CppCon 2021 has ended
Back To Schedule
Tuesday, October 26 • 3:15pm - 4:15pm
Static Analysis and Program Safety in C++: Making it Real

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
In this talk, I will explore how to leverage language rules and static analysis principles to provide safety guarantees in C++ at compile time, without compromising on its performance and memory efficiency. Modern analysis tools have come a long way since their inception and are much more powerful than traditional Lint-style checks. They use several techniques from theorem solvers to simple heuristics mimicking developer’s reasoning and can find deep semantic errors in programs. Furthermore, modern analysis tools take advantage of information available in types and type extensions in the language to bridge the gap across function boundaries, without incurring performance penalties of running global analyses. This makes them an indispensable part of the “shift left” experience to drive program safety. Throughout the talk, I will share my experience in developing and running these tools on large production codebases over the last decade and how they evolved over time. All the checks in the demo will be available for free in the community edition of Visual Studio and as security actions in GitHub.

ALL TALK SESSIONS CAN BE ACCESSED FROM THE MAIN LOBBY: https://cppcon.digital-medium.co.uk/

avatar for Sunny Chatterjee

Sunny Chatterjee

Principal Software Engineering Manager, Visual C++, Microsoft Corporation
Sunny leads a team responsible for developing the core C++ static analysis engines in Visual Studio productivity experience as well as the traditional security tooling scenarios used widely within Microsoft. He has many years of experience in static analysis and enjoys delivering... Read More →

Tuesday October 26, 2021 3:15pm - 4:15pm MDT