Can a IDE find logic errors? - visual-studio

Can a good IDE (e.g. Visual Studio) find basic logic errors?
or is there no such thing as a "basic" logic error and all of these errors are undetectable by the IDE?

Yes, some IDEs (like Visual Studio) have continous syntax checks, that can find some logical errors. However, a logical error can only be spotted if there is something odd in the code, there is no AI trying to figure out what the code is actually intended to do.
If you for example write this in a C# method in Visual Studio:
int a = 1;
int b = 2;
Console.WriteLine(a + a);
then the IDE will notice that you never used the variable b, and put a warning in the form of a squiggly line under the variable. Pointing on it will reveal the message The variable 'b' is assigned, but its value is never used.
The IDE can't know if you intended to output a + b rather than a + a, and simply the use of a + a is not odd enough to render a warning, but it can see that you created a variable b and that you probably intended to use that for something.

Not really.
Sometimes it can pick up that a code path may never execute I think.
int x = 9;
if (x != 9)
{
foo();
}
and it maybe able to tell you that you've declared something without using it. It's stuff you can catch yourself. However, the real power is in the debugger where you can use "watch" or locals/autos and follow the code with step-in/out/over at any scope, see when they change, and change the values yourself to see what needs to happen. It's a good way to test logic. In assembly, you can move your code back a few lines and repeat it... it's not guaranteed to work, but you can override anything.
Edit: see https://en.wikipedia.org/wiki/Halting_problem

Related

Visual Studio Intellisense error in range-based for loop

My Visual Studio 2015 IDE (Community Edition) keeps complaining about the code below
struct item
{
int data;
std::vector<item*> linkedItems;
};
void traverseLinkedItems(item* p_item)
{
for (item* i : p_item->linkedItems) // Intellisense Error: A value of type "item*" cannot be used to initialize an entity of type "item*"
{
std::cout << i->data;
}
}
It compiles just fine. So I'm not sure whether it's a bug in VS, or am I missing something?
When I use auto instead of specifying the type of i explicitly, everything is OK.
Thanks!
IntelliSense is not always right. In order to know everything about your code, it would have to fully compile it, but this would be too slow to be (conveniently) usable. Instead, it parses your code in a faster but less complete way to get autocompletion information and find obvious errors. However, sometimes it trips over something, either due to a bug or because it did not manage to obtain all the information it needs. When this happens, its output is not so (Intelli)sensible.
I would simply ignore the IntelliSense error, or, like you said, use auto instead of item* if you want to get rid of the error. Maybe in a later update, or after changes to your code, the error will magically disappear.

Weird behaviour: Immediate Window starting app instead of evaluating expression

I don't know that the following piece of code is really relevant, but for the sake of full disclosure here is the code I was trying to call from the Immediate Window:
abstract class Test
{
public int x;
public Test()
{
x = 5;
}
}
class TestImp : Test
{
public int GetX()
{
return this.x;
}
}
It was just a test to see whether the default base constructor gets called automatically or if I have to call it specifically because I couldn't remember.
Okay, on to the problem. I typed this into the Immediate Window to see the result:
new Mercury_Reports.TestImp().GetX();
And rather than evaluating the expression it just started my application. I closed the app and tried again two more times and got the same result. The next time, I went and put a breakpoint in my Program.cs file. Then instead of starting the app like it did the last three times and then hitting the breakpoint, it decided to actually just evaluate my expression.
I've seen some weird things in the Visual Studio IDE before, but I think this is one of the weirdest. Anyone have a clue as to what was going on there? :)
When evaluating an expression in the immediate window when you're not debugging the following process takes place
Loads your project / application binaries into the hosting process
Silently attaches the debugger to the hosting process
Evaluating the expression against that debugger session
Most of the time this is done in a way that makes it hard to detect that the application is actually being run. But occasionally a side effect of the application shows through and reveals what's really going on under the hood.
EDIT
In general it shouldn't be displaying the UI though. I can think of some obscure corner cases where this would happen though and not be a Visual Studio bug. The basically all come down to the same scenario though
The evaluated string causes an unintended side effect to happen at a time where it wouldn't happen during normal program flow.
This is actually more common than you'd expect in the immediate window because it's essentially executing your code out of order. Normally you'd never get to new Mercury_Reports before executing Program.Main but in the immediate window this is exactly what happens. This can have nasty effects like re-ordering static type constructors
Here are some unintended consequences which can surface via an immediate window expression
Cause types to be loaded and hence cause their static initializers to run
Change the order in which static initializers are run
The return type of the expression has a ToString method the debugger executes
The return type of the expression has a DebuggerDisplay value which the debugger executes
In the past I have seen the static constructor case cause UI to show. Essentially a static type constructor was evaluating MainForm.Instance (a lazy creation property). During normal program flow it was called from Program.Main was run and from then on was simply available. In the immediate window though Program.Main didn't run. But the expression being executed inadventently loaded that type and hence displayed the UI for what was a trivial property getter.
This is a pretty obscure corner case though. I'd say the most likely cause here is a bug in Visual Studio. Debugging is nasty business, especially when executing live code, and this is probably a symptom of that.

