Rob and Jason are joined by Arnaud Desitter. They first discuss blog posts on parameter passing, fuzzing and push_back vs emplace_back. Then they talk to Arnaud Desitter about his successes improving application performance by reducing memory allocations found using heaptrack.
This is a continuation of a small note series about regular checks of the Blender project with the PVS-Studio static analyzer. The aim of these publications is to demonstrate how it is beneficial to use static code analysis tools regularly. In doing so, many errors can be found at the earliest stage, and fixing them will be cheap and fast.
Rob and Jason are joined by Raymond Chen from Microsoft. They first talk about Herb Sutter’s virtual ISO Plenary Trip Report and some new features voted into the C++23 draft. Then they talk to Raymond Chen from Microsoft about his career working on Windows and the Old New Thing blog.
Recently, we have been monitoring changes in the Blender project, or rather, what errors appear in the new code. This compels us to write notes and discuss interesting topics. Here is one question I’d like to cover.
Having only programming background, it is impossible to develop software in some areas. Take the difficulties of medical software development as an example. The same is with music software, which will be discussed in this article. Here you need an advice of subject matter experts. However, it's more expensive for software development. That is why developers sometimes save on code quality. The example of the MuseScore project check, described in the article, will show the importance of code quality expertise. Hopefully, programming and musical humor will brighten up the technical text.
C# capabilities keep expanding from year to year. New features enrich software development. However, their advantages may not always be so obvious. For example, the good old yield. To some developers, especially beginners, it's like magic - inexplicable, but intriguing. This article shows how yield works and what this peculiar word hides. Have fun reading!
In our articles, we regularly repeat an important idea: a static analyzer should be used regularly. This helps detect and cheaply fix many errors at the earliest stage. It looks nice in theory. As we know, actions still speak louder than words. Let's look at some recent bugs in new code of the Blender project.
PVS-Studio is a static analyzer that allows to find many problems hidden in the source code. Among them there are also errors related to application security. For example, the analyzer has recently learned to identify the presence of confidential data such as passwords in the code. The OWASP Top Ten list includes this potential vulnerability. It is much more dangerous than it may seem at first glance. What makes it so dangerous? How can a static analyzer save us from it? That's what you'll know about (and more) in this article!
It's been quite a while now since we last used PVS-Studio, an excellent static code analysis tool, on UE4. So we fired it up - not expecting much, to be honest, as the last time we ran the tool, UE4 was looking pretty clean. With a mixture of pulling across our recommended changes and making fixes themselves, the engine was looking much more stable.
Rob and Jason are joined by Nicole Mazzuca from Microsoft. They first talk about a differential equation library, and modules support in build2 and meson. Then they talk to Nicole from Microsoft’s vcpkg team about some new features in vcpkg to enable teams to host their own libraries.
Recently we found out that the new version of the fheroes2 project was released. In our company there are many fans of Heroes of Might and Magic game series. So, we couldn't pass it up and checked the project by PVS-Studio.
Rob and Jason are joined by Carl Cook from Optiver. They first talk discuss an announcement from Khronos that SYCL 2020 has been released, and a blog post from Microsoft on updates to the Visual Studio Code C++ extension. Then they talk to Carl Cook from Optiver about how they use C++ to power everything they do.
Modern C++ and Native Code (converting from bfilipek.com)
SourceCode 4 years ago • 50%
The story turned out to have another continuation - https://www.viva64.com/en/b/0802/
The recent Qt 6 release compelled us to recheck the framework with PVS-Studio. In this article, we reviewed various interesting errors we found, for example, those related to processing dates. The errors we discovered prove that developers can greatly benefit from regularly checking their projects with tools like PVS-Studio.
While C++11 is with us for a decade now, it’s good to go back and recall some of its best features. Today I’d like to consider override and final keywords which add a crucial safety when you build class hierarchies with lots of virtual member functions.
Surely every C# developer has used out-parameters. It seems that everything is extremely simple and clear with them. But is it really so? For a kickoff, let's start with a self-test task.
Rob and Jason are joined by Sebastian Theophil from think-cell. They first talk discuss a blog post on building a 1 billion LOC project with the Threadripper 3990X and a browser extension for easily searching for C++ reference help. Then they talk to Sebastian about his teams efforts to port their Windows C++ codebase onto MacOS and some of the challenges they dealt with, as well as recent efforts to start porting some of the code into Web Assembly.
Let's say you use GitHub, write code, and do other fun stuff. You also use a static analyzer to enhance your work quality and optimize the timing. Once you come up with an idea - why not view the errors that the analyzer gave right in GitHub? Yeah, and also it would be great if it looked nice. So, what should you do? The answer is very simple. SARIF is right for you. This article will cover what SARIF is and how to set it up. Enjoy the reading!
Rob and Jason are joined by Victor Ciura. They first talk about different ways to filter a C++ container and a blog post on the Visual C++ blog from the Diablo 4 development team. They then talk to Victor about the Clang Power Tools plugin for Visual Studio which has recently been made free for both open source and commercial use. They also talk about C++ Myths.
