SlideShare a Scribd company logo

Static Code Analysis: Keeping the Cost of Bug Fixing Down

Download as PPTX, PDF
Andrey Karpov, profile picture
Andrey Karpov

The document discusses static code analysis as a method to reduce bug fixing costs by detecting issues early in the coding process, with techniques like code review and the use of static analysis tools such as PVS-Studio. It highlights the importance of regular use of these analyzers to efficiently identify and address defects, while also addressing common misconceptions about static analysis and its applicability to both novice and experienced programmers. The document provides examples of typical bugs detected and emphasizes the need for integrating static analysis into the development workflow.

Software
Related topics:
Insights on Software Development
1 of 50
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
PVS-Studio Team www.viva64.com Static Code Analysis: Keeping the Cost of Bug Fixing Down
Bugs Have Always Been and Will Always Be There • No use preaching "careful coding" • Bugs have always been and will always be there • Everybody knows bugs should be fixed • People forget that bugs should be fixed at the lowest cost possible in terms of time and money!
Too Many Heroes Are a Bad Sign • You may enjoy telling people how your team spent a week heroically hunting for a bug • But the fact that your team has to perform such feats does it no credit This city code needs a hero!
Static Code Analysis: Keeping the Cost of Bug Fixing Down
Static Code Analysis: Keeping the Cost of Bug Fixing Down
The Sooner You Fix, the Better • Depending on the bug pattern, fixing at the coding stage is 10–100 times cheaper than after the release • Various techniques are available: • code review • unit testing (or TDD) • testing a new feature by its author • dynamic code analysis (a variation of testing) • static analysis, which will be discussed further
What Code Review Is • Code is examined by several programmers • Ideally, they shouldn’t be using a computer • They give their comments and advice on what to fix and improve
Pros of Code Review by Humans • You can find complex bugs • You can find high-level defects (such as slow algorithms)
Cons of Code Review by Humans • There could be bugs none of the reviewers is aware of • It’s expensive • Humans get tired fast
Static Analysis as a Compromise • Pros of analyzers: • they check the entire code • they don’t get tired • they can recognize tricky bug patterns • Cons: • they are just programs, not an AI • They are definitely useful thanks to immediate detection of bugs • Analogy: the spell check in Microsoft Word.
Static Analysis Tools • We’ll take PVS-Studio as an example • But there are many other tools to fit any taste: • FxCop • Klocwork • Parasoft • SonarQube • Veracode • More: https://en.Wikipedia.org/wiki/List_of_tools_for_static_code_analysis
A Few Examples: A Typo static bool AreEqual (VisualStyleElement value1, VisualStyleElement value2) { return value1.ClassName == value1.ClassName && value1.Part == value2.Part && value1.State == value2.State; } PVS-Studio: V3001 There are identical sub-expressions 'value1.ClassName' to the left and to the right of the '==' operator. ThemeVisualStyles.cs 2141 Mono
A Few Examples: Coding in a Hurry void IBackgroundTask.Sweep() { .... // Don't flood the database with progress updates; // Limit it to every 5 seconds. if ((_clock.UtcNow - lastUpdateUtc).Seconds >= 5) { .... PVS-Studio: V3118 Seconds component of TimeSpan is used, which does not represent full time interval. Possibly 'TotalSeconds' value was intended instead. AssetUploader.cs 182 Orchard CMS should be TotalSeconds
A Few Examples: Sorting PVS-Studio: V3078 Original sorting order will be lost after repetitive call to 'OrderBy' method. Use 'ThenBy' method to preserve the original sorting. CodeCoverageMethodElement.cs 124 SharpDevelop void Init() { .... this.SequencePoints.OrderBy(item => item.Line) .OrderBy(item => item.Column); }
A Few Examples: A Tricky Detail • The analyzer can recognize bug patterns your team don’t even know of. static class Profiler { [ThreadStatic] private static Stopwatch timer = new Stopwatch(); .... Mono V3089 Initializer of a field marked by [ThreadStatic] attribute will be called once on the first accessing thread. The field will have default value on different threads. System.Data.Linq- net_4_x Profiler.cs 16
More examples towards the end
The Biggest Mistake Made When Using Static Analyzers • One-time checks have little effect • Think of it by analogy with compiler warnings • Everything really bad has been already fixed using other means; you have only minor defects and heisenbugs left
False Positives • These are an unavoidable evil, but static analyzers provide various means to tackle them • Means of dealing with false positives in PVS-Studio • selective warning suppression • selective exclusion of folders/files from analysis • selective disabling of diagnostics • suppression markup base, which is the most important feature – more on this in the next slides
PVS-Studio. The Idea Behind the Suppression Markup Base • Allows you to start using the analyzer immediately on newly written or modified code • Old bugs are unlikely to be critical, so you could get back to them later when you have time for that
Getting Started with the Suppression Base 1. Check the project 2. Mark all the warnings produced by the analyzer as irrelevant 3. Submit the file with the base to the version control system 4. PROFIT
A Bit More About PVS-Studio • You can set PVS-Studio to launch on the server • And use the BlameNotifier utility to send emails to those developers who submitted faulty code
Why So Much Talk About Regular Use? • Here’s a comment by a PVS-Studio user: "A User's Experience of Working with the Analyzer" - https://www.viva64.com/en/b/0221/ The conclusion is: the bug we had wasted about 50 hours to track was detected at once with the first run of the analyzer and fixed in less than an hour! Alexander Lotokhov
SonarQube: Data Visualization • Open-source platform for continuous inspection of code quality • Comes with a number of analyzers, including Sonar C# • Nice visualization
SonarQube: Nice Visualization
SonarQube: Integration with Third-Party Analyzers. What For? • The strong point of Sonar C# is measuring the code quality (detection of "code smells") • The weak point of Sonar C# is that it offers too few diagnostics to detect bugs leading to incorrect program operation
SonarQube: Integration with Third-Party Analyzers • A way out: integration with other analyzers • Such as PVS-Studio • PVS-Studio is especially good at detecting real bugs and typos • 137 diagnostics to detect bugs in C# code Example: Analysis of PascalABC.NET using SonarQube plugins: SonarC# and PVS-Studio - https://www.viva64.com/en/b/0492/
