Tag: staticanalysis

GitHub Features Every C++ Developer Should Know – Michael Price – CppCon 2022

  • Lobby
  • Tag Archives: staticanalysis

https://cppcon.org/
---

GitHub Features Every C++ Developer Should Know - Michael Price - CppCon 2022
https://github.com/CppCon/CppCon2022

GitHub is where the world builds software, and around the world, there's a whole lot of software being written in C++. The language consistently ranks in the top languages used by repositories hosted on GitHub, according to the yearly "State of the Octoverse" report. GitHub offers solutions to problems that every professional C++ developer will encounter at some point.

Learn how to use Actions to automate tasks, IDE extensions to stay focused on your task at hand, and Codespaces to all but eliminate the hassle of configuring a development environment. Elevate your skills by going beyond the well-known version control and pull-requests features of GitHub with these features that every C++ developer should know and use.
---

Michael Price

Michael Price (he/him) is an experienced software engineer, currently working as a Product Manager with the Microsoft C++ team. His experience working at major software companies for over 15 years informs his thinking about how to enable C++ developers around the world to achieve more. His current focus is on enhancing C++ tooling to take advantage of the PaaS (platform-as-a-service) and IaaS (infrastructure-as-a-service) offerings from organizations like GitHub and Microsoft Azure.

In his spare time, Michael enjoys playing recreational soccer and spending time with his wife, two sons, and several household pets. He particularly likes playing board/card games and video games with his children.
__

Videos Streamed & Edited by Digital Medium: http://online.digital-medium.co.uk

#cppcon #programming #github

Filed under: UncategorizedTagged with: , , , ,

-memory-safe C++ – Jim Radigan – CppCon 2022

  • Lobby
  • Tag Archives: staticanalysis

https://cppcon.digital-medium.co.uk/tag/cppcon/">cppcon.org/
---

-memory-safe C++ - Jim Radigan - CppCon 2022
https://github.com/CppCon/CppCon2022

Memory safety issues are one of the most costly and common of software vulnerabilities. They were listed as 6 out of the 2021 CWE (Common Weakness Enumeration) Top 25, and account for 40% of the total points scored for all categories of the Most Dangerous Software Weaknesses listed. To combat this, we introduce a new compiler and runtime to enable building memory safe C++ and C applications. The binaries built with this new tooling require no modifications to source code and can find common memory safety issues such as buffer overflow, double free, use-after-free, new-delete type mismatch, and much more, at compile-time and runtime.

In this talk, we will present the new tooling and discuss how static analysis is key to early detection of program errors in the developer’s inner loop. Using concise examples, we will illustrate scenarios where static analysis can never completely prove memory safety for unaltered C++ or C. We demonstrate how our new tooling addresses memory safety with formal analysis that falls back to runtime checks when required for all safety guarantees. All runtime checks diagnose, report, and allow the application to continue.
---

Jim Radigan

Architect with over twenty years of experience shipping code gen. technology at Microsoft. Shipped C++ compilers, JIT’s, runtimes, and built large retail operating systems for initial release. Experience leading teams, recruiting, while implementing key technologies on the critical path. Implemented key compiler technology for SSA based global optimizations, vectorization, parallelization, coroutines, hot-patching, secure code gen, Asan, JIT’s and IDE functionality. Started and shipped: platforms on V1 hardware and created lasting cross-team processes to bring up Windows XP through Win 11 (for x86, X64, arm, arm64).
---

Videos Filmed & Edited by Bash Films: http://www.BashFilms.com
YouTube Channel Managed by Digital Medium Ltd https://events.digital-medium.co.uk

#cppcon.digital-medium.co.uk/tag/cppcon/">cppcon #cppcon.digital-medium.co.uk/tag/programming/">programming #cpp

Filed under: UncategorizedTagged with: , , , ,

Purging Undefined Behavior & Intel Assumptions in a Legacy C++ Codebase – by Roth Michaels – CppCon 2022

  • Lobby
  • Tag Archives: staticanalysis

https://cppcon.org/
---

Case Study: Purging Undefined Behavior and Intel Assumptions in a Legacy C++ Codebase - Roth Michaels - CppCon 2022
https://github.com/CppCon/CppCon2022

