Your attention is invited to the second part of an e-book on undefined behavior. This is not a textbook, as it's intended for those who are already familiar with C++ programming. It's a kind of C++ programmer's guide to undefined behavior and to its most secret and exotic corners. The book was written by Dmitry Sviridkin and edited by Andrey Karpov.

C++ programmer's guide to undefined behavior: part 2 of 11

by Dmitry Sviridkin

From the article:

The compiler can be guided by the following logic: If the h value is positive—regardless of the c character—the h*27752 + c value will be positive: the c value is small, and there is no overflow. At the first iteration, h is positive, we sum up positive numbers. There are no overflows in a correct program, so at each iteration, the value will be positive. The result will be positive; we no need any check.

Your attention is invited to the first part of an e-book on undefined behavior. This is not a textbook, as it's intended for those who are already familiar with C++ programming. It's a kind of C++ programmer's guide to undefined behavior and to its most secret and exotic corners. The book was written by Dmitry Sviridkin and edited by Andrey Karpov.

C++ programmer's guide to undefined behavior: part 1 of 11

by Dmitry Sviridkin

From the article:

Many modern programming languages, especially newer ones, forbid implicit type conversions. So, in Rust, Haskell, or Kotlin, we can't just use float and int in the same arithmetic expression without explicitly stating in the code to convert one to the other. Python isn't as strict but still keeps strings, characters, and numbers from mixing. C++ doesn't forbid implicit conversion, which leads to a lot of erroneous code. Moreover, such code can contain both defined (but unexpected) and undefined behavior.

If we ask a programmer what bugs are the most common in C and C++ code, they'll name a null pointer dereference, undefined behavior, array overrun, and other typical error patterns. They may name an accidental assignment in condition as well. However, let's see if this error is common today.

Error on verge of extinction, or why I put if (x = 42) in Red List of C & C++ bugs

by Andrey Karpov

From the article:

Because of this bug, developers invented the Yoda notation: a programming style where the constant is placed on the left side of the comparison operator. This style was meant to prevent a typo. If a programmer writes = instead of ==, the code won't compile.

How often do you see the sizeof(array)/sizeof(array[0]) statement used to get the size of an array? I really hope it's not too often, because it's 2024 already. In this note, we'll talk about the statement flaws, where it comes from in modern code, and how to finally get rid of it.

How not to check array size in C++

by Mikhail Gelvikh

From the article:

Since we're coding in C++ here, let's harness the power of templates! This brings us to the legendary ArraySizeHelper (aka "the safe sizeof" in some articles), which developers write sooner or later in almost every project. In the old days — before C++11 — you could encounter such monstrosities.

PVS-Studio 7.29 has been released. Now you can analyze Java projects in a plugin for VS Code, check Boost smart pointers, use the PVS-Studio plugin for Qt Creator 12 on macOS, and that's not all.

PVS-Studio 7.29: Java code check in VS Code, Boost smart pointers, and plugin for Qt Creator on macOS

by Gleb Aslamov

From the article:

The C++ analyzer now supports smart pointers from the Boost library: boost::unique_ptr and boost::shared_ptr. Now the PVS-Studio analyzer is able to detect errors such as null pointer dereferences when these classes are used.

The PVS-Studio team along with Sergei Kushnirenko prepared a quiz based on his publications about errors he found. Take the quiz, challenge your focus and coding skills while looking for errors in the C++ code. Attention! When taking the quiz, you may exclaim that some tasks are unfair. Indeed. However, please relax and approach them with humor. The quiz is just for fun.

C++ quiz by PVS-Studio and Sergei Kushnirenko

by Sergei Kushnirenko

About the quiz:

After taking the quiz, you may have questions about why this or that answer is marked as correct or incorrect. Welcome to the article: "Breaking down the C++ quiz by Sergei Kushnirenko" — here you will find answers to your questions.  Please read it only after you have puzzled over code snippets with errors and undefined behavior. Be sure — it will be more interesting.

New Year is coming! It means, according to tradition, it's time to recall 10 of the most interesting bugs that PVS-Studio found during 2023.

Top 10 errors in C and C++ projects in 2023

by Alexey Gorshkov

From the article:

In this case, the developers wanted to fill the keyEventList array with zeros. Pay attention to the third parameter — the number of bytes the developers wanted to fill with zeros. In this case, sizeof(keyEventList) evaluates the pointer size instead of the array size. It depends on the target platform, but most often it's 4 or 8 bytes. However, the size of the structure is clearly larger than 4 or 8 bytes.