Loading...
Loading...
This skill provides systematic bug detection and discovery capabilities for VS Code extensions. Use when searching for hidden bugs, analyzing code for potential issues, investigating suspicious behavior, performing code audits, or proactively finding bugs before they manifest. Covers static analysis patterns, dynamic analysis techniques, code smell detection, and systematic codebase investigation.
npx skill4agent add s-hiraoku/vscode-sidebar-terminal vscode-bug-hunter| Bug Hunting (This Skill) | Debugging (vscode-extension-debugger) |
|---|---|
| Proactive discovery | Reactive fixing |
| Find bugs before they manifest | Fix bugs after they occur |
| Static and dynamic analysis | Error investigation |
| Code auditing | Stack trace analysis |
| Pattern-based detection | Reproduction-based fixing |
# Find all TypeScript files
find src -name "*.ts" | head -20
# Identify key components
grep -r "export class" src/ --include="*.ts" | head -20
# Find entry points
grep -r "activate\|deactivate" src/ --include="*.ts"| Area | Risk Level | Reason |
|---|---|---|
| Async operations | High | Race conditions, unhandled rejections |
| Event handlers | High | Memory leaks, missing dispose |
| WebView communication | High | Message timing, state sync |
| File I/O | Medium | Error handling, permissions |
| User input processing | Medium | Validation, injection |
| Configuration handling | Medium | Type mismatches, defaults |
| UI rendering | Low | Visual issues, layout |
# Recent commits - often contain fresh bugs
git log --oneline -20
# Files changed recently
git diff --name-only HEAD~10
# Diff for specific file
git diff HEAD~5 -- src/path/to/suspicious/file.ts// Pattern: Event listener without dispose
// Search: addEventListener|on\w+\s*\(
// Risk: Memory leak if listener not removed
// Pattern: setInterval/setTimeout without clear
// Search: setInterval|setTimeout
// Risk: Timer continues after disposal
// Pattern: Missing dispose registration
// Search: vscode\.\w+\.on\w+\(
// Risk: Event handler leaks// Pattern: Shared mutable state without lock
// Search: private \w+ = (?!readonly)
// Risk: Concurrent modification
// Pattern: Check-then-act without atomicity
// Search: if \(.*\)\s*\{[^}]*await
// Risk: State may change between check and act
// Pattern: Promise without await in loop
// Search: for.*\{[^}]*(?<!await)\s+\w+\([^)]*\)
// Risk: Uncontrolled concurrency// Pattern: Optional chaining missing
// Search: \.\w+\.\w+\.\w+(?!\?)
// Risk: Null reference in chain
// Pattern: Type assertion without check
// Search: as \w+(?!\s*\|)
// Risk: Runtime type mismatch
// Pattern: Array access without bounds check
// Search: \[\d+\]|\[.*\](?!\?)
// Risk: Index out of bounds# Find potential memory leaks
grep -rn "addEventListener\|setInterval\|setTimeout" src/ --include="*.ts"
# Find missing error handling
grep -rn "catch\s*{\s*}" src/ --include="*.ts"
# Find TODO/FIXME comments (often mark known issues)
grep -rn "TODO\|FIXME\|HACK\|BUG\|XXX" src/ --include="*.ts"
# Find console.log (should be removed in production)
grep -rn "console\.\(log\|debug\|info\)" src/ --include="*.ts"
# Find async functions without try-catch
grep -rn "async.*{" src/ --include="*.ts" | head -20# Strict type checking
npx tsc --noEmit --strict
# Find implicit any
npx tsc --noEmit --noImplicitAny
# Check for unused variables
npx tsc --noEmit --noUnusedLocals --noUnusedParameters// Identify all entry points to a function
// Search for: functionName(
// Trace data flow through function
// What inputs can reach this code path?
// What state can this code modify?
// Find unreachable code
// Code after return/throw/break/continue// Questions to ask:
// 1. What state does this component manage?
// 2. What operations modify this state?
// 3. Can state become inconsistent?
// 4. Is state properly initialized?
// 5. Is state properly cleaned up?// For each resource:
// 1. Where is it created?
// 2. Where is it disposed?
// 3. Can disposal be skipped?
// 4. Is disposal order correct?
// 5. Are references cleared after disposal?// Wrap suspicious function to monitor calls
const original = object.suspiciousMethod;
object.suspiciousMethod = function(...args) {
console.log('[MONITOR] suspiciousMethod called with:', args);
const result = original.apply(this, args);
console.log('[MONITOR] suspiciousMethod returned:', result);
return result;
};// Track object creation
const instances = new WeakSet();
const originalConstructor = SuspiciousClass;
SuspiciousClass = class extends originalConstructor {
constructor(...args) {
super(...args);
instances.add(this);
console.log('[MEMORY] New instance created, count:', instances.size);
}
};// Measure function execution time
const start = performance.now();
await suspiciousOperation();
const duration = performance.now() - start;
console.log(`[PERF] Operation took ${duration}ms`);Template:
IF [condition/action]
THEN [expected buggy behavior]
BECAUSE [root cause theory]
Example:
IF rapid terminal creation requests are made
THEN duplicate terminals may be created
BECAUSE there is no atomic lock on the creation operation// Design test to confirm hypothesis
describe('Bug Hypothesis: Rapid terminal creation causes duplicates', () => {
it('should handle concurrent creation requests', async () => {
const manager = new TerminalManager();
// Trigger the suspected bug condition
const results = await Promise.all([
manager.createTerminal(),
manager.createTerminal(),
manager.createTerminal()
]);
// Verify expected behavior
const uniqueIds = new Set(results.map(t => t.id));
expect(uniqueIds.size).toBe(results.length);
});
});grep -rn "addEventListener\|on.*=.*function" src/ --include="*.ts" | grep -v "dispose\|remove"grep -rn "\.then\(" src/ --include="*.ts" | grep -v "\.catch\("grep -rn "async.*{" src/ --include="*.ts" -A 5 | grep -E "if.*\{|while.*\{"grep -rn "eval\|innerHTML\|child_process\|exec\(" src/ --include="*.ts"grep -rn "any\|@ts-ignore\|@ts-nocheck" src/ --include="*.ts"references/detection-patterns.mdreferences/analysis-tools.mdreferences/investigation-checklist.md