Our great sponsors
-
cppbestpractices
Collaborative Collection of C++ Best Practices. This online resource is part of Jason Turner's collection of C++ Best Practices resources. See README.md for more information.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
awesome-cpp
A curated list of awesome C++ (or C) frameworks, libraries, resources, and shiny things. Inspired by awesome-... stuff.
-
codechecker
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
They have very unusual license which I have never seen before: https://github.com/NASA-SW-VnV/ikos/blob/master/LICENSE.txt
Is anyone familiar with it? Is it OSI certified? (it's not on the OSI's site).
Could you detail what exact tooling you are talking about ?
Like, this static analyzer looks interesting but 5 years ago clang --analyze had no trouble producing me a nice html indicating the 27 steps across 6 functions that lead to a pointer being dereferenced after being deleted. Tooling is there but it seems that pretty much no one is aware of it - see e.g. this: https://github.com/cpp-best-practices/cppbestpractices/blob/... or this: https://github.com/fffaraz/awesome-cpp for a quick look at what exists.
Could you detail what exact tooling you are talking about ?
Like, this static analyzer looks interesting but 5 years ago clang --analyze had no trouble producing me a nice html indicating the 27 steps across 6 functions that lead to a pointer being dereferenced after being deleted. Tooling is there but it seems that pretty much no one is aware of it - see e.g. this: https://github.com/cpp-best-practices/cppbestpractices/blob/... or this: https://github.com/fffaraz/awesome-cpp for a quick look at what exists.
Another open source alternative is CodeChecker [1] with the Clang static analyzer [2]. Make sure the Clang toolchain has been compiled with Z3 [3] support for better results (it's the case in Debian stable), particularly for code doing bit operations. It supports cross files analysis ("cross translation units" or CTU), which last time I checked was not the case for IKOS and helps improve diagnostics.
It's not completely turn key if you use it for a cross compiled code base, but once set-up I prefer it to another professional tool: much less false alarms. Although it's good to have both, each one found issues not seen by the other.
[1] https://github.com/Ericsson/codechecker
[3] https://github.com/Z3Prover/z3