2 Nikola Dudar, Program Manager April Reagan, Program Manager Ronald Laeremans, Group Program Manager

2

• Nikola Dudar, Program [email protected]

• April Reagan, Program [email protected]

• Ronald Laeremans, Group Program [email protected]

mailto:[email protected]



3

30 min Intro45 min Visual C++ 2005 in Action

Break60 min Visual C++ 2005 Making Your Application

Better30 min Roadmap to Securing C++ Applications

Lunch30 min Roadmap for C++ Applications on Windows60 min Roadmap to Managed Code

Break45 min Roadmap to Taking Advantage of Hardware30 min Guidance and Conclusion60 min Questions

4

• We are from the Visual C++ product development team

• Ask questions at any time during today’s presentation

• Further content relevant to this talk is available here:http://msdn.microsoft.com/visualc/tour05/

http://msdn.microsoft.com/visualc/tour05/

5

• The platform and hardware have advanced greatly over the past seven years and so has Visual Studio!

Visual C++ 6 Visual C++ 2002

Visual C++ 2003

Visual C++ 2005

Release Date 1998 2002 2003 2005Target Platforms

Windows 95 to Windows NT 4.0

Windows 98 to Windows XP

Windows 2000 to Windows Server 2003

Windows 2000 to Windows Server 2003

Libraries and Technologies

Win32, COM, MFC, ATL

Win32, COM, MFC, ATL, .NET, Web Services



Distinguishing Features

Introduced IntelliSense

Introduced support for .NET

Improved ISO C++ conformance

Improved support for .NET and Windows platforms

Support Extended support expires September 30, 2005

Extended support expires June 30, 2009

Extended support expires September 30, 2013

Not yet released

6

• Productivity– Enable you to effectively manage large projects– Give you tools to navigate large and unfamiliar code bases

• Security– Move your application to secure settings by default

• Performance– Speed up your application with new optimizations– Give your application an advantage by using latest and upcoming

hardware• Commitment to the Future of Your Source Code

– Make your code more standard conforming to benefit from advanced C++ techniques, growing C++ libraries, and code portability

– Access any existing or new Windows technology from your C++ source code

– Make breaking changes in your source base that result in long term benefit

7

• Upgrading to Visual C++ 2005 brings tremendous benefits– Applications built with Visual C++ 2005 are more secure– Visual C++ 2005 enables better productivity in the IDE– Code generated by Visual C++ 2005 is more efficient

• Visual C++ 2005 is the gateway to new technologies– Visual C++ 2005 targets new processor architectures than

ever before, including devices, 64-bit, and multi-core– Visual C++ 2005 enables your application to take

advantage of new .NET based Windows technologies like .NET Framework and WinFX

8

Team System

Lifecycle tools for better communication and collaboration among software teams

Professional Edition

Comprehensive tool for professional developersworking alone or in small teams,

including server development

Standard Edition

Entry point for professional developersbuilding Windows applications,

focused on client and component development

Express Editions

Easy to use, easy to learn, easy to acquire tool for hobbyists, enthusiasts and students

Moving Your Application Forward with Visual C++ 2005

Tour of new capabilities in the IDE

10

• Visual C++ 2005 invested heavily in the IDE to improve your daily productivity and long term project management– The IDE allows you to easily manage and build large

solutions– IntelliSense is more accurate and relevant to code in your

project– IntelliSense understands macros and templates– You can navigate and browse of large code projects without

building– The IDE can build separate projects on different processors– You can build projects and solutions from the command

prompt– The debugger simplifies tasks and information


Optimizing your applicationAnalyzing your application codeVisual C++ libraries

13

• Use better tools to optimize your program– Use Visual Studio 2005 to get best performance with

minimal cost• Gain better understanding of your source code

– Use Visual Studio 2005 to identify trouble spots in source code

• Use new tools and libraries to make your program more reliable

• Ensure your customer is up to date– Be ready for servicing your applications

14

• Maximize optimization for each file– Without using new optimization features Visual C++

compiler helps getting the best code for each source code file individually

• Whole program optimization goes beyond individual files– Use information from many files to get most of the final

binary• Profile guided optimization specializes

optimizations specifically for your application– Improve user experience in common scenarios

