PVS-Studio 7.34: support for Apple Silicon ARM64, CodeChecker

By Andrey Karpov | Dec 19, 2024 12:23 AM | Tags: sast pvs-studio codechecker arm64

PVS-Studio 7.34 has been released. Discover the latest features, including support for Apple Silicon processors with ARM64 architecture, .NET 9 project compatibility, the introduction of the taint analysis mechanism in the Java analyzer, and more.

PVS-Studio 7.34: support for Apple Silicon ARM64, CodeChecker

by Aleksandra Uvarova

From the article:

New diagnostic rules. C, C++:

• V1116. Creating an exception object without an explanatory message may result in insufficient logging.
• V1117. The declared function type is cv-qualified. The behavior when using this type is undefined.
• V2022. Implicit type conversion from integer type to enum type.
• V5014. OWASP. Cryptographic function is deprecated. Its use can lead to security issues. Consider switching to an equivalent newer function.

CGAL Released, Computational Geometry Algorithms Library -- Laurent Rineau

By Laurent Rineau | Oct 23, 2024 11:58 AM | Tags: None

The CGAL Open Source Project is pleased to announce the recent releases of CGAL versions 5.5.5, 5.6.2, 6.0, and 6.0.1.

New CGAL versions: 5.5.5, 5.6.2, 6.0, and 6.0.1

by Laurent Rineau

From the article

CGAL version 6.0

CGAL version 6.0 was released on September 27, 2024. Following the discovery of early issues, version 6.0.1 was subsequently released on October 22, 2024.

This version is a major release, with many new features and improvements.

General changes

• C++17 Requirement: CGAL 6.0 requires a C++17 compatible compiler.
• GMP/MPFR Optional: GMP/MPFR are no longer mandatory; Boost.Multiprecision can be used.
• Qt6 Demos: All demos are now based on Qt6.
• Polyhedral Surface: The demo has been renamed to “CGAL Lab” and moved to its own directory in demo/Lab/.

New Packages

• Kinetic Space Partition: Partition of the space from planar input shapes.
• Kinetic Surface Reconstruction: Reconstructs surfaces from point clouds.
• Basic Viewer: Interactive visualization for various CGAL packages.
• Polygon Repair: Algorithms to repair 2D polygons and multipolygons.

Breaking Changes

• CMake Changes: UseCGAL.cmake removed; use CGAL::CGAL target instead.
• Kernel: Replaced boost::variant with std::variant and boost::optional with std::optional in the intersection functions.

Enhancements

• AABB Tree: Now supports 2D and 3D primitives.

PVS-Studio 7.33: SN-DBS support

By Andrey Karpov | Oct 20, 2024 02:14 AM | Tags: None

PVS-Studio 7.33 has been released. Check out the latest features, including SN-DBS support, C# user annotations, and other exciting updates! See more details in this note.

PVS-Studio 7.33: SN-DBS support

by Valerii Filatov

From the article:

To enhance the integration of PVS-Studio with Unreal Engine, we've introduced support for SN-DBS, a distributed build system. These changes apply to Unreal Engine 5.5. Learn more about using PVS-Studio with Unreal Engine in the documentation.

PVS-Studio 7.32: enhanced analysis, new plugins and more

By Andrey Karpov | Aug 18, 2024 11:27 AM | Tags: scons qt creator qt pvs-studio bazel

PVS-Studio 7.32 has been released. Discover enhanced C++ analysis optimization, new plugins and features, and a host of other updates.

PVS-Studio 7.32: enhanced analysis, new plugins and more

by Gleb Aslamov

From the article:

The PVS-Studio analyzer now supports integration with Bazel and Scons build systems for C++ projects. The PVS-Studio plugin is now available for Qt Creator 14.x. The plugin for Qt Creator 8.x is no longer supported. We aim to ensure backward compatibility between the latest plugin versions and all Qt Creator versions released in the past two years.

HPX V1.10.0 released -- STE||AR Group

By Hartmut Kaiser | May 29, 2024 07:43 AM | Tags: performance parallelism heterogeneous computing distributed computing concurrency c++23 c++20 c++17 c++14 c++11

The STE||AR Group has released V1.10.0 of HPX -- A C++ Standard library for Concurrency and Parallelism.

HPX V1.10.0 Released

We have released HPX 1.10.0 — a major update to our C++ Standard Library for Concurrency and Parallelism. We have continued to modernize HPX to fully conform to the latest standardization efforts in the are of parallelism and concurrency. Our HPX documentation has seen a major overhaul for this release, please have a look here. We finished documenting the public local HPX API, we have added migration guides from widely used parallelization platforms to HPX (OpenMP, TBB, and MPI). Among other things, we have performed a lot of code cleanup and refactoring to improve the overall code quality and decrease compile times and to improve the consistency of our exposed APIs. The core implementation has seen many performance optimizations that impact every aspect of our applications.

If you have any questions, comments, or exploits to report you can reach us on IRC or Matrix (#ste||ar on libera.chat) or email us at hpx-users. We depend on your input!

You can download the release from our releases page or check out the v1.10.0 tag using git. A full list of changes can be found in the release notes.

