Introducing CLion 2021.3 -- Anastasia Kazakova

By Anastasia Kazakova | Dec 1, 2021 11:08 AM | Tags: None

CLion 2021.3 has become an even easier-to-use, more customizable, and more comprehensive IDE for unleashing the power of C and C++.

CLion 2021.3: New Remote Development, Better Data Views in Debugger, Docker Toolchain, Custom Compiler, Type Hints, and More

by Anastasia Kazakova

From the article:

CLion 2021.3 release is here! Check out the highlights and read the post for more details.

• New remote development mode (headless remote machine and thin local client)
• Debugger:
  • Better data views in debugger
  • RTOS thread views
• Toolchain updates
  • Docker toolchain
  • Custom compiler
  • Environment script
  • Windows-specific enhancements
  • Ninja as the default CMake generator
• Type hints in the editor
• More powerful and accurate code analysis

Improved Null Pointer Dereference Detection in Visual Studio 2022 version 17.0...--Gabor Horvath

By Adrien Hamelin | Oct 11, 2021 12:47 PM | Tags: community

Give it a try!

Improved Null Pointer Dereference Detection in Visual Studio 2022 version 17.0 Preview 4

by Gabor Horvath

From the article:

The C++ static analysis team is committed to making your C++ coding experience as safe as possible. We are adding richer code safety checks and addressing high impact customer feedback bugs posted on the C++ Developer Community page. Thank you for engaging with us and giving us great feedback on the past releases and early previews leading to this point. Below is the detailed overview of a new experimental code analysis check that can detect null pointer dereference errors, along with a comparison to an existing check that has the same purpose...

PVS-Studio 7.15: MISRA, CWE, OWASP, Unreal Engine

By Andrey Karpov | Oct 11, 2021 01:08 AM | Tags: static code analysis static analysis tool misra compliance misra c misra cwe top 25 cwe

We are actively developing the PVS-Studio static analysis tool towards detecting Safety and Security-related errors. To be more precise, we've expanded the coverage of the MISRA C:2012 and OWASP ASVS standards. We have supported the MISRA Compliance 2020 standard. One of the more extraordinary innovations is the Best Warnings display mode.

PVS-Studio 7.15: MISRA, CWE, OWASP, Unreal Engine

by Andrey Karpov

From the article:

We have introduced a new feature for the PVS-Studio plugin for Visual Studio. Now you can display the Best Warnings the analyzer issued for a project. In other words, these are the analyzer's most valuable warnings. They demonstrate the analyzer's capabilities for someone, who is just starting out with the analyzer. We call this feature Analyzer Best Warnings. PVS-Studio has always been grouping analyzer warnings by 3 certainty levels. We've been traditionally using these levels to prioritize showing the analysis results — all best warnings should be first-level warnings. For the new version of our analyzer, we have developed a more accurate mechanism to evaluate warnings. Now the mechanism uses many extra criteria in addition to levels — both static (the average diagnostic "value") and dynamic. The dynamic criteria are based on warnings the analyzer issues for a specific code base (for example, detection frequency).

Detecting errors in the LLVM release 13.0.0

By Andrey Karpov | Oct 8, 2021 12:30 PM | Tags: typos static code analyzer pvs-studio llvm 13 llvm code analysis

Commercial static analyzers perform deeper and fuller code analysis compared to compilers. Let's see what PVS-Studio found in the source code of the LLVM 13.0.0 project.

Detecting errors in the LLVM release 13.0.0

by Andrey Karpov

From the article:

It makes no sense to write different values one by one to the same variable. This is exactly what the analyzer warns us about. The code author made a typo, forgetting to add '|'. This code should create one 64-bit value from two 32-bit values. The correct code looks as follows: ....

Supercharge Your C++ analysis with SonarLint for CLion

By philsquared | Oct 4, 2021 11:04 AM | Tags: None

SonarSource recently released the SonarLint plug-in for CLion - this article looks at some of the interesting rules (checks) this gives you, and how each tool enhances the other.

Supercharge your C++ analysis with SonarLint for CLion

by Phil Nash and Geoffray Adde

From the article:

In this post, we want to demonstrate the powerful capabilities of the C++ analyzer with SonarLint (a free, in-IDE static analysis plugin) and highlight some unique and interesting rules that you might find useful. Through that lens, we want to show how you can leverage them to elevate your CLion’s inbuilt static analysis capabilities.

CWE Top 25 2021. What is it, what is it for and how is it useful for static analysis?