15

• Compiler optimizes each source code file to get best runtime performance – The only type optimization available in Visual C++ 6

• Visual C++ 2005 has better optimization algorithms– Specialized support for newer processors such as Pentium 4– Improved speed and better precision of floating point

operations– New optimization techniques like loop unrolling

• Typical expectation for performance after rebuild– 10-20% improvement from Visual C++ 6 to Visual C++

2002– 20-30% improvement from Visual C++ 6 to Visual C++

2005

16

• Typically Visual C++ will optimize programs by generating code for object files seperately

• Introducing whole program optimization– First introduced with Visual C++ 2002 and has since improved– Compiler and linker set with new options (/GL and /LTCG)– Compiler has freedom to do additional optimizations

• Cross-module inlining• Custom calling conventions

– Visual C++ 2005 supports this on all platforms– Whole program optimizations is widely used for Microsoft

products such as SQL Server• Typically expect significant performance improvement

– About 30% improvement from Visual C++ 2003 to Visual C++ 2005

17

SpecINT (Visual C++ 6 Baseline)

0%

2%

4%

6%

8%

10%

12%

14%

16%

18%

20%

VC7 /O2 VC7 /O2 /GL VC7.1 /O2 /G7 VC7.1 /O2 /G7/arch:SSE2

VC7.1 /O2 /GL/G7

VC7.1 /O2 /GL/G7 /arch:SSE2

18

SpecFP (Visual C++ 6 Baseline)

0%

5%

10%

15%

20%

25%

30%

35%

40%

VC7 /O2 VC7 /O2 /GL VC7.1 /O2 /G7 VC7.1 /O2 /G7/arch:SSE2

VC7.1 /O2 /GL/G7

VC7.1 /O2 /GL/G7 /arch:SSE2

19

• Static analysis leaves many open optimization questions for the compiler, leading to conservative optimizations

• Visual C++ programs can be tuned for expected user scenarios by collecting information from running application

• Introducing profile guided optimization – Optimizing code by using program in a way how its

customer use it– Runs optimizations at link time like whole program

optimization– Available in Visual Studio 2005 – Widely adopted in Microsoft

if (p != NULL) { /* Perform action with p */} else { /* Error code */}

Is it common for p to be NULL?

If it is not common for p to be NULL, the error

code should be collected with other

infrequently used code

20

0

5

10

15

x64 x86

% Im

prov

emen

t ove

r Who

lePr

ogra

m O

ptim

izat

ion

SPECInt SPECfp

22

• Visual Studio Team System 2005 provides tools that help you understand defects and behavior of your source code

• Static code analysis– Finds defects in source code at build time

• Profiler– Determines where application spends time

• Code coverage– Verifies that code paths are used as expected

• Unit testing– Useful for test driven development

• Using tools from Visual Studio Team System builds more reliable applications with better performance

23

• Static code analysis helps developers find defects in code (/analyze)– Reports code defects– Warns about possible security vulnerabilities– Suggests ways to improve performance– Identifies possible design issues– Enforces best practices

• Warns about defects and displays path to a problemvoid vulnerable(char* p) { wchar_t buf[16]; int ret;

ret = MultiByteToWideChar(CP_ACP, 0, p, -1, buf, sizeof(buf)); printf("%d\n", ret);}

Do you see the buffer overrun?

This caused Code Red.

24

• Examine performance for entire application or for its specific parts

• Helps to find runtime bottlenecks of programs– Option of collecting information via sampling or

instrumentation– Collect up to 15 performance counters

• Significantly better than profiler in Visual C++ 6

25

• Facilitates building granular verification of your source code– Quick way to find missed checks– Saves time on building simple verification tests– Helps with code coverage

• Unit testing is useful for test driven development

26

• New Visual C++ libraries bring more reliable and safer functionality to your program– Runtime validation of parameters for values inside a

valid range– New set of functions with safer signatures helps you

build less vulnerable programs– Improved functionality in crucial user scenarios

27

• Prior to Visual C++ 2005, the Visual C++ libraries were susceptible to “DLL Hell”– Especially problematic with Visual C++ 6 libraries in