HPX is a general-purpose parallel C++ runtime system for applications of any scale. It implements all of the related facilities as defined by the C++20 Standard. As of this writing, HPX provides the only widely available open-source implementation of the new C++17, C++20, and C++23 parallel algorithms, including a full set of parallel range-based algorithms. Additionally, HPX implements functionalities proposed as part of the ongoing C++ standardization process, such as large parts of the features related parallelism and concurrency as specified by the upcoming C++23 Standard, the C++ Concurrency TS, Parallelism TS V2, data-parallel algorithms, executors, and many more. It also extends the existing C++ Standard APIs to the distributed case (e.g., compute clusters) and for heterogeneous systems (e.g., GPUs).

HPX seamlessly enables a new Asynchronous C++ Standard Programming Model that tends to improve the parallel efficiency of our applications and helps reducing complexities usually associated with parallelism and concurrency.

GCC 14 -fanalyzer improvements for buffer overflows and more -- David Malcolm

By Blog Staff | Apr 4, 2024 03:31 PM | Tags: None

For anyone interested in the top source of memory safety issues, out-of-bounds accesses... GCC 14 will be able to catch more cases, and even show them with some colorful retro ASCII art:

Improvements to static analysis in the GCC 14 compiler

by David Malcolm

It does require some source code annotation, but also delivers safety value in return.

From the article:

So for GCC 14, I've added the ability for the analyzer to emit text-based diagrams visualizing the spatial relationships in a predicted buffer overflow. ... [For example,] this diagram shows the destination buffer populated by the content from the strcpy call, and thus the existing terminating NUL byte used for the start of the strcat call. For non-ASCII strings ... it can show the UTF-8 representation of the characters ...

... [Another improvement] is that the analyzer now simulates APIs that scan a buffer expecting a null terminator byte, and will complain about code paths where a pointer to a buffer that isn't properly terminated is passed to such an API.

Plus more, such as:

The analyzer has a form of "taint analysis", which tracks attacker-controlled inputs, places where they are sanitized, and places where they are used without sanitization. In previous GCC releases this was too buggy to enable by default, with lots of false positives, so I hid it behind an extra command-line argument. I've fixed many bugs with this, so for GCC 14 I've enabled this by default when -fanalyzer is selected. This also enables these 6 taint-based warnings:

• -Wanalyzer-tainted-allocation-size
• -Wanalyzer-tainted-array-index
• -Wanalyzer-tainted-assertion
• -Wanalyzer-tainted-divisor
• -Wanalyzer-tainted-offset
• -Wanalyzer-tainted-size

Using Copilot Chat with C++ in VS Code -- Sinem Akinci

By Blog Staff | Apr 4, 2024 10:54 AM | Tags: None

If you are a C++ developer who uses VS Code as your editor, Copilot Chat can help you with many of your everyday coding tasks by allowing you to iterate with your code in natural language.

Using Copilot Chat with C++ in VS Code

by Sinem Akinci

From the article:

We have just released a new YouTube video demonstrating the power of Copilot Chat in C++ code:

We cover how Copilot Chat can provide enhancements to your C++ coding scenarios like:

• Simplifying and refactoring existing code
• Generating new code and iterating with the prompt
• Generating and explaining new test cases
• Refactoring test cases to new frameworks
• Understanding errors with your code
• … and more!

Seastar, ScyllaDB, and C++23

By Jordi Mon Companys | Feb 17, 2024 05:36 AM | Tags: c++20 c++17

Seastar announces that now that C++23 is available, they will support C++23 and C++20 (dropping support for C++17) in accordance with their support policy

Seastar, ScyllaDB, and C++23

By Avi Kivity

From the article:

Seastar is an open-source (Apache 2.0 licensed) C++ framework for I/O intensive asynchronous computing, using the thread-per-core model. Seastar underpins several high- performance distributed systems: ScyllaDB, Redpanda, and Ceph Crimson. Seastar source is available on github. As a C++ framework, Seastar must choose which C++ versions to support. The support policy is last-two-versions. That means that at any given time, the most recently released version as well as the previous one are supported, but earlier versions cannot be expected to work. This policy gives users of the framework three years to upgrade to the next C++ edition while not constraining Seastar to ancient versions of the language.

Now that C++23 has been ratified, Seastar now officially supports C++20 and C++23. The previously supported C++17 is now no longer supported.

PVS-Studio 7.29: Boost smart pointers, plugin for Qt Creator on macOS

By Andrey Karpov | Feb 13, 2024 06:49 AM | Tags: qt creator pvs-studio misra boost

PVS-Studio 7.29 has been released. Now you can analyze Java projects in a plugin for VS Code, check Boost smart pointers, use the PVS-Studio plugin for Qt Creator 12 on macOS, and that's not all.

PVS-Studio 7.29: Java code check in VS Code, Boost smart pointers, and plugin for Qt Creator on macOS

by Gleb Aslamov

From the article:

The C++ analyzer now supports smart pointers from the Boost library: boost::unique_ptr and boost::shared_ptr. Now the PVS-Studio analyzer is able to detect errors such as null pointer dereferences when these classes are used.

mp-units 2.1.0 released -- Mateusz Pusz

By Mateusz Pusz | Feb 6, 2024 12:40 PM | Tags: None

We are happy to announce that mp-units 2.1.0 has been released and is available for download in Conan.

mp-units 2.1.0 released!

by Mateusz Pusz

About the release

Please check our blog post to read more about the improvements and some, unfortunately, breaking changes.