• Example of How New Diagnostics Appear in PVS-Studio

      PVS-Studio new C++ rule


      Users sometimes ask how new diagnostics appear in the PVS-Studio static analyzer. We answer that we draw inspiration from a variety of sources: books, coding standards, our own mistakes, our users' emails, and others. Recently we came up with an interesting idea of a new diagnostic. Today we decided to tell the story of how it happened.

      Read more →
    • SmartTraits or lets add «multiple inheritance» to C#



        One of our clients, a developer who used to work with php technologies for quite some time, frequently complained that with the transition to C# and .Net stack, he misses one of his favorite features from the php world — traits and he would like it very much to be able to use such functionality in .Net.

        At one point, we decided to make him a present and implemented a proof of concept of similar functionality for C#.

        To our surprise, it was quite easy to implement the PoC and the process of development was a lot of fun.
        Read more →
      • Architecting Architecture: Makers and Takers

        • Translation

        The step has been made. Not sure where to, but for sure from the point of no return. Keep calm and keep walking. It is about a time to look around and understand the smelly and slippery route before you. And what are those noisy creatures swarming around our fishy “innovative” design we called Mandelbrot blueprint. You don't get a buzzing-noise like that, just buzzing and buzzing, without its meaning something.

        Read more
      • A tiny Rate Limiter Library for Spring MVC

        In microservice world the problem of high load is exteremely big especially when we have a REST API which is accessed quite extensively. Why do we need throttling? The main answer is to decrease the load of the service at the moment.

        Different frameworks have different solutions, mostly some additional libraries. Also there is a Guava RateLimiter and Bucket4J . What is interesting Spring MVC being one of the most popular solutions for building REST APIs (thank you Spring Boot) doesn't have any built in rate limiter. As for external solutions there not that many ways around.

        Today, I would like to present a tiny experimental library specific for Spring MVC. It is called SpringRateLimitter. The library is very tiny ,works in runtime. The idea is to annotate entire rest controller or specific method , than count the number of incoming requests for the annotated URI and based on the values check if we exceed the allowed number of calls. In case of exceeding an HTTP error code 429 is thrown and after the throttling period is over , the endpoint is available again.

        So How does it look like. As first step Maven dependency must be added

        Read more
      • Compilation of math functions into Linq.Expression

          Here I am going to cover my own approach to compilation of mathematical functions into Linq.Expression. What we are going to have implemented at the end:

          1. Arithmetical operations, trigonometry, and other numerical functions

          2. Boolean algebra (logic), less/greater and other operators

          3. Arbitrary types as the function's input, output, and those intermediate

          Hope it's going to be interesting!

          Read more →
        • Architecting Architecture

          • Translation

          Architect. This word sounds so mysterious. So mysterious that to understand it you almost forced to add something. Like “System Architect” or “Program Architect”. Such addition does not make clearer, but for sure adds weight to the title. Now you know – that’s some serious guy! I prefer to make undoubtful and around 10 year ago added to my email signature “Enterprise Architect of Information Systems”. It’s a powerful perk. Like “Chosen One”. With architects it is always a matter of naming, you know. Maybe that is why the only way to become and architect is to be named as one by others. Like with vampires. One of them has to byte you! That is probably the easiest way to earn the title as there is no degree or school to grant you one. And if there’s a troubling title, somebody’s making a trouble, and the only reason for making a trouble that I know of is because you’re an Enterprise. Huge old and complex multinational corporation. Like a one-legged pirate. Strong and scary, but not a good runner. You own your ship, you had good days, you have some gold, you need new ways.

          To get to new treasures and avoid losing second leg to piranha regulators and local business shark swarming waters near every enterprise ship – every pirate has a map. Map is a list of major features and requirements in desired order and priority.

          Read more
        • PVS-Studio 7.12 New Features for Finding Safety and Security Threats

            Security. What does this word mean to you? Nowadays, companies spare no effort to ensure that their product is secured from hacking and all sorts of information leaks. PVS-Studio decided to help its users and expand the functionality in this area. Therefore, one of the main innovations of the upcoming release will be the introduction of analyzer new features which will ensure code safety and security. This article aims to present these features.

            Read More
          • Ads
            AdBlock has stolen the banner, but banners are not teeth — they will be back

            More
          • A little life hack when you work with Azure Service Bus and ASP.NET Core

            • Tutorial

            Some of the features of your website require message queue integration. It is not a complex task for most developers. If you work with Azure infrastructure, you are able to choose Azure Service Bus as a queue engine. It sounds quite simple: just create Azure Resource, write some code and then be happy! But what would you say if the resources are limited? What will you do if there are several teammates in your team, and all of you have to debug queues at the same time? I try to give you a simple solution.

            Read more
          • Algorithms in Go

            • Tutorial

            Most solutions to algorithmic problems can be grouped into a rather small number of patterns. When we start to solve some problem, we need to think about how we would classify them. For example, can we apply fast and slow аlgorithmic pattern or do we need to use cyclic sortpattern? Some of the problems have several solutions based on different patterns. In this series, we discuss the most popular algorithmic patterns that cover more than 90% of the usual problems.

