Static Analysis in C++

cherno still one of the best explaining c++

motbus

I understand you need sponsors, but you could mention clang-tidy since it is a free tool. Since you are in a position of an educator, I would appreciate you mention free and open source tools, especially since the video is named "Static Analysis in C++" not "Static Analysis in C++ using PVS-Studio". You don't have to use it, but simply mention it since it is used a lot.
Anyhow, nice video! Keep em comming :)

rudolflovrencic

Little advice for static analyzer users: they complement each other (e.g., I use Resharper C++ and PVS-Studio together). Also, dynamic analysis is quite critical too! For example, PVS-Studio and Resharper C++ can't detect every memory leak, so you have to do some dynamic analysis to catch them. For example, in Visual Studio, you can expose memory leaks easily using a simple function (_CrtSetDbgFlag ( _CRTDBG_ALLOC_MEM_DF | _CRTDBG_LEAK_CHECK_DF );
There exist static analyzers that can discover every bug: they are called "sound" static analyzers. Polyspace (by Mathworks) uses abstract interpretation to "prove the absence of certain run-time errors in source code for C/C++, and Ada, " but it is computationally very expensive

MyCiaoatutti

Static code analyzers+runtime analyzers like valgrind are quite useful but you definitely cannot rely on them while developing critical systems. Well designed(and implemented) testing strategy is the key to software quality.

jaszynek

Nobody:
Youtube Autogenerated subtitles:
"Welcome Back to my safe weight loss series"

furball_vixie

When I answer the question in interview the way cherno explains about c++... People get impressed. Watch him guys.. he not only knows in depth about what he is talking about he also knows how to present it to make us understand the underlying concept.

@cherno can you please make a video about vtables and vptr.. I woulf like to hear yr way of explaining them

siddharthsinghchauhan

I'm really grateful to have found this channel. I'm learning so much and loving C++ even more thanks to you! :)

louisdaza

A tip to avoid the classic copy and paste and forgetting the old variable name error... You can just select the lasted portion of code and search and replace text only within the selected portion of text in Visual Studio, or VSCode... And probably many other editors.
Just press Ctrl+F and there is a little button to enable it (probably with a shortcut that I don't remember), it will only highlight the matches inside the selected text so you can be sure... Pretty useful seems like a lot of people don't know about it tho

lnx

Clang-tidy — free, open source, and just works*.

I recommend using it with Visual Studio Code and the clangd extension (do not install Microsoft's C++ extension), then enabling Clang-tidy in the settings.
I also recommend adding the following startup flags: "--clang-tidy-checks=*, -modernize-use-trailing-return-type, -cppcoreguidelines-special-member-functions, -hicpp-special-member-functions, -fuchsia-statically-constructed-objects, -fuchsia-default-arguments-calls, -fuchsia-default-arguments-declarations"

*I mean, you have to use CMake to generate the compile commands of your project so that clangd can understand its structure, and if you never used it before it could take you form a few hours to one or two weeks before you get comfortable with it, but at the end your projects will be clean and platform-independent.
You also need to install the LLVM suite on Windows or the clangd package on Linux, but that's pretty straightforward.

(Oh, and Clang compiled programs are much faster than MSVC's)

Tachi

Sometimes listening to some "cpp talks", they are always saying "Static Analysis" to be used quite often, I thought it's a programming technique but now some misplaced memories in my brain will find the right places. Thank you!

webinno

Visual Studio comes with built-in static analysis tools: Analyze, Run Code Analysis, On Solution. It would be nice if you make a video comparing them.

GeorgeValkov

It is recommended to use more than one static analysis tool since no one tool is good at catching 100% of bugs. If you are a hobbyist developer you might want to look into free tools such as cppcheck and clang tools. These are pretty easy to integrate into most IDEs or text editors like VS code. Cppcheck and clang tools give html output which can be integrated into gitlab pages, for example.

not_ever

I can tell you have a very clear and organized mind.

stevesmith

Subtitles : welcome back to my safe wealth loss series.
btw, great videos Chernikov.

machineman

There are many free tools but not so many great tools for VS integration.
I mean, VS has it's own rules for static analysis but I feel it lacks interactive feeling with the user.

Clang tidy and C++ Check are free tools to use as well. (I like C++ Check, it's awesome).

TNothingFree

Great series Cherno, thanks for continuing to add to it!!

jonnykopp

I like to use the visual studio 19 build-in static analyzer. It also helps you if you want to write good modern c++ or if you want to follow the c++ core guidelines. I think I found a few little bugs in Hazel with it :-) Clang-tidy is also very good for multi platform analysis which is also build-in vs19. I will give PVS a try. Thank you Yan. Best regards

peterhaller

I guess you don't know, but watching your YouTube series is my college assignment LoL 😂

sayedreda

Nested for loop bugs... I learned how to use gdb's hardware breakpoints because of a nested for loop bug in the quake source code (a month or two after id released the source code). Specifically, it was in the updating of beams (lightning gun). It took me a few days to figure everything out (programming in Linux was still new to me, gdb very new, and quake was pretty big (I now know it like the back of my hand))

syirogane

One thing I've realized about programming is that you should exactly have a clear picture of what direction you want to take, and where you want to go, and what kind of output you are exactly looking for.

Thinking creatively is part and parcel of being a good developer. It's how you start to realize what tools to use when, when you start to do that, ideas automatically start to flow in you.

My two cents which I got from static analysis.

SaifUlIslam-dbnu