Memory Error Detection Using GCC

Introduction

GCC has a rich set of features designed to help detect many kinds of programming errors. Of particular interest are those that corrupt the memory of a running program and, in some cases, makes it vulnerable to security threats. Since 2006, GCC has provided a solution to detect and prevent a subset of buffer overflows in C and C++ programs. Although it is based on compiler technology, it’s best known under the name Fortify Source derived from the synonymous GNU C Library macro that controls the feature: _FORTIFY_SOURCE. GCC has changed and improved considerably since its 4.1 release in 2006, and with its ability to detect these sorts of errors. GCC 7, in particular, contains a number of enhancements that help detect several new kinds of programming errors in this area. This article provides a brief overview of these new features. For a comprehensive list of all major improvements in GCC 7, please see GCC 7 Changes document.

Continue reading “Memory Error Detection Using GCC”


Join Red Hat Developers, a developer program for you to learn, share, and code faster – and get access to Red Hat software for your development.  The developer program and software are both free!

 

Testing… Testing… GCC

The next release of the GNU Compiler CollectionGCC 7, is fast approaching, so in this post, I’m going to talk about work I’ve done to make GCC more reliable

Continue reading “Testing… Testing… GCC”


Join Red Hat Developers, a developer program for you to learn, share, and code faster – and get access to Red Hat software for your development.  The developer program and software are both free!

 

Adding buffer overflow detection to string functions

This article describes the steps required to add buffer overflow protection to string functions. As a real-world example, we use the strlcpy function, which is implemented in the libbsd library on some GNU/Linux systems.

This kind of buffer overflow protection uses a GNU Compiler Collection (GCC) feature for array size tracking (“source fortification”), accessed through the __builtin_object_size GCC built-in function. In general, these checks are added in a size-checking wrapper function around the original (wrapped) function, which is strlcpy in our example.

Continue reading “Adding buffer overflow detection to string functions”


Join Red Hat Developers, a developer program for you to learn, share, and code faster – and get access to Red Hat software for your development.  The developer program and software are both free!

 

November 2016 GNU Toolchain Update

The GNU Toolchain is a collection of  programming tools produced by the GNU Project. The tools are often packaged together due to their common use for developing software applications, operating systems, and low level software for embedded systems.

This blog is part of a regular series covering the latest changes and improvements in the components that make up this Toolchain.  Apart from the announcement of new releases however, the features described here are at the very bleeding edge of software development in the tools.  This does mean that it may be a while before they make it into production releases, although interested parties can always build their own copies of the toolchain in order to try them out.

Continue reading “November 2016 GNU Toolchain Update”


Join Red Hat Developers, a developer program for you to learn, share, and code faster – and get access to Red Hat software for your development.  The developer program and software are both free!

 

Take advantage of your Red Hat Developers membership and download RHEL today at no cost.

Eclipse for JNI development and debugging on Linux (Java and C)

selection_166Cross language development in one project

In this tutorial style article I’ll discuss how to configure Eclipse for Java Native Interface (JNI) development based on a sample project that you can copy and modify. I.e, you can have a single project that can be both Java and C at the same time, and support a full code navigation and debugging of both languages.

This article is focused on the configuration of Eclipse rather than explaining JNI itself, however there are links to JNI literature at the end.

Continue reading “Eclipse for JNI development and debugging on Linux (Java and C)”


Join Red Hat Developers, a developer program for you to learn, share, and code faster – and get access to Red Hat software for your development.  The developer program and software are both free!

 

C++ support in libcc1: A comprehensive update

GDB relies on libcc1‘s GCC and GDB plugins to implement the “compile code” feature, now extended to support the C++ language.

The Compile and Execute machinery enables GDB users to compile and execute code snippets within the context of an existing process. This allows users to perform inspection and modification of the program state using the target language well beyond the feature set historically exposed by symbolic debuggers. Almost anything that can be expressed in C, and now also in C++, can be compiled, loaded into the running program, and executed on the spot! It is envisioned that this machinery may also be used in the future to speed up conditional breakpoints, and as a foundation for more advanced features such as “Edit and Continue”.

