I read a blog post by Alex Muscar, “Beautiful Binary Search in D“. It describes a binary search called “Shar’s algorithm”. I’d never heard of it and it’s impossible to google, but looking at the algorithm I couldn’t help but think “this is branchless.” And who knew that there could be a branchless binary search? So I did the work to translate it into a algorithm for C++ iterators, no longer requiring one-based indexing or fixed-size arrays.

https://muscar.eu/shar-binary-search-meta.html

source: L

None of this is completely new though, which is why we launched pointer compression for V8 in 2020 and saw great improvements in memory across the web. With the Oilpan library we have another building block of the web under control. Oilpan is a traced-based garbage collector for C++ which is among other things used to host the Document Object Model in Blink and thus an interesting target for optimizing memory.

source: HN

Six privilege escalation exploits are bundled with this app. Five are well-known, publicly available N-day exploits for older iOS versions. The sixth is not like those others at all. This blog post is the story of the last exploit and the month-long journey to understand it.

This shell extension is trying to detour the operating system, and it failed. (Note that Windows does not support apps detouring the operating system. This shell extension has exited into unsupported territory.)

We are changing std::sort in LLVM’s libcxx. That’s a long story of what it took us to get there and all possible consequences, bugs you might encounter with examples from open source. We provide some benchmarks, perspective, why we did this in the first place and what it cost us with exciting ideas from Hyrum’s Law to reinforcement learning. All changes went into open source and thus I can freely talk about all of them.

This article is split into 3 parts, the first is history with all details of recent (and not so) past of sorting in C++ standard libraries. Second part is about what it takes to switch from one sorting algorithm to another with various bugs. The final one is about the implementation we have chosen with all optimizations we have done.

source: HN

We successfully deployed ThreadSanitizer in the Firefox project to eliminate data races in our remaining C/C++ components. In the process, we found several impactful bugs and can safely say that data races are often underestimated in terms of their impact on program correctness. We recommend that all multithreaded C/C++ projects adopt the ThreadSanitizer tool to enhance code quality.

source: HN

This is intended to be a casual introduction to the perils of lock-free programming (which I last wrote about some fifteen years ago), but also some explanation of why ARM’s weak memory model breaks some code, and why that code was probably broken already. I also want to explain why C++11 made the lock-free situation strictly better (objections to the contrary notwithstanding).

The C++ standard library tuple is quite versatile. It’s a handy way of grabbing a bunch of types or values into a single unit, and the C++ standard library also provides a number of helpers to manipulate them.

Selecting via an index sequence: https://devblogs.microsoft.com/oldnewthing/20200623-00/?p=103883

Selecting via an index sequence, part 2: https://devblogs.microsoft.com/oldnewthing/20200624-00/?p=103886

Creating interesting index sequences: https://devblogs.microsoft.com/oldnewthing/20200625-00/?p=103890

Creating more interesting index sequences: https://devblogs.microsoft.com/oldnewthing/20200626-00/?p=103896

Finding a type in a tuple: https://devblogs.microsoft.com/oldnewthing/20200629-00/?p=103910

The C++ language standard library comes with a std::function template type which represents a “thing you can invoke”.

Constructing the function is a matter of creating a custom callable for the specific functor. It’s conceptually simple, but the C++ language makes us write out a bunch of stuff to get it to work.

Part 2: Storage optimization: https://devblogs.microsoft.com/oldnewthing/20200514-00/?p=103749

Storing a non-capturing lambda in a generic object: https://devblogs.microsoft.com/oldnewthing/20200515-00/?p=103755

C++ “move” semantics are simple, but they are still widely misunderstood. This post is an attempt to shed light on that situation.

I like that the appendix is 3 times the article’s length.

source: HN

While several approaches are being actively pursued to mitigate specific branches and/or loads inside especially risky software (most notably various OS kernels), these approaches require manual and/or static analysis aided auditing of code and explicit source changes to apply the mitigation. They are unlikely to scale well to large applications. We are proposing a comprehensive mitigation approach that would apply automatically across an entire program rather than through manual changes to the code. While this is likely to have a high performance cost, some applications may be in a good position to take this performance / security tradeoff.

Let’s benchmark toupper implementations.

Actually, I don’t really care about toupper much at all, but I was writing a different post and needed a peg to hang my narrative hat on, and hey toupper seems like a nice harmless benchmark. Despite my effort to choose something which should be totally straightforward and not sidetrack me, this weird thing popped out.

source: L

This is not allowed in C++. The return type of a function cannot be overloaded.

But Kenny Kerr taught me how to fake it. What you do is return an object that doesn’t yet know whether it’s a widget or doodad.

Related: https://devblogs.microsoft.com/oldnewthing/20191107-00/?p=103071

We are pleased to announce AddressSanitizer (ASan) support for the MSVC toolset. ASan is a fast memory error detector that can find runtime memory issues such as use-after-free and perform out of bounds checks. Support for sanitizers has been one of our more popular suggestions on Developer Community, and we can now say that we have an experience for ASan on Windows, in addition to our existing support for Linux projects.

MSVC support for ASan is available in our second Preview release of Visual Studio 2019 version 16.4.

source: white

Today’s blog post is an overview of some common optimization techniques and neat tricks for doing “systems programming” – whatever that means today. We’ll walk through some methods to make your code run faster, be more efficient, and to squeeze just a little more juice from whatever you got.

source: HN

What are “the usual arithmetic conversions”?

source: L

Suppose you want to be able to detect in C++ whether a type has been defined. For example, maybe you want to use a type if it exists. This can happen if, say, you are a library like React Native for Windows, and you need to be able to run with different versions of the Windows SDK. Or you’re writing a library where the client can customize the behavior by defining another class with a well-known name. Perhaps you’re trying to mimic C# partial classes.

The road to madness.

https://devblogs.microsoft.com/oldnewthing/20190709-00/?p=102671

https://devblogs.microsoft.com/oldnewthing/20190710-00/?p=102678

https://devblogs.microsoft.com/oldnewthing/20190711-00/?p=102682

A quine that plays snake over its own source!

source: grugq

I would like to credit C++‘s smart pointer types, because they do significantly help. Unfortunately, my experience working on large C++ projects which use modern idioms is that these are not nearly sufficient to stop the flood of vulnerabilities. My goal for the remainder of this post is to highlight a number of completely modern C++ idioms which produce vulnerabilities.

source: L

I work at Red Hat on GCC, the GNU Compiler Collection, and I spent most of the past year making GCC easier to use. Let’s look at C and C++ improvements that will be in the next major release of GCC, GCC 9.

C++ error messages that are slowly approaching useful...

source: L