nav search
Data Centre Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

back to article
What's all the C Plus Fuss? Bjarne Stroustrup warns of dangerous future plans for his C++

Tom 7 Silver badge

Re: There are several C++ map-reduce libraries

I do like them myself.

I do not like the fact Qt seems to take up several gig and when I have to upgrade so I can compile a 500 line graphics app I seem to have to download all possible libraries. I'm sure I've see a QT library for the Manchester Baby in there!

CommanderGalaxian
Unhappy

Heaven help the newbies.

From about 1989 through the 2004 - I spent most of my time programming in either C or C++ and loving them both. Then for the last decade and a bit I've been programming SCADA sytems (which tend to have their own Pascal or C like languages).

On coming back to C++ in 2018 - all I can say is: WTF happened!?

Fibbles

Re: Heaven help the newbies.

It got better?

You don't have to use every new feature of the language and I can't think of any that actively make it worse.

grizewald

Code style

For goodness sake!

for (int i=0; i<MAX; i++) ++v[i]; // increment each element of the array v

Should be:

for (int i = 0; i < MAX; i++) ++v[i]; // increment each element of the array v

People who don't use white space properly should be taken behind the bike sheds and shot!

CommanderGalaxian

Re: Code style

Either style is equally legible. The problems come when people start mixing styles (usually because some arsehole thinks their style is better than everybody else's) - that's what gives the readability headaches.

GrumpenKraut Silver badge
Trollface

Re: Code style

The real nasty here is using the postfix-form of the increment operator.

Only half trolling --->

JohnFen Silver badge

Re: Code style

This. It doesn't matter what a company's (or individual's) official code style is, it's only important that they have one and that it is used consistently. This is true for all languages.

Jack of Shadows Silver badge

Re: Code style

Concur. That's part of the future support capability in whatever I do. It's highly likely, for one reason or another, some one else is going to try something with what I've crafted. Why should I make their life Hell? I also keep the complexity level low, not stupid but useful. APL (J now) is a favorite of mine but I'm used to using maths most everyone else doesn't know exists.

Tom 7 Silver badge

Re: Code style

You dont understand, The purpose of Code Style is so that no-one can ever learn the full set of quirks in your company so you will always make a mistake here or there and then the really shit managers can go off on one for several weeks explaining to everyone in the department how its your fault you couldn't solve Fermat's last theorem in 20 lines of python as he'd demanded in the project plan.

Hans 1 Silver badge
Happy

there is hardly any feature I wouldn’t do somewhat differently if I had to do it again.

Anybody who has ever written code would say this, too!

karlkarl

I was on the C++ spec discussion group the other day asking why std::shared_ptr<T> or std::vector<T>::iterator did not provide some additional checking whether memory gets destroyed whilst within the member function itself (i.e 'this' gets destroyed, via a smart pointer resetting or a vector clearing).

Whilst I certainly I agreed that these features will add some overhead and should not be part of the spec, I would really like to see it enabled in some sort of debug mode rather than leave that task to compiler specific vendors (to mess up).

Basically I fear that C++ is evolving the wrong way. It is becoming full of really cool advanced and fast features that I will likely never use, whereas it is still just as unsafe as it was since the invention of smart pointers in TR1 / C++0x.

I think the problem is that these guys are so smart that they don't need this additional error checking. Unfortunately the rest of us really need them (as evidence with a lot of security related bugs that keep cropping up).

Bronek Kozicki Silver badge

why std::shared_ptr<T> or std::vector<T>::iterator did not provide some additional checking whether memory gets destroyed whilst within the member function itself

My response to this category of problems is: fix your design.

Tom 7 Silver badge

RE: why std::shared_ptr<T> or std::vector<T>::ite....

So you've identified somewhere in the language where there could be a problem if you dont write your code properly and rather than adding some check in your coding procedure you are going to wait until someone updates the language?

Missing Semicolon Silver badge

C++ has been squeezed out

If you want stuff to run quickly, or with few resources in a tiny micro, there's C.

If you have a bigger box, heap, scheduling, whatnot, you use a proper manage language like Java/Rust/Scala.

For code where the expression on a complex algorithm is the main problem, not the cyle-level efficiency, you go higher level Python/R/Go

C++ can't really be used unless you have a heap. If you do have a heap, with plenty of free space, yoiu need memory management, ruling C++ out.

karlkarl

Re: C++ has been squeezed out

C++ uses the same memory management system as Rust. RAII.