Debugging F# code and functional style

I'm new to funcctional programming and have some questions regarding coding style and debugging.
I'm under the impression that one should avoid storing results from funcction calls in a temp variable and then return that variable
e.g.
let someFunc foo =
let result = match foo with
| x -> ...
| y -> ...
result
And instead do it like this (I might be way off?):
let someFunc foo =
match foo with
| x -> ...
| y -> ...
Which works fine from a functionallity perspective, but it makes it way harder to debug.
I have no way to examine the result if the right hand side of -> does some funky stuff.
So how should I deal with this kind of scenarios?
To inspect the middle of a pipeline, I suggest the following workaround:
Put this code at some place:
[<AutoOpen>]
module AutoOpenModule
#if DEBUG
let (|>) value func =
let result = func value
result
#endif
Enable "Step Into Properties and Operators in Managed Code":
https://msdn.microsoft.com/en-us/library/cc667388(v=vs.100).aspx
Now you should be able to step into the pipeline operator.
Either way is acceptable, as you are simply binding to local immutable variable.
There is a catch though. If you using it as part of a recursive loop using tail calls, the one using the temp variable will eliminate the tail call, and hence you will have an increase in stack space.
Being able to see the return value of a function in VS is a long-standing request. Other intermediate expression values too; in F# for example, you often want to inspect the middle of a pipeline, which is hard to do. In the sense that functional programming means "fewer named variables and locals" and "larger expressions", this does have a negative impact on the current generation of debuggers. (On the other hand, with things like less mutability and higher abstraction, hopefully you spend less time in the debugger.)
There are still many ways the debuggers of the future can be improved...
See also
Do some Functional programming constructs reduce Debuggability?
I wouldn't shoot you if you used the temp, but I also wouldn't cramp my style on the off chance that I needed to watch something under debug.
Besides, debugging this sort of thing is much easier with Visual Studio 2010's visual debugger, as you can use breakpoints inside each possible match expression. There is also quick watch and other great features.
For a list of the latest features in the Visual Studio debugger:
http://msdn.microsoft.com/en-us/library/01xdt7cs.aspx

How to read a call stack?