System32– Visual C++ 2002 and 2003 libraries could not have

emergency servicing• New servicing model enables emergency servicing

and side-by-side installation of Visual C++ libraries– Compliant with Windows Logo requirements– Libraries installed into one shared location– Applications are automatically bound to libraries using

manifest– Supported on Windows XP, Windows Server 2003 and later

• Applications must include manifests to use Visual C++ libraries

28

• New tools in Visual C++ 2005 help getting maximum performance with minimal cost

• Visual Studio Team System facilitates process of code review and finding trouble spots

• Use of new libraries makes your program more reliable and easier to maintain

• New deployment model for Visual C++ libraries ensures quick servicing of deployed applications


Building security in layersVisual C++ features to improve securityVisual C++ features to detect security vulnerabilities

30

Service ReliablyService Reliably Collect information about buffer overrunsCollect information about buffer overrunsProvide mechanisms to patch vulnerable filesProvide mechanisms to patch vulnerable files

Mitigate VulnerabilitiesMitigate Vulnerabilities Antivirus monitoringAntivirus monitoringDetect and react to buffer overrunsDetect and react to buffer overruns

Prevent Security BugsPrevent Security BugsCode review with static analysis toolsCode review with static analysis toolsReplace risky libraries with secure alternativesReplace risky libraries with secure alternativesValidate data and limit test functionsValidate data and limit test functions

Block Attacker AccessBlock Attacker Accessto Machineto Machine

Windows FirewallWindows FirewallAuthentication for RPCAuthentication for RPC

31



• Secure your development and end user environments

• Use newest versions of Windows– Windows XP SP2– Windows Server 2003 SP1

• Test your application with a least user privileges account– All applications must be secure to secure the platform

• Take advantage of .NET security services– Run in partial trust environment– Use web services as abstracted access layer– Sandbox plug-in modules

32






33

• Visual C++ helps you build a more reliable, less vulnerable program with better performance

• Static code analysis– Defects of your code– Possible security vulnerabilities of your program– Suggest ways to improve performance– Identify possible design issues– Enforce best practices coding policies

• Warns about defects found in code and displays path to the problem


34

• Visual C++ 2005 provides more secure alternatives to historically risky libraries– Standard C library has vulnerabilities because it is not

reentrant, and does not check the size of destination buffers

• New extensions to C Runtime library (Safe CRT)– Provides new safer variants of CRT functions– Warns about risky functions in existing source code– Undercover improvements in implementation of existing

functions– Widely adopted inside Microsoft

• Microsoft is leading C and C++ communities in adoption of new extensions to C library


36

• Validating data passed to a function helps detecting problem upfront

• Parameter validation– C runtime functions validate their parameters– File sharing modes are enforced– Format specifications are validated– STL iterators are ensured to point inside containers– Common mechanism of reporting errors (invalid

parameter handler)• All Visual C++ libraries now detect invalid

parameters before using them


37






38

• Buffer overruns are easy to exploit– Buffer overruns caused by unvalidated data corrupting

other values• Introducing security checks (/GS)

– Introduced in Visual C++ 2002 to prevent return address hijacking

– Improved in Visual C++ 2003 and Visual C++ 2005 to detect more sophisticated types of malicious exploits

– Cooperates with other technologies for best coverage (/SAFESEH)

– All Microsoft products are required to use security checks

• Windows Server 2003 did not propagate Blaster because it was built with security checks


40

• How security checks work – Insert a random cookie between the

locally declared buffer and the return address

– Test cookie value for corruption before using return address to end function call

– If test fails, terminate the process• Detects attack and prevents

execution of malicious code

Previous function’sPrevious function’sstack framestack frameFunction argumentsFunction argumentsReturn addressReturn addressFrame pointerFrame pointerCookieCookieEH frameEH frameLocally declaredLocally declaredbuffersbuffersLocal variables andLocal variables andcopies of vulnerablecopies of vulnerableparametersparametersCallee saveCallee saveregistersregistersUnused StackUnused Stack


41






42

• Windows can collect information when an application crashes to facilitate investigation of problems

• One mechanism for all Visual C++ programs– Asserts in debug build allow developers to investigate

immediately– Windows Error Reporting invokes in release builds (Dr.