In many cases, big heavy things like Java and .NET are simply not a solution to C++ and aren't they all written in C++ anyway? ;). I don't think C++ will ever be squeezed out and I predict its lifespan will actually extend well beyond most of those mentioned languages.

Ultimately, C is king and in theory the only language we really need (it attaches our logic to the machinery) and C++ is meant to be C with additional safety and facilities. I have tried to create a safe ANSI C library (https://github.com/osen/plank) largely using MACROs. It still isn't quite up to the safety of C++.

Anonymous Coward
Coffee/keyboard

I've alwats been concerned that C++ just isn't complicated enough...

...so I'm glad to see this fundamental flaw is being properly addressed.

Lee D Silver badge

I have to say, just that simple for-loop is a prime example of why I don't like C++.

I can memorise the entire standard library of C, and every command in it, and every operator, and every syntax. Nobody can then run up a piece of code which can't be deciphered (sure, I may have to play pre-processor games, but everything will come down to obvious code).

When there are a dozen ways to iterate over a simple group of objects, and half-a-dozen different groups of objects, and obscure syntactic sugar the people use because it saves them a fraction of a second, it quickly becomes a pain to understand. Which means it's a pain to verify. Which means it's a pain to secure. Which is not what you want in something like C/C++.

The "hidden effects" of such code, where things are iterated upon, objects are instantiated, etc. behind your back is a real pain to me. It's like every simple line becoming a dozen "subroutines", overrode and silently inserted, and no obvious way to tell that's what's happening from a quick glance.

I'm sure with a good IDE, these things become mere colourations, and you can expand object creation etc. but it means too much is going on under the hood without my say-so.

That's the problem I have with C++... someone can give you the worst spaghetti code and it could easily be malicious, obtuse, or just terrible. With C, you have a chance to spot it, you can pre-process and then see each step, and you have the entire library in your head. If you want to use fancy objects, you have well-defined headers and you can easily isolate the problem.

When I read my first book on C++, I was so excited to try using it. We all know that "reading about it" and "doing it" are two very different things, but I'd never seen such a gap when learning a programming language. Everything about C++ suggests it should be wonderful, but the pitfalls and readability plummet the second you try to use it, and the other code you inherit is usually nothing more than show-off gibberish trying to use every template, library function and short-cut syntax possible.

I dearly want C-with-objects back again. C++ never was that, despite claiming so at one point.

GrumpenKraut Silver badge
Angel

> I have to say, just that simple for-loop is a prime example of why I don't like C++.

Funny, I really like that idiom.

But let me offer you some help with hating C++: Let A be a std:valarray (of, say, type int). Then you can replace all elements strictly greater than 5 by 77 as follows:

A[ A > 5 ] = 77;

No, I am not kidding.

Fibbles

"Language I know is easier to understand than language I do not know."

The range based for loop is far from opaque to anybody who actually knows the language. It simply iterates the each element 'foo' in container 'bar'. It does it by using a feature of the language that has been in the standard for 20 years, namely 'iterators'. Every algorithm in the Standard Library uses iterators, they're not a difficult concept and are fundamental to understanding the Standard Library.

Your complaint seems to be that you don't understand the inner workings of the Standard Library and therefore can't 'secure' your code which is ridiculous because you shouldn't care about the implementation any more than you should care about the implementation of your compiler. At a certain point you have to trust that something does what it says on the tin.

karlkarl

I agree that C has some advantage over C++ in that it is simpler. This is quite evident by the K&R book being about 1/4 the size of Stroustrup's C++ Language book ;)

However the complexity in some cases is worth it. For example with "safe" iterators it can be set up so that if the data you are iterating through changes (i.e some berk has cleared the container hidden down the call stack), you can know about it (with an assertion).

That said. Some developers I feel over-consume C++ features (especially templates). For example, I present to everyone the GLM challenge. Who can find where the glm::mat4 glm::rotate() function is actually implemented in 1 minute?:

https://github.com/g-truc/glm/tree/master/glm

I'll give you a clue... If you are using an IDE with intellisense. Turn it off. It will probably crash ;)

Contrast this with linmath (ANSI C): https://github.com/datenwolf/linmath.h

GLM is safer but gosh is it more complex. I would hate to extend that thing.

Fibbles

/glm/gtc/matrix_transform.inl

glm - because it's in the OpenGL Math Library

gtc - because it's Template Core rather than Template eXperimental (gtx)

matrix_transform - because it's a free function for transforming a matrix object

.inl - design choice of the library, could just as easily go in the hpp file

This seems more a criticism of the GLM library and their header layouts rather than a valid criticism of templates. It's also unfair comparing its size to linmath since GLM is specifically designed to inter-operate with OpenGL and mimics GLSL as closely as possible within the limits of the language.