            It is different from High-School Algorithms 101 Course, as it is not intended to cover things like Karatsuba algorithm (fast multiplication algorithm) or prove different methods of sorting. Instead, Algorithmic Patterns focused on practical skills needed for the solution of common problems. For example, when we set up a Prometheus alert for high request latency we are dealing with Sliding Window Pattern. Or let say, we organize a team event and need to find an available time slot for every participant. At the first glance, it is not obvious that in this case, we are actually solving an algorithmic problem. Actually, during our day we usually solve a bunch of algorithmic problems without realizing that we dealing with algorithms.

            The knowledge about Algorithmic Patterns helps one to classify a problem and then apply the appropriate method.

            But probably most importantly learning algorithmic patterns boost general programming skills. It is especially helpful when you are debugging some production code, as it trains you to understand the execution flow.

            Patterns covered so far:

            Sliding Window I

            Sliding Window II

            Merge Intervals

            Dutch National Flag

            Matrix Spiral

            Iterative Postorder Traversal

            Bit Manipulation

            Stay tuned :)

            <Promo> If you interested to work as a backend engineer, there is an open position in my squad. Prior knowledge of Golang is not required. I am NOT an HR and DO NOT represent the company in any capacity. However, I can share my personal experience as a backend engineer working in the company. </Promo>

            Read more
          • Algorithms in Go: Iterative Postorder Traversal

            • Tutorial

            In this article, we discuss the postorder traversal of a binary tree. What does postorder traversal mean? It means that at first, we process the left subtree of the node, then the right subtree of the node, and only after that we process the node itself.

            Why would we need to do it in this order? This approach solves an entire class of algorithmic problems related to the binary trees. For example, to find the longest path between two nodes we need to traverse the tree in a postorder manner. In general, postorder traversal is needed when we cannot process the node without processing its children first. In this manner, for example, we can calculate the height of the tree. To know the height of a node, we need to calculate the height of its children and increment it by one.

            Let's start with a recursive approach. We need to process the left child, then the right child and finally we can process the node itself. For simplicity, let's just save the values into slice out.

            Read more
          • Short-lived Music or MuseScore Code Analysis

              Having only programming background, it is impossible to develop software in some areas. Take the difficulties of medical software development as an example. The same is with music software, which will be discussed in this article. Here you need an advice of subject matter experts. However, it's more expensive for software development. That is why developers sometimes save on code quality. The example of the MuseScore project check, described in the article, will show the importance of code quality expertise. Hopefully, programming and musical humor will brighten up the technical text.

              Читать далее
            • What Is yield and How Does It Work in C#?

                C# capabilities keep expanding from year to year. New features enrich software development. However, their advantages may not always be so obvious. For example, the good old yield. To some developers, especially beginners, it's like magic - inexplicable, but intriguing. This article shows how yield works and what this peculiar word hides. Have fun reading!

                Read more
              • PVS-Studio, Blender: Series of Notes on Advantages of Regular Static Analysis of Code

                  PVS-Studio and Blender


                  In our articles, we regularly repeat an important idea: a static analyzer should be used regularly. This helps detect and cheaply fix many errors at the earliest stage. It looks nice in theory. As we know, actions still speak louder than words. Let's look at some recent bugs in new code of the Blender project.

                  Read more →
                • Intercepting Program Startup on Windows and Trying to Not Mess Things Up

                    Have you ever heard of Image File Execution Options (IFEO)? It is a registry key under HKEY_LOCAL_MACHINE that controls things like Global Flags and Mitigation Policies on a per-process basis. One of its features that drew my attention is a mechanism designed to help developers debug multi-process applications. Imagine a scenario where some program creates a child process that crashes immediately. In case you cannot launch this child manually (that can happen for various reasons), you might have a hard time troubleshooting this problem. With IFEO, however, you can instruct the system to launch your favorite debugger right when it's about to start this troublesome process. Then you can single-step through the code and figure what goes wrong. Sounds incredibly useful, right?

                    I don't know about you, but I immediately saw this feature as a mechanism for executing arbitrary code when someone creates a new process. Even more importantly, it happens synchronously, i.e., the target won't start unless we allow it. Internally, the system swaps the path to the image file with the debugger's location, passing the former as a parameter. Therefore, it becomes the debugger's responsibility to start the application and then attach itself to it.

                    So, are there any limitations on what we can do if we register ourselves as a debugger? Let's push this opportunity to the limits and see what we can achieve.

                    Read more
                  • HDB++ TANGO Archiving System

                    • Translation
                    • Tutorial
                    main

                    What is HDB++?


                    This is a TANGO archiving system, allows you to save data received from devices in the TANGO system.


                    Working with Linux will be described here (TangoBox 9.3 on base Ubuntu 18.04), this is a ready-made system where everything is configured.


                    What is the article about?


                    • System architecture.
                    • How to set up archiving.

                    It took me ~ 2 weeks to understand the architecture and write my own scripts for python for this case.


                    What is it for?


                    Allows you to store the history of the readings of your equipment.


                    • You don't need to think about how to store data in the database.
                    • You just need to specify which attributes to archive from which equipment.
                    Read more →
                  • Run MongoDB Atlas locally for testing

                      What happens to your MongoDB replica set when it comes to failures like network partitioning, restarting, reconfiguration of the existing topology, etc.? This question is especially important these days because of the popularity gained by the multi-cloud model where chances of these scenarios are quite realistic.


                      However, is there a solution, preferably a free one, for testing such cases that would obviate the need of writing manual scripts and poring over the official documentation? As software developers, we would be better off preparing our applications in advance to survive these failures.

                      Read more →