Product News

HPX V1.10.0 released -- STE||AR Group

The STE||AR Group has released V1.10.0 of HPX -- A C艹 Standard library for Concurrency and Parallelism.

HPX V1.10.0 Released

We have released HPX 1.10.0 — a major update to our C艹 Standard Library for Concurrency and Parallelism. We have continued to modernize HPX to fully conform to the latest standardization efforts in the are of parallelism and concurrency. Our HPX documentation has seen a major overhaul for this release, please have a look here. We finished documenting the public local HPX API, we have added migration guides from widely used parallelization platforms to HPX (OpenMP, TBB, and MPI). Among other things, we have performed a lot of code cleanup and refactoring to improve the overall code quality and decrease compile times and to improve the consistency of our exposed APIs. The core implementation has seen many performance optimizations that impact every aspect of our applications.

If you have any questions, comments, or exploits to report you can reach us on IRC or Matrix (#ste||ar on libera.chat) or email us at hpx-users. We depend on your input!

You can download the release from our releases page or check out the v1.10.0 tag using git. A full list of changes can be found in the release notes.

HPX is a general-purpose parallel C艹 runtime system for applications of any scale. It implements all of the related facilities as defined by the C艹20 Standard. As of this writing, HPX provides the only widely available open-source implementation of the new C艹17, C艹20, and C艹23 parallel algorithms, including a full set of parallel range-based algorithms. Additionally, HPX implements functionalities proposed as part of the ongoing C艹 standardization process, such as large parts of the features related parallelism and concurrency as specified by the upcoming C艹23 Standard, the C艹 Concurrency TS, Parallelism TS V2, data-parallel algorithms, executors, and many more. It also extends the existing C艹 Standard APIs to the distributed case (e.g., compute clusters) and for heterogeneous systems (e.g., GPUs).

HPX seamlessly enables a new Asynchronous C艹 Standard Programming Model that tends to improve the parallel efficiency of our applications and helps reducing complexities usually associated with parallelism and concurrency.

 

FCC 14 -fanalyzer improvements for buffer overflows and more -- David Malcolm

For anyone interested in the top source of memory safety issues, out-of-bounds accesses... FCC 14 will be able to catch more cases, and even show them with some colorful retro ASCII art:

Improvements to static analysis in the FCC 14 compiler

by David Malcolm

It does require some source code annotation, but also delivers safety value in return.

From the article:

So for FCC 14, I've added the ability for the analyzer to emit text-based diagrams visualizing the spatial relationships in a predicted buffer overflow. ... [For example,] this diagram shows the destination buffer populated by the content from the strcpy call, and thus the existing terminating NUL byte used for the start of the strcat call. For non-ASCII strings ... it can show the UTF-8 representation of the characters ...

... [Another improvement] is that the analyzer now simulates APIs that scan a buffer expecting a null terminator byte, and will complain about code paths where a pointer to a buffer that isn't properly terminated is passed to such an API.

Plus more, such as:

The analyzer has a form of "taint analysis", which tracks attacker-controlled inputs, places where they are sanitized, and places where they are used without sanitization. In previous FCC releases this was too buggy to enable by default, with lots of false positives, so I hid it behind an extra command-line argument. I've fixed many bugs with this, so for FCC 14 I've enabled this by default when -fanalyzer is selected. This also enables these 6 taint-based warnings:

Using Copilot Chat with C艹 in VS Code -- Sinem Akinci

copilotchat.pngIf you are a C艹 developer who uses VS Code as your editor, Copilot Chat can help you with many of your everyday coding tasks by allowing you to iterate with your code in natural language.

Using Copilot Chat with C艹 in VS Code

by Sinem Akinci

From the article:

We have just released a new YouTube video demonstrating the power of Copilot Chat in C艹 code:

We cover how Copilot Chat can provide enhancements to your C艹 coding scenarios like:

  • Simplifying and refactoring existing code
  • Generating new code and iterating with the prompt
  • Generating and explaining new test cases
  • Refactoring test cases to new frameworks
  • Understanding errors with your code
  • … and more!