Watson)– Minidump created with context information to reproduce

issue– Specific information can be collected through minidump

APIs


43

• If security exploit found, it is important to deliver a patch quickly

• New deployment model in Visual C++ 2005 (Fusion)– All Visual C++ libraries are side-by-side assemblies

(DLLs)– By default Visual C++ applications are built as isolated

applications– Binding to DLLs can be controlled by the author and

administrator– One shared location to facilitate patching

• Visual C++ 2005 provides mechanism for efficient emergency servicing of applications using Visual C++ libraries


44






Windows Error Reporting Tool (CRT, /GS)Windows Error Reporting Tool (CRT, /GS)New deployment of Visual C++ LibrariesNew deployment of Visual C++ Libraries

Buffer Overrun Detection (/GS)Buffer Overrun Detection (/GS)Safe Exception handling (/SAFESEH)Safe Exception handling (/SAFESEH)

Static Code Analysis ToolsStatic Code Analysis ToolsNew Visual C++ Libraries (CRT, STL, ATL, MFC)New Visual C++ Libraries (CRT, STL, ATL, MFC)

Windows XP SP2Windows XP SP2Windows Server 2003 SP1Windows Server 2003 SP1


Looking aheadC++ Applications on WindowsRoadmap to Managed CodeRoadmap to Utilizing Hardware

46

• In the past two decades there have been several major inflection points on the Windows platform

• The Windows platform is about to experience the most significant inflection point ever

Windows 3.0 began the shift from MS-DOS

to graphical user interfaces

Windows 95 sparked the shift to 32-bit programming

The Internet inspired entirely new application

styles

Catalysts driving the next inflection pointHigh resolution displays64-bit architectures“Longhorn” release of WindowsThe WinFX API

47

• Two important considerations for large code base– Companies want intellectual property investments to last a

long time– Companies want to take advantage of the latest

technologies and hardware from existing code bases

• Visual C++ applications are maintainable and extensible, for the long-term preservation of your intellectual property investments

• Visual C++ applications give you the best user experience on Windows: integration, performance, access to all Windows technologies

48

• Standard Conformance guarantees longevity and portability– ISO Standard C++ – portability, advanced libraries etc.– Emerging C++/CLI Standard – managed code integration– Visual C++ is best development environment for cross-

platform code

• Single source base for multiple CPU targets– Visual C++ supports all Windows hardware platforms– x86, x64, IA64, CE devices etc.

Built with Visual C++

Microsoft WindowsMicrosoft Office

Microsoft SQL ServerMicrosoft Visual Studio

Microsoft Exchange Server

Microsoft Common Language Runtime

49

• Visual C++ is the only language that gives you full access to all Windows APIs– Win32, COM, DirectX, Speech, .NET Framework, WinFX,

DDK, etc.

• Applications built on existing Visual C++ libraries (MFC, ATL etc) will continue to evolve, take advantage of new Windows APIs and be first class applications on upcoming Windows releases

50

2005

2006

Beta

BetaBeta

Beta

51

• Version 1.0– “Avalon” Framework for Graphics and User Interface– “Indigo” Framework for Distributed Applications

• Built on CLR Component Model – Managed Code– Rich and consistent programming model– Easier than COM– Built on top of .NET Framework, DirectX, Win32

• Released with Longhorn– Redistributable on XP SP2, Windows Server 2003– Available on Windows Update

52

• Application Model– Composable component architecture– Layout engine– Two-way transformable data binding– Rich visual styling and theming– Browser hosting

• Graphics Model– 2D & 3D Graphics– Imaging– Text– Video and audio– Animation

• Document Model– Fixed, flow and adaptive layouts– Advanced typography– Container services– Rights management

Media IntegrationMedia IntegrationLayerLayer

Element ServicesElement Services

App

licat

ion

App

licat

ion

Mod

elM

odel

Doc

umen

tD

ocum

ent

Mod

elM

odel

Gra

phic

sG

raph

ics

Mod

elM

odel

Composition andComposition andRenderingRendering

.NET.NETFrameworkFramework DirectXDirectX

AvalonAvalon

Tool

s an

d La

ngua

ges

Tool

s an

d La

ngua

ges

53

• Avalon is the future of Windows presentation technology– Other technologies are often still better choices on Longhorn

