PVS-Studio 7.33: SN-DBS support

By Andrey Karpov | Oct 20, 2024 02:14 AM | Tags: None

PVS-Studio 7.33 has been released. Check out the latest features, including SN-DBS support, C# user annotations, and other exciting updates! See more details in this note.

PVS-Studio 7.33: SN-DBS support

by Valerii Filatov

From the article:

To enhance the integration of PVS-Studio with Unreal Engine, we've introduced support for SN-DBS, a distributed build system. These changes apply to Unreal Engine 5.5. Learn more about using PVS-Studio with Unreal Engine in the documentation.

PVS-Studio 7.32: enhanced analysis, new plugins and more

By Andrey Karpov | Aug 18, 2024 11:27 AM | Tags: scons qt creator qt pvs-studio bazel

PVS-Studio 7.32 has been released. Discover enhanced C++ analysis optimization, new plugins and features, and a host of other updates.

PVS-Studio 7.32: enhanced analysis, new plugins and more

by Gleb Aslamov

From the article:

The PVS-Studio analyzer now supports integration with Bazel and Scons build systems for C++ projects. The PVS-Studio plugin is now available for Qt Creator 14.x. The plugin for Qt Creator 8.x is no longer supported. We aim to ensure backward compatibility between the latest plugin versions and all Qt Creator versions released in the past two years.

HPX V1.10.0 released -- STE||AR Group

By Hartmut Kaiser | May 29, 2024 07:43 AM | Tags: performance parallelism heterogeneous computing distributed computing concurrency c++23 c++20 c++17 c++14 c++11

The STE||AR Group has released V1.10.0 of HPX -- A C++ Standard library for Concurrency and Parallelism.

HPX V1.10.0 Released

We have released HPX 1.10.0 — a major update to our C++ Standard Library for Concurrency and Parallelism. We have continued to modernize HPX to fully conform to the latest standardization efforts in the are of parallelism and concurrency. Our HPX documentation has seen a major overhaul for this release, please have a look here. We finished documenting the public local HPX API, we have added migration guides from widely used parallelization platforms to HPX (OpenMP, TBB, and MPI). Among other things, we have performed a lot of code cleanup and refactoring to improve the overall code quality and decrease compile times and to improve the consistency of our exposed APIs. The core implementation has seen many performance optimizations that impact every aspect of our applications.

If you have any questions, comments, or exploits to report you can reach us on IRC or Matrix (#ste||ar on libera.chat) or email us at hpx-users. We depend on your input!

You can download the release from our releases page or check out the v1.10.0 tag using git. A full list of changes can be found in the release notes.

HPX is a general-purpose parallel C++ runtime system for applications of any scale. It implements all of the related facilities as defined by the C++20 Standard. As of this writing, HPX provides the only widely available open-source implementation of the new C++17, C++20, and C++23 parallel algorithms, including a full set of parallel range-based algorithms. Additionally, HPX implements functionalities proposed as part of the ongoing C++ standardization process, such as large parts of the features related parallelism and concurrency as specified by the upcoming C++23 Standard, the C++ Concurrency TS, Parallelism TS V2, data-parallel algorithms, executors, and many more. It also extends the existing C++ Standard APIs to the distributed case (e.g., compute clusters) and for heterogeneous systems (e.g., GPUs).

HPX seamlessly enables a new Asynchronous C++ Standard Programming Model that tends to improve the parallel efficiency of our applications and helps reducing complexities usually associated with parallelism and concurrency.

GCC 14 -fanalyzer improvements for buffer overflows and more -- David Malcolm

By Blog Staff | Apr 4, 2024 03:31 PM | Tags: None

For anyone interested in the top source of memory safety issues, out-of-bounds accesses... GCC 14 will be able to catch more cases, and even show them with some colorful retro ASCII art:

Improvements to static analysis in the GCC 14 compiler

by David Malcolm

It does require some source code annotation, but also delivers safety value in return.

From the article:

So for GCC 14, I've added the ability for the analyzer to emit text-based diagrams visualizing the spatial relationships in a predicted buffer overflow. ... [For example,] this diagram shows the destination buffer populated by the content from the strcpy call, and thus the existing terminating NUL byte used for the start of the strcat call. For non-ASCII strings ... it can show the UTF-8 representation of the characters ...

... [Another improvement] is that the analyzer now simulates APIs that scan a buffer expecting a null terminator byte, and will complain about code paths where a pointer to a buffer that isn't properly terminated is passed to such an API.

