this post was submitted on 02 Mar 2025
36 points (97.4% liked)

C++

1907 readers
1 users here now

The center for all discussion and news regarding C++.

Rules

founded 2 years ago
MODERATORS
 

Bjarne Stroustrup, creator of C++, has issued a call for the C++ community to defend the programming language, which has been shunned by cybersecurity agencies and technical experts in recent years for its memory safety shortcomings.

top 13 comments
sorted by: hot top controversial new old
[–] FizzyOrange@programming.dev 22 points 2 weeks ago

Yeah it's too late. Maybe if they had taken this problem seriously 20 years ago...

[–] bunitor@lemmy.eco.br 13 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

C++ [relies] on manual memory management

not exactly. i can't remember the last time i new'd or deleted anything at work. not only do we have smart pointers for over a decade now, but also, most of the time, you don't even want to be allocating stuff on the heap anyway, so raii will take care of managing your resources. memory management in c++ is explicit, but it's mostly automatic

yeah it's not as safe as rust, but idiomatic c++ isn't supposed to be littered with new and delete statements. that's indication of java-like c++ code, which has been the true villain in c++ codebases for decades, imo. most shitty c++ code is java-like c++ code written by people who would rather be coding in java (or java++ aka c#)

[–] thebestaquaman@lemmy.world 0 points 2 weeks ago

Exactly... I've never gotten the whole "C++ is so unsafe" thing. If you're having trouble with manual memory management in modern C++, it's likely because you're doing something wrong.

There are use-cases for it, but if you're working with something so performance critical that you can't afford an std::array or unique_ptr, you're probably better off just writing straight C instead (except then you don't even have references).

Modern C++ has a shitload of guardrails if you care to use them, but also lets you say "fuck it, this void* points to a double, trust me" if you want to.

[–] Reptorian@programming.dev 8 points 2 weeks ago* (last edited 2 weeks ago) (3 children)

Just use Rust. Eazy Peazy. C++ will likely be still be used because it's just not realistic for some softwares to switch to a safer programming language.

[–] DaPorkchop_@lemmy.ml 9 points 2 weeks ago (1 children)

I will use Rust when const generics are actually useful and we get some viable alternative to variadic templates.

[–] jenesaisquoi@feddit.org 2 points 1 week ago* (last edited 1 week ago)

I know very little about C++, can you help me understand at a very basic level what variadic templates are? Is it about a template taking a varying number of generic types? If it is, then you can get something very similar in Rust by implementing a trait for tuples of various lengths.

[–] ulterno@programming.dev 9 points 2 weeks ago* (last edited 2 weeks ago)

I feel like it's just a matter of time.

Since someone managed to make an event based library in Rust, I don't think we need to stop at it.
As long as some of the problems with the borrow checker with large code-bases can be fixed, it should be usable for pretty much every application.

On the other hand, all we have done is changed the terms of "don't make it crash" to a simpler, "don't use unsafe". That, I feel, would eventually bring up similar problems in different ways from what we have now.


On the other, other hand, until my concentration becomes so bad that I am not able to handle my memory allocations, I will not stop using C++

[–] Croquette@sh.itjust.works 7 points 2 weeks ago (1 children)

Until chip manufacturers officially support rust, my clients will not want me to use an unofficial crate no matter how good it is.

[–] jenesaisquoi@feddit.org 2 points 1 week ago (1 children)

ESP32 has official support, and others are working on it. I think it will come sooner than you and I might think

[–] Croquette@sh.itjust.works 2 points 1 week ago (1 children)

I hope that it comes sooner than later. But I cannot offer Rust to most of my customers until it is officially supported.

[–] jenesaisquoi@feddit.org 2 points 1 week ago

Of course! If you can, ask your vendor about it. If enough of their customers ask they will likely invest in it

[–] lambalicious@lemmy.sdf.org 4 points 2 weeks ago

Storm in a teacup!

[–] jenesaisquoi@feddit.org 1 points 1 week ago* (last edited 1 week ago)

The problem is unsolvable. In order to make C++ memory safe, the language has to be changed so much it might as well be a new one - requiring a rewrite of existing codebases.

If what we are talking about then is a completely new C++-like language, which will take a decade or more to develop, we might as well just use Rust, which is available right now and working surprisingly well.

This is exactly what Google and others have decided to do.

C++ is not going away, due to the staggering amount of existing code. But its usage will stop growing and then start to slowly shrink.