• Recommended Avalon 1.0 usage– Web sites that want to push the limits of user experiences– Windows applications with complex data visualization

scenarios

• MFC/Win32 and Windows Forms are still the best solution for mainstream rich client Windows applications

• DirectX is still the platform for extremely intensive graphics (games, CAD applications)

• ASP.NET is the reach solution for server-based platform-agnostic applications

54

• The unified framework for building service-oriented applications on the Windows platform

– Unifies today’s distributed technology stacks– Composable functionality– Appropriate for use on-machine, cross

machine, and cross Internet

– Cross-platform interoperability– Integration across Microsoft products– Interoperability with today’s distributed

stacks

– Service-oriented programming model– Supports all features required by SOAs– Maximized productivity for building SOAs

55

• Single language to target all development scenarios

• Native Development– Cross Target Compilers: x86, x64, IA64– ISO Standard C++ language– ATL/MFC supporting native platform

• Managed Code Development– Integrate managed code seamlessly in existing code base– C++/CLI – First class .NET language– MFC integrating managed APIs


What is managed code?Using new managed features in your source codeThree ways to use managed codeUsing multiple programming languages

57

ManagedManagedCodeCode

• Native code has many advantages– Achieves best performance and utilizes latest processor

techniques– Requires the fewest dependencies on other files

Pro

duct

ivity

Investment

Native CodeNative Code

• Introducing managed code– Leverages the advantages of native code– Targets high productivity solutions

• At some point, native code has diminishing returns– Secure programming requires ever increasing security reviews– Versioning data structures in different files is brittle– Programming patterns become very complicated

58

• The C runtime is another native library loaded by the Windows loader

EXEEXE

MachineMachineCodeCode

SourceSourceCodeCode CompilerCompiler

Native LibrariesNative Libraries

WindowsWindowsLoaderLoader

Native HeapNative Heap

59

• Running code on Windows without managed code is has limitations– Code could only be trusted based on digital signatures;

the system could not sandbox privileges for processes– Libraries targeted at different language developers had

to be written several times – once for each language– Applications written for one platform could not run on

other platforms such as devices without recompiling– Data structures could not be easily versioned between

DLLs– APIs had no rich type information for component models

• The Common Language Runtime (CLR) provides solutions for these problems

60

Frameworks

Assembly

Common Language RuntimeCommon Language RuntimeEXEEXE

Managed Runtime

GarbageGarbageCollectedCollected

HeapHeap

Native HeapNative Heap

SourceSourceCodeCode CompilerCompiler

VerifierVerifier

JIT CompilerJIT Compiler

Machine CodeMachine Code

Native LibrariesNative Libraries

MetadataMetadata

MSILMSIL

ManagedManagedLibrariesLibraries

P/Invoke

61

a.cppa.cpp

b.cppb.cpp

VisualVisualC++C++

CompilerCompiler

D:\>cl /c a.cpp

D:\>cl /c /clr b.cpp

EXEEXE

MetadataMetadataMSILMSIL


a.obja.obj

b.objb.obj

MetadataMetadataMSILMSIL


VisualVisualC++C++

CompilerCompiler

LinkerLinker

Skip P/Invokes by using machine code directly

Mixed Image

62

• The CLR makes a number of services available to applications– Garbage collection and resource management– Cross-language development– Security demands for partially trusted code– Reflection on assembly at run-time

• Making use of these CLR services requires additional language enhancements to C++ (enabled by /clr)– New type categories– Syntax for garbage collection– Syntax for properties and events

• All existing C++ code remains unchanged and continues without behavioral changes

63

• Managed assemblies describe themselves with metadata– Used instead of header files or type libraries

• C++ now has the #using directive

• A source file can make use of several kinds of libraries

#using <System.Windows.Forms.dll>#using <System.Xml.dll>#using <System.Data.dll>#using <System.Web.dll>

#using <System.Data.dll> // .NET library#import <msxml4.dll> // COM type library#include <iostream> // Standard C++ library