SonarQube + PVS-Studio
The Second Biggest Mistake • Myth: static analyzers are tools for beginner programmers! • Myth: we are pros and we never mistype! • We all make mistakes. What’s more, we are prone to making mistakes in certain situations. • Here’s an article by Andrey Karpov to illustrate this: The Evil within the Comparison Functions
No Aliens to Blame IronPython and IronRuby public static int Compare(SourceLocation left, SourceLocation right) { if (left < right) return -1; if (right > left) return 1; return 0; } PVS-Studio warning (C#): V3021 There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless. SourceLocation.cs 156
The Evil Within the Comparison Functions SharpDevelop public int Compare(SharpTreeNode x, SharpTreeNode y) { .... if (typeNameComparison == 0) { if (x.Text.ToString().Length < y.Text.ToString().Length) return -1; if (x.Text.ToString().Length < y.Text.ToString().Length) return 1; PVS-Studio warning: V3021 There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless NamespaceTreeNode.cs 87
The Evil Within the Comparison Functions public int Compare(GlyphRun a, GlyphRun b) { .... if (aPoint.Y > bPoint.Y) { return -1; } else if (aPoint.Y > bPoint.Y) { result = 1; } else if (aPoint.X < bPoint.X) .... WPF samples by Microsoft PVS-Studio warning: V3003 The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence. Check lines: 418, 422. txtserializerwriter.cs 418
The Evil Within the Comparison Functions • Link to the article: https://www.viva64.com/en/b/0509/
Conclusions: • Static analysis is a means to find a portion of bugs right away before they get expensive • Static analysis must be used on a regular basis • You can start using it right away, putting the old bugs aside to deal with them later • C#-programmers may want to check out SonarQube (Sonar С#) and PVS-Studio
Useful Links • List of tools for static code analysis https://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis • PVS-Studio https://www.viva64.com/en/pvs-studio/ • SonaqQube https://www.sonarqube.org/
Q&A www.viva64.com support@viva64.com
More Examples if There’s Time Left Umbraco protected virtual void OnBeforeNodeRender(ref XmlTree sender, ref XmlTreeNode node, EventArgs e) { if (node != null && node != null) { if (BeforeNodeRender != null) BeforeNodeRender(ref sender, ref node, e); } } PVS-Studio: V3001 There are identical sub-expressions 'node != null' to the left and to the right of the '&&' operator.
More Examples if There’s Time Left CodeContracts if (mTypeConstraint == TypeConstraint.CLASS) { oh.Output("class", false); comma = true; } else if (mTypeConstraint == TypeConstraint.STRUCT) ..... else if (mTypeConstraint == TypeConstraint.CLASS) { oh.Output(mClassConstraint, false); comma = true; } PVS-Studio: V3003 The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence.
More Examples if There’s Time Left CodeContracts for (int i = 0; i < data.Length; i++) { if (data[i] != null) { for (int j = 0; j < lastElement[i]; i++) { str.AppendFormat("({0},{1})", data[i][j].Index, data[i][j].Value); } } } PVS-Studio: V3014 It is likely that a wrong variable is being incremented inside the 'for' operator. Consider reviewing 'i'.
More Examples if There’s Time Left Orleans public static string SanitizeTableProperty(string key) { key.Replace('/', '_'); // Forward slash key.Replace('', '_'); // Backslash key.Replace('#', '_'); // Pound sign key.Replace('?', '_'); // Question mark .... return key; } PVS-Studio: V3010 The return value of function 'Replace' is required to be utilized.
More Examples if There’s Time Left SharpDevelop public WhitespaceNode(string whiteSpaceText, TextLocation startLocation) { this.WhiteSpaceText = WhiteSpaceText; this.startLocation = startLocation; } PVS-Studio: V3005 The 'this.WhiteSpaceText' variable is assigned to itself. www.viva64.com40
More Examples if There’s Time Left SharpDevelop ContentPropertyNode clickedNode = clickedButton.DataContext as ContentPropertyNode; clickedNode = clickedButton.DataContext as ContentPropertyNode; if (clickedNode == null) Redundant code. PVS-Studio: V3008 The 'clickedNode' variable is assigned values twice successively. Perhaps this is a mistake.
More Examples if There’s Time Left SharpDevelop public override string ToString() { return String.Format("[Line {0}:{1,2}-{3,4}:{5}]", File, Row, Column, EndRow, EndColumn, Offset); } PVS-Studio: V3025 Incorrect format. A different number of actual arguments is expected while calling 'Format' function. Expected: 4. Present: 6.
More Examples if There’s Time Left GitExtensions if (string.IsNullOrEmpty(translationCategory.Name)) new InvalidOperationException( "Cannot add translationCategory without name"); PVS-Studio: V3006 The object was created but it is not being used. The 'throw' keyword could be missing: throw new InvalidOperationException(FOO). throw
More Examples if There’s Time Left Orleans if (numRemoved > 0) if (logger.IsVerbose) logger.Verbose(....); else if (logger.IsVerbose2) logger.Verbose2(....); PVS-Studio: V3033 It is possible that this 'else' branch must apply to the previous 'if' statement. Interner.cs 274
MSBuild (ResolveSDKReference_Tests.cs) installedSDK.SetMetadata("SDKName", "GoodTestSDK, Version=2.0"); t.InstalledSDKs = new ITaskItem[] { installedSDK }; t.TargetedSDKConfiguration = "Debug"; t.TargetedSDKConfiguration = "x86"; t.BuildEngine = engine; PVS-Studio: V3008 The 't.TargetedSDKConfiguration' variable is assigned values twice successively. Perhaps this is a mistake. t.TargetedSDKArchitecture • A nice example of how static analysis complements unit testing More Examples if There’s Time Left
More Examples if There’s Time Left CruiseControl.NET public void ModificationsAreComparedByModifiedDatetime() { Modification alpha = new Modification(); alpha.ModifiedTime = new DateTime(1975, 3, 3); Modification beta = new Modification(); alpha.ModifiedTime = new DateTime(1961, 3, 3); .... } PVS-Studio: V3008 The 'alpha.ModifiedTime' variable is assigned values twice successively. Perhaps this is a mistake.
Xamarin.Forms (C#) internal bool IsDefault { get { return Left == 0 && Top == 0 && Right == 0 && Left == 0; } } V3001 There are identical sub-expressions 'Left == 0' to the left and to the right of the '&&' operator. Thickness.cs 29 More Examples if There’s Time Left
Space Engineers (C#) void DeserializeV0(XmlReader reader) { .... if (property.Name == "Rotation" || property.Name == "AxisScale" || property.Name == "AxisScale") continue; .... } More Examples if There’s Time Left V3001 There are identical sub-expressions 'property.Name == "AxisScale"' to the left and to the right of the '||' operator. Sandbox.Graphics MyParticleEmitter.cs 352
A lot more examples: https://www.viva64.com/en/examples/
The End