We have a native C++ application running via COM+ on a windows 2003 server. I've recently noticed from the event viewer that its throwing exceptions, specifically the C0000005 exception, which, according to http://blogs.msdn.com/calvin_hsia/archive/2004/06/30/170344.aspx means that the process is trying to write to memory not within its address space, aka access violation.
The entry in event viewer provides a call stack:
LibFmwk!UTIL_GetDateFromLogByDayDirectory(char const *,class utilCDate &) + 0xa26c
LibFmwk!UTIL_GetDateFromLogByDayDirectory(char const *,class utilCDate &) + 0x8af4
LibFmwk!UTIL_GetDateFromLogByDayDirectory(char const *,class utilCDate &) + 0x13a1
LibFmwk!utilCLogController::GetFLFInfoLevel(void)const + 0x1070
LibFmwk!utilCLogController::GetFLFInfoLevel(void)const + 0x186
Now, I understand that its giving me method names to go look at but I get a feeling that the address at the end of each line (e.g. + 0xa26c) is trying to point me to a specific line or instruction within that method.
So my questions are:
Does anyone know how I might use this address or any other information in a call stack to determine which line within the code its falling over on?
Are there any resources out there that I could read to better understand call stacks,
Are there any freeware/opensource tools that could help in analysing a call stack, perhaps by attaching to a debug symbol file and/or binaries?
Edit:
As requested, here is the method that appears to be causing the problem:
BOOL UTIL_GetDateFromLogByDayDirectory(LPCSTR pszDir, utilCDate& oDate)
{
BOOL bRet = FALSE;
if ((pszDir[0] == '%') &&
::isdigit(pszDir[1]) && ::isdigit(pszDir[2]) &&
::isdigit(pszDir[3]) && ::isdigit(pszDir[4]) &&
::isdigit(pszDir[5]) && ::isdigit(pszDir[6]) &&
::isdigit(pszDir[7]) && ::isdigit(pszDir[8]) &&
!pszDir[9])
{
char acCopy[9];
::memcpy(acCopy, pszDir + 1, 8);
acCopy[8] = '\0';
int iDay = ::atoi(&acCopy[6]);
acCopy[6] = '\0';
int iMonth = ::atoi(&acCopy[4]);
acCopy[4] = '\0';
int iYear = ::atoi(&acCopy[0]);
oDate.Set(iDay, iMonth, iYear);
bRet = TRUE;
}
return (bRet);
}
This is code written over 10 years ago by a member of our company who has long since gone, so I don't presume to know exactly what this is doing but I do know its involved in the process of renaming a log directory from 'Today' to the specific date, e.g. %20090329. The array indexing, memcpy and address of operators do make it look rather suspicious.
Another problem we seem to have is that this only happens on the production system, we've never been able to reproduce it on our test systems or development systems here, which would allow us to attach a debugger.
Much appreciated!
Andy
Others have said this in-between the lines, but not explicitly. look at:
LibFmwk!UTIL_GetDateFromLogByDayDirectory(char const *,class utilCDate &) + 0xa26c
The 0xa26c offset is huge, way past the end of the function. the debugger obviously doesn't have the proper symbols for LibFmwk so instead it's relying on the DLL exports and showing the offset relative to the closest one it can find.
So, yeah, get proper symbols and then it should be a breeze. UTIL_GetDateFromLogByDayDirectory is not at fault here.
if you really need to map those addresses to your functions - you'll need to work with .MAP file and see where those addresses really point to.
But being in your situation I would rather investigate this problem under debugger (e.g. MSVS debugger or windbg); as alternative (if crash happens at customer's site) you can generate crash dump and study it locally - it can be done via Windows MiniDumpWriteDump API or SysInternals ProcDump utility (http://download.sysinternals.com/Files/procdump.zip).
Make sure that all required symbol files are generated and available (also setup microsoft symbol server path so that windows DLLs' entry points get resolved also).
IMHO this is just the web site you need: http://www.dumpanalysis.org - which is the best resource to cover all your questions.
Consider also taking a look at this PDF - http://windbg.info/download/doc/pdf/WinDbg_A_to_Z_color.pdf
Point 2 and 3 are easily answered:
3rd Point. Any debugger. That's what they are made for. Set your debugger to break on this special exception. You should be able to click yourself through the callstack and find the different calls on the stack (at least delphi can do this, so visual studio should be able as well). Compile without optimisations if possible. OllyDBG might work as well - perhaps in combination with its trace functionality.
2nd Point. Any information about x86 Assembler, Reverseengineering ... Try: OpenRCE, NASM Documentation, ASM Community.
1st Point. The callstack tells you the functions. I don't know if it is written in order or in opposite order - so it might be that the first line is the last called function or the first called function. Follow the calls with the help of the debugger. Sometimes you can change between asm and code (depending on the debugger, map files ...). If you don't have the source - learn assembler, read about reverse engineering. Read the documentation of the functions you call in third party components. Perhaps you do not satisfy a precondition.
If you can tell a bit more about the programm (which parts of the source code do you have, is a library call involved?, ...)
Now some code-reading:
The function accepts a pointer to a zero terminated string and a reference to a date object. The pointer is assumed to be valid!
The function checks wether the string is in a specific format (% followed by 8 digits followed by a \0). If this is not the case, it returns false. This check (the big if) accesses the pointer without any validity checks. The length is not checked and if the pointer is pointing somewhere in the wild, this space is accessed. I don't know if a shorter string will cause problems. It shouldn't because of the way && is evaluated.
Then some memory is allocated on the stack. The number-part of the string is copied into it (which is ok) and the buffer gets its \0 termination. The atois extract the numbers. This will work because of the different start-locations used and the \0-termination after each part. Somehow tricky but nice. Some comments would have made everything clear.
These numbers are then inserted into the object. It should be valid since it is passed into the function by reference. I don't know if you can pass a reference to a deleted object but if this is the case, this might be your problem as well.
Anyway - except the missing check for the string-pointer, this function is sound and not the cause of your problem. It's only the place that throws the exception. Search for arguments that are passed into this function. Are they always valid? Do some logging.
I hope I didn't do any major mistakes as I am a Delphi programmer. If I did - feel free to comment.

