The ISO C++ standards meeting in November 2018 was held in San Diego, CA. As usual, Red Hat sent three of us to the meeting: me (for the Core Language Working Group), Jonathan Wakely (for the Library Working Group [LEWG]), and Thomas Rodgers (for the Concurrency and Parallelism Study Group [SG1]). I felt the meeting was productive, though some features that had been expected to make it into C++20 are now in question.
Here are new C++ features accepted at the meeting:
Continue reading “November 2018 ISO C++ meeting trip report (Core Language)”
The fall C++ meeting was held in San Diego, CA. As usual, Red Hat sent three of us to the meeting: myself from the Concurrency and Parallelism Study Group (SG1), Jason Merrill from the Core Language Working Group, and Jonathan Wakely from the Library Working Group (LEWG).
SG1 had a fairly full plate but finished the week with a bit of breathing room to spare. This article describes the major topics discussed this week in SG1.
Continue reading “Fall 2018 ISO WG21 C++ Standards Committee meeting trip report”
Our connected world is full of events that are triggered or received by different software services. One of the big issues is that event publishers tend to describe events differently and in ways that are mostly incompatible with each other.
To address this, the Serverless Working Group from the Cloud Native Computing Foundation (CNCF) recently announced version 0.2 of the CloudEvents specification. The specification aims to describe event data in a common, standardized way. To some degree, a CloudEvent is an abstract envelope with some specified attributes that describe a concrete event and its data.
Working with CloudEvents is simple. This article shows how to use the powerful JVM toolkit provided by Vert.x to either generate or receive and process CloudEvents.
Continue reading “Processing CloudEvents with Eclipse Vert.x”
When you want to do automated tasks for builds and deployments with Red Hat OpenShift, you might want to take advantage of the OpenShift REST API. In scripts you can use
oc CLI command which talks to the REST APIs. However there are times when it is more convenient to do this directly from your C# code without having to invoke an external program. This is the value of having an infrastructure platform that is exposed as services with an open API.
If you want to call the API from your C# code, you have to create a request object, call the API, and parse the response object. The upstream project, OpenShift Origin, provides a Swagger 2.0 specification and you can generate a client library for each programming language. Of course, C# is supported. This isn’t a new approach, Kubernetes has a repository that is generated by Swagger Codegen.
For C#, we can use Microsoft Visual Studio to generate a C# client library for a REST API. In this article, I’ll walk you through the process of generating the library from the definition.
Continue reading “How to call the OpenShift REST API from C#”
The Summer 2018 ISO C++ standards committee meeting this year was back in Rapperswil, Switzerland. The new features for C++2a are coming fast now; the Core language working group had very little time for issue processing because of all the proposal papers coming to us from the Evolution working group.
Red Hat sent three of us to the meeting, to cover different tracks: myself (Core), Jonathan Wakely (Library), and Torvald Riegel (Parallelism/Concurrency). Overall, I thought the meeting was very successful; we made significant progress in a lot of areas.
New C++ language features that were accepted at this meeting:
Continue reading “June 2018 ISO C++ Meeting Trip Report (Core Language)”
Continuing in the effort to detect common programming errors, the just-released GCC 8 contains a number of new warnings as well as enhancements to existing checkers to help find non-obvious bugs in C and C++ code. This article focuses on those that deal with inadvertent string truncation and discusses some of the approaches for avoiding the underlying problems. If you haven’t read it, you might also want to read David Malcolm’s article Usability improvements in GCC 8.
Why Is String Truncation a Problem?
It is well-known why buffer overflow is dangerous: writing past the end of an object can overwrite data in adjacent storage, resulting in data corruption. In the most benign cases, the corruption can simply lead to incorrect behavior of the program. If the adjacent data is an address in the executable text segment, the corruption may be exploitable to gain control of the affected process, which can lead to a security vulnerability. (See CWE-119 for more on buffer overflow.)
Continue reading “Detecting String Truncation with GCC 8”
This year’s Winter ISO C++ Standard Committee meeting was held in March in Jacksonville, Florida. A number of larger features, for which there is substantial interest but which are also difficult to get right, were discussed:
- Concepts, along with Concept types from the Ranges TS; see P0898 and n4685
- Modules; see n4689
- Coroutines; see n4723
- Networking; see n4711
- Executors; see p0443
Jason Merrill’s recently published trip report covers the core language topics. This report focuses on the topics of interest to the Concurrency and Parallelism Study Group (SG1). The “big ticket” items discussed in SG1 during the week were:
Continue reading “March 2018 ISO C++ Meeting Trip Report (SG1: Concurrency and Parallelism)”
The March C++ ISO Standard meeting this year was back in Jacksonville, Florida. As usual, Red Hat sent three of us to the meeting: Torvald Riegel, Thomas Rodgers, and myself. Jonathan Wakely attended via speakerphone. There were 121 people attending the plenary meeting at the beginning of the week.
This meeting was mostly about new features for C++20, particularly when and how to merge Technical Specifications into the draft standard. In the core language, the ones trying to make C++20 are Concepts (already partially merged), Coroutines, and Modules. There was a lot of discussion around all three.
Continue reading “March 2018 ISO C++ Meeting Trip Report (Core Language)”
The GNU Toolchain is a collection of programming tools produced by the GNU Project. The tools are often packaged together due to their common use for developing software applications, operating systems, and low-level software for embedded systems.
This blog is part of a series (see: Fall 2017 Update) covering the latest changes and improvements in the components that make up this Toolchain. Apart from the announcement of new releases, the features described here are at the bleeding edge of software development in the tools. This means that it may be awhile before they make it into production releases, and they might not be fully functional yet. But anyone who is interested in experimenting with them can build their own copy of the Toolchain and then try them out.
Continue reading “GNU Toolchain Update – Spring 2018”
Did you know that when you compile your C or C++ programs, GCC will not enable all exceptions by default? Do you know which build flags you need to specify in order to obtain the same level of security hardening that GNU/Linux distributions use (such as Red Hat Enterprise Linux and Fedora)? This article walks through a list of recommended build flags.
The GNU-based toolchain in Red Hat Enterprise Linux and Fedora (consisting of GCC programs such as
g++, and Binutils programs such as
ld) are very close to upstream defaults in terms of build flags. For historical reasons, the GCC and Binutils upstream projects do not enable optimization or any security hardening by default. While some aspects of the default settings can be changed when building GCC and Binutils from source, the toolchain we supply in our RPM builds does not do this. We only align the architecture selection to the minimum architecture level required by the distribution.
Consequently, developers need to pay attention to build flags, and manage them according to the needs of their project for optimization, level of warning and error detection, and security hardening.
Continue reading “Recommended compiler and linker flags for GCC”