Anonymous Coward
Facepalm

Who can find the glm::rotate() function?

> For example, I present to everyone the GLM challenge. Who can find where the glm::mat4 glm::rotate() function is actually implemented in 1 minute?:

Interesting .. I've also wondered why, for such a high level language, you need to help C++ keep track of its variables using the Namespace feature. For another example, it's perfectly obvious that :: is the scope resolution operator and does different things depending on the context. It would be like creating a human language that the key words could be overloaded with ever changing meaning <sarcasm>

Human brains don't work like this, C++ a high level computer language written for computers :]

Richard 12 Silver badge

Re: Who can find the glm::rotate() function?

Namespaces are because it's not possible to give every class, function and constant a unique, memorable name.

It is common - nay certain - that a mid to large sized project will have multiple things that with the same name.

But if you have Eigen::matrix4x4 and GLM::matrix4x4, you can actually say which one you mean.

Nothing more.

And of course, you can just tell the compiler "in this source file I use GLM", to avoid typing the letters.

tony2heads

closer to the Mary Rose

The Tudor warship performed well for decade until the upgrade.

regreader2011

I guess we now live in an age where computer languages are treated akin to consumer electronics items -- one must ship a new version every couple of years, else people switch to a different brand? Or is it just a self-serving effort to keep the C++ education business humming?

ThomH Silver badge

I think it's more like the explosion in new languages, resulting from the post-internet easier grouping of interested people, has led to a much faster turnover in new ideas and the established languages like to crib what they can.

HmmmYes Silver badge

Problem is, each language version really should be considered a different lanaguage.

Maintaining any long (>10 year) lifed C++ is a massive PITA.

Ibe seen programmers start off MFC C++ style - C++90 + the stupid MS addons.

Then some has read the Design Pattern book, so you get 'patterns' in the code base from 95is-00ish.

Then they discover the STD. All the new stuff then becomes templated.

All a massive fuckup.

You need to have strongly applied coding rules, not just syntax but on the language and libraries used.

The module needs needs to be frozen to that C++ version.

End of the day, I spend more time testing.checking stuff than I do writing new stuff. Any language that makes testing easier gets my vote.

arctic_haze Silver badge

What's wrong with good old ANSI C?

ANSI C is good enough for the scale of project I do. If I really needed to start a big multithreaded project I would think of something created for that purpose, but most probably that would not be C++.

vincent himpe

why not simply have a 'foreach' ?

foreach (x in v) x++;

why all those cryptic modifiers ? language syntax should be easy to read. Not look something written by a drunk hamfisted keyboard pounder typing expletives in symbolic form... $#@&%^!!!

Fibbles

It's not far off that really. C++ is a statically typed language so you need to provide a type in your code or explicitly tell the compiler to deduce it from the value passed.

for ( auto& x : v )

If you look at the above range based for you can see that the colon is equivalent to 'in'. The only non obvious bit to somebody who uses another language is the 'auto&'. The 'auto' just tells the compiler to deduce the type since it knows what 'v' contains and therefore knows the type of 'x'. The '&' tells the compiler that it should not make a copy of the element from the container but just use a reference back to the original object.

Lee D Silver badge

Expletives in symbol form are called "grawlixes".

Just a bit of trivia for you.

Lee D Silver badge

I'm with the foreach guy.

The second you start using a different syntax for the same command (for), and distinguish using obscure symbols, and even HAVE things like "auto" type modifiers (which just makes me think of VB "Variants"... shudder...), then you've strayed far enough from the original command to warrant a new keyword.

That line is impenetrable to my programming mind. Can you honestly imagine seeing something like that inside, say, the Linux kernel? Or the LibreSSL library?

C++ just wants to overload absolutely everything, including its own commands, and that quickly turns into a royal mess.

And I can't imagine that the generated code is any better than just using the "obvious" foreach and a type/object that allows iteration, and an obvious array/collection of objects.

For instance, if that loop modifies x, and it's just a reference back to the object inside the collection, that could quickly turn into disaster and it might well be hard to spot.

Honestly, a programming language is like a joke, if you have to explain it, it's not working. Sure, C is hardly as readable as BASIC, but C++ is an order of magnitude more obscure than either, especially when people play with these pretty "tricks".

