Product News

Clang-Tidy, part 1: Modernize your source code using C++11/C++14—Kevin Funk

Do you know what is clang-tidy and how to use it?

Clang-Tidy, part 1: Modernize your source code using C++11/C++14

by Kevin Funk

From the article:

This blog series will introduce the clang-tidy utility from the Clang/LLVM project and show how to use it to automatically refactor C++ source code and integrate with your build system, as well as how to use the tool on other platforms than Unices.

PVS-Studio: searching software weaknesses

As we check Apache HTTP Server, we see bugs crawling everywhere across the code. But wait! These are not just bugs, but security weaknesses!

PVS-Studio: searching software weaknesses

by Andrey Karpov, Phillip Khandeliants

From the article:

PVS-Studio has always been able to detect a large number of various security defects (potential vulnerabilities) in the program code. However, historically, we positioned PVS-Studio as a tool to search for errors. We see a trend in the software development to look for vulnerabilities in the code, although it is just the same. It seems to us that it is high time to do the rebranding of our static analyzer PVS-Studio. We will start with Common Weakness Enumeration (CWE). This article provides a table that shows matches of PVS-Studio diagnostic warnings of with the classifier. The table will be gradually updated and changed, but we can already use the table to write articles about security defects detected in projects. We suppose it would attract more attention of the software security specialists.

Heaptrack v1.0.0 Release—Milian Wolff

Milian Wolff announces the first stable release of Heaptrack, a fast heap memory profiler for C and C++ software running on Linux.

Heaptrack v1.0.0 Release

by Milian Wolff

From the article:

Heaptrack is a fast heap memory profiler that runs on Linux. It allows you to track all heap memory allocations at run-time.

Afterwards, the accompanying GUI tool can be used to find optimization opportunities in your code by analyzing the recorded profiling data. It allows you to:

  • Inspect peak heap memory consumption
  • Find memory leaks
  • Count overall number of memory allocations and find temporary allocations
  • Find small allocations with large overhead

Zapcc 1.0 - A Much Faster C++ Compiler

We are happy to announce Zapcc, a Clang/LLVM based C++ compiler, with much faster compilations.

Zapcc

by the Zapcc team

About the compiler:

Typically, Zapcc accelerate full C++ builds by x2-x5, and incremental builds by x10 and more.

Zapcc is available for evaluation on the companies website.

Feel free to try it out!

Visual Studio 2017 for C++ developers

The following Visual Studio 2017 launch day articles have gone live on the VCBlog:

Visual Studio 2017 for C++ developers – you will love it

C++ Code Analysis improvements in Visual Studio 2017 RTM

Check for const correctness with the C++ Core Guidelines Checker

Binary Compatibility and Pain-free Upgrade: Why Moving to Visual Studio 2017 is almost “too easy”

MSVC: The best choice for Windows

Use any C++ Compiler with Visual Studio

C++ game development workload in Visual Studio 2017

Completed UserVoice Suggestions in Visual Studio 2017

C++ Standards Conformance from Microsoft

Visual Studio Code C/C++ extension March 2017 Update

C++14 conformance improvements: constexpr and aggregate initialization

Finding installed Visual C++ tools for Visual Studio 2017

Learn C++ Concepts with Visual Studio and the WSL—Andrew Pardoe

Now you can learn Concepts TS in Visual Studio 2017 by targeting the Windows Subsystem for Linux (WSL):

Learn C++ Concepts with Visual Studio and the WSL

by Andrew Pardoe

From the article:

Concepts enable adding requirements to a set of template parameters, essentially creating a kind of interface. The C++ community has been waiting years for this feature to make it into the standard...

How C++ lambda expressions can improve your Qt code—Aurélien Gâteau

Lambdas are helping you.

How C++ lambda expressions can improve your Qt code

by Aurélien Gâteau

From the article:

In case you’ve missed it, lambda expression support has been added to C++ in C++11. In this article we are going to see how to take advantage of lambda expressions in your Qt code to simplify it and make it more robust, but also which pitfalls to avoid...

How PVS-Studio does the bug search: methods and technologies

PVS-Studio is a static code analyzer, that searches for errors and vulnerabilities in programs written in C, C++ and C#. In this article, I am going to uncover the technologies that we use in PVS-Studio analyzer. In addition to the general theoretical information, I will show practical examples of how certain technology allows the detection of bugs.

How PVS-Studio does the bug search: methods and technologies

by Andrey Karpov

From the article:

The definition of the pattern looks quite simple, but in practice the implementation of the diagnostic is quite complicated. It's not enough just to analyze only "#define RShift(a) a >> 3". If warnings are issued for all strings of this kind, there will be too many of them. We should have a look at the way the macro expands in every particular case, and try to define the situations where it was done intentionally, and when the brackets are really missing.