About Blender bugs
bearophile
bearophileHUGS at lycos.com
Mon Apr 23 18:47:22 PDT 2012
Notes on bugs found by PVS-Studio in the Blender source code:
http://www.gamasutra.com/blogs/AndreyKarpov/20120423/169021/Analyzing_the_Blender_project_with_PVSStudio.php
> #define DEFAULT_STREAM \
> m[dC] = RAC(ccel,dC); \
> \
> if((!nbored & CFBnd)) { \
> \
> ....
No one has implemented this yet :-(
http://d.puremagic.com/issues/show_bug.cgi?id=5409
---------------------------
> void tcd_malloc_decode(....) {
> ...
> x0 = j == 0 ? tilec->x0 :
> int_min(x0, (unsigned int) tilec->x0);
> y0 = j == 0 ? tilec->y0 :
> int_min(y0, (unsigned int) tilec->x0);
> x1 = j == 0 ? tilec->x1 :
> int_max(x1, (unsigned int) tilec->x1);
> y1 = j == 0 ? tilec->y1 :
> int_max(y1, (unsigned int) tilec->y1);
> ...
> }
>
>
>
> This code was most likely created through the Copy-Paste
> technology
> and the programmer forgot to change the name of one variable
> during
> editing. This is the correct code:
>
> y0 = j == 0 ? tilec->y0 :
> int_min(y0, (unsigned int) tilec->y0);
To avoid such mistakes maybe the IDE has to offer a way to create
such nearly-repeated lines of code, maybe writing a pattern like
this:
$ = j == 0 ? tilec->$ :
int_min($, (unsigned int) tilec->$);
And then giving a list like [x0, y0, x1, y1] to fill it four
times.
Dynamic languages are maybe able to do the same.
Or in D with something like:
foreach (s; TypeTuple!("x0", "y0", "x1", "y1")) {
mixin(" $ = j == 0 ? tilec->$ :
int_min($, (unsigned int) tilec->$);".replace("$",
s));
But it's not very readable, and replace() doesn't care if $ is
present inside strings, where it must not be replaced.
-------------------------------
> #define cpack(x) \
> glColor3ub( ((x)&0xFF), (((x)>>8)&0xFF), (((x)>>16)&0xFF) )
> static void star_stuff_init_func(void)
> {
> cpack(-1);
> glPointSize(1.0);
> glBegin(GL_POINTS);
> }
>
> PVS-Studio's warning: V610 Unspecified behavior.
> Check the shift operator '>>. The left operand '(- 1)' is
> negative. bf_editor_space_view3d view3d_draw.c 101
>
> According to the C++ language standard, right shift of
> a negative value leads to unspecified behavior. In practice
> this method is often used but you shouldn't do that: it
> cannot be guaranteed that the code will always work as
> intended.
>
> I suggest rewriting this code in the following way:
>
> cpack(UINT_MAX);
Assigning -1 to an unsigned integer is a garbage way to code,
expecially in D where uint.max/typeof(T).max are available with
no need for imports.
-------------------------------
This kind of error is common:
> static bool pi_next_rpcl(opj_pi_iterator_t * pi) {
> ...
> if ((res->pw==0)||(res->pw==0)) continue;
> ...
> }
>
> PVS-Studio's warning: V501 There are identical
> sub-expressions to the left and to the right of
> the '||' operator: (res->pw == 0) || (res->pw == 0)
> extern_openjpeg pi.c 219
> {
> ...
> if ((size_t(lhs0+alignedStart)%sizeof(LhsPacket))==0)
> for (Index i = alignedStart;i(&lhs0[i]),
> ptmp0, pload(&res[i])));
> else
> for (Index i = alignedStart;i(&lhs0[i]),
> ptmp0, pload(&res[i])));
> ...
> }
>
> PVS-Studio's warning: V523 The 'then' statement
> is equivalent to the 'else' statement.
-------------------------------
I have also seen code that is essentially:
size_t x = ...;
if (x < 0) { ... }
It was not a way to disable code. And in D you have /+...+/ and
version(none){...}.
Bye,
bearophile
More information about the Digitalmars-d
mailing list