Anonymous Coward
IT Angle

why not simply have a 'foreach' ?

> why not simply have a 'foreach' ?

Because computer programming is an esoteric art form not to the shared with the hoi polloi :]

Fibbles

The second you start using a different syntax for the same command (for), and distinguish using obscure symbols, and even HAVE things like "auto" type modifiers (which just makes me think of VB "Variants"... shudder...), then you've strayed far enough from the original command to warrant a new keyword.

That line is impenetrable to my programming mind.

What makes it impenetrable? I really can't see how 'foreach x in y' is significantly more readable than 'for x in y'.

The auto keyword is not specific to for loops, you can use it pretty much anywhere you'd like the type deduced. It's useful because you shouldn't be redeclaring the same information over and over. If I change variable foo from int to unsigned int I don't want to have to then go through each line of code to change the type there as well.

Can you honestly imagine seeing something like that inside, say, the Linux kernel? Or the LibreSSL library?

No because they're both written in C, not C++.

For instance, if that loop modifies x, and it's just a reference back to the object inside the collection, that could quickly turn into disaster and it might well be hard to spot.

References have been a core part of the language since the year dot. Do you have the same complaint about pointers? A reference serves the same purpose as a dereferenced pointer.

Honestly, a programming language is like a joke, if you have to explain it,

You can't honestly expect to be able to use a language without learning the syntax. Even something like Python (which is marketed as close to natural language,) requires you to learn the syntax.

Someone Else Silver badge

Re: why not simply have a 'foreach' ?

Prolly because that symbol was taken by the likes of boost and Qt and ...

onefang

"You can't honestly expect to be able to use a language without learning the syntax."

Half the time I can.

Waseem Alkurdi

(which just makes me think of VB "Variants"... shudder...)

Talking of the devil! For those who haven't endured the mental pain of understanding it:

Want a data type that stores strings and integers, yet can't use string functions nor integer functions, nor can be useful for anything? Yes sir: Variant.

Worse still is that not defining a data type for a variable "implicit declaration" gives you a fucking Variant.

parperback parper

Although you're better off avoiding the auto if you're using a non-templated function.

That way your IDE will know what type it is, and you'll get a nice compiler error message if someone changes the type of v without telling you.

Anonymous Coward
Anonymous Coward

why not simply have a 'foreach'....

"why not simply have a 'foreach' ?

foreach (x in v) x++;"

Because that would require reserving another keyword, unnecessarily breaking lots of existing code , when 'for' is already reserved and easy to understand, the only new bit of syntax is the reuse of the ':' the rest is all normal C++

You could just as easily write

std::vector<int> v

for(int i : v) ....

Backwards compatibility.... for when your language is not just a fashionable toy

handleoclast Silver badge
Coat

Bring back the good old days

Those wonderful days when Niklaus Wirth had a strong say in the design of a new language, and of new features to an existing language.

That way it is absolutely guaranteed to be unusable crap. So almost nobody but bondage and discipline fetishists will use it, and the rest of us can safely ignore it.

Anonymous Coward
Anonymous Coward

I've long been bitching about this

I really hate students because students are everywhere, polluting github and the wider net with blogs and projects of no value - not mentioning the caveats of: "I have no fucking experience at all, but I read that man month book and watched some stuff on youtube"

And I felt (until now) like I was the only voice opposing this "for-loops of any form are so c++OAP - now use find_if and then check the iterator is not end() and then do your shit" - which is a special case of "lambda the fuck out of everything!"

C++11 added move constructors, which I wonder how we survived without for 40 years TBH - this is why I've started using it (mainly in 2014 - safely late again).

Some of the newer proposals though are absolutely mental, and you're getting this disjointed mess (as he correctly points out, it's not coherent any more).

I don't really have a coherant (and bitchin') argument because I've tried to blind myself and hope that common sense will see through - I'm just glad someone sees it and has said so!

For those of you predicting the end of C++ - lol a broken clock is right twice a day, it's a shame your clock (by now must be) on one of those planets that has a year longer than its day.

Charles 9 Silver badge

Re: I've long been bitching about this

But Earth's year is longer than its day. And if you meant the reverse (a day longer than its year), Venus is nearby.

Ian Joyner Bronze badge

I Agree with Bjarne Stroustrup!!

I remember reading something a long time ago by Bjarne on the Vasa. I really recommend a trip to see it if you are in Stockholm – quite a sight.

