Site for C/C++ developers
of 64-bit and parallel applications

OOO "Program Verification Systems" (Co Ltd)

English | Русский

PVS-Studio Static Code Analyzer for 64-bit and parallel C/C++ code

Our Customers

Blog

02.09.2010 Feeling the new Intel Parallel Studio XE 2011 beta
So I've gotten to try the C++ compiler included into Intel Parallel Studio XE 2011 beta at last.»

30.08.2010 Five days for fixing a two-character error, or a myth of almighty technologies aiding software development
In this blog, you may often read posts about how this or that software tool or software development technology helps make fewer errors, find them faster and correct them easier.»

30.08.2010 d'Artagnan and Internet, or working on the problem of bad links
Friends, it is high time we stopped considering links only in the context of their number and buying/ selling and counting PR of the site they are laid out on.»

Articles

22.07.2010 Using PVS-Studio with continuous integration systems
This article illustrates techniques required to employ the use of PVS-Studio static code analyzer together with continuous integration systems.»

06.07.2010 Comparing capabilities of PVS-Studio and Visual Studio 2010 in detecting defects in 64-bit programs
In the article, we will compare three mechanisms of code analysis from the viewpoint of detecting 64-bit errors: the Visual C++ 2010 compiler, the Code Analysis for C/C++ component included into Visual Studio 2010 and Viva64 analyzer included into PVS-Studio 3.60.»

29.06.2010 A Collection of Examples of 64-bit Errors in Real Programs
This article is the most complete collection of examples of 64-bit errors in the C and C++ languages.»

News

16.08.2010 We released a new version of PVS-Studio code analyzer - PVS-Studio 3.62 »

22.07.2010 We released a new version of PVS-Studio code analyzer - PVS-Studio 3.61»

10.06.2010 We released a new version of PVS-Studio code analyzer - PVS-Studio 3.60. »

Documentation

Main » Product Page » Documentation

Print version

V112. Dangerous magic number N used

The analyzer found the use of a dangerous magic number. The possible error may consist in the use of numeric literal as special values or size of memsize type.

Let's examine the first example.

size_t ArraySize = N * 4;
size_t *Array = (size_t *)malloc(ArraySize);

A programmer while writing the program relied on that the size size_t will be always equal 4 and wrote the calculation of the array size "N * 4". This code dose not take into account that size_t on the 64-bit system will have 8 bytes and will allocate less memory than it is necessary. The correction of the code consists in the use of sizeof operator instead of a constant 4.

size_t ArraySize = N * sizeof(size_t);
size_t *Array = (size_t *)malloc(ArraySize);

The second example.

size_t n = static_cast<size_t>(-1);
if (n == 0xffffffffu) { ... }

Sometimes as an error code or other special marker the value "-1" is used which is written as "0xffffffff". On the 64-bit platform the written expression is incorrect and one should evidently use the value "-1".

size_t n = static_cast<size_t>(-1);
if (n == static_cast<size_t>(-1)) { ... }

Let's list magic numbers which may influence the efficiency of an application while porting it on the 64-bit system and due to this are diagnosed by analyzer.

You should study the code thoroughly in order to see if there are magic constants and replace them with safe constants and expressions. For this purpose you may use sizeof() operator, special value from <limits.h>, <inttypes.h> etc.

In some cases magic constants are considered unsafe. For example, there will be no warning on this code:

float Color[4];

© 2008 - 2010, OOO "Program Verification Systems"
300027, Russia, Tula, P.O. Box 1800. Office: Russia, Tula, Kutuzova 100-73