CppCon 2015 Program Highlights, 1 of N

The CppCon 2015 conference program has been posted for the upcoming September conference. We've received requests that the program continue to be posted in "bite-sized" posts, a few sessions at a time, to make the 100+ sessions easier to absorb, so here is another set of talks. This series of posts will conclude once the entire conference program has been posted in this way.

 

There is lots -- lots -- of existing C++ code. How can you effectively bring existing C++ code forward to C++11/14? How can you upgrade your coding styles and conventions? How can tools help you and your team to use correct modern C++ in your production projects?

The following interrelated CppCon 2015 talks tackle these issues and more.

In this post:

  • Keynote: Writing Good C++14 (Bjarne Stroustrup)
  • Plenary: Writing Good C++14 By Default (Herb Sutter)
  • A Few Good Types: Evolving array_view and string_view For Safe C++ Code (Neil MacIntosh)
  • More than Lint: Modern Static Analysis For C++ (Neil MacIntosh)

 

Keynote: Writing Good C++14

How do we use C++14 to make our code better, rather than just different? How do we do so on a grand scale, rather than just for exceptional programmers? We need guidelines to help us progress from older styles, such as “C with Classes”, C, “pure OO”, etc. We need articulated rules to save us from each having to discover them for ourselves. Ideally, they should be machine-checkable, yet adjustable to serve specific needs.

In this talk, I describe a style of guidelines that can be deployed to help most C++ programmers. There could not be a single complete set of rules for everybody, but we are developing a set of rules for most C++ use. This core can be augmented with rules for specific application domains such as embedded systems and systems with stringent security requirements. The rules are prescriptive rather than merely sets of prohibitions, and about much more than code layout. I describe what the rules currently cover (e.g., interfaces, functions, resource management, and pointers). I describe tools and a few simple classes that can be used to support the guidelines.

The core guidelines and a checker tool reference implementation will be open source projects freely available on all major platforms (initially, GCC, Clang, and Microsoft).

Use, comment, and contribute!

Speaker: Bjarne Stroustrup, Managing Director, Morgan Stanley. Stroustrup is the creator and original implementer of C++. He is also a Visiting Professor in Computer Science at Columbia University, a Distinguished Research Professor in Computer Science at Texas A&M University, and continues to actively participate and lead language evolution in the ISO C++ committee.

 

Writing Good C++14 By Default

Modern C++ is clean, safe, and fast. It continues to deliver better and simpler features than were previously available. How can we help most C++ programmers get the improved features by default, so that our code is better by upgrading to take full advantage of modern C++?

This talk continues from Bjarne Stroustrup’s Monday keynote to describe how the open C++ core guidelines project is the cornerstone of a broader effort to promote modern C++. Using the same cross-platform effort Stroustrup described, this talk shows how to enable programmers write production-quality C++ code that is, among other benefits, type-safe and memory-safe by default -- free of most classes of type errors, bounds errors, and leak/dangling errors -- and still exemplary, efficient, and fully modern C++.

Background reading: Bjarne Stroustrup’s 2005 “SELL” paper, “A rationale for semantically enhanced library languages," is important background for this talk.

Speaker: Herb Sutter, author and chair of the ISO C++ committee.

 

A Few Good Types: Evolving array_view and string_view for Safe C++ Code

The Library Fundamentals TS already contains a string_view type, and possibly soon an array_view type. These are important and should be used pervasively as function parameters, especially instead of (pointer, length) pairs which are generally unsafe. They offer additional benefits in the form of decoupling: allowing functions to be specified in terms of high-level views rather than references to specific, concrete string and container types which bind both caller and callee to a specific implementation detail. As a specific example, using string_view in function signatures allows them to be called with any of the endless proliferation of string types that exist in codebases today (std::string, CStringT, char*, BSTR, HSTRING, MyString etc).

We can and should evolve these types further as a key part of achieving memory safety for C++ code.

This example-driven talk shares our experience with preventing defects in large-scale commercial C++ codebases by applying modestly evolved versions of the proposed array_view and string_view types, plus a small number of related types such as not_null. Adopting these types enables simpler and safer code that eliminates important classes of defects by construction. The types are carefully designed to have usually exactly zero space and time overhead over the current unsafe idioms they replace, so as to leave no valid performance reason against adopting them. Using these types enables high-quality static analysis, and is allowing Microsoft to fully replace non-standard and non-portable annotation systems for type and memory safety in our own code bases.

We believe this approach is generally applicable to code at all levels, from application code down to the most performance-sensitive systems code. An open source reference implementation of the types that supports all major compilers and platforms will be available on GitHub.

More than Lint: Modern Static Analysis for C++

Static analysis tools have the potential to significantly improve programmer productivity as well as the safety, reliability and efficiency of the code they write. Modern static analysis has moved well beyond the mental model people often have based on “lint”: just finding simple “typos” or “thinkos”. Static analysis can find subtle, complex bugs early, identify opportunities to improve performance, encourage consistent style and appropriate usage of libraries and APIs.

This talk will look at the different purposes static analysis tools can be used to meet all these different goals. It will present specific examples from our experience working with sophisticated analysis tools on large, commercial codebases. The talk will also present a specific implementation of a modern static analysis toolkit for C++. This toolkit is being used in a number of different contexts: to provide tool-based enforcement of new coding guidelines and rules, to migrate people to modern C++ coding idioms and to find important security and reliability defects. One notable example of its use is to implement the checker for enforcement of a core set of coding guidelines that are presented in Bjarne Stroustrup’s keynote address.

Some of the tools described in the talk will be available for download as a Community Technology Preview in the latter part of 2015.

Speaker: Neil MacIntosh, Microsoft. Neil is the lead for the C++ static analysis frameworks used widely within Microsoft, including PREfix, PREfast, and ESPx, and is currently involved on making them work better with portable C++14 code rather than nonstandard annotations.

Add a Comment

Comments are closed.

Comments (0)

There are currently no comments on this entry.