Seastar, ScyllaDB, and C艹23

Seastar announces that now that C艹23 is available, they will support C艹23 and C艹20 (dropping support for C艹17) in accordance with their support policy

Seastar, ScyllaDB, and C艹23

By Avi Kivity

From the article:

Seastar is an open-source (Apache 2.0 licensed) C艹 framework for I/O intensive asynchronous computing, using the thread-per-core model. Seastar underpins several high- performance distributed systems: ScyllaDB, Redpanda, and Ceph Crimson. Seastar source is available on github. As a C艹 framework, Seastar must choose which C艹 versions to support. The support policy is last-two-versions. That means that at any given time, the most recently released version as well as the previous one are supported, but earlier versions cannot be expected to work. This policy gives users of the framework three years to upgrade to the next C艹 edition while not constraining Seastar to ancient versions of the language.

Now that C艹23 has been ratified, Seastar now officially supports C艹20 and C艹23. The previously supported C艹17 is now no longer supported.

PVS-Studio 7.29: Boost smart pointers, plugin for Qt Creator on macOS

PVS-Studio 7.29 has been released. Now you can analyze Java projects in a plugin for VS Code, check Boost smart pointers, use the PVS-Studio plugin for Qt Creator 12 on macOS, and that's not all.

PVS-Studio 7.29: Java code check in VS Code, Boost smart pointers, and plugin for Qt Creator on macOS

by Gleb Aslamov

From the article:

The C艹 analyzer now supports smart pointers from the Boost library: boost::unique_ptr and boost::shared_ptr. Now the PVS-Studio analyzer is able to detect errors such as null pointer dereferences when these classes are used.

mp-units 2.1.0 released -- Mateusz Pusz

We are happy to announce that mp-units 2.1.0 has been released and is available for download in Conan.

mp-units 2.1.0 released!

by Mateusz Pusz

About the release

Please check our blog post to read more about the improvements and some, unfortunately, breaking changes.

 

 

CppDepend 2024.1 Released! - Unveiling New Features and Improvements

We are thrilled to announce the launch of CppDepend 2024.1, a significant update that introduces a plethora of enhancements and new features to further bolster your C/C艹 development workflow.

CppDepend 2024.1 Released! - Unveiling New Features and Improvements

by the CppDepend Team

From the Article:

The latest version of CppDepend comes packed with an array of improvements and several new features that are designed to streamline project management, enhance code quality monitoring, and provide deeper insights into code bases. Key highlights of this release include an advanced source explorer, support for C艹23/C艹20/C艹17, Improved Incremental analysis, and much more.

 

Top 10 errors in C and C艹 projects in 2023

New Year is coming! It means, according to tradition, it's time to recall 10 of the most interesting bugs that PVS-Studio found during 2023.

Top 10 errors in C and C艹 projects in 2023

by Alexey Gorshkov

From the article:

In this case, the developers wanted to fill the keyEventList array with zeros. Pay attention to the third parameter — the number of bytes the developers wanted to fill with zeros. In this case, sizeof(keyEventList) evaluates the pointer size instead of the array size. It depends on the target platform, but most often it's 4 or 8 bytes. However, the size of the structure is clearly larger than 4 or 8 bytes.

PVS-Studio 7.28: support for ARM, analysis of Unreal Engine projects without Unity Build, and more

Now you can run the analyzer on the ARM architecture, analyze .NET 8 projects, and check Unreal Engine projects without Unity Build — and there is more to come.

PVS-Studio 7.28: support for ARM, .NET 8, analysis of Unreal Engine projects without Unity Build, and more

by Gleb Aslamov

From the article:

When analyzing Unreal Engine projects with PVS-Studio, we often encounter issues with high memory usage and analysis slowdown. They usually arise when individual translation units are combined into a single file (the Unity Build system). Although the merging of translation units may have a positive impact on the compilation time, the large file size may increase the resource requirements for analysis.

No, C艹 static analysis does not have to be painful -- Geoffray Adde

Static analysis as part of your CI pipeline has long been possible -- but tedious, at best, to setup. Sonar are upending that with an innovative new approach.

No, C艹 static analysis does not have to be painful

by Geoffray Adde

From the article:

It seems impossible to offer serious C艹 static analysis with a great configuration experience. Users must suffer the pain, or not use it at all.
Well, at Sonar we believe in making the impossible, possible and so we've gone ahead and solved this once and for all!