For large C++ codebases, adding support for a new platform (e.g. Apple Silicon/ARM) can be a scary, expensive endeavor. One of the biggest causes for alarm is undefined behavior (UB), which is an unfortunate part of many legacy codebases; luckily there are tools to help. After a brief review of what undefined behavior (UB) is we will discuss what issues it can cause and why it should be avoided. We will look at a few real-life bugs caused by UB in our codebase and discuss a common type of UB in legacy codebases: "it works on Intel". We’ll discuss how eliminating undefined behavior from a cross platform codebase can reduce maintenance costs and make it less stressful to support new platforms for your codebase. Then, we’ll go over the specific cultural and tooling initiatives we used to eliminate undefined behavior in our C++ codebase, including how we used static analysis and clang sanitizers to identify and address issues.
---

Roth Michaels

Roth Michaels is a Principal Software Engineer at iZotope/Soundwide, an industry leader in real-time audio software for music production and broadcast/film post-production. In his current role on the Audio Research Team at iZotope's parent company, Soundwide, he is focused on developing new fast prototyping frameworks. When he joined iZotope, Roth was the lead library designer of a new internal cross-platform "Glass", part of which is now available as open-source. More recently in his former role as Mix/Master Software Architect, Roth helped develop the reference implementation to move iZotope's products to subscription and led the team that launched the company’s first SaaS offering for music producers. Roth studied music composition at Brandeis University and continued his studies in the Dartmouth Digital Musics program. Roth began his career in software development writing software for his own compositions, and the works of other composers and artists, and teaching MaxMSP to composers and musicians; both private instruction and designing university courses. Before joining iZotope, he was working as a consultant for small startups working on mobile applications specializing in location services and Bluetooth.
---

Videos Filmed & Edited by Bash Films: http://www.BashFilms.com
YouTube Channel Managed by Digital Medium Ltd https://events.digital-medium.co.uk

#cppcon #programming #code

Filed under: UncategorizedTagged with: , , , , , ,

Using Incredibuild to Accelerate Static Code Analysis and Builds – Jonathan “Beau” Peck CppCon 2022

  • Lobby
  • Tag Archives: staticanalysis

https://cppcon.digital-medium.co.uk/tag/cppcon/">cppcon.org/
---

Going Beyond Build Distribution: Using Incredibuild to Accelerate Static Code Analysis and Builds - Jonathan "Beau" Peck - CppCon 2022
https://github.com/CppCon/CppCon2022

Even though C++ compilation times seem to be trending downward, the introduction of modules in C++20 means that long compile times might remain a stress factor for developers. This is before accounting for the time it takes to complete tasks like static code analysis which adds more time to the C++ CI pipeline.

This session will demonstrate how to better manage your CI pipeline to achieve faster and more frequent iterations, improve developer velocity and software quality while adding static code analysis to your dev cycle. We will see how to connect your CI pipeline to Github Actions to achieve automatic triggered CI processes and how to distribute those to on-prem machines or to the cloud with Incredibuild.
---

Jonathan "Beau" Peck

Beau's first computer command was LOAD "*",8,1 on a blue screen which at that time was something you wanted to see. But he really discovered technology while working as a flight control officer when he realized running aircraft operations was in many ways like running ones and zeros (if you're curious feel free to ask him). Thanks to Linux, his natural curiosity about breaking things apart to understand how they worked and then learning and discovering new ways to put things together led him into a career spanning 20++ (I see what you did there) years across systems administration, systems engineering, database and architecture.

His passion is helping customers align, create, architect and operate technical solutions that solve business and technical needs. Currently he is a solutions architect with Incredibuild focused on helping developers accelerate build and test times with distributed computing processing and process virtualization.
__

Avi Lachmish

Avi is an expert in Web and networking technologies, operating systems, and software development methodologies. Avi has extensive experience in C++, object-oriented analysis, design and distributed architectures.
---

Videos Streamed & Edited by Digital Medium: http://online.digital-medium.co.uk

#cppcon.digital-medium.co.uk/tag/cppcon/">cppcon #cppcon.digital-medium.co.uk/tag/programming/">programming #cpp

Filed under: UncategorizedTagged with: , , , , ,