COVID-19 Research and Uninitialized Variable
A developer examines an open source program built in C++ using PVS-Studio and explains an error found in the code by this code analyzer.
Join the DZone community and get the full member experience.Join For Free
There is an open project, COVID-19 CovidSim Model, written in C++. There is also a PVS-Studio static code analyzer that detects errors very well. One day they met. Let's embrace the fragility of mathematical modeling algorithms and why you need to make every effort to enhance code quality.
This little story begins with an ordinary search on GitHub. While looking through the search results, I accidentally came across the COVID-19 CovidSim Model project. Without thinking twice, I decided to check it out using the PVS-Studio analyzer.
The project turned out to be tiny. It contains only 13,000 lines of code, not counting empty lines and comments. And there are almost no errors there either. But one mistake is so simple and beautiful that I couldn't pass it by!
Serious scientific code. Something is calculated. Formulas. Everything looks smart and detailed.
But all these calculations were shattered into pieces by human inattention. It's good that the PVS-Studio code analyzer can come to the rescue and point out the bug: V614 [CWE-457] Uninitialized variable 'modelValue' used. CovidSim.cpp 5412
Indeed, let's take a closer look at it:
We are facing a simple and, at the same time, terrible error: an uninitialized variable. This algorithm can calculate anything.
Well, that's it. There is nothing to explain here. It only remains to reiterate that developers of scientific libraries and scientific applications should make additional efforts to ensure code quality. Crashing an ordinary application is likely to cost much less than the use of incorrect results for scientific, medical, and other calculations.
This is not our first article on this topic:
- Analyzing the Code of ROOT, Scientific Data Analysis Framework
- NCBI Genome Workbench: Scientific Research under Threat
- The Big Calculator Gone Crazy
Use the PVS-Studio static code analyzer! When errors are detected in a timely you can expect enormous benefits. Thanks for reading!
Published at DZone with permission of Andrey Karpov. See the original article here.
Opinions expressed by DZone contributors are their own.