64

• New type categories provide specific semantics needed for interoperating with other languages– Ref classes are garbage collected and understood by all

programming languages– Value classes are lightweight; all fundamental types like

integers and floating-point numbers are value types– Native classes continue to have semantics and

advantages of native code even when compiling to MSIL• Types are declared “adjective class”

class N { /*…*/ }; // nativeref class R { /*…*/ }; // CLR reference type

value class V { /*…*/ }; // CLR value typeinterface class I { /*…*/ }; // CLR interface type

enum class E { /*…*/ }; // CLR enumeration type

65

• C++ now includes new syntax for first class support of garbage collection

• Pointers allow dynamic allocation on the native heap– Pointers are stable (can be cast to int), even during GC– Failure to explicitly call delete will leak memory

• Handles refer to objects on the CLR heap– Calling delete is optional

• Allocating with value semantics continues to work– Enables deterministic cleanup

T^ t = gcnew T; // gcnew constructs T on CLR heap

T* t = new T; // new constructs T on native heap

T t; // T constructed with value semantics

66

• Use .NET functionality in your application– Take a new library and use it from your application– Energize your application with a new look and feel– Leverage new tools that generate code for WinFX

• Expose your functionality as .NET object model– Expand your market to new language developers– Take advantage of core performance of your existing

code• Use managed code as a extensibility model

– Add control and security to your extensibility model– Make scripting as powerful as a general purpose

language

67

Your Application NowYour Application NowBuilt on top of native librariesBuilt on top of native libraries

Native LibrariesNative Libraries NativeNativeLibrariesLibraries

ManagedManagedLibrariesLibraries

New Application withNew Application withAdded FunctionalityAdded Functionality

Compile PiecesCompile Pieceswith /clrwith /clr

class Data { gcroot<XmlDocument^> xmlDoc;

public: void Load(std::string fileName) { XmlTextReader^ reader = gcnew XmlTextReader( marshal::to<String^>(fileName)); xmlDoc = gcnew XmlDocument(reader); }};

68

• Visual C++ 2005 allows you to use new Frameworks libraries in MFC Applications

• MFC includes many integration points– MFC views can host Windows Forms controls– Use your own Windows Forms dialog boxes– MFC lets you use Windows Forms as CView– Data exchange and eventing translation handled by MFC– MFC handles command routing

• Your MFC applications will be able to take advantage of current and future libraries directly with ease

70

• Embed native pointers in managed types• Use native types as method arguments and returns

Add a new layerAdd a new layer

built with /clrbuilt with /clrYour Library NowYour Library Now

Native LibrariesNative Libraries Native LibrariesNative Libraries

The Same LibraryThe Same Library

Managed API LayerManaged API Layer

ref class MyControl : UserControl { std::vector<std::string>* words;public: void Add(String^ s) { Add(marshal::to<std::string>(s)); }internal: void Add(std::string s) { words->push_back(s); }};

71

• DirectX 9.0 included a .NET object model written with Visual C++

• DirectX was looking to replace Visual Basic type library distribution and improve productivity– Wanted better coding productivity – fewer lines of code– Wanted easier memory management– Wanted to automate resource management with device

reset– Wanted to preserve performance, especially with Direct

3D• DirectX was able to achieve all goals by using C+

+ to wrap existing code

72

hr = g_pDPServer->EnumPlayersAndGroups( aPlayers, &dwNumPlayers, DPNENUM_PLAYERS);if (SUCCEEDED(hr)) /* iterate over players here */ break;SAFE_DELETE_ARRAY(aPlayers);if (FAILED(hr) && hr != DPNERR_BUFFERTOOSMALL) { DXTRACE_ERR_MSGBOX( TEXT("EnumPlayersAndGroups"), hr); return;}aPlayers = new DPNID[dwNumPlayers];if (NULL == aPlayers) { DXTRACE_ERR_MSGBOX( TEXT("DisplayPlayers"), E_OUTOFMEMORY); return;}

The above code written The above code written with C++/CLI syntaxwith C++/CLI syntax

for each(Player player in peer.Players) { /* Do Something */}

73

• Managed DirectX uses separate DLLs rather than include managed code in existing native DLLs– Simplified maintenance of both managed and native libraries