Plus more, such as:

The analyzer has a form of "taint analysis", which tracks attacker-controlled inputs, places where they are sanitized, and places where they are used without sanitization. In previous GCC releases this was too buggy to enable by default, with lots of false positives, so I hid it behind an extra command-line argument. I've fixed many bugs with this, so for GCC 14 I've enabled this by default when -fanalyzer is selected. This also enables these 6 taint-based warnings:

• -Wanalyzer-tainted-allocation-size
• -Wanalyzer-tainted-array-index
• -Wanalyzer-tainted-assertion
• -Wanalyzer-tainted-divisor
• -Wanalyzer-tainted-offset
• -Wanalyzer-tainted-size

Using Copilot Chat with C++ in VS Code -- Sinem Akinci

By Blog Staff | Apr 4, 2024 10:54 AM | Tags: None

If you are a C++ developer who uses VS Code as your editor, Copilot Chat can help you with many of your everyday coding tasks by allowing you to iterate with your code in natural language.

Using Copilot Chat with C++ in VS Code

by Sinem Akinci

From the article:

We have just released a new YouTube video demonstrating the power of Copilot Chat in C++ code:

We cover how Copilot Chat can provide enhancements to your C++ coding scenarios like:

• Simplifying and refactoring existing code
• Generating new code and iterating with the prompt
• Generating and explaining new test cases
• Refactoring test cases to new frameworks
• Understanding errors with your code
• … and more!

Seastar, ScyllaDB, and C++23

By Jordi Mon Companys | Feb 17, 2024 05:36 AM | Tags: c++20 c++17

Seastar announces that now that C++23 is available, they will support C++23 and C++20 (dropping support for C++17) in accordance with their support policy

Seastar, ScyllaDB, and C++23

By Avi Kivity

From the article:

Seastar is an open-source (Apache 2.0 licensed) C++ framework for I/O intensive asynchronous computing, using the thread-per-core model. Seastar underpins several high- performance distributed systems: ScyllaDB, Redpanda, and Ceph Crimson. Seastar source is available on github. As a C++ framework, Seastar must choose which C++ versions to support. The support policy is last-two-versions. That means that at any given time, the most recently released version as well as the previous one are supported, but earlier versions cannot be expected to work. This policy gives users of the framework three years to upgrade to the next C++ edition while not constraining Seastar to ancient versions of the language.

Now that C++23 has been ratified, Seastar now officially supports C++20 and C++23. The previously supported C++17 is now no longer supported.

PVS-Studio 7.29: Boost smart pointers, plugin for Qt Creator on macOS

By Andrey Karpov | Feb 13, 2024 06:49 AM | Tags: qt creator pvs-studio misra boost

PVS-Studio 7.29 has been released. Now you can analyze Java projects in a plugin for VS Code, check Boost smart pointers, use the PVS-Studio plugin for Qt Creator 12 on macOS, and that's not all.

PVS-Studio 7.29: Java code check in VS Code, Boost smart pointers, and plugin for Qt Creator on macOS

by Gleb Aslamov

From the article:

The C++ analyzer now supports smart pointers from the Boost library: boost::unique_ptr and boost::shared_ptr. Now the PVS-Studio analyzer is able to detect errors such as null pointer dereferences when these classes are used.

mp-units 2.1.0 released -- Mateusz Pusz

By Mateusz Pusz | Feb 6, 2024 12:40 PM | Tags: None

We are happy to announce that mp-units 2.1.0 has been released and is available for download in Conan.

mp-units 2.1.0 released!

by Mateusz Pusz

About the release

Please check our blog post to read more about the improvements and some, unfortunately, breaking changes.

CppDepend 2024.1 Released! - Unveiling New Features and Improvements

By CppDepend Team | Feb 4, 2024 06:03 AM | Tags: None

We are thrilled to announce the launch of CppDepend 2024.1, a significant update that introduces a plethora of enhancements and new features to further bolster your C/C++ development workflow.

CppDepend 2024.1 Released! - Unveiling New Features and Improvements

by the CppDepend Team

From the Article:

The latest version of CppDepend comes packed with an array of improvements and several new features that are designed to streamline project management, enhance code quality monitoring, and provide deeper insights into code bases. Key highlights of this release include an advanced source explorer, support for C++23/C++20/C++17, Improved Incremental analysis, and much more.

Top 10 errors in C and C++ projects in 2023

By Andrey Karpov | Dec 22, 2023 05:26 AM | Tags: pvs-studio

New Year is coming! It means, according to tradition, it's time to recall 10 of the most interesting bugs that PVS-Studio found during 2023.

Top 10 errors in C and C++ projects in 2023

by Alexey Gorshkov

From the article:

In this case, the developers wanted to fill the keyEventList array with zeros. Pay attention to the third parameter — the number of bytes the developers wanted to fill with zeros. In this case, sizeof(keyEventList) evaluates the pointer size instead of the array size. It depends on the target platform, but most often it's 4 or 8 bytes. However, the size of the structure is clearly larger than 4 or 8 bytes.