More Related Content

PPTX
Static analysis as means of improving code quality
Andrey Karpov
 
PPTX
PVS-Studio and static code analysis technique
Andrey Karpov
 
PDF
Python testing like a pro by Keith Yang
PYCON MY PLT
 
PDF
Testing distributed systems in production
Paul Bakker
 
PPTX
SAST_QSDL
Ivan Elkin
 
PDF
Effective and Efficient API Misuse Detection via Exception Propagation and Se...
XavierDevroey
 
PDF
Pragmatic Code Coverage
Alexandre (Shura) Iline
 
PDF
HPX and PVS-Studio
PVS-Studio
 
Static analysis as means of improving code quality
Andrey Karpov
 
PVS-Studio and static code analysis technique
Andrey Karpov
 
Python testing like a pro by Keith Yang
PYCON MY PLT
 
Testing distributed systems in production
Paul Bakker
 
SAST_QSDL
Ivan Elkin
 
Effective and Efficient API Misuse Detection via Exception Propagation and Se...
XavierDevroey
 
Pragmatic Code Coverage
Alexandre (Shura) Iline
 
HPX and PVS-Studio
PVS-Studio
 

What's hot (20)

PDF
SophiaConf 2018 - P. Urso (Activeeon)
TelecomValley
 
ODP
Java code coverage with JCov. Implementation details and use cases.
Alexandre (Shura) Iline
 
PDF
Bugs found in GCC with the help of PVS-Studio
PVS-Studio
 
ODP
Agile analysis development
setitesuk
 
PDF
150412 38 beamer methods of binary analysis
Raghu Palakodety
 
PDF
Parasoft fda software compliance part2
Engineering Software Lab
 
PPT
香港六合彩 &raquo; SlideShare
yayao
 
PPT
PHP - Introduction to PHP Bugs - Debugging
Vibrant Technologies & Computers
 
PDF
AppSensor Near Real-Time Event Detection and Response - DevNexus 2016
jtmelton
 
