The Great and Mighty C++

The Great and Mighty C++
Andrey Karpov
karpov@viva64.com

www.reddit.com/r/programming
• SVG Is Turing Complete
• A step-by-step guide to analyzing JSON (and other semi-structured datasets) with SQL
• “Performance Matters” by Emery Berger (Strange Loop 2019)
• Why are large companies so difficult to rescue (regarding bad internal technology)
• Practical Ways to Write Better Javascript
• From UNIX to Linux, a time lapse of 45 years, Hendrik Jan Thomassen
• Stack Overflow Trends – Scala's decline mirrors Kotlin's rise
• Maximize learnings from a Kubernetes cluster failure
• Why Go and not Rust?
• Q&A: How Google Implements Code Coverage at Massive Scale
• Hierarchical Instrumented Tracing with Logback
• Court of appeals rules web scraping doesn't violate anti-hacking law - JavaScript Web Scraping
Guy
• Building GraphQL apis with Django

Everyone Just Lives in Their Own Reality
• С++ Russia x3 (Novosibirsk, Moscow, Saint Petersburg)
• CoreHard (Minsk)
• Meeting C++ (Berlin)
• CppCon (Colorado)
• C++Now (Colorado)
• Italian C++ Conference (Milan)
• emBO++ (Bochum)
• ....

Presenter:
• Andrey Karpov, PhD in physics and math
• Technical Director at SiProVer LLC
• Microsoft MVP
• Intel Black Belt Software Developer
• One of the PVS-Studio project’s founders

A Few Words About Us
• We stand on guard of code
quality.
• PVS-Studio detects errors and
potential vulnerabilities in С, C++,
C# and Java code.
• We actively participate in
conferences, do conference talks,
and write many articles dedicated
to code quality.

Are С and C++ alive? PDP Software Is!
•The PDP-11 mini-computer

Are С and C++ Alive? Even More, IBM RPG Is!
•IBM RPG is a programming
language whose syntax was
initially similar to the command
language of IBM’s mechanical
tabulators.
•Was widely used in 1960s and
1970s.
IBM 1401

C and C++ Are Not Just for Old Systems
• C++ Applications - http://www.stroustrup.com/applications.html
• Adobe Photoshop
• Mozilla Firefox
• Thunderbird
• World of Warcraft
• Apple – OS X
• Chrome (Launch date: September 2, 2008)

Are С and C++ Alive?
• TIOBE Index: if you add up C and C++, C/C++ will be the leader.

Summary for C, C++
• It’s a good idea to learn these languages
• There are and there will be many jobs for C/C++ developers
• The number of embedded systems in C is growing

Topics:
• Embedded systems
• A few words about innovations
• Development tool maturity and speeding up project builds
• The safe programming trend
• Various assistance tools that help control code quality

Embedded: C and С++ Are on the Rise
• Embedded
• IoT (Internet of Things)

Anticipated IoT Growth Rate
15.41
17.68
20.35
23.14
26.66
30.73
35.82
42.62
51.11
62.12
75.44
2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025
Источник: https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/

std::string
• C++ Russia 2017: Anton Polukhin, What Not to Do: C++, How
to Invent the Wheel Correctly (for Experts)
https://youtu.be/rJWSSWYL83U (in Russian)
• vstring
• std::string

C++17: Constexpr if
template <typename T>
auto GetValue(T t)
{
if constexpr (std::is_pointer<T>::value)
{
return *t;
}
else
{
return t;
}
}
void foo()
{
int v = 10;
std::cout << GetValue(v) << 'n'; // 10
std::cout << GetValue(&v) << 'n'; // 10
}

C++17: init-statement in if and switch
if (auto it = m.find(key); it != m.end())
{
....
}

C++17: A New Attribute [[fallthrough]]
switch (i)
{
case 10:
f1();
break;
case 20:
f2();
break;
case 30:
f3();
[[fallthrough]]; // The warning will be suppressed
case 40:
f4();
break;
}

C++17: A New Attribute [[nodiscard]]
[[nodiscard]] int Sum(int a, int b)
{
return a + b;
}
int main()
{
Sum(5, 6); // A compiler/analyzer
// will issue a warning
return 0;
}

C++17: Fold Expressions
template<typename... Args>
auto Sum(Args... args)
{
return (args + ...);
}
int main()
{
std::cout << Sum(1, 2, 3, 4, 5) << 'n'; // 15
return 0;
}

С++17: Removed Features
• Trigraphs were removed.
• The register keyword cannot be used as a variable specifier
anymore.
• Prefix and postfix increment operators for type bool
removed.
• std::auto_ptr was removed. Use std::unique_ptr instead.

