Bjarne Stroustrup, creator of C++, has issued a call for the C++ community to defend the programming language, which has been shunned by cybersecurity agencies and technical experts in recent years for its memory safety shortcomings.

  • jenesaisquoi@feddit.org
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    3 days ago

    The problem is unsolvable. In order to make C++ memory safe, the language has to be changed so much it might as well be a new one - requiring a rewrite of existing codebases.

    If what we are talking about then is a completely new C+±like language, which will take a decade or more to develop, we might as well just use Rust, which is available right now and working surprisingly well.

    This is exactly what Google and others have decided to do.

    C++ is not going away, due to the staggering amount of existing code. But its usage will stop growing and then start to slowly shrink.

  • beleza pura@lemmy.eco.br
    link
    fedilink
    arrow-up
    14
    arrow-down
    1
    ·
    edit-2
    11 days ago

    C++ [relies] on manual memory management

    not exactly. i can’t remember the last time i new’d or deleted anything at work. not only do we have smart pointers for over a decade now, but also, most of the time, you don’t even want to be allocating stuff on the heap anyway, so raii will take care of managing your resources. memory management in c++ is explicit, but it’s mostly automatic

    yeah it’s not as safe as rust, but idiomatic c++ isn’t supposed to be littered with new and delete statements. that’s indication of java-like c++ code, which has been the true villain in c++ codebases for decades, imo. most shitty c++ code is java-like c++ code written by people who would rather be coding in java (or java++ aka c#)

    • thebestaquaman@lemmy.world
      link
      fedilink
      arrow-up
      3
      arrow-down
      3
      ·
      11 days ago

      Exactly… I’ve never gotten the whole “C++ is so unsafe” thing. If you’re having trouble with manual memory management in modern C++, it’s likely because you’re doing something wrong.

      There are use-cases for it, but if you’re working with something so performance critical that you can’t afford an std::array or unique_ptr, you’re probably better off just writing straight C instead (except then you don’t even have references).

      Modern C++ has a shitload of guardrails if you care to use them, but also lets you say “fuck it, this void* points to a double, trust me” if you want to.

  • Reptorian@programming.dev
    link
    fedilink
    arrow-up
    19
    arrow-down
    11
    ·
    edit-2
    11 days ago

    Just use Rust. Eazy Peazy. C++ will likely be still be used because it’s just not realistic for some softwares to switch to a safer programming language.

    • ulterno@programming.dev
      link
      fedilink
      English
      arrow-up
      9
      ·
      edit-2
      11 days ago

      I feel like it’s just a matter of time.

      Since someone managed to make an event based library in Rust, I don’t think we need to stop at it.
      As long as some of the problems with the borrow checker with large code-bases can be fixed, it should be usable for pretty much every application.

      On the other hand, all we have done is changed the terms of “don’t make it crash” to a simpler, “don’t use unsafe”. That, I feel, would eventually bring up similar problems in different ways from what we have now.


      On the other, other hand, until my concentration becomes so bad that I am not able to handle my memory allocations, I will not stop using C++

    • DaPorkchop_@lemmy.ml
      link
      fedilink
      arrow-up
      9
      ·
      11 days ago

      I will use Rust when const generics are actually useful and we get some viable alternative to variadic templates.

      • jenesaisquoi@feddit.org
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        2 days ago

        I know very little about C++, can you help me understand at a very basic level what variadic templates are? Is it about a template taking a varying number of generic types? If it is, then you can get something very similar in Rust by implementing a trait for tuples of various lengths.

    • Croquette@sh.itjust.works
      link
      fedilink
      arrow-up
      7
      ·
      11 days ago

      Until chip manufacturers officially support rust, my clients will not want me to use an unofficial crate no matter how good it is.

      • jenesaisquoi@feddit.org
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 days ago

        ESP32 has official support, and others are working on it. I think it will come sooner than you and I might think

        • Croquette@sh.itjust.works
          link
          fedilink
          arrow-up
          2
          ·
          3 days ago

          I hope that it comes sooner than later. But I cannot offer Rust to most of my customers until it is officially supported.

          • jenesaisquoi@feddit.org
            link
            fedilink
            English
            arrow-up
            2
            ·
            3 days ago

            Of course! If you can, ask your vendor about it. If enough of their customers ask they will likely invest in it