this post was submitted on 26 Feb 2024
267 points (96.5% liked)

Programming

17432 readers
226 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities [email protected]



founded 1 year ago
MODERATORS
 

On the one side I really like c and c++ because they’re fun and have great performance; they don’t feel like your fighting the language and let me feel sort of creative in the way I do things(compared with something like Rust or Swift).

On the other hand, when weighing one’s feelings against the common good, I guess it’s not really a contest. Plus I suspect a lot of my annoyance with languages like rust stems from not being as familiar with the paradigm. What do you all think?

(page 3) 44 comments
sorted by: hot top controversial new old
[–] [email protected] 53 points 8 months ago (11 children)

I'm just glad to see the White House listening to people who understand technology for a change.

[–] [email protected] 23 points 8 months ago (11 children)

We need legislators who aren't all literally older than cryptography. If they weren't bought and paid for by billionaires that would be nice too.

load more comments (11 replies)
load more comments (10 replies)
[–] [email protected] 10 points 8 months ago

So that's why I've been hearing non-stop crab rave music!

[–] [email protected] 20 points 8 months ago (4 children)

What memory-safe systems programming languages are out there, besides Rust?

[–] [email protected] 2 points 8 months ago (2 children)

Wasn't Go designed to be a memory safe systems programming language? I haven't really used it enough to see if it holds true, though.

load more comments (1 replies)
[–] [email protected] 0 points 8 months ago (1 children)

I’m very flaky here, as rust is the big one, but I think zig and/or nim might be

load more comments (1 replies)
[–] [email protected] 9 points 8 months ago (1 children)
[–] [email protected] 15 points 8 months ago (2 children)

I appreciate your answer, but I mentioned systems programming, because I was more interested in languages that do not rely on a garbage collector.

[–] [email protected] 26 points 8 months ago (1 children)

To play devil's advocate, most systems programming can be done even with a garbage collector. Midori was a project to build an operating system on a variant of C#, and although the garbage collector did impose technical difficulties, it wasn't a dealbreaker. Go isn't usable everywhere Rust is, but it can in fact be used for many things that previously would have been considered "systems" niches (which is part of why there was a somewhat prevalent misconception in the early days of Rust that they were similar languages). Prominent D developers have defended D's garbage collector (even though it's technically optional). Bjarne Stroustrup, the creator of C++, used to express great confidence that C++ would one day have a garbage collector.

...but you're right, Rust and its rise in popularity (and, conversely, the C++ community's resistance to adopt anything with garbage collection) have definitely narrowed the common definition of "systems programming" to exclude anything with a "thick" runtime.

[–] [email protected] 4 points 8 months ago

I enjoyed the facts spit above.

[–] [email protected] 5 points 8 months ago

Huh, I totally missed that my bad

[–] [email protected] 10 points 8 months ago (3 children)

Rust does memory-safety in the most manual way possible, by requiring the programmer prove to the compiler that the code is memory-safe. This allows memory-safety with no runtime overhead, but makes the language comparatively difficult to learn and use.

Garbage-collected compiled languages — including Java, Go, Kotlin, Haskell, or Common Lisp — can provide memory-safety while putting the extra work on the runtime rather than on the programmer. This can impose a small performance penalty but typically makes for a language that's much easier on the programmer.

And, of course, in many cases the raw performance of a native-code compiled language is not necessary, and a bytecode interpreter like Python is just fine.

[–] [email protected] 9 points 8 months ago* (last edited 8 months ago)

I'm no Rust expert, but in what I have done with it I've always found it reassuring to know the compiler has my back, and I haven't found the rules too onerous. In some ways I prefer this to counting on some black-box garbage collector with unpredictable performance costs, and I certainly prefer catching as many errors as possible at compile time not runtime.

[–] [email protected] 12 points 8 months ago* (last edited 8 months ago) (1 children)

A better approach is the one Apple uses with Swift (and before that, Objective-C... though that wasn't memory safe).

In swift the compiler writes virtually all of your memory management code for you, and you can write a bit of code (or annotate things) for rare edge cases where you need memory management to do something other than the default behaviour.

There's no garbage collection, but 99.999% of your code looks exactly like a garbage collected language. And there's no performance penalty either... in fact it tends to be faster because compiler engineers are better at memory management than run of the mill coders.

