Patterns of Bugs

[bearophile]

Walter:

> http://www.drdobbs.com/blog/archives/2011/01/patterns_of_bug.html
> (dedicated to bearophile!)

Thank you Walter :-)
The article is simple but nice. Few comments:


> The possible mechanic's mistake is designed out of the system.

In the first books written by Donald Norman there are many examples of wrong design, "foolproof" design, etc:
http://en.wikipedia.org/wiki/Donald_Norman


> (!E && !E->fld)
> is a nonsense expression, and what was probably meant was:
> (!E || !E->fld)
> 
> What's the process fix for this bug pattern?

Even the correct version is not nice code :-)


>In the D programming language, we didn't wish to mess with the operator precedences in order to avoid behavior that would be surprising to experienced programmers.<

Experienced _C_ programmers (as you written below) :-)


> A common pattern is the classic fencepost bug:
> int A[10];
> for (int i = 0; i <= 10; i++)
> ... = A[i];


This little C99 program:

#include <stdio.h>
int main() {
    int A[10] = {0,1,2,3,4,5,6,7,8,9};
    int total = 0;
    for (int i = 0; i <= 10; i++)
      total += A[i]; // line 6
    printf("%d\n", total);
    return 0;
}


The good Gimpel lint catches the bug statically:

diy.c  6  Warning 661:  Possible access of out-of-bounds pointer (1 beyond end of data) by operator '[' [Reference: file diy.c: lines 5, 6]

It's able to catch more complex situations too (but not all situations).

Bye,
bearophile