PDF
Effective code reviews
Sebastian Marek
 
PDF
Checking PVS-Studio with Clang
Andrey Karpov
 
PDF
AppSensor CodeMash 2017
jtmelton
 
PDF
Unit Test + Functional Programming = Love
Alvaro Videla
 
PPTX
Python in Test automation
Krishnana Sreeraman
 
PDF
PVS-Studio Has Finally Got to Boost
Andrey Karpov
 
PDF
How penetration testing techniques can help you improve your qa skills
Marian Marinov
 
PDF
National software testing conference 2016 fergal hynes
Fergal Hynes
 
PPTX
DevOps - Boldly Go for Distro
Paul Boos
 
PPT
Integration testing
Tsegabrehan Am
 
ODP
When Good Code Goes Bad: Tools and Techniques for Troubleshooting Plone
David Glick
 
SophiaConf 2018 - P. Urso (Activeeon)
TelecomValley
 
Java code coverage with JCov. Implementation details and use cases.
Alexandre (Shura) Iline
 
Bugs found in GCC with the help of PVS-Studio
PVS-Studio
 
Agile analysis development
setitesuk
 
150412 38 beamer methods of binary analysis
Raghu Palakodety
 
Parasoft fda software compliance part2
Engineering Software Lab
 
香港六合彩 &raquo; SlideShare
yayao
 
PHP - Introduction to PHP Bugs - Debugging
Vibrant Technologies & Computers
 
AppSensor Near Real-Time Event Detection and Response - DevNexus 2016
jtmelton
 
Effective code reviews
Sebastian Marek
 
Checking PVS-Studio with Clang
Andrey Karpov
 
AppSensor CodeMash 2017
jtmelton
 
Unit Test + Functional Programming = Love
Alvaro Videla
 
Python in Test automation
Krishnana Sreeraman
 
PVS-Studio Has Finally Got to Boost
Andrey Karpov
 
How penetration testing techniques can help you improve your qa skills
Marian Marinov
 
National software testing conference 2016 fergal hynes
Fergal Hynes
 
DevOps - Boldly Go for Distro
Paul Boos
 
Integration testing
Tsegabrehan Am
 
When Good Code Goes Bad: Tools and Techniques for Troubleshooting Plone
David Glick
 
Ad

Similar to Static Code Analysis: Keeping the Cost of Bug Fixing Down (20)

PDF
All about PVS-Studio
PVS-Studio
 
PPTX
Topic production code
Kavi Kumar
 
PDF
Web a Quebec - JS Debugging
Rami Sayar
 
PDF
Here Be Dragons – Advanced JavaScript Debugging
FITC
 
PDF
FITC - Here Be Dragons: Advanced JavaScript Debugging
Rami Sayar
 
PDF
How PVS-Studio does the bug search: methods and technologies
PVS-Studio
 
PDF
PVS-Studio advertisement - static analysis of C/C++ code
Andrey Karpov
 
PDF
CarTrawler's Feature Team Architecture and Development Process Showcase by Lu...
Lucas Sacramento
 
PPTX
Static-Analysis-in-Industry.pptx
ShivashankarHR1
 
PDF
Next Generation Architecture Showcase July 2019
Alan Pearson Mathews
 
PDF
A Long-Awaited Check of Unreal Engine 4
Andrey Karpov
 
PPTX
Test parallelization using Jenkins
Rogue Wave Software
 
PDF
How to Test PowerShell Code Using Pester
Chris Wahl
 
PDF
PVS-Studio advertisement - static analysis of C/C++ code
PVS-Studio
 
PDF
Three Interviews About Static Code Analyzers
Andrey Karpov
 
PDF
PVS-Studio and CppCat: An Interview with Andrey Karpov, the Project CTO and D...
Andrey Karpov
 
PPT
App Assessments Reloaded
Ernest Mueller
 
PDF
we45 DEFCON Workshop - Building AppSec Automation with Python
Abhay Bhargav
 
PDF
Start with passing tests (tdd for bugs) v0.5 (22 sep 2016)
Dinis Cruz
 
PDF
Static Analysis: From Getting Started to Integration
Andrey Karpov
 
All about PVS-Studio
PVS-Studio
 
Topic production code
Kavi Kumar
 
Web a Quebec - JS Debugging
Rami Sayar
 
Here Be Dragons – Advanced JavaScript Debugging
FITC
 
FITC - Here Be Dragons: Advanced JavaScript Debugging
Rami Sayar
 
How PVS-Studio does the bug search: methods and technologies
PVS-Studio
 
PVS-Studio advertisement - static analysis of C/C++ code
Andrey Karpov
 
CarTrawler's Feature Team Architecture and Development Process Showcase by Lu...
Lucas Sacramento
 