[–] [email protected] 7 points 8 months ago (4 children)

To be fair, Swift uses reference counting instead of garbage collection which has different tradeoffs than GC but does incur a performance penalty.

load more comments (4 replies)
[–] [email protected] 28 points 8 months ago (4 children)

Rust does memory-safety in the most manual way possible

The most manual way is what C does, which is requiring the programmer to check memory safety by themselves.😛

Also will say that outside of some corner cases, Rust is really not that harder than Java or Python. Even in the relatively rare cases that you run into lifetimes, you can usually clone your data (not ideal for performance usually but hey its what the GC language would often do anyway). And reliability is far better in Rust as well so you save a lot of time debugging. Compiles = it works most of the time.

[–] [email protected] 12 points 8 months ago* (last edited 8 months ago)

Software engineer for almost two decades at this point, programming off and on since a kid in the late '80s: Rust is harder. It did seem to get better between versions and maybe it's easier now, but definitely harder than a lot of what I've worked in (which ranges Perl, PHP, C, C++, C#, Java, Groovy/Grails, Rust, js, typescript, various flavors of BASIC, and Go (and probably more I'm forgetting now but didn't work with much; I'm excluding bash/batch, DB stored procedures (though I worked on a billing system written almost entirely in them), etc.)

That said, I don't think it's a bad thing and of course working in something makes you faster at it, but I do think it's harder, especially when first learning about (and fighting with) the borrow checker, dealing with lifetimes, etc.

The availability of libraries, frameworks, tools, and documentation can also have a big impact on how long it takes to make something.

[–] [email protected] 16 points 8 months ago* (last edited 8 months ago) (2 children)

I like Rust a lot, philosophically and functionally... but it is WAY harder. Undeniably very hard.

Just try and do anything with, say, a linked list. It's mind-boggling how hard it is to make basic things work without just cloning tons of values, using obnoxious patterns like .as_mut(), or having incredibly careful and deliberate patterns of take-ing values, Not to mention the endless use of shit like Boxes that just generates frustrating boilerplate.

I still think it's a good language and valuable to learn/use, and it's incredibly easy to create performant applications in it once you mastered the basics, but christ.

load more comments (2 replies)
[–] [email protected] 22 points 8 months ago

C# dev with reasonable experience with java, python, and rust:

Rust is harder

[–] [email protected] 18 points 8 months ago* (last edited 8 months ago) (3 children)

The most manual way is what C does, which is requiring the programmer to check memory safety by themselves.😛

The difference is, Rust will throw a tantrum if you do things in an unsafe way. C/C++ won't even check. It'll just chug along.

Rust is really not that harder than Java or Python.

As someone who's done all three, the fuck it isn't.

If you are familiar with C/C++ best practices to any operational level, those things will translate over to Rust quite nicely. If not, that learning curve is going to be fucking ridiculous with all the new concepts you have to juggle that you just don't with either Java or Python.

load more comments (3 replies)
[–] [email protected] 24 points 8 months ago* (last edited 8 months ago) (2 children)

Leaders in Industry Support White House Call to Address Root Cause of Many of the Worst Cyber Attacks

And it's called C/C++. It's gotten so bad that even the friggin' white house has to make a press release about it. Think about it, the place where that majority barely even understand the difference between a file browser and a web browser is telling you to stop using C/C++. Hell, even the creator and maintainers of the language don't know how to make it memory safe. If that isn't a wake up call, then nothing ever will be.

And this isn't the first call! The IEEE also says more clearly: GTFO C/C++.

If you want memory-safe, don't write C/C++. Trying to get that shit memory-safe is a hassle and a half. You're better off learning a language that isn't full of foot-guns, gotchas, and undefined behavior.

CC BY-NC-SA 4.0

[–] [email protected] 10 points 8 months ago (2 children)

~~If you want memory-safe,~~ don’t write C/C++.

Fixed that for you. There's no situation where you want buffer overruns.

[–] [email protected] 21 points 8 months ago

There's no situation where you want buffer overruns.

I want buffer overruns in my game consoles for jailbreaking purposes lmfaoooooo

load more comments (1 replies)
load more comments (1 replies)
[–] [email protected] 6 points 8 months ago (6 children)

C++ can have excellent performance without ever using a single pointer and avoiding unsafe functions like gets() - this isn't necessarily a judgment on language - it's a judgement on bad programming habits.

Pointers fucking suck, in a modern C++ codebase everything should be pass by value or const/mutable ref. To my preference I'd rather drop mutable refs to force everything to be more functional but whatever.

[–] [email protected] 15 points 8 months ago* (last edited 8 months ago) (1 children)

Pointers suck in C++. In other languages every single variable is a pointer and it works perfectly with no memory bugs and great performance.

Pass by value often uses too much memory. Especially if you have a bunch of simultaneous functions/threads/etc that all need to access the same value at once. You can get away with it when your memory is a few dozen integers, but when you're working with gigabytes of media... you need pointers. Some of the code I work with has values so large they don't even fit in RAM at all, let alone two or three copies of them. Pass by value could mean writing a hundred gigabytes to swap.

