Jump to content
Sign in to follow this  
Andrey_Karpov

I found 19 simple issues in C++ code

Recommended Posts

I asked my colleague Egor Bredikhin to choose and check for me a small open source project, which I could investigate in between my other tasks. He sent me the log of the project 0 A.D. After the question "Why this project?" he answered: "I just played this game, a good real-time strategy". OK, then let it be 0 A.D.:).

Artcile: Good job, authors of the game 0 A.D! (19 insignificant bugs)

  • Like 4
  • Thanks 3

Share this post


Link to post
Share on other sites
1 hour ago, Andrey_Karpov said:

I asked my colleague Egor Bredikhin to choose and check for me a small open source project, which I could investigate in between my other tasks. He sent me the log of the project 0 A.D. After the question "Why this project?" he answered: "I just played this game, a good real-time strategy". OK, then let it be 0 A.D.:).

Artcile: Good job, authors of the game 0 A.D! (19 insignificant bugs)

I already answered to your post on the habr. But thanks a lot again for helping to find errors. Only few of them are known, and patches are waiting for the end of FF.

UPD. I will create tickets for missed bugs, when I'll be at home.

  • Like 2

Share this post


Link to post
Share on other sites
6 hours ago, elexis said:

I have a feeling about N5

That is something ASAN (address sanitizer) is very good catching at. Have you guys tried doing some runs with ASAN enabled? It does slow down things a bit (having to check every memory allocation/deallocation and access) so it might be impractical but it's worth a try.

Share this post


Link to post
Share on other sites
22 hours ago, elexis said:

I have a feeling about N5

It's not so critical as it could be, but it's still UB and should be fixed. But how it may work:

How usually (compiler depended) new[]/delete[] work:

  • new[] allocates a block with a needed size + a space for size - a number of objects.
  • delete[] extracts a size from the block and calls a destructor for each object and deallocates the block.

But! u8 is a basic type, not an object. So a compiler may replace new[] by new for basic types or use another trick, especially in case all actions are in the same place and the compiler knows a storing object. Also we have own pool and arena for some cases.

 

16 hours ago, macemen said:

That is something ASAN (address sanitizer) is very good catching at.

Not all, i.e. clang-802.0.42 doesn't detect it for basic types (for N5 too), only for objects, even without -O0+. Probably because of the trick above.

 

41 minutes ago, stanislas69 said:

Now we'd need someone to try and report...

We had an option for it sometime ago, if I'm not mistaken. It was called --enable-address-sanitizer. It'd good to add a regular (1 per week) build on Jenkins.

  • Like 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...