Static-Analysis-in-Industry.pptx
ShivashankarHR1
 
Next Generation Architecture Showcase July 2019
Alan Pearson Mathews
 
A Long-Awaited Check of Unreal Engine 4
Andrey Karpov
 
Test parallelization using Jenkins
Rogue Wave Software
 
How to Test PowerShell Code Using Pester
Chris Wahl
 
PVS-Studio advertisement - static analysis of C/C++ code
PVS-Studio
 
Three Interviews About Static Code Analyzers
Andrey Karpov
 
PVS-Studio and CppCat: An Interview with Andrey Karpov, the Project CTO and D...
Andrey Karpov
 
App Assessments Reloaded
Ernest Mueller
 
we45 DEFCON Workshop - Building AppSec Automation with Python
Abhay Bhargav
 
Start with passing tests (tdd for bugs) v0.5 (22 sep 2016)
Dinis Cruz
 
Static Analysis: From Getting Started to Integration
Andrey Karpov
 
Ad

More from Andrey Karpov (20)

PDF
60 антипаттернов для С++ программиста
Andrey Karpov
 
PDF
60 terrible tips for a C++ developer
Andrey Karpov
 
PPTX
Ошибки, которые сложно заметить на code review, но которые находятся статичес...
Andrey Karpov
 
PDF
PVS-Studio in 2021 - Error Examples
Andrey Karpov
 
PDF
PVS-Studio in 2021 - Feature Overview
Andrey Karpov
 
PDF
PVS-Studio в 2021 - Примеры ошибок
Andrey Karpov
 
PDF
PVS-Studio в 2021
Andrey Karpov
 
PPTX
Make Your and Other Programmer’s Life Easier with Static Analysis (Unreal Eng...
Andrey Karpov
 
PPTX
Best Bugs from Games: Fellow Programmers' Mistakes
Andrey Karpov
 
PPTX
Does static analysis need machine learning?
Andrey Karpov
 
PPTX
Typical errors in code on the example of C++, C#, and Java
Andrey Karpov
 
PPTX
How to Fix Hundreds of Bugs in Legacy Code and Not Die (Unreal Engine 4)
Andrey Karpov
 
PPTX
Game Engine Code Quality: Is Everything Really That Bad?
Andrey Karpov
 
PPTX
C++ Code as Seen by a Hypercritical Reviewer
Andrey Karpov
 
PPTX
The Use of Static Code Analysis When Teaching or Developing Open-Source Software
Andrey Karpov
 
PPTX
Static Code Analysis for Projects, Built on Unreal Engine
Andrey Karpov
 
PPTX
Safety on the Max: How to Write Reliable C/C++ Code for Embedded Systems
Andrey Karpov
 
PPTX
The Great and Mighty C++
Andrey Karpov
 
PPTX
Static code analysis: what? how? why?
Andrey Karpov
 
PDF
Zero, one, two, Freddy's coming for you
Andrey Karpov
 
60 антипаттернов для С++ программиста
Andrey Karpov
 
60 terrible tips for a C++ developer
Andrey Karpov
 
Ошибки, которые сложно заметить на code review, но которые находятся статичес...
Andrey Karpov
 
PVS-Studio in 2021 - Error Examples
Andrey Karpov
 
PVS-Studio in 2021 - Feature Overview
Andrey Karpov
 
PVS-Studio в 2021 - Примеры ошибок
Andrey Karpov
 
PVS-Studio в 2021
Andrey Karpov
 
Make Your and Other Programmer’s Life Easier with Static Analysis (Unreal Eng...
Andrey Karpov
 
Best Bugs from Games: Fellow Programmers' Mistakes
Andrey Karpov
 
Does static analysis need machine learning?
Andrey Karpov
 
Typical errors in code on the example of C++, C#, and Java
Andrey Karpov
 
How to Fix Hundreds of Bugs in Legacy Code and Not Die (Unreal Engine 4)
Andrey Karpov
 
Game Engine Code Quality: Is Everything Really That Bad?
Andrey Karpov
 
C++ Code as Seen by a Hypercritical Reviewer
Andrey Karpov
 
The Use of Static Code Analysis When Teaching or Developing Open-Source Software
Andrey Karpov
 
Static Code Analysis for Projects, Built on Unreal Engine
Andrey Karpov
 
Safety on the Max: How to Write Reliable C/C++ Code for Embedded Systems
Andrey Karpov
 
The Great and Mighty C++
Andrey Karpov
 
Static code analysis: what? how? why?
Andrey Karpov
 
Zero, one, two, Freddy's coming for you
Andrey Karpov
 

Recently uploaded (20)

PPTX
Monitoring Stack: Grafana, Loki & Promtail
GhanshyamSwami3
 
PDF
Cost to Outsource Software Development in 2025
Omega Incorporations- Best Software Development Company
 
PPTX
history of c programming in notes for students .pptx
Vijayakumari829030
 
PPTX
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
PDF
CCleaner Pro 6.38.11537 Crack Final Latest Version 2025
itskinga12
 
