story of how we've started making support of the Java language, how far we've co…
The way static analyzers fight against false positives, and why they do it

Date: 03.20.2017

Author: Andrey Karpov

In my previous article I wrote that I don't like the approach of evaluating the efficiency of static analyzers with the help of synthetic tests. In that article, I give the example of a code fragment…

Comments (0)

Next comments

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
This website uses cookies and other technology to provide you a more personalized experience. By continuing the view of our web-pages you accept the terms of using these files. If you don't want your personal data to be processed, please, leave this site.
Learn More →
Accept