Should we create objects if we need them only once in our code?

This is a coding style questions:-
Here is the case
Dim obj1 as new ClassA
' Some lines of code which does not uses obj1
Something.Pass(obj1) ' Only line we are using obj1
Or should we directly initiaize the object when passing it as an argument?
Something.new(new ClassA())
If you're only using the object in that method call, it's probably better to just pass in "new ClassA()" directly into the call. This way, you won't have an extra variable lying around, that someone might mistakenly try to use in the future.
However, for readability, and debugging it's often useful to create the temporary object and pass it in. This way, you can inspect the variable in the debugger before it gets passed into the method.
Your question asks "should we create objects"; both your examples create an object.
There is not logically any difference at all between the two examples. Giving a name to an object allows it to be referred to in more than one place. If you aren't doing that, it's much clearer to not give it a name, so someone maintaining the code can instantly see that the object is only passed to one other method.
Generally speaking, I would say no, there's nothing wrong with what you're doing, but it does sound like there may be some blurring of responsibilities between your calling function, the called function, and the temporary object. Perhaps a bit of refactoring is in order.
I personally prefer things to be consistent, and to make my life easier (what I consider making my life easier may not be what you consider making your life easier... so do with this advice what you will).
If you have something like this:
o = new Foo();
i = 7
bar(o, i, new Car());
then you have an inconsistency (two parameters are variables, the other is created on the fly). To be consistent you would either:
always pass things as variables
always pass things created on the fly
only one of those will work (the first one!).
There are also practical aspects to it as well: making a variable makes debugging easier.
Here are some examples:
while(there are still lines in the file)
{
foo(nextLine());
}
If you want to display the next line for debugging you now need to change it to:
while(there are still lines in the file)
{
line = nextLine();
display(line);
foo(line);
}
It would be easier (and safer) to have made the variable up front. It is safer because you are less likely to accidentally call nextLine() twice (by forgetting to take it out of the foo call).
You can also view the value of "line" in a debugger without having to go into the "foo" method.
Another one that can happen is this:
foo(b.c.d()); // in Java you get a NullPointerException on this line...
was "b" or "c" the thing that was null? No idea.
Bar b;
Car c;
int d;
b = ...;
c = b.c; // NullPointException here - you know b was null
d = c.d(); // NullPointException here - you know c was null
foo(d); // can view d in the debugger without having to go into foo.
Some debuggers will let you highlight "d()" and see what it outputs, but that is dangerous if "d()" has side effects as the debugger will wind up calling "d()" each time you get the value via the debugger).
The way I code for this does make it more verbose (like this answer :-) but it also makes my life easier if things are not working as expected - I spend far less time wondering what went wrong and I am also able to fix bugs much faster than before I adopted this way of doing things.
To me the most important thing when programming is to be consistent. If you are consistent then the code is much easier to get through because you are not constantly having to figure out what is going on, and your eyes get drawn to any "oddities" in the code.

Resources