DOCX
Greta — No-Code AI for Building Full-Stack Web & Mobile Apps
niloyislam1187
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
PDF
Salesforce Agentforce AI Implementation.pdf
Robert Mark
 
PDF
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
PDF
Download FL Studio Crack Latest version 2025 ?
ghrom2211g
 
PPTX
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
PDF
Tally Prime Crack Download New Version 5.1 [2025] (License Key Free
itskinga12
 
PPTX
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
PDF
AutoCAD Professional Crack 2025 With License Key
youngle786g
 
PDF
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
PPTX
Advanced SystemCare Ultimate Crack + Portable (2025)
adanataj41
 
PDF
T3DD25 TYPO3 Content Blocks - Deep Dive by André Kraus
Andre Kraus
 
PPTX
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
PDF
17 Powerful Integrations Your Next-Gen MLM Software Needs
ventaforcemlmsoftwar
 
PDF
iTop VPN 6.5.0 Crack + License Key 2025 (Premium Version)
youngle786g
 
Monitoring Stack: Grafana, Loki & Promtail
GhanshyamSwami3
 
Cost to Outsource Software Development in 2025
Omega Incorporations- Best Software Development Company
 
history of c programming in notes for students .pptx
Vijayakumari829030
 
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
CCleaner Pro 6.38.11537 Crack Final Latest Version 2025
itskinga12
 
Greta — No-Code AI for Building Full-Stack Web & Mobile Apps
niloyislam1187
 
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
Salesforce Agentforce AI Implementation.pdf
Robert Mark
 
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
Download FL Studio Crack Latest version 2025 ?
ghrom2211g
 
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
Tally Prime Crack Download New Version 5.1 [2025] (License Key Free
itskinga12
 
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
AutoCAD Professional Crack 2025 With License Key
youngle786g
 
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
Advanced SystemCare Ultimate Crack + Portable (2025)
adanataj41
 
T3DD25 TYPO3 Content Blocks - Deep Dive by André Kraus
Andre Kraus
 
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
17 Powerful Integrations Your Next-Gen MLM Software Needs
ventaforcemlmsoftwar
 
