Examples of bugs found

Scans performed on well-known open-source software (OSS) projects

Thermal Daemon (by Intel)

Duplicate code between two different files, probably copied and pasted. The original on the right uses "cdev_count" (see above), while the left uses the same logic but with "z_count". However, it forgets to modify the last "cdev_count" (shown with arrow). There is no problem in the normal system, but the error message is for a completely different class.


WordPress

When you compare the left and right duplicate code blocks, the instance names are clearly different (s8 and s10). There is a high possibility that the value of $carry8 is unintended. Also, due to the sequence of code (3003 lines) that looks like it was generated automatically, it is difficult for human reviewers to notice the mistake.


Hyper

These are similar code for the commands "uninstall" and "install". The error spotted by Sider Scan is that the console.log on line 60 of the code on the left side should be console.error because it outputs an error. This mistake was notified to the community, and was subsequently identified as a bug and fixed. These blocks are not 100% identical and yet, Sider Scan can find these inconsistencies.


Apache Kafka

It is assumed that the WindowsStoreBuilder class was copied to create the TimeOrderWindowsStoreBuilder class. In line 30 of the code on the left, the change in class name was not completed. As it is, we cannot track the log of the TimeOrderWindowsStoreBuilder class. After reporting this, the Kafka community confirmed that it was indeed a bug, and it has now been fixed.


SPIR-V Tools

  • Open-source software: SPIR-V Tools (by Khronos Group)
  • Overview: A set of tools for handling SPIR-V, an intermediate language for parallel computing and graphics
  • Languages: C++, Go
  • Repository: https://github.com/KhronosGroup/SPIRV-Tools

Omission bug in the same file. It is thought that the code was copied because it does exactly the same processing for columns as it does for rows, but the rows_id in line 599 is still there, making it a bug. The ID of the row is returned when the ID of the column is output as a message. When reporting this, the maintainer of Khronos Group acknowledged it and responded "Looks like a copy-paste problem". This problem is now corrected.


Vaddin Flow

This is an error within the same file. All other arguments in the file use "query", but on the left side, two arguments in lines 62 and 63 are left as "t", which is not consistent. It's not a bug, but for readability and maintainability, it's better to fix it to query. Upon reporting this error to the community, it was accepted, and the fix is now reflected in the master branch.

Try Sider Scan for free

Download for Mac
Download for Windows

Free for one repository. No credit card required.