CppCon Program Highlights, 9 of N: Safety

The CppCon 2014 conference program has been posted for the upcoming September conference. We've received requests that the program continue to be posted in "bite-sized" posts, a few sessions at a time, to make the 100+ sessions easier to absorb, so here is another set of talks. This series of posts will conclude once the entire conference program has been posted in this way.


Safety and C++ are complementary, and C++ is regularly used in safety-critical systems including with strong static analysis support across multiple popular compilers. From the latest jet fighter avionics systems to the most modern Clang sanitizers, CppCon has a number of talks in this area including the following four. As always, the talks are by Those Who Know and Those Who Do -- including in some of the world's most famous codebases.

In this post:

  • The Joint Strike Fighter Coding Standard: Using C++ on Mission and Safety Critical Platforms
  • Sanitize your C++ code
  • Exception-Safe Code
  • 0xBADC0DE


The Joint Strike Fighter Coding Standard: Using C++ on Mission and Safety Critical Platforms

The Joint Strike Fighter (JSF) is the first major DOD aircraft program to use C++. Much of this software is either safety critical or mission critical and so must be written in such a way as to be clear, readable, unambiguous, testable, and maintainable. We discuss the driving requirements behind the standard and its evolution. We give a quick overview of our standard and discuss how it differs from later standards such as MISRA C++. We discuss lessons learned over our nine year history of applying the standard to a large embedded software program. We also address ambiguities in rules and difficulties with automated checking of conformance with the standard.

Speaker: Bill Emshoff, Senior Staff Software Engineer, Lockheed Martin. Bill Emshoff has been programming in C++ for over 12 years. He is currently a Senior Staff Software Engineer working on the Joint Strike Fighter program at Lockheed Martin, where he has evolved to become an informal interpreter of the JSF coding standard and champion of static analysis as a means to catch and prevent coding errors prior to formal test.


Sanitize your C++ code

"Sanitizers" is a family of dynamic testing tools built into C++ compilers (Clang and GCC):•AddressSanitizer finds memory errors, such as use-after-free, buffer overflows, and leaks;

  • ThreadSanitizer finds data races, deadlocks, and other threading bugs;
  • MemorySanitizer finds uses of uninitialized memory;
  • UndefinedBehaviorSanitizer finds other kinds of undefined behavior, such as use of incorrect dynamic type, shift by illegal amount and many others.

You will learn how these tools work, how to use them on small programs and how we deploy them in large projects.

Speaker: Kostya Serebryany, Software Engineer, Google. Konstantin (Kostya) Serebryany is a Software Engineer at Google. His team develops and deploys dynamic testing tools, such as AddressSanitizer and ThreadSanitizer. Prior to joining Google in 2007, Konstantin spent 4 years at Elbrus/MCST working for Sun compiler lab and then 3 years at Intel Compiler Lab. Konstantin holds a PhD from mesi.ru and a Master from msu.ru.Twitter handle: @kayseesee


Exception-Safe Code

Are you 100% confident that your code is exception-safe?

Safe usage of exceptions is a non-trivial problem that the industry has struggled with for the better part of two decades. If you have fear, uncertainty, or doubt about exception safety or just want to see the best practices for using exceptions in C++ and/or C++11/14, this session is for you. We'll start with "What is the problem we are trying to solve?" and discuss alternatives, acknowledge the challenges associated with exception usage, and cover some well-meaning but misguided attempts at safety. I will then present a set of guidelines that are the basis for safe exception usage and solid implementation techniques, including how to transition from an exception-unsafe legacy code base.

When we are finished you will know how to produce code that is easier to write, easier to understand, faster, and 100% robust in the face of exceptions.

Speaker: Jon Kalb Jon has been programming in C++ for over twenty years. During the last two decades he has written C++ for Apple, Dow Chemical, Intuit, Lotus, Microsoft, Netscape, Sun, Yahoo! and some less well­‐known companies. He taught C++ in the graduate school at Golden Gate University for three years and is a founding moderator of the Boost‐User and Boost‐Interest mailing lists.

Jon is active in the Silicon Valley chapter of the ACCU and programs the C++ track at the Silicon Valley Code Camp.



My motivation for this talk is my own experience as a freelancer and trainer. I have seen a lot of good and bad code in different places. As a freelancer I often had to deal with different, unknown and often large codebases. This talk tries not only to show examples of bad code, but also to analyze why it exists in the first place, and how to deal with it or fix it. I'll visit anti-patterns, but this talk is not about anti-patterns, as that would only spotlight one of the many problems.

Speaker: Jens Weller Jens is a longtime C++ expert and the organizer of the European C++ conference Meeting C++.

Add a Comment

Comments are closed.

Comments (0)

There are currently no comments on this entry.