• Visual C++ was chosen to build Managed DirectX– Visual C++ understands COM directly, and thus avoided

unnecessary marshalling in performance critical scenarios– Visual C++ gave DirectX complete control over data marshalling– Visual C++ naturally understands header files and native

memory, which allowed DirectX to avoid code duplication– Visual C++ maintained type safety when interoperating

between the main DirectX library and the managed DirectX library

• DirectX successfully delivered a library that enabled real world development from a .NET object model

74

• The Common Language support in managed code makes it an ideal infrastructure for extensibility

• There are a number of ways to take advantage of managed code for plug-ins and scripting– Simply provide a .NET object model for your application and

it immediately becomes scriptable by full trust code– Isolate partially trusted plug-ins from each other by loading

them into separate AppDomains and demanding security privileges

– Host the CLR through COM to allow complete control over runtime characteristics of managed code in application

• In the future, Microsoft will deliver Visual Studio Tools for Applications which will replace VBA

• Managed code gives your application the full reach of all CLR services and programming languages

75

• Visual C++ allows you to include code from multiple languages in a single file assembly

a.cppa.cpp

c.csc.cs

C++C++CompilerCompiler

D:\>cl /c /clr a.cpp

D:\>csc /t:module c.cs

EXEEXE

C++C++CodeCode

C#C#CodeCode

a.obja.obj

c.netmodulec.netmodule

C#C#CompilerCompiler

C++C++LinkerLinker

76

• Visual C++ will always be a tool suited for accomplishing any task from low-level systems to high-level applications

• Using other languages is sometimes convenient; just make the decision based on your actual needs– If you have an existing C++ application, you will achieve best

results by continuing to use C++– New web applications are best suited with C# or Visual Basic– New application development should be in the language with

the best tools to support your developers and projects– If you need performance, always use C++– If you need tight integration with Windows, always use C++

• Understanding your project’s needs should drive adoption of language and tools


Multiple processors64-bit computingDevice programming

78

• We are in the midst of a hardware revolution– Performance no longer doubles every 18 months

• Intel and AMD both plan to deal with this by giving you more cores – it is all about concurrency

– 64-bits is the architecture of the very near future• Huge move to 64-bit has begun

– Computing devices are going to be everywhere• The cell-phone is quickly becoming the most

important electronic consumer device in the world• Visual Studio 2005 is your one stop development

shop for everything… from big 64-bit systems to the smallest cell-phones

79

• Concurrency is the key to performance in the future• Concurrency: The Hardware

– Adding cores to chips is what will make them faster in the future, clock speed is slowing to a crawl

– Intel and AMD both will ship multicore this year – most CPUs shipped will be multicore in two years

• Concurrency: The Software– There are multiple types of concurrency for different tasks– Data parallelism – Algorithmic concurrency such as loops– Task parallelism – Traditional threading– Instruction level parallelism – Vectorization with SSE and

SSE2• If you are not taking advantage of the concurrency

your application performance will suffer– You’ll need to learn how to write parallel programs

80

• Data parallelism: OpenMP– A specification for writing multithreaded programs– It consists of a set of simple #pragmas and runtime

routines– Makes it very easy to parallelize loop-based code– Helps with load balancing, synchronization, etc…– In Visual Studio, only available in C++

• Task parallelism: Windows threading– Standard model of Windows threads and threadpool– Useful for invoking different threads to run different

functions• Instruction level parallelism: The profiler and C++

optimizer• Without Visual C++ 2005 you will lose

performance on future processors

81

• Can parallelize loops and straight-line code• Includes synchronization constructs

first = 1last = 1000

1 ≤ i ≤ 250 251 ≤ i ≤ 500 501 ≤ i ≤ 750 751 ≤ i ≤ 1000

void test(int first, int last) { #pragma omp parallel for for (int i = first; i <= last; ++i) { a[i] = b[i] + c[i]; }}

82

• The 64-bit Platform provides many benefits– Vastly increased address space– OS has more resources (buffer sizes, handles, etc…)– Enhanced 32-bit performance on x64 (maybe surprising, but

true)– Modern computer architecture – fewer limitations– Better programming model (No more PAE/AWE!)– Full use of 64-bit components