iTop VPN 6.5.0 Crack + License Key 2025 (Premium Version)
youngle786g
 

Static Code Analysis: Keeping the Cost of Bug Fixing Down

  • 1. PVS-Studio Team www.viva64.com Static Code Analysis: Keeping the Cost of Bug Fixing Down
  • 2. Bugs Have Always Been and Will Always Be There • No use preaching "careful coding" • Bugs have always been and will always be there • Everybody knows bugs should be fixed • People forget that bugs should be fixed at the lowest cost possible in terms of time and money!
  • 3. Too Many Heroes Are a Bad Sign • You may enjoy telling people how your team spent a week heroically hunting for a bug • But the fact that your team has to perform such feats does it no credit This city code needs a hero!
  • 6. The Sooner You Fix, the Better • Depending on the bug pattern, fixing at the coding stage is 10–100 times cheaper than after the release • Various techniques are available: • code review • unit testing (or TDD) • testing a new feature by its author • dynamic code analysis (a variation of testing) • static analysis, which will be discussed further
  • 7. What Code Review Is • Code is examined by several programmers • Ideally, they shouldn’t be using a computer • They give their comments and advice on what to fix and improve
  • 8. Pros of Code Review by Humans • You can find complex bugs • You can find high-level defects (such as slow algorithms)
  • 9. Cons of Code Review by Humans • There could be bugs none of the reviewers is aware of • It’s expensive • Humans get tired fast
  • 10. Static Analysis as a Compromise • Pros of analyzers: • they check the entire code • they don’t get tired • they can recognize tricky bug patterns • Cons: • they are just programs, not an AI • They are definitely useful thanks to immediate detection of bugs • Analogy: the spell check in Microsoft Word.
  • 11. Static Analysis Tools • We’ll take PVS-Studio as an example • But there are many other tools to fit any taste: • FxCop • Klocwork • Parasoft • SonarQube • Veracode • More: https://en.Wikipedia.org/wiki/List_of_tools_for_static_code_analysis
  • 12. A Few Examples: A Typo static bool AreEqual (VisualStyleElement value1, VisualStyleElement value2) { return value1.ClassName == value1.ClassName && value1.Part == value2.Part && value1.State == value2.State; } PVS-Studio: V3001 There are identical sub-expressions 'value1.ClassName' to the left and to the right of the '==' operator. ThemeVisualStyles.cs 2141 Mono
  • 13. A Few Examples: Coding in a Hurry void IBackgroundTask.Sweep() { .... // Don't flood the database with progress updates; // Limit it to every 5 seconds. if ((_clock.UtcNow - lastUpdateUtc).Seconds >= 5) { .... PVS-Studio: V3118 Seconds component of TimeSpan is used, which does not represent full time interval. Possibly 'TotalSeconds' value was intended instead. AssetUploader.cs 182 Orchard CMS should be TotalSeconds
  • 14. A Few Examples: Sorting PVS-Studio: V3078 Original sorting order will be lost after repetitive call to 'OrderBy' method. Use 'ThenBy' method to preserve the original sorting. CodeCoverageMethodElement.cs 124 SharpDevelop void Init() { .... this.SequencePoints.OrderBy(item => item.Line) .OrderBy(item => item.Column); }
  • 15. A Few Examples: A Tricky Detail • The analyzer can recognize bug patterns your team don’t even know of. static class Profiler { [ThreadStatic] private static Stopwatch timer = new Stopwatch(); .... Mono V3089 Initializer of a field marked by [ThreadStatic] attribute will be called once on the first accessing thread. The field will have default value on different threads. System.Data.Linq- net_4_x Profiler.cs 16
  • 17. The Biggest Mistake Made When Using Static Analyzers • One-time checks have little effect • Think of it by analogy with compiler warnings • Everything really bad has been already fixed using other means; you have only minor defects and heisenbugs left
  • 18. False Positives • These are an unavoidable evil, but static analyzers provide various means to tackle them • Means of dealing with false positives in PVS-Studio • selective warning suppression • selective exclusion of folders/files from analysis • selective disabling of diagnostics • suppression markup base, which is the most important feature – more on this in the next slides
  • 19. PVS-Studio. The Idea Behind the Suppression Markup Base • Allows you to start using the analyzer immediately on newly written or modified code • Old bugs are unlikely to be critical, so you could get back to them later when you have time for that
  • 20. Getting Started with the Suppression Base 1. Check the project 2. Mark all the warnings produced by the analyzer as irrelevant 3. Submit the file with the base to the version control system 4. PROFIT
  • 21. A Bit More About PVS-Studio • You can set PVS-Studio to launch on the server • And use the BlameNotifier utility to send emails to those developers who submitted faulty code
  • 22. Why So Much Talk About Regular Use? • Here’s a comment by a PVS-Studio user: "A User's Experience of Working with the Analyzer" - https://www.viva64.com/en/b/0221/ The conclusion is: the bug we had wasted about 50 hours to track was detected at once with the first run of the analyzer and fixed in less than an hour! Alexander Lotokhov
  • 23. SonarQube: Data Visualization • Open-source platform for continuous inspection of code quality • Comes with a number of analyzers, including Sonar C# • Nice visualization
  • 25. SonarQube: Integration with Third-Party Analyzers. What For? • The strong point of Sonar C# is measuring the code quality (detection of "code smells") • The weak point of Sonar C# is that it offers too few diagnostics to detect bugs leading to incorrect program operation
  • 26. SonarQube: Integration with Third-Party Analyzers • A way out: integration with other analyzers • Such as PVS-Studio • PVS-Studio is especially good at detecting real bugs and typos • 137 diagnostics to detect bugs in C# code Example: Analysis of PascalABC.NET using SonarQube plugins: SonarC# and PVS-Studio - https://www.viva64.com/en/b/0492/
  • 28. The Second Biggest Mistake • Myth: static analyzers are tools for beginner programmers! • Myth: we are pros and we never mistype! • We all make mistakes. What’s more, we are prone to making mistakes in certain situations. • Here’s an article by Andrey Karpov to illustrate this: The Evil within the Comparison Functions