There is an open project COVID-19 CovidSim Model, written in C++. There is also a PVS-Studio static code analyzer that detects errors very well. One day they met. Embrace the fragility of mathematical modeling algorithms and why you need to make every effort to enhance the code quality.
There is an open project COVID-19 CovidSim Model, written in C++. There is also a PVS-Studio static code analyzer that detects errors very well. One day they met. Embrace the fragility of mathematical modeling algorithms and why you need to make every effort to enhance the code quality.
In PVS-Studio, we often check various compilers' code and post the results in our blog. Decompiler programs, however, seem to be a bit neglected. To restore justice in this world, we analyzed the ILSpy decompiler's source code. Let's take a look at the peculiar things PVS-Studio found.
You may have already read a recent article about the first PVS-Studio run and filtration of warnings. We used the GTK 4 project as an example. It's about time we worked with the received report in more detail. Our regular readers may have already guessed that this article will be a description of errors found in the code.
You may have already read a recent article about the first PVS-Studio run and filtration of warnings. We used the GTK 4 project as an example. It's about time we worked with the received report in more detail. Our regular readers may have already guessed that this article will be a description of errors found in the code.
The PVS-Studio analyzer is regularly updated with new diagnostic rules. Curiously enough, diagnostics often detect suspicious code fragments before the end of the work. For example, such a situation may happen while testing on open-source projects. So, let's take a look at one of these interesting finding.
Rob and Jason are joined by Klaus Iglberger. They first talk about changes to make the Win32 API more accessible, some C++20 coroutine examples and ISO news. Then they talk to Klaus Iglberger about the SOLID design principles, why they still matter and what C++ developers should know about them.
Rob and Jason are joined by Alessandro Pignotti. They first talk about a linker project, a better assert for constexpr code. Then they talk about Cheerp, LeaningTech’s C++ WebAssembly compiler, how it differs from emscripten, Cheerp optimizations and some of LeaningTech’s other Cheerp products.
If you feel like the New Year just came, and you missed the first half of January, then all this time you've been busy looking for tricky bugs in the code you maintain. It also means that our article is what you need. PVS-Studio has checked the ELKI open source project to show you errors that may occur in the code, how cunningly they can hide there, and how you can deal with them.
One of our readers recommended paying heed to the Espressif IoT Development Framework. He found an error in the project code and asked if the PVS-Studio static analyzer could find it. The analyzer can't detect this specific error so far, but it managed to spot many others. Based on this story and the errors found, we decided to write a classic article about checking an open source project. Enjoy exploring what IoT devices can do to shoot you in the foot.
Rob and Jason are joined by Corentin Jabot. They first talk about a Visual Studio blog post on performance improvements in the ‘inner build loop’, and a ray tracer built into CMake. Then they talk to Corentin about his work in the C++ ISO committee on the Library Evolution Working Group and his thoughts on what could and should make it into C++23.
Rob and Jason are joined by Zach Lieberman, professor at MIT’s Media Lab and co-founder of the School for Poetic Computation. They first talk about Herb Sutter’s 2020 wrap up blog post and the ISO mailing from December 2020. Then Zach discusses Open Frameworks, a C++ toolkit he co-created 10 years ago for creative coding.
Rob and Jason are discuss various news articles, libraries and announcements on the last episode of 2020 before the new year.
The New Year is steadily approaching, therefore it's time to sum everything up. Continuing the tradition, we thought back to our articles about checking Java projects from the open-source world for this year and rated the top 10 most exciting bugs.
Rob and Jason are joined by Patricia Aas from TurtleSec. They first talk about updates to a Web Assembly compiler Cheerp and an announcement for a new systems programming language conference. Then they talk to Patricia about her current project building a new web browser using modern C++, Qt 5 and the Chromium engine. They also discuss Patricia’s consulting business and managing it during the pandemic.
This tough year, 2020, will soon be over at last, which means it's time to look back at our accomplishments! Over the year, the PVS-Studio team has written quite a number of articles covering a large variety of bugs found in open-source projects with the help of PVS-Studio. This 2020 Top-10 list of bugs in C# projects presents the most interesting specimens. Enjoy the reading!
Have you ever wondered which type of project demonstrates higher code quality – open-source or proprietary? Our blog posts may seem to suggest that bugs tend to concentrate in open-source projects. But that's not quite true. Bugs can be found in any project, no matter the manner of storage. As for the code quality, it tends to be higher in those projects where developers care about and work on it. In this small post, you will learn about a bug that took two years to fix, although it could have been done in just five minutes.
Rob and Jason are joined by Andreas Kling. They first talk about the Qt 6.0 Release as well as another new C++ podcast that has been announced. They then talk to Andreas Kling about SerenityOS, the C++ Operating System he is building along with others in the Open Source community.
It's winter outside, the year is coming to an end, which means it's time to review the most notable errors the PVS-Studio analyzer detected in 2020.