-
Recent Posts
Categories
- AltDevBlogADay
- Bugs
- Chromium
- Code analysis
- Code Reliability
- Commuting
- Computers and Internet
- Debugging
- Documentation
- Drinks
- Environment
- Floating Point
- Fractals
- Fun
- Gaming
- Investigative Reporting
- Linux
- Math
- memory
- metric
- Performance
- Programming
- Quadratic
- Rants
- Security
- Symbols
- Travel
- uiforetw
- Uncategorized
- Unicycling
- Visual Studio
- WLPG
- Xbox 360
- xperf
Meta
| CARVIEW |
Select Language
HTTP/2 200
server: nginx
date: Sat, 16 Aug 2025 21:53:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-hacker: Want root? Visit join.a8c.com/hacker and mention this header.
host-header: WordPress.com
vary: accept, content-type, cookie
content-encoding: gzip
x-ac: 3.bom _dca MISS
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000
server-timing: a8c-cdn, dc;desc=bom, cache;desc=MISS;dur=412.0
Code analysis | Random ASCII – tech blog of Bruce Dawson
Forecast for randomascii: programming, tech topics, with a chance of unicycling
Category Archives: Code analysis
The Easy Ones – Three Bugs Hiding in the Open
I write a lot about investigations into tricky bugs – CPU defects, kernel bugs, transient 4-GB memory allocations – but most bugs are not that esoteric. Sometimes tracking down a bug is as simple as paying attention to server dashboards, … Continue reading →
Posted in Bugs, Code analysis, Code Reliability, Debugging, Floating Point, Linux, Performance
|
Tagged coding values
|
17 Comments
A Crash of Great Opportunity
It was a fairly straightforward bug. A wide-character string function was called with a byte count instead of a character count, leading to a buffer overrun. After finding the problem the fix was as simple as changing sizeof to _countof. … Continue reading →
You Got Your Web Browser in my Compiler!
I recently discovered that Microsoft’s VC++ compiler loads mshtml.dll – also known as Internet Explorer. The compiler does this whenever the /analyze option (requesting static code analysis) is used. I’m no compiler architecture expert, but a compiler that loads Internet … Continue reading →
Posted in Code analysis, Investigative Reporting, Performance, Visual Studio, xperf
|
Tagged carl sagan, nuclear testing, peanut butter, rhetoric
|
84 Comments
Vote for the VC++ Improvements That Matter
VS 2013 is almost done and VS 2014 is being planned and I’ve been pushing for the VC++ features/bug-fixes that matter most to me. I’ve come up with two requests that seem plausible and valuable. If you like them then … Continue reading →
Two Years (and Thousands of Bugs) of Static Analysis
I’ve been running static code analysis on four large code bases for over two years now. After the initial work of looking through all of the warnings and fixing the serious bugs I put the projects into code analysis maintenance … Continue reading →
Posted in Code analysis, Code Reliability, Programming, Visual Studio
|
Tagged /analyze, clang, VC++, visual studio
|
22 Comments
VC++ /analyze Bug Finder Bug Fixed
Last October I wrote about a crashing bug in the /analyze feature of Microsoft’s VC++ compiler – a use-after-free in their annotation parser. It’s now fixed.
Posted in Code analysis, Code Reliability, Investigative Reporting, Visual Studio
|
Tagged /analyze, Application Verifier, compiler crashes, VC++ 2012, visual studio
|
4 Comments
Another Bug in Your Bug (Finder): __offsetof
Last month I posted about a crashing bug in Visual Studio 2012’s static code analysis feature. The irony was delicious. Yesterday I found another bug in the same feature. This one isn’t quite as dramatic, but I found it amusing, … Continue reading →
Posted in Code analysis, Code Reliability, Programming, Visual Studio
|
Tagged /analyze, sizeof, size_t, VC++, visual studio, __offsetof
|
2 Comments
You’ve Got a Bug in Your Bug (Finder)
All software has bugs, but there is something ironic about a crashing bug in the /analyze portion of Microsoft’s VC++ 2012 compiler. The investigation of this bug also shows yet another reason you should test your software using Microsoft’s Application … Continue reading →
Posted in Code analysis, Code Reliability, Investigative Reporting, Visual Studio
|
Tagged /analyze, Application Verifier, compiler crashes, VC++ 2012, visual studio
|
8 Comments
Try /analyze for Free
I’ve written a half-dozen posts on /analyze, but since it is only available in the super-ultimate-team-extreme-ultimate edition of Visual Studio this information is of purely theoretical value for many people. It turns out, however, that there are two three ways … Continue reading →
/analyze–Command Line Options
/analyze has a few command line options to control its behavior. However only one of them is actually documented. In this article I share what I’ve figured out about these options.
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
Random ASCII - tech blog of Bruce Dawson