You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In my recent PR reviews I discovered repeated occurrence of errors (see examples below) that can be easily detected by a static analyzer.
Impact
For a reviewer, seeing these errors and pointing out them distract the PR reviewer from focusing on more important aspects of PR review, namely the structure and logic of the code. Ultimately, it's not the best use of developer time to pick out errors that automated tools can easily point out.
For a programmer, errors pointed out by automated tools help saving debug time and improving overall code quality.
Proposed enhancement
Deploy static analysis tools, such as clang-tidy, in a similar fashion of clang-format.
Examples
These are just a few examples that I encountered in the past few days reviewing one single PR. I suspect there are more errors of similar natures that a static analysis tool can spot.
Resource Leak:
There are multiple types of resource leaks and here's just one example:
FILE* f = fopen( name, "r" );
if( f != nullptr ) {
// do somethingif( error_occured )
return -1; // ERROR: FILE LEFT OPEN!
}
Type mismatch between function signature and its body:
This type of errors will result in bugs that are very hard to detect. Here's just one example:
size_tfunc() { // Note: the signature says return type being size_tif( condition_1 )
return4;
elseif( condition_2)
return8;
elsereturn -1; // ERROR: NOBODY KNOWS WHAT'S GONNA BE RETURNED!
}
Type cast resulted wrong arguments:
Example: when the programmer intends to create a vector with 4 values, all of them being false. The programmer types:
std::vector<bool> periodic (false, 4); // A vector of size 0 is created, which isn't the programmer's intent.
This statement will pass the compiler because type casts are allowed: false is cast to 0 and 4 is cast to true. A static analyzer with appropriate configurations might have a chance to spot it.
Unnecessary tests:
A function can possibly return one value only, but code written to test other return values which are impossible.
intfunc1() {
// do thingsreturn0; // Note: this is the only return statement in this function
}
voidfunc2() {
int ret = func1(); // ret CANNOT POSSIBLY HAVE VALUES OTHER THAN 0if( ret < 0 ) { /* handle error */ };
elseif( ret > 0 ) { /* handle error */ };
else {
// proceed as normal
}
}
The text was updated successfully, but these errors were encountered:
Background
In my recent PR reviews I discovered repeated occurrence of errors (see examples below) that can be easily detected by a static analyzer.
Impact
For a reviewer, seeing these errors and pointing out them distract the PR reviewer from focusing on more important aspects of PR review, namely the structure and logic of the code. Ultimately, it's not the best use of developer time to pick out errors that automated tools can easily point out.
For a programmer, errors pointed out by automated tools help saving debug time and improving overall code quality.
Proposed enhancement
Deploy static analysis tools, such as
clang-tidy
, in a similar fashion ofclang-format
.Examples
These are just a few examples that I encountered in the past few days reviewing one single PR. I suspect there are more errors of similar natures that a static analysis tool can spot.
There are multiple types of resource leaks and here's just one example:
This type of errors will result in bugs that are very hard to detect. Here's just one example:
Example: when the programmer intends to create a vector with 4 values, all of them being
false
. The programmer types:This statement will pass the compiler because type casts are allowed:
false
is cast to0
and4
is cast totrue
. A static analyzer with appropriate configurations might have a chance to spot it.A function can possibly return one value only, but code written to test other return values which are impossible.
The text was updated successfully, but these errors were encountered: