Visual Studio 2019 Preview 2 is an exciting release for the C++ code analysis team. In this release, we shipped a new set of experimental rules that help you catch bugs in your codebase, namely: use-after-move and coroutine checks. This article provides an overview of the new rules and how you can enable them in your project.
Concurrency Code Analysis in Visual Studio 2019
The battle against concurrency bugs poses a serious challenge to C++ developers. The problem is exacerbated by the advent of multi-core and many-core architectures. To cope with the increasing complexity of multithreaded software, it is essential to employ better tools and processes to help developers adhere to proper locking discipline.
The C++ team has been working to refresh the Code Analysis experience inside Visual Studio. Last year, we blogged about some in-progress features in this area. We’re happy to announce that in Visual Studio 2019 Preview 2, we’ve integrated code analysis directly into the editor,
We’re making it easier to configure and use the C++ code analysis features with a set of changes targeting 15.7. In the first 15.7 preview we’ve cleaned up the UI, fixed our documentation links and, most importantly, simplified the way analysis extensions are configured.
Visual Studio “15” Preview 5 now includes the C++ Core Guidelines Checkers. This means you no longer have to install the C++ Core Check package from NuGet to check your code against rules and profiles in the C++ Core Guidelines. Just configure Code Analysis to include the C++ Core Check extensions.
Update: The C++ Core Guidelines Checkers are now included in-box with Visual Studio 2017. See this post for details: https://blogs.msdn.microsoft.com/vcblog/2016/10/12/cppcorecheck
It has been an exciting year since the C++ Core Guidelines and checkers were announced starting with Bjarne Stroustrup’s opening keynote at CppCon 2015.
[This post was written by Andrew Pardoe and Neil MacIntosh]
Update: The CppCoreCheck tools are now part of VS 2017: https://blogs.msdn.microsoft.com/vcblog/2016/10/12/cppcorecheck.
Back in September at CppCon 2015 Neil announced that we would be shipping new code analysis tools for C++ that would enforce some of the rules in the C++ Core Guidelines.
Hey Folks, in my blog earlier this year (see http://blogs.msdn.com/b/vcblog/archive/2015/02/02/c-c-code-analysis-in-vs2015.aspx), I talked about what’s new in C/C++ code analysis for VS 2015 and why we did certain plumbing changes related to the front-end compiler. In that, I mentioned the limitation of CTP6 in which only analysis of C programs were working and C++ analysis was blocked.
By Joe Morris & Jim Springfield (MSFT)
This blog provides answers to the following 2 questions.
What’s new in C/C++ code analysis for VS2015?
What’s supported and not supported in C/C++ code analysis for VS2015 CTP6 release?
Before we get started,
The Microsoft Security Science team has recently posted a note about Security Development Lifecycle integration as part of the Code Analysis rules coming with the next version of Visual C++.
[Read the full post]