Steven Simpson and Patricia Aas will present their talks from CppCon 2018. Steven Simpson with "Source Instrumentation for Monitoring C++ in Production" and Patricia Aas with "Software Vulnerabilities in C and C++"
We would love to have someone sponsor this event with food and drinks!
"Source Instrumentation for Monitoring C++ in Production"
It is essential to discuss how modern C++ code can be effectively instrumented, in order to effectively monitor it after deployment. This talk will focus on portable source instrumentation techniques such as logging, tracing and metrics. Straightforward, but well designed code additions can drastically ease the troubleshooting of functional issues, and identification of performance bottlenecks, in production.
Of course when dealing with C++ performance is often critical, and so minimizing the cost of any instrumentation is also critical. Key to this is understanding the trade-off between the detail of information collected, and the overheads of exposing that information. It is also important to understand how best to benefit from advances in contemporary monitoring infrastructure, popularised by "cloud" environments.
This talk will open with a brief summary of monitoring goals, infrastructure, benefits, and existing practise. It will then detail practicalities of building a set of C++ source instrumentation primitives, based on proven principles employed in demanding production software.
"Software Vulnerabilities in C and C++"
What does a vulnerability using signed integer overflow look like? Or a stack buffer overflow? How does code like this look and how can we change the way we program to reduce our risk? The first half of this talk will show examples of many different vulnerabilities and describe how these are combined to make the first steps of an exploit. Then we will discuss what kind of programming practices we can employ to reduce the chances of these kinds of bugs creeping into our code.
Hope to see you there!