Category Archives: Code Reliability

Another Bug in Your Bug (Finder): __offsetof

Posted on November 28, 2012 by brucedawson

Last month I posted about a crashing bug in Visual Studio 2012’s static code analysis feature. The irony was delicious. Yesterday I found another bug in the same feature. This one isn’t quite as dramatic, but I found it amusing, … Continue reading →

Posted in Code analysis, Code Reliability, Programming, Visual Studio | Tagged /analyze, sizeof, size_t, VC++, visual studio, __offsetof | 2 Comments

You’ve Got a Bug in Your Bug (Finder)

Posted on October 2, 2012 by brucedawson

All software has bugs, but there is something ironic about a crashing bug in the /analyze portion of Microsoft’s VC++ 2012 compiler. The investigation of this bug also shows yet another reason you should test your software using Microsoft’s Application … Continue reading →

Posted in Code analysis, Code Reliability, Investigative Reporting, Visual Studio | Tagged /analyze, Application Verifier, compiler crashes, VC++ 2012, visual studio | 8 Comments

More Adventures in Failing to Crash Properly

Posted on July 22, 2012 by brucedawson

In last week’s episode we discussed how 32-bit processes on 64-bit Windows might corrupt the exception state after a crash, and how any processes on 64-bit Windows might actually continue running after a crash. Serious stuff. This week’s installment of … Continue reading →

Posted in AltDevBlogADay, Code Reliability, Programming, Visual Studio | Tagged crashing, invalid parameters, minidumps, pure virtual calls, windows error reporting | 9 Comments

When Even Crashing Doesn’t Work

Posted on July 5, 2012 by brucedawson

I’ve written previously about the importance of crashing in order to improve code quality. However even the seemingly simple task of crashing can be more error prone than you might expect. I’ve recently become aware of two different problems that … Continue reading →

Posted in AltDevBlogADay, Code Reliability, Programming, Visual Studio | Tagged callbacks, crashing, debugging, exceptions, first-chance exceptions, kernel | 26 Comments

64-Bit Made Easy

Posted on February 14, 2012 by brucedawson

The scariest aspect of porting your ancient 32-bit code to 64-bit is pointer truncation bugs. Any places where you store a pointer in an ‘int’ or a ‘long’ can come back to bite you when you move to 64-bit. The … Continue reading →

Posted in Code Reliability, Programming, Visual Studio | 33 Comments

Increased Reliability Through More Crashes

Posted on December 7, 2011 by brucedawson

Shipping games that don’t crash is hard, and it’s important to use every tool available to try to find bugs. Static code analysis is one technique that I’ve discussed in the past and for some classes of bugs it is … Continue reading →

Posted in AltDevBlogADay, Code Reliability, Programming | Tagged crashing, overruns, pageheap | 18 Comments

Try /analyze for Free

Posted on October 15, 2011 by brucedawson

I’ve written a half-dozen posts on /analyze, but since it is only available in the super-ultimate-team-extreme-ultimate edition of Visual Studio this information is of purely theoretical value for many people. It turns out, however, that there are two three ways … Continue reading →

Posted in Code analysis, Code Reliability, Programming, Visual Studio | 10 Comments

Dangerous Documentation Part 2–Printing Strings

Posted on October 9, 2011 by brucedawson

The printf family of functions encompasses a vast range of possibilities. Printing to a file or to memory, with or without locale specified, ‘n’ variants, ‘v’ variants, ‘c’ variants, ‘_s’ variants, wide-character variants – it’s an exponential explosion of complexity. … Continue reading →

Posted in Code Reliability, Documentation, Programming, Visual Studio | 5 Comments

Dangerous Documentation Part 1–Copying Strings

Posted on October 8, 2011 by brucedawson

The standard C runtime library (CRT for short) contains a lot of dangerous functions. Functions such as strcpy can easily lead to buffer overruns and security exploits. Functions such as strncpy can easily end up not null-terminating the destination buffer … Continue reading →

Posted in Code Reliability, Documentation, Programming, Visual Studio | 8 Comments

/analyze–Command Line Options

Posted on October 4, 2011 by brucedawson

/analyze has a few command line options to control its behavior. However only one of them is actually documented. In this article I share what I’ve figured out about these options.

Posted in Code analysis, Code Reliability, Programming, Visual Studio | 8 Comments