I have been agreeing with Bjarne on this point for over 20 years, and C++ has been a top-heavy artefact for at least that time.

http://ianjoyner.name/C++.html

I'll admit to missing the most critical point (for 2018) that security is the elephant in the room for both C and C++ (and CPU/system architectures). Like most, I concentrated on correctness and verification, as well as other factors such as maintainability. Security is intricately tied to correctness, but rather than guarding a programmer against their own mistakes, it is guarding a system against the malicious intents of others. C and C++ can be too early undermined, and buffer overflows have proven to be the curse of modern computing, but blessing to the hackers.

But security is indeed the issue that should see C and C++ relegated to the past of the wild-west days of computing.

It is time for a rethink – or at least to learn the lessons from the past for good software development, even back to the 1960s, that C and C++ have wilfully ignored and spurned as 'restricting programmer freedom'. That attitude was naive, then stupid, now it should be criminal.

Anonymous Coward
Anonymous Coward

Re: I Agree with Bjarne Stroustrup!!

WTF would a language that adds features for security look like?

EVERY language lets you do dumb shit - I remember the CS Dept (I'm maths baby) all circlejerking (you can tell because they were always gripping the dick to the left - that's organisation) about how unsafe C++ is memory wise - yes you can write "malloc(...)" and just throw the result away. But let's look at java - setting references to null when you're done so they'll be collected, closing files and shit yourself, blah blah blah.

Facebook once re-wrote some library which dealt with many (MANY) different small objects to be backed by a byte storage buffer thing (2012, so the names are gone from my memory) - you shouldn't have to do shit like that!

Now with the "secure programming" thing - WTF do you mean? put some fashionable AES implementation into the standard? Okay cheers. Thanks for posting.

Noob.

Ian Joyner Bronze badge

Re: I Agree with Bjarne Stroustrup!!

“WTF would a language that adds features for security look like?”

Try not to sound so incredulous. Secure languages are those that don’t allow you to do things like buffer overflows, out-of-bound array access. These are well-known techniques. They need checking both at compile time but run time as well.

If you don’t understand what is meant by secure programming, I suggest you step away from the machine. Do not attempt any programming whatsoever. Secure programming and software verification are well-known techniques.

There is no need for the abusive tone of your post. It rather proves that you are wrong.

Ian Joyner Bronze badge

Re: I Agree with Bjarne Stroustrup!!

“WTF would a language that adds features for security look like?”

I should answer this another way, because it shows you don’t know what you are talking about. For security, a language doesn’t add features, it takes them away. These are not really features anyway because they are not needed for general-purpose programming. Things like pointers in C. These should be implicit and mostly are in other languages. You should not be able to manipulate pointers to arbitrary areas in memory (even within your own memory space).

C++ just becomes more complicated, and the interaction of complications leads to holes. So you get the Vasa Queen syndrome.

For many other languages they don’t have these dangerous facilities. It seems Stroustrup would like to remove things so that C++ becomes simpler like other languages and more specific to OO or functional programming. But then you end up with languages that are already out there - so why bother with C++ anymore? It will be C++50 before it gets down to a decent size.

Anonymous Coward
Anonymous Coward

"You should not be able to manipulate pointers to arbitrary areas in memory (even within your own memory space)."

So how do you (easily) do memory mapped io ?

Grant Fromage
Coat

Too many years ago from byte magazine

The man himself " to err is human, to really fsk up you need C++"

I have the mag somewhere 85?.

Maelstorm Bronze badge

Uhggg Another C++ standard?

You know, we don't really need any new features to the language. In fact, there's a few features that probably should be removed. So yes, I agree with Bjarne Stroustrup. Right tool for the job really. I view C++ as the object oriented version of C, and I use C...a lot in my coding since I code close to the bare metal. C and assembler for my work.

C: Low level system stuff such as kernels, device drivers, libraries, etc...

C++: Higher level application stuff (especially on GUI platforms) or when using objects make sense...like the Abstract Syntax Tree that's generated from a parser and is fed into the code generator for a compiler. OOP makes sense here since the nodes are all the same, the data they contain is what differentiates what type of node it is.

Here's a little thing that Linus said about C++. Enjoy.

http://harmful.cat-v.org/software/c++/linus

Waseem Alkurdi

Regarding the "C Plus" in the headline

<rant>

It REALLY GETS ON MY TITS when engineering students at our university (who have to take C++ as mandatory) call it "C plus" as shorthand/acronym/whateverthefuck.

REALLY ANNOYING.

</rant>

I do understand that this is to rhyme with "fuss", but it awakes my PTSD whenever I hear it.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing