Surely, you too have been frustrated, while single-stepping optimized programs in symbolic debuggers, by the Brownian motion in the source code, and by never being sure, when you reach a certain source line (if you can reach it at all), whether or not earlier lines have taken effect. Our frustration is about to be significantly alleviated, thanks to two new pieces of technology about to be contributed to the GNU toolchain.
Continue reading “Statement Frontier Notes and Location Views”
I attended the recent Issaquah and Kona ISO C++ standards meetings, representing Red Hat and the GCC project, and helping to complete the C++17 standard. As usual, I spent the majority of my time in the Library Working Group (LWG) sessions, but also took part in a subgroup focusing on the Filesystem library, more on that below.
Continue reading “Red Hat at the ISO C++ Standards Meetings (November 2016, Issaquah, and February 2017, Kona): Library”
The March/April C++ meeting was back in Kona, Hawaii again, only a year and a half after the last Kona meeting. As usual, Red Hat sent three of us to the meeting: Jonathan Wakely, Torvald Riegel, and me.
Continue reading “Red Hat at the ISO C++ Standards Meeting (April 2017, Kona): Core Language”
The GNU Toolchain is a collection of programming tools produced by the GNU Project. The tools are often packaged together due to their common use for developing software applications, operating systems, and low-level software for embedded systems.
This blog is part of a regular series covering the latest changes and improvements in the components that make up this Toolchain. Apart from the announcement of new releases, however, the features described here are at the bleeding edge of software development in the tools. This does mean that it may be a while before they make it into production releases, and they might not be fully functional yet. But anyone who is interested in experimenting with them can build their own copy of the Toolchain and then try them out.
Continue reading “Sprint 2017 GNU Toolchain Update”
A few months ago, I had to write some internal GCC passes to perform static analysis on the GNU C Library (glibc). I figured I might as well write them as plugins since they were unlikely to see the light of day outside of my little sandbox. Being a long time GCC contributor, but having no experience writing plugins I thought it’d be a good way to eat our own dog food, and perhaps write about my experience.
Continue reading “Diagnosing Function Pointer Security Flaws with a GCC plugin”
In C and C++, the cases of a switch statement are in fact labels, and the switch is essentially a go to that jumps to the desired label. Since labels do not change the flow of control, one case block falls through to the following case block, unless terminated by a
break, a no return call or similar. In the example below, “
case 1” falls through to “
a = 1;
a = 2;
/* ... */
Continue reading “-Wimplicit-fallthrough in GCC 7”
GCC has a rich set of features designed to help detect many kinds of programming errors. Of particular interest are those that corrupt the memory of a running program and, in some cases, makes it vulnerable to security threats. Since 2006, GCC has provided a solution to detect and prevent a subset of buffer overflows in C and C++ programs. Although it is based on compiler technology, it’s best known under the name Fortify Source derived from the synonymous GNU C Library macro that controls the feature: _FORTIFY_SOURCE. GCC has changed and improved considerably since its 4.1 release in 2006, and with its ability to detect these sorts of errors. GCC 7, in particular, contains a number of enhancements that help detect several new kinds of programming errors in this area. This article provides a brief overview of these new features. For a comprehensive list of all major improvements in GCC 7, please see GCC 7 Changes document.
Continue reading “Memory Error Detection Using GCC”