
Bugs found in GCC with the help of PVS-Studio - AndreyKarpov
http://www.viva64.com/en/b/0425/
======
0xmohit
I'd have loved to see references to actual GCC bug reports. Did I miss those
in the article?

Thankfully, the world is changing. You have languages where variables are
immutable by default or can be declared so that would prevent issues as
[http://www.viva64.com/en/d/0108/](http://www.viva64.com/en/d/0108/)

Maybe gcc should do better for static analysis of a program. Expressions like
`a && a` or `a == 1 || a != 2` should be caught easily.

~~~
mtkd
a == 1 || a != 2 needs a warning but it's not necessarily a bug

sometimes I may keep overlapping expressions in a statement to remind me of
the triggers I'm looking for at this point - and would likely use some
meaningful constant names for the 1 and 2

statements aren't just logic - they're often documentation too - especially on
code you might not look at again for months

I used to have many arguments with a professor whose code I was working on -
he would factor out everything in an expression - removing all the parentheses
and rely on operator precedence - it was often impenetrable (for me) - so I'd
unpack it, wrap parentheses everywhere, change single letter vars to
meaningful ones etc. - he'd be in my office an hour later ranting

~~~
0xmohit
> a == 1 || a != 2 needs a warning

Yes, it needs a warning because it's kind of obvious that there is something
amiss about this expression. Only the author could tell what was specifically
wrong.

------
ramshorns
There's a mistake in the analysis of the ternary operator in the assert that
doesn't check anything. Not only does the ternary ?: operator have lower
precedence than the comparison <= operator, but it also has lower precedence
than the logical && operator. So the expression inside the assert doesn't
resolve to (die_offset > 0), it resolves to either 0xffff or 0xffffffff, both
of which are true. The assertion really doesn't check anything at all.

------
garbage_stain
PVS-Studio (or more specifically Andrey) used to do a really nice program
called "CppHints", where they would email a little tip each day (and later
each week I think).

Anyway, I guess I just wanted to say, Andrey, I appreciated your work and
enjoyed reading those tips! Thanks!

------
valleyer
This is now my favorite blog.

Andrey, any plans to support Objective-C? (You are flagging things I can't get
clang to warn about.)

~~~
AndreyKarpov
Not yet. We are now experimenting with C# support and with Linux support.
What's next, we do not know yet. There are two perspective areas: Objective-C
and Java.

~~~
duaneb
Java or JVM?

~~~
Asooka
Since PVS is a static source-level checker, I don't see how it would make
sense to check JVM bytecode.

------
ScottBurson
I gather there's no relationship to the Prototype Verification System from SRI
[0].

[0] [http://pvs.csl.sri.com/index.shtml](http://pvs.csl.sri.com/index.shtml)

~~~
AndreyKarpov
Yes. No relationship. PVS: OOO "Program Verification Systems" (Co. Ltd.)

------
paulddraper
Andrey, why did you title this different than your blog post?

I like that one.

"Bugs found in GCC with the help of PVS-Studio"

~~~
sctb
We've updated the submission title from “GCC bugs”.

