Finding Bugs with AddressSanitizer: Patterns from Open Source Projects--Kevin Cadieux

By Adrien Hamelin | May 18, 2021 09:40 AM | Tags: community

Are you using it?

Finding Bugs with AddressSanitizer: Patterns from Open Source Projects

by Kevin Cadieux

From the article:

AddressSanitizer (ASan) was officially released in Visual Studio 2019 version 16.9. We recently used this feature to find and fix a bug in the MSVC compiler itself. To further validate the usefulness of our ASan implementation, we also used it on a collection of widely used open source projects where it found bugs in Boost, Azure IoT C SDK, and OpenSSL. In this article, we present our findings by describing the type of bugs that we found and how they presented themselves in these projects. We provide links to the GitHub commits where these bugs were fixed so you can get a helpful look at what code changes were involved. If you are unfamiliar with what ASan is and how to use it, you may want to take a look at the AddressSanitizer documentation prior to delving into this article...

How to speed up building ang analyzing of your project with IncrediBuild?

By Andrey Karpov | May 17, 2021 06:40 AM | Tags: pvs-studio incredibuild devops

"How much longer are you going to build it?" - a phrase that every developer has uttered at least once in the middle of the night. Yes, a build can be long and there is no escaping it. One does not simply redistribute the whole thing among 100+ cores, instead of some pathetic 8-12 ones. Or is it possible?

How to speed up building ang analyzing of your project with IncrediBuild?

by Maxim Zvyagintsev

From the article:

At the same time, the build completed successfully, but something really bad happened now. I had to dig into the logs, or rather, the compilation dump. That's where I found the problem. The point was that these macros are declared in the local precompiled header, whereas we only want to preprocess the file. However, the include header that was used to generate the precompiled header is different from the one that is included to the source file! The file that is used to generate the precompiled header is a 'wrapper' around the original header included into the source, and this wrapper contains all of the required macros.

Release 21.04 of AbsInt RuleChecker for C/C++

By Christoph Cullmann | May 13, 2021 10:13 AM | Tags: None

A new release of the AbsInt RuleChecker is available.

Release 21.04 of AbsInt RuleChecker for C/C++

by Absint

From the article:

AbsInt RuleChecker enhances its rule coverage for the Adaptive Autosar C++ coding guidelines. Other coding guidelines supported are MISRA C/C++, CERT C/C++, CWE, ISO/IEC TS 17961. RuleChecker runs on Windows, Linux, and macOS and provides plugins for Eclipse, Jenkins, TargetLink, and Keil µVision.

SonarLint for CLion brings static code analysis support for C and C++ projects

By Kirti Joshi | May 13, 2021 10:11 AM | Tags: None

The latest release of SonarLint for CLion allows C and C++ developers to detect and fix Bugs, Vulnerabilities, and Code Smells, on the fly, right in the IDE, before code is committed to the repo. SonarLint is a free and open source static analysis extension directly installable from the JetBrains Marketplace.

SonarLint for IntelliJ 4.15 released – C and C++ support for CLion

By Marco Comi

From the article:

We are excited to announce this new version of SonarLint for the IntelliJ family of IDEs, that brings C and C++ support for CLion...Sonarlint will not only detect issues: our accurate rule descriptions will help you understand what is at stake and guide you to fix your issues with examples. In other words you will be able to fix your issues before they are even committed to your repository. For instance, you can have a look at our 500+ types of C++ detections here.

GCC 11 Release Series

By Adrien Hamelin | Apr 29, 2021 11:21 AM | Tags: community

Improved.

GCC 11 Release Series

From the article:

This page is a "brief" summary of some of the huge number of improvements in GCC 11. You may also want to check out our Porting to GCC 11 page and the full GCC documentation.

PVS-Studio Learns What strlen is All About

By Andrey Karpov | Apr 27, 2021 06:56 AM | Tags: strlen static code analysis pvs-studio data flow analysis data flow

Somehow, it so happens that we write about our diagnostics, but barely touch upon the subject of how we enhance the analyzer's internal mechanics. So, for a change, today we'll talk about a new useful upgrade for our data flow analysis.

PVS-Studio Learns What strlen is All About

by Andrey Karpov

From the article:

Can you see it? To be honest, we did not notice it immediately and our first thought was, "Oh no, we broke something!" Then we saw what was up and took a minute to appreciate the advantages of static analysis. PVS-Studio warned: V512 A call of the 'strcpy' function will lead to overflow of the buffer 'astr'. asm.cpp 21 Still don't see the error? Let's go through the code step by step.

Clang 12.0.0 is released

By Adrien Hamelin | Apr 22, 2021 12:53 PM | Tags: community

Continuing to improve.

Clang 12.0.0 is released

From the article:

This document contains the release notes for the Clang C/C++/Objective-C frontend, part of the LLVM Compiler Infrastructure, release 12.0.0. Here we describe the status of Clang in some detail, including major improvements from the previous release and new feature work. For the general LLVM release notes, see the LLVM documentation. All LLVM releases may be downloaded from the LLVM releases web site.

For more information about Clang or LLVM, including information about the latest release, please see the Clang Web Site or the LLVM Web Site.

Note that if you are reading this file from a Git checkout or the main Clang web page, this document applies to the next release, not the current one. To see the release notes for a specific release, please see the releases page...

Visual Studio Code C++ Extension April 2021 Update--Julia Reid

By Adrien Hamelin | Apr 21, 2021 02:09 PM | Tags: community

Are you using it?

Visual Studio Code C++ Extension April 2021 Update: CUDA C/C++ IntelliSense and Apple Silicon Support

by Julia Reid

From the article:

The April 2021 update of the Visual Studio Code C++ extension is now available! This latest release offers brand new features—such as IntelliSense for CUDA C/C++ and native language server support for Apple Silicon— along with a bunch of enhancements and bug fixes. To find out more about all the enhancements, check out our release notes on GitHub...

CppDepend 2021.1 Released! -- CoderGears Team

By Adnane | Apr 17, 2021 02:13 PM | Tags: None

This is the press release of the new version of CppDepend 2021.1 static analysis tool. Click on the link below to see these features and product improvements.

CppDepend v2021.1: New Coding standards rules

by CoderGears Team

From the article:

New coding standards are now supported (Cert C, Cert C++, Misra C, Misra C++, CWE, and Autosar). Gap between code implementation and UML. Improved exclusion mechanism. The latest Clang version is now embedded. The latest CppCheck version is now embedded.

Download and enjoy the new version of CppDepend now by clicking here.

CLion 2021.1: New Code Analysis Options, Updates to Remote Mode, and...--Anastasia Kazakova

By Adrien Hamelin | Apr 13, 2021 12:27 PM | Tags: community

Time to test it?

CLion 2021.1: New Code Analysis Options, Updates to Remote Mode, and Postfix Completion

by Anastasia Kazakova

From the article:

This new version provides an overhaul for code analysis, allowing it to catch more potential issues and guideline inconsistencies, enhances the debugging experience, and improves the capabilities of remote mode. In addition to the improved C and C++ experience, CLion 2021.1 introduces updated Rust and Swift support and valuable changes from the IntelliJ Platform...