  • 29. No Aliens to Blame IronPython and IronRuby public static int Compare(SourceLocation left, SourceLocation right) { if (left < right) return -1; if (right > left) return 1; return 0; } PVS-Studio warning (C#): V3021 There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless. SourceLocation.cs 156
  • 30. The Evil Within the Comparison Functions SharpDevelop public int Compare(SharpTreeNode x, SharpTreeNode y) { .... if (typeNameComparison == 0) { if (x.Text.ToString().Length < y.Text.ToString().Length) return -1; if (x.Text.ToString().Length < y.Text.ToString().Length) return 1; PVS-Studio warning: V3021 There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless NamespaceTreeNode.cs 87
  • 31. The Evil Within the Comparison Functions public int Compare(GlyphRun a, GlyphRun b) { .... if (aPoint.Y > bPoint.Y) { return -1; } else if (aPoint.Y > bPoint.Y) { result = 1; } else if (aPoint.X < bPoint.X) .... WPF samples by Microsoft PVS-Studio warning: V3003 The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence. Check lines: 418, 422. txtserializerwriter.cs 418
  • 32. The Evil Within the Comparison Functions • Link to the article: https://www.viva64.com/en/b/0509/
  • 33. Conclusions: • Static analysis is a means to find a portion of bugs right away before they get expensive • Static analysis must be used on a regular basis • You can start using it right away, putting the old bugs aside to deal with them later • C#-programmers may want to check out SonarQube (Sonar С#) and PVS-Studio
  • 34. Useful Links • List of tools for static code analysis https://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis • PVS-Studio https://www.viva64.com/en/pvs-studio/ • SonaqQube https://www.sonarqube.org/
  • 36. More Examples if There’s Time Left Umbraco protected virtual void OnBeforeNodeRender(ref XmlTree sender, ref XmlTreeNode node, EventArgs e) { if (node != null && node != null) { if (BeforeNodeRender != null) BeforeNodeRender(ref sender, ref node, e); } } PVS-Studio: V3001 There are identical sub-expressions 'node != null' to the left and to the right of the '&&' operator.
  • 37. More Examples if There’s Time Left CodeContracts if (mTypeConstraint == TypeConstraint.CLASS) { oh.Output("class", false); comma = true; } else if (mTypeConstraint == TypeConstraint.STRUCT) ..... else if (mTypeConstraint == TypeConstraint.CLASS) { oh.Output(mClassConstraint, false); comma = true; } PVS-Studio: V3003 The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence.
  • 38. More Examples if There’s Time Left CodeContracts for (int i = 0; i < data.Length; i++) { if (data[i] != null) { for (int j = 0; j < lastElement[i]; i++) { str.AppendFormat("({0},{1})", data[i][j].Index, data[i][j].Value); } } } PVS-Studio: V3014 It is likely that a wrong variable is being incremented inside the 'for' operator. Consider reviewing 'i'.
  • 39. More Examples if There’s Time Left Orleans public static string SanitizeTableProperty(string key) { key.Replace('/', '_'); // Forward slash key.Replace('', '_'); // Backslash key.Replace('#', '_'); // Pound sign key.Replace('?', '_'); // Question mark .... return key; } PVS-Studio: V3010 The return value of function 'Replace' is required to be utilized.
  • 40. More Examples if There’s Time Left SharpDevelop public WhitespaceNode(string whiteSpaceText, TextLocation startLocation) { this.WhiteSpaceText = WhiteSpaceText; this.startLocation = startLocation; } PVS-Studio: V3005 The 'this.WhiteSpaceText' variable is assigned to itself. www.viva64.com40
  • 41. More Examples if There’s Time Left SharpDevelop ContentPropertyNode clickedNode = clickedButton.DataContext as ContentPropertyNode; clickedNode = clickedButton.DataContext as ContentPropertyNode; if (clickedNode == null) Redundant code. PVS-Studio: V3008 The 'clickedNode' variable is assigned values twice successively. Perhaps this is a mistake.
  • 42. More Examples if There’s Time Left SharpDevelop public override string ToString() { return String.Format("[Line {0}:{1,2}-{3,4}:{5}]", File, Row, Column, EndRow, EndColumn, Offset); } PVS-Studio: V3025 Incorrect format. A different number of actual arguments is expected while calling 'Format' function. Expected: 4. Present: 6.
  • 43. More Examples if There’s Time Left GitExtensions if (string.IsNullOrEmpty(translationCategory.Name)) new InvalidOperationException( "Cannot add translationCategory without name"); PVS-Studio: V3006 The object was created but it is not being used. The 'throw' keyword could be missing: throw new InvalidOperationException(FOO). throw
  • 44. More Examples if There’s Time Left Orleans if (numRemoved > 0) if (logger.IsVerbose) logger.Verbose(....); else if (logger.IsVerbose2) logger.Verbose2(....); PVS-Studio: V3033 It is possible that this 'else' branch must apply to the previous 'if' statement. Interner.cs 274
  • 45. MSBuild (ResolveSDKReference_Tests.cs) installedSDK.SetMetadata("SDKName", "GoodTestSDK, Version=2.0"); t.InstalledSDKs = new ITaskItem[] { installedSDK }; t.TargetedSDKConfiguration = "Debug"; t.TargetedSDKConfiguration = "x86"; t.BuildEngine = engine; PVS-Studio: V3008 The 't.TargetedSDKConfiguration' variable is assigned values twice successively. Perhaps this is a mistake. t.TargetedSDKArchitecture • A nice example of how static analysis complements unit testing More Examples if There’s Time Left
  • 46. More Examples if There’s Time Left CruiseControl.NET public void ModificationsAreComparedByModifiedDatetime() { Modification alpha = new Modification(); alpha.ModifiedTime = new DateTime(1975, 3, 3); Modification beta = new Modification(); alpha.ModifiedTime = new DateTime(1961, 3, 3); .... } PVS-Studio: V3008 The 'alpha.ModifiedTime' variable is assigned values twice successively. Perhaps this is a mistake.
  • 47. Xamarin.Forms (C#) internal bool IsDefault { get { return Left == 0 && Top == 0 && Right == 0 && Left == 0; } } V3001 There are identical sub-expressions 'Left == 0' to the left and to the right of the '&&' operator. Thickness.cs 29 More Examples if There’s Time Left
  • 48. Space Engineers (C#) void DeserializeV0(XmlReader reader) { .... if (property.Name == "Rotation" || property.Name == "AxisScale" || property.Name == "AxisScale") continue; .... } More Examples if There’s Time Left V3001 There are identical sub-expressions 'property.Name == "AxisScale"' to the left and to the right of the '||' operator. Sandbox.Graphics MyParticleEmitter.cs 352
  • 49. A lot more examples: https://www.viva64.com/en/examples/