How good are you at spotting bugs in code? The team behind the PVS-Studio static analyzer has created a C++ quiz that challenges you to find the flaws in code fragments, taken from real open source programs.

For people unaware of the term, Static program analysis is the analysis of the software that is performed without actually executing the program.

There are number of code analyzer tools available for the purpose. Code analyzers are able to find many bugs quickly that can be difficult to be noticed by the naked eye and  PVS-Studio is a static analyzer that detects errors in source code of C/C++ applications.

It is a common misconception that code analyzers are good in finding simple errors like misplaced commas and semicolons and missing parentheses but are useless in finding difficult logical errors.

Due to this misconception, code analyzers are generally considered fit just for novice programmers and students. However the quiz compiled by PVS-Studio team after using its tool to analyze more than 200 open-source projects may well change this misconception - the bugs are subtle. 

When you take the C++ Quiz you play against the clock.

For this article we've stopped the clock - but for each of the three code fragments you should try to find the logical error before jumping on the solution. Also note down the time in which you were able to discover the error (if you were able to find one). We will also show the warning message that the code analyzer gave to consolidate the argument in favor of code analyzers.

NOTE: These examples do not test your C++ knowledge at an advanced level, instead they test your ability to find logical errors with a very basic knowledge of C++.

Code Fragment 1:

Before you scroll down to the solution, where the bug is highlighted in red, have a go at working it out.

If you can't immediately see the problem, you may find the warning provided by PVS-Studio helpful: 

Have you worked it out?

Here's the fragment again with the error shown in red:

If you found the warning somewhat cryptic here's a further explanation. Only a portion of the object would be copied with the original code because sizeof(this) would give 4 bytes or 8 bytes (depending on platform).

To correct the code replace the red portion with:

sizeof(*this)

which will use the size of object pointed to by this.

Code Fragment 2:

Does the warning help?

Let's confirm where the problem occurs:

The code is trying to access a property using a NULL pointer (else{ } part will be executed only when subnet is NULL). Hence at runtime the code will give NULL pointer dereference error.

Code Fragment 3:

For the final sample see if you can spot what has gone wrong here:

If you want a clue here's the warning:

If you still haven't spotted it, here is the bug in red:

This is a type of error that is easy to make and difficult to spot and is the consequence of using copy and paste to enter a repetitive block of code. Here the value of '1' was not replaced by '5' in one of the copied lines.

Conclusion

How many errors did you find?

How much time did it take to find them?

Code analyzers like PVS-Studio are able to give these warnings in less than 5 seconds.

Above examples prove that code analyzers are not just good at finding simple syntax error. Instead they can be pretty useful in finding logical errors too.

If you want more mental exercise, go to the C++ Quiz from which these examples were taken.

Go ahead and flex your brain muscles!

Andrey Karpov is a co-founder and CTO of Program Verification Systems, a company whose main activity is the development of the static code analysis tool, PVS-Studio. Andrey is a PhD in the field of mathematical modeling and numerical methods. He has received four Microsoft MVP awards as a Visual C++ expert and is an Intel Black Belt. 

Comments

Make a Comment or View Existing Comments Using Disqus

or email your comment to: comments@i-programmer.info