The libcc1 module offers plugins for GDB and GCC that allow GDB to start GCC to compile a user-supplied code snippet. The plugins combine GDB and GCC into a single multi-process program. Through the plugins, GCC can query GDB about the meaning, in the target program, of names encountered in the snippet, and GDB can incrementally inform GCC about variables, functions, types and other constructs present in the program.

Continue reading “C++ support in libcc1: A comprehensive update”


Join Red Hat Developers, a developer program for you to learn, share, and code faster – and get access to Red Hat software for your development.  The developer program and software are both free!

 

August 2016 GNU Toolchain Update

The GNU Toolchain is a collection of  programming tools produced by the GNU Project. The tools are often packaged together due to their common use for developing software applications, operating systems, and low level software for embedded systems.

This blog is part of a regular series covering the latest changes and improvements in the components that make up this Toolchain.  Apart from the announcement of new releases however, the features described here are at the very bleeding edge of software development in the tools.  This does mean that it may be a while before they make it into production releases, although interested parties can always build their own copies of the toolchain in order to try them out.

Continue reading “August 2016 GNU Toolchain Update”


Join Red Hat Developers, a developer program for you to learn, share, and code faster – and get access to Red Hat software for your development.  The developer program and software are both free!

 

Red Hat at the ISO C++ Standards Meeting (June 2016, Oulu): Library

The recent WG21 meeting in Oulu, Finland, was an especially busy one for the Library Working Group. Every day was spent working through the list of proposals intended for inclusion in C++17, and we also had three “evening” sessions that ran well past the evening (until nearly midnight, although the sun was still up to trick us into working late).

This post describes what I think are the most important library features that were reviewed and approved for inclusion in C++17. As usual, see Jason and Torvald’s posts for news from the Core and Parallelism & Concurrency groups. As Jason explained, the main goal of the Oulu meeting was to finalize the content of the Committee Draft (CD) for C++17. The Library Working Group started the meeting with a huge number of papers intended for inclusion in the CD, and we managed to complete the review of almost all of them.

Continue reading “Red Hat at the ISO C++ Standards Meeting (June 2016, Oulu): Library”


Join Red Hat Developers, a developer program for you to learn, share, and code faster – and get access to Red Hat software for your development.  The developer program and software are both free!

 

Red Hat at the ISO C++ Standards Meeting (June 2016, Oulu): Parallelism and Concurrency

gnu logoSeveral Red Hat engineers recently attended the JTC1/SC22/WG21 C++ Standards Committee meetings in Oulu, Finland.  This post focuses on the sessions of SG1 (the standards committee sub-group 1 – for concurrency and parallelism) as well as on coroutines-related sessions. Jason already gave an overview of the meeting in his post.

SG1 prioritized proposals and issues affecting the (expected) C++17 standard, followed by proposals targeting the Concurrency TS or a future revision of the Parallelism TS.  We also made some progress in the space of coroutines.

Continue reading “Red Hat at the ISO C++ Standards Meeting (June 2016, Oulu): Parallelism and Concurrency”


Join Red Hat Developers, a developer program for you to learn, share, and code faster – and get access to Red Hat software for your development.  The developer program and software are both free!

 

What is new in OpenMP 4.5

A new version of the OpenMP standard, 4.5, has been released in November 2015 and brings several new constructs to the users. OpenMP is an API consisting of compiler directives and library routines for high level parallelism in C, C++ and Fortran programs. The upcoming version of GCC adds support for this newest version of the standard.

This post highlights some of the latest features, changes, and “gotcha’s” to look out for.

Continue reading “What is new in OpenMP 4.5”


Join Red Hat Developers, a developer program for you to learn, share, and code faster – and get access to Red Hat software for your development.  The developer program and software are both free!