163. FloatZone, WG21 Varna, C++26, Contracts, Pattern matching, Reflection
With Bjarne Stroustrup, Gianluca Delfino, Frances Buontempo, Vladimír Arnošt and other colleagues.
Media
Video
Podcast
Powered by RedCircle
All Major C++17 Features You Should Know
Each feature is annotated with supporting compiler versions.
JetBrains C++ Academy
CLion 2023.1
Build Insights Now Available in Visual Studio 2022
Hdoc 1.3.0
- Announcement
- Reddit: hdoc 1.3.0 is out, now with dark mode, template docs support, and easier navigation
FloatZone
Discussions:
We introduce FloatZone, a compiler-based sanitizer to detect spatial and temporal memory errors in C/C++ programs using lightweight checks that leverage the Floating Point Unit (FPU). We show that the combined effects of “lookup, compare, and branch” can be achieved with a single floating point addition that triggers an underflow exception in the case of a memory violation.
Our evaluation shows that FloatZone significantly outperforms existing systems, with just 37% runtime overhead <…>
<…> on every load and store ASan looks up the corresponding metadata, compares it to see if it is part of a redzone and branches to exit code that raises an alarm if this is the case. The branch instruction pollutes the branch predictor and contends with the application for CPU execution units. <…> The key insight in this paper is that sanitizer checks never fail in the normal case and should add little overhead except in the event of a violation of memory safety. In an ideal world, the sanitizer should use a special, fast instruction that is branchless, does not contend with the application for CPU execution units, and checks the validity of memory implicitly—raising an exception upon a violation. While modern CPUs lack such a targeted instruction, we will show that they do have instructions that approximate exactly this behavior.
In particular, we find that a floating point addition can be made to generate an exception if it processes redzone data. We achieve this by configuring a single floating point addition to result in an underflow exception only if one of the operands is equal to our redzone poison value. By instrumenting vulnerable loads/stores with the addition, we ensure that redzone accesses raise an alarm. Moreover, the addition is fast and branchless and executes on an execution unit that is underutilized in most programs. As a result, the solution ensures high instruction-level parallelism and much better performance than prior techniques.
WG21 Summer meeting in Varna
- Inbal Levy on Reddit
- 20% remote participation
- C++26 approved:
- P2558R2: Add @, $, and ` to the basic character set
- P2592R3: Hashing support for
std::chrono
value classes - P2562R1: constexpr Stable Sorting
- P0792R14:
function_ref
: a type-erased callable reference - P2641R4: Checking if a union alternative is active
- P2548R6:
copyable_function
- P2630R4:
submdspan
- Freestanding updates, as well as many more fixes and extensions
- P2621R2: UB? In My Lexer?
- P1854R4: Making non-encodable string literals ill-formed
- P2361R6: Unevaluated strings
- P2738R1: constexpr cast from void*: towards constexpr type-erasure
- P2552R3: On the ignorability of standard attributes
- P2741R3: user-generated
static_assert
messages - P2169R4: A nice placeholder with no name
- P1673 Linear algebra
- P2809R0 Trivial infinite loops are not Undefined Behavior
- Consensus for further work (but not necessarily same as in C)
- Networking group didn’t meet.
- Just use Asio. Chris Kolhoff stopped working with the Committee. Looks like the Networking rebase on Senders/Receivers isn’t happening.
- Contracts:
- P2877R0: Contract Build Modes, Semantics, and Implementation Strategies – consensus for
- P2811R6: Contract-violation handler – consensus for
- P2853R0: Proposal of
std::contract_violation
– consensus against -
As a consequence, we removed the notion of build modes from the Contracts MVP. Every contract annotation now has one of the following three semantics: ignore, observe, enforce, and it is implementation-defined which one you get. Further, we now have a consensus design for contract-violation handling.
- Disappointments:
- Reflection: Reviewed use cases. Target: C++29. Optimistic target: C++26.
- Pattern Matching: No developments. Target: C++29. Optimistic target: C++26.
- Reddit: “Really hoping for Reflection and Pattern Matching in C++26 🤞”
Interesting snippet:
1inspect(foo) { _ => bar; };
Michael Park worked on the placeholder paper. Was that yak shaving for Pattern Matching?
Daniela Engert seems to confirm my suspicion:
The latest discussions regarding pattern matching can be found here:
P2688 pattern matching in general https://wg21.link/p2688
P2806 do expressions (likely on track for C++26) https://wg21.link/P2806
P2169 placeholder ‘_’ https://wg21.link/P2169 (voted into the CD in Varna)
I think there’s a good chance to complete pattern matching in C++26 🤔🙏
- Herb Sutter
- think-cell, by Jonathan Müller
- CppStories
WG21 May mailing
Papers
- P2141R1: Aggregates are named tuples
- P2654R0: Modules and macros
- P2831R0: Functions having a narrow contract should not be noexcept
- P2893R0: Variadic friends
- P2895R0: noncopyable and nonmoveable utility classes
Status of Reflection
<…> reflection is “dead” in the practical sense: no one’s working on it. Andrew Sutton’s P2237R0 paper <…>, is 3 years old. The last paper about it P2560R0 is over a year old. The SG7 public email archive doesn’t show any discussion in over a year. The Slack channel for it in on cpplang hasn’t had a message in almost two years.
What C++ library do you wish existed but hasn’t been created yet?
Somehow most redditors in the thread assumed it’s about the Standard Library, but looks like it wasn’t.
- “Please give us reflection 😭”
- “The metaclasses are on their way.”
- “I don’t know what you’ve heard, but metaclasses absolutely aren’t on their way.” – foonathan
- “It looks like they’ve stalled over the last few years, but even if it takes another 10 at least they’re having discussions on them.”
- “We aren’t? It’s been discussed once in SG7 for 15 minutes four years ago. Herb has a tendency to give grand talks about features the committee has never seen before and frames them as if they are “the next big thing” of C++.” – foonathan – Oofff!
- “It looks like they’ve stalled over the last few years, but even if it takes another 10 at least they’re having discussions on them.”
- “I don’t know what you’ve heard, but metaclasses absolutely aren’t on their way.” – foonathan
- “The metaclasses are on their way.”
- “We need solid utf-8 strings functions in the standard library. It’s insane to not have that in this day and age.”
- “Software IEEE 754 decimal floats.”
- “Modern, cross-platform, native UI library”
- “A library for mapping/subclassing enums in some way.”
- “A library like python’s urllib”
The Register: C language inventor spurns Google’s language exam
Between 1969 and 1973, Ken Thompson created Unix with Dennis Ritchie. At the same time he also developed the C language. The speed and simplicity of C helped Unix spread widely. Both have subsequently become quite popular.
Google hired Thompson to create a new language, Go. But Google also requires all of its recruits to pass a language test. According to Thompson, he hasn’t quite got round to it yet - and so can’t submit code.
From the book Coders At Work:
Q: I know Google has a policy where every new employee has to get checked out on languages before they’re allowed to check code in. Which means you had to get checked out on C [which you co-created].
Thompson: Yeah, I haven’t been.
Q. You haven’t been! You’re not allowed to check in code?
Thompson: I’m not allowed to check in code, no… I just haven’t done it. I’ve so far found no need to.
The Downto Operator
does anyone else use the C/C++ “downto” operator unironically or is it just me
1while (size --> 0) {
2
3}