[–] [email protected] 1 points 8 months ago (1 children)

That's one reason I mentioned pass by reference "smart" languages will do it automatically depending on the size of the argument, some languages (including my beloved PHP) even have a copy-on-edit functionality where everything is technically passed as a mutable reference but as soon as you mutate it (unless it was explicitly marked as a mutable reference) it will copy the original object and have you edit the copy instead of the original.

Is being explicit about when copies happen almost always a good thing - yea the overhead of that system is undesirable in performance sensitive situations - but for a high level scripting language it's quite nice.

load more comments (1 replies)
[–] [email protected] 13 points 8 months ago (1 children)

Working with habits is just not good enough. C++ has far too many footguns to be considered a safe language and there are frankly objectively better modern alternatives that you should use instead, perhaps except if you have a really large legacy code base you can't replace (but even then, consider calling into it via FFI from a safe language).

Even if you tried to actually enforce these habits, you'd just end up inventing a new language and it would be incompatible with previous C++ too.

C++ is not a viable language for the future.

[–] [email protected] 9 points 8 months ago

I get kinda bad vibes from this comment and I'd like to explain why...

If somebody said "We're building a point of sale terminal and to make it secure we're going to be using C++" I'd probably have a dumbfounded expression on my face unless they immediately continued with "because there are libraries we can lean on to minimize the amount of code we need to write."

C++ has an extremely mature ecosystem - Qt is essentially it's own language at this point! There are reasons to still consider building in C++ and saying "C++ is not a language for the future" feels dogmatic and cargo culty to me. Algol, Cobol and Fortran still have programming communities and while I agree that C++ is outsized in presence for the danger it presents there are still good reasons to choose it for some specific domains - high performance graphical programs being one of those in particular.

C++ has a plethora of foot guns and you need to be aware of them but when you are they're easy to avoid in fact your quote:

Even if you tried to actually enforce these habits, you'd just end up inventing a new language and it would be incompatible with previous C++ too.Even if you tried to actually enforce these habits, you'd just end up inventing a new language and it would be incompatible with previous C++ too.

Is probably the thing I agree most with - well built C++ isn't incompatible with regular ol' C++ but it feels like a different language... but as a not too old old-man-developer different projects often feel like different languages - each company/project has tools and libraries they use and it'll cause code written in the same language to read really differently... I'm a functionally oriented programmer with a pretty particular style, my C++, Python, Java, PHP, Node and Rust all look nearly the same except for language specific peculiarities.

So yea, discipline is needed and nobody's default choice should be C++ but if you follow best practices your C++ can be quite safe.

... that all said... I fucking hate the concept of definition files being sseparate from code files so I'm not going to use C++ anytime soon.

[–] [email protected] 33 points 8 months ago (1 children)

I mean that's just the problem with C++. There's 17 different ways to do things, 2 are always wrong, 14 are contextual, and 1 is reserved for super special cases

[–] [email protected] 15 points 8 months ago

And the one you choose is always the one that's weak to the specific vulnerability you didn't think of!

load more comments (3 replies)
[–] [email protected] 71 points 8 months ago (1 children)

Depends on if you're coding for critical infrastructure (i.e. - electrical grid), or writing a high performance video game that can run on older hardware.

We should absolutely have specific licenses like Civil Engineers do for computer infrastructure that is required for any software written for specific purposes. It would be a nightmare to implement, but at some point, it's going to be needed.

[–] [email protected] 23 points 8 months ago (4 children)

writing a high performance video game that can run on older hardware

Unless it's some really exotic platform, I'd honestly still say no. Rust has shown that memory safety and performance doesn't have to be a tradeoff. You can have both.

But sure, if whatever you're targeting doesn't have a Rust compiler, then of course you have no choice. But those are extremely rare cases these days I'd say.

[–] [email protected] 21 points 8 months ago (1 children)

There's always a trade-off. In rust's case, it's slow compile times and comparatively slower prototyping. I still make games in rust, but pretending there's no trade-off involved is wishful thinking

[–] [email protected] 29 points 8 months ago (1 children)

They mean a trade off in the resulting application. Compile times mean nothing to the end user.

[–] [email protected] 11 points 8 months ago (1 children)

That may be true but if the language is tough to develop with, then those users won't get a product made with that language, they'll get a product made with whatever language is easier / more expedient for the developer. Developer time is money, after all.

load more comments (1 replies)
load more comments (2 replies)
load more comments
view more: ‹ prev next ›