Rob and Jason are joined by Arnaud Desitter. They first discuss blog posts on parameter passing, fuzzing and push_back vs emplace_back. Then they talk to Arnaud Desitter about his successes improving application performance by reducing memory allocations found using heaptrack.
This is a continuation of a small note series about regular checks of the Blender project with the PVS-Studio static analyzer. The aim of these publications is to demonstrate how it is beneficial to use static code analysis tools regularly. In doing so, many errors can be found at the earliest stage, and fixing them will be cheap and fast.
Rob and Jason are joined by Raymond Chen from Microsoft. They first talk about Herb Sutter’s virtual ISO Plenary Trip Report and some new features voted into the C++23 draft. Then they talk to Raymond Chen from Microsoft about his career working on Windows and the Old New Thing blog.
Recently, we have been monitoring changes in the Blender project, or rather, what errors appear in the new code. This compels us to write notes and discuss interesting topics. Here is one question I’d like to cover.
C# capabilities keep expanding from year to year. New features enrich software development. However, their advantages may not always be so obvious. For example, the good old yield. To some developers, especially beginners, it's like magic - inexplicable, but intriguing. This article shows how yield works and what this peculiar word hides. Have fun reading!
In our articles, we regularly repeat an important idea: a static analyzer should be used regularly. This helps detect and cheaply fix many errors at the earliest stage. It looks nice in theory. As we know, actions still speak louder than words. Let's look at some recent bugs in new code of the Blender project.
PVS-Studio is a static analyzer that allows to find many problems hidden in the source code. Among them there are also errors related to application security. For example, the analyzer has recently learned to identify the presence of confidential data such as passwords in the code. The OWASP Top Ten list includes this potential vulnerability. It is much more dangerous than it may seem at first glance. What makes it so dangerous? How can a static analyzer save us from it? That's what you'll know about (and more) in this article!
It's been quite a while now since we last used PVS-Studio, an excellent static code analysis tool, on UE4. So we fired it up - not expecting much, to be honest, as the last time we ran the tool, UE4 was looking pretty clean. With a mixture of pulling across our recommended changes and making fixes themselves, the engine was looking much more stable.
Rob and Jason are joined by Nicole Mazzuca from Microsoft. They first talk about a differential equation library, and modules support in build2 and meson. Then they talk to Nicole from Microsoft’s vcpkg team about some new features in vcpkg to enable teams to host their own libraries.
Recently we found out that the new version of the fheroes2 project was released. In our company there are many fans of Heroes of Might and Magic game series. So, we couldn't pass it up and checked the project by PVS-Studio.
Rob and Jason are joined by Carl Cook from Optiver. They first talk discuss an announcement from Khronos that SYCL 2020 has been released, and a blog post from Microsoft on updates to the Visual Studio Code C++ extension. Then they talk to Carl Cook from Optiver about how they use C++ to power everything they do.
Modern C++ and Native Code (converting from bfilipek.com)
The recent Qt 6 release compelled us to recheck the framework with PVS-Studio. In this article, we reviewed various interesting errors we found, for example, those related to processing dates. The errors we discovered prove that developers can greatly benefit from regularly checking their projects with tools like PVS-Studio.
While C++11 is with us for a decade now, it’s good to go back and recall some of its best features. Today I’d like to consider override and final keywords which add a crucial safety when you build class hierarchies with lots of virtual member functions.
Surely every C# developer has used out-parameters. It seems that everything is extremely simple and clear with them. But is it really so? For a kickoff, let's start with a self-test task.
Rob and Jason are joined by Sebastian Theophil from think-cell. They first talk discuss a blog post on building a 1 billion LOC project with the Threadripper 3990X and a browser extension for easily searching for C++ reference help. Then they talk to Sebastian about his teams efforts to port their Windows C++ codebase onto MacOS and some of the challenges they dealt with, as well as recent efforts to start porting some of the code into Web Assembly.
Let's say you use GitHub, write code, and do other fun stuff. You also use a static analyzer to enhance your work quality and optimize the timing. Once you come up with an idea - why not view the errors that the analyzer gave right in GitHub? Yeah, and also it would be great if it looked nice. So, what should you do? The answer is very simple. SARIF is right for you. This article will cover what SARIF is and how to set it up. Enjoy the reading!
Rob and Jason are joined by Victor Ciura. They first talk about different ways to filter a C++ container and a blog post on the Visual C++ blog from the Diablo 4 development team. They then talk to Victor about the Clang Power Tools plugin for Visual Studio which has recently been made free for both open source and commercial use. They also talk about C++ Myths.