• The world is moving to 64-bits– The Windows platform is moving to 64-bit

• 64-bit Windows OS available today for both x64 and Itanium

• Some Windows SKUs are going to ONLY be 64-bit– AMD and Intel will be shipping 64-bit exclusively on the

desktop in a year’s timeframe• Are you ready for this? Visual C++ 2005 is the tool to

make this transition easy

83

• Targeting 64-bit is easy with Visual C++ 2005– Visual C++ 2005 has full support for targeting 64-bit

(managed and native)– It is just Windows – same Win32 API you already know– The biggest change is pointer size (pointers are now 64-

bit)• Experience shows that porting to 64-bit is not as

hard as you may think– In developer labs at Microsoft we have seen teams port

5 million lines of a code in a week

84

• Devices are increasingly capable devices– At Visual C++ 6 launch the top processor was Pentium II 400MHz

OS Windows Mobile™ 2003 software - Premium Edition

Processor Intel® PXA270 Processor 624 MHz Connectivi

ty, std.Integrated WLAN 802.11b, Bluetooth® 1.2,

IrDA (FIR), USB and SerialExpansion

slotIntegrated SD slot - supports 1-bit and 4-bit

SDSDIO/MMC type standard, CF slot - Type II

Memory, std.

192 MB total memory (128 MB ROM and 64 MB SDRAM); Up to 135 MB user available memory

Dimensions

5.17 x 3.03 x .59 in.

Weight 6.6 oz

85

• Devices are now first class citizens in Visual Studio 2005– Same IDE as desktop platforms– Same source base for compilers and native libraries– Ability to target multiple platforms– Managed and Native projects in same solution– Debugging is like the desktop debugger

• The improvements in the desktop tools are reflected in the device tools, plus everything needed to target devices!

87

• Visual C++ 2005 gives a great unified experience across the platforms– Unified IDE for all Visual C++ development– Single language supported for all platforms– Common libraries for all platforms– Best code generation for every architecture– New features enabled for new scenarios

• Visual C++ 2005 gives you tools to make concurrency easier• Visual C++ 2005 makes 64-bit like the programming you’ve

done for the past decade• Visual C++ 2005 makes devices simply another platform to

target• As the hardware continues to march along, Visual C++ 2005

enables your code to march along with it


89

• Productivity– Manage large solutions with property sheets– All features work on live code, no build required– Improved IntelliSense fully understands macros,

templates– Navigate with references, call trees, go to definitions– Debug with trace points and STL container visualization– And much more…

90

• If you do only one thing…– Install Visual Studio 2005 Beta 2

• Actions to take with your application– Upgrade before Visual C++ 6 has no more support– If your application is shipping before 2006, upgrade to

Visual Studio 2003– Otherwise, upgrade directly to Visual Studio 2005– Use new optimization options

91

• If you do only one thing…– Use security checks in your application to mitigate buffer

overruns• Actions to take with your application

– Install XP SP2 on your development machine– Design and test your application for a limited user

account– Replace deprecated C library calls with Safe C library

calls– Fix defects found by static analysis– Run your application under Application Verifier– Ship libraries built with a newer compiler to deliver

security benefits to your customers

92

• If you do only one thing…– Compile your application with the /clr compiler option

• Actions to take with your application– If you need to use your application as a component

model, wrap existing APIs with managed code– If a library from the .NET Framework has functionality

you need, use it in your application– If your application needs a plug-in model, consider a

partial trust approach with managed code

93

• If you do only one thing…– Compile your application with a 64-bit compiler

• Actions to take with your application– Build a strategy for using devices with your application– Build a strategy for shipping a 64-bit version of your

application– If you deliver libraries, build 64-bit versions for your

customers– Identify the best way to parallelize your application for

multicore processors

94

• Application development is nearing an inflection point– C++ is twenty years old and is continuing to evolve– New hardware technologies are broadening the scope of

development– New libraries and programming models are broadening what

can be developed– New versions of Windows are optimized for upcoming

applications• Visual C++ 2005 provides the tools to capitalize on all of

these technologies driving the inflection point• This is the best time to upgrade to be ready; take advantage

of the opportunity before getting caught off guard• Visual C++ 6 is out of mainstream support and will have no

support at all after September

© 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only.MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.

Documents

2 Nikola Dudar, Program Manager April Reagan, Program Manager Ronald Laeremans, Group Program Manager