С++17: And So On
• I recommend an article by my colleague, Egor Bredikhin
"C++17"
https://www.viva64.com/en/b/0533/

Speed up Your Project Build: Distributed
Compilation
• IncrediBuild - https://www.incredibuild.com/
• distcc - https://github.com/distcc/distcc
• Icecream - https://github.com/icecc/icecream

Speed up Your Project Build: Compiler Cache
• When you compile a preprocessed file, a hash value is
calculated based on the file’s contents, the compilation flags,
and the compiler’s output.
• When you recompile an unchanged file that has the same
flags, the compiler retrieves a ready-made file from cache
and feeds it to the linker.

•For Unix-like systems:
• ccache (GCC, Clang) - https://ccache.samba.org/
• cachecc1 (GCC) - http://cachecc1.sourceforge.net/
•For Windows:
• clcache (MSVC) - https://github.com/frerich/clcache
• cclash (MSVC) - https://github.com/inorton/cclash

Speed up Your Project Build: More Information
• See my colleague Phillip Khandeliants’s article
"Speeding up the Build of C and C++ Projects"

A Tool’s Maturity Level
• Compilers
• Development environments
• Dynamic analyzers
• Static analyzers

Dynamic Analyzers
• Classic tools:
• Valgrind
• BoundsChecker
• Intel Parallel Inspector
• New from Google:
• AddressSanitizer
• ThreadSanitizer
• MemorySanitizer

Static Code Analyzers
• Coverity
• Klocwork
• Parasoft
• PVS-Studio
• SonarQube
• “Their name is Legion": List of tools for static code analysis
https://en.wikipedia.org/wiki/List_of_tools_for_static_code_
analysis

PVS-Studio
• C, C++, C#, Java
• Windows, Linux и macOS
• https://www.viva64.com/
• Ways to Get a Free License

static const int kDaysInMonth[13] = {
0, 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31
};
bool ValidateDateTime(const DateTime& time) {
if (time.year < 1 || time.year > 9999 ||
time.month < 1 || time.month > 12 ||
time.day < 1 || time.day > 31 ||
time.hour < 0 || time.hour > 23 ||
time.minute < 0 || time.minute > 59 ||
time.second < 0 || time.second > 59) {
return false;
}
if (time.month == 2 && IsLeapYear(time.year)) {
return time.month <= kDaysInMonth[time.month] + 1;
} else {
return time.month <= kDaysInMonth[time.month];
}
} 33

0, 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31
};
return false;
}
} else {
}
} 34

0, 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31
};
return false;
}
} else {
}
} 35

0, 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31
};
return false;
}
} else {
}
} time.day
Error in the
protobuf project
(Chromium)
36

Safety Issues
• Innovations (IoT, Embedded)
• All-round measures:
• Coding standards
• Code coverage
• DAST
• SAST

Coding Standards
• Common Weakness Enumeration
• SEI CERT Coding Standards
• MISRA C, MISRA C++
• C++ Core Guidelines: https://github.com/isocpp/CppCoreGuidelines

SAST - Static Application Security Testing

Conclusion
• C and C++ are definitely worth learning
• The languages and related infrastructure are growing and
evolving

Questions
• PVS-Studio: https://www.viva64.com
• Contacts: Andrey Karpov, CTO, karpov@viva64.com
• Subscribe:
• vk.com: pvsstudio_rus
• Instagram: @pvs_studio_unicorn

The Great and Mighty C++

More Related Content

What's hot

Similar to The Great and Mighty C++

More from Andrey Karpov

Recently uploaded

The Great and Mighty C++