By Andrey Karpov | Sep 29, 2021 01:23 PM | Tags: static analysis sast pvs-studio devtool cwetop25 cwe cvss common weakness enumeration

For the first time PVS-Studio provided support for the CWE classification in the 6.21 release. It took place on January 15, 2018. Years have passed since then and we would like to tell you about the improvements related to the support of this classification in the latest analyzer version.

CWE Top 25 2021. What is it, what is it for and how is it useful for static analysis?

by Mikhail Gelvih

From the article:

We have been using the CWE classification for PVS-Studio diagnostics for more than three years. Their number increases every year. In 2018, we covered only 94 points on the CWE list. Now it's almost 130. However, this article isn't about the total number of diagnostics. Let's talk about those that are included in the list of the most dangerous diagnostics in 2021. If you want to read the full list, you can get it in the "CWE compliance" section of our documentation.

Why do you need the MISRA Compliance report and how to generate one in PVS-Studio?

By Andrey Karpov | Sep 6, 2021 12:42 AM | Tags: sast misra compliance misra c++ misra c misra embedded devsecops

If you are strongly interested in MISRA and would like to understand whether your project meets one of the MISRA association's standards, there is a solution. It's name is MISRA Compliance.

Why do you need the MISRA Compliance report and how to generate one in PVS-Studio?

by Nikolay Mironov

From the article:

To make this simpler, let's take rule 1.1 that has the standard value of the category equal to Required. If you look at the table, you can see that acceptable compliance values for Required are Compliance or Deviations (I'll talk more about the meaning of these statuses later). This means that if your project complies with rule 1.1, or if it complies with this rule with some deviations - everything is fine and you can go to the next rule. If you get at least one hit in Violations or Disapplied, then the project does not comply with MISRA C 2012. If all rules have acceptable values only, congratulations! Your project complies with the MISRA C 2012 standard. If you have a hit in the red zone (the table above), you do not comply with the standard.

ReSharper C++ 2021.2 brings type conversion hints, immutability inspections, ... -- Elvira Mustafina

By Anastasia Kazakova | Aug 19, 2021 10:19 AM | Tags: None

ReSharper C++ 2021.2 is released!

ReSharper C++ 2021.2: Type Conversion Hints, Immutability Inspections, Inline Function

by Elvira Mustafina

From the article:

ReSharper C++ 2021.2 is now available for download! It brings new inlay hints to help you spot implicit type conversions, the Inline Function refactoring, and updates to Unreal Engine support. New modernizing inspections assist you with updating your code to modern C++, and improved immutability analyses keep your code more readable and correct.

• New inlay hints that show implicit type conversions.
• Inline Function refactoring.
• Immutability inspections (and now Constants and immutability section of the C++ Core Guidelines is fully covered!).
• More inspections to help you modernize your code.
• Support for Unreal Engine 5 and other enhancements for game developers on UE.
• cppreference.com links in the Quick Documentation pop-ups.
• The bundled Clang-Tidy has been updated to Clang 12, adding new checks from the latest LLVM release.

PVS-Studio 7.14: CLion, intermodular analysis, MISRA

By Andrey Karpov | Aug 17, 2021 02:06 AM | Tags: sast pvs-studio misra jetbrains clion intermodular analysis clion autosar

The PVS-Studio team is increasing the number of diagnostics with each new release. Besides, we are improving the analyzer's infrastructure. This time we added the plugin for JetBrains CLion. Moreover, we introduced intermodular analysis of C++ projects and speeded up the C# analyzer core.

PVS-Studio 7.14: intermodular analysis in C++ and plugin for JetBrains CLion

by Andrey Karpov

From the article:

As the list below shows, most of the diagnostics that we currently implement are based on the MISRA C standard. We focused on the MISRA C support, and now PVS-Studio covers 60% of the standard. Soon, we plan to cover at least 80%. We also want to introduce the support of coding standards from the MISRA C Compliance.

Boost Version 1.77.0 released

By Adrien Hamelin | Aug 16, 2021 11:30 AM | Tags: community

Are you going to update?

Boost Version 1.77.0 released

From the release:

New Libraries
A C++14 reflection library, from Peter Dimov. Provides macros for describing enumerators and struct/class members, and primitives for querying this information.
Lambda2:
A C++14, dependency-free, single header lambda library, from Peter Dimov. Allows simple function objects to be constructed via expressions such as _1 + 5, _1 % 2 == 0, _1 > _2, or _1 == ' ' || _1 == '\t'...