Keynote: Safety, Security, Safety and C / C++ - C++ Evolution - Herb Sutter - ACCU 2024

Поделиться
HTML-код
  • Опубликовано: 25 дек 2024

Комментарии • 36

  • @InXLsisDeo
    @InXLsisDeo 2 месяца назад +3

    Haven't followed C++ for years, but Herb's presentations are always delightful.

  • @markramirez3920
    @markramirez3920 4 месяца назад +10

    Developers just can not instantly migrate all software from C/C++ to other P.L.s just because "it's safer", we need to add features and best practices for existing and new C/C++ safe software ...

  • @Ikkepop
    @Ikkepop 4 месяца назад +3

    always love Herb's presentations, alot of charisma

  • @tomkirbygreen
    @tomkirbygreen 6 месяцев назад +3

    Really enjoyed this Herb, thank you!

  • @Onyx-it8gk
    @Onyx-it8gk 6 месяцев назад +33

    Circle is without a doubt the most promising development for C++. Too many people unfortunately can't set their egos aside to give it the attention it really deserves.

    • @greenmatrix5303
      @greenmatrix5303 4 месяца назад +1

      I don't follow. Why are you talking about Circle? What does that have to do with cppfront?

    • @AntiProtonBoy
      @AntiProtonBoy 4 месяца назад +6

      Less to do with ego and more to do with tooling support, the effort to migrate and established ecosystems.

    • @szaszm_
      @szaszm_ 4 месяца назад +5

      There have always been plenty of challenging competitors to C++ that failed over time. It's not an ego thing to be skeptical of the next big thing, especially if there are half a dozen competing candidates for just that. Circle is not even open source.

    • @breadiusloafus5068
      @breadiusloafus5068 2 месяца назад +6

      Circle definitely not the most promising. It's only being contributed to by only one person (Sean Baxter). Since it's not even open-source and can easily conflict with existing codebases, adoption becomes very impractical.
      And since you mentioned egos, yes, people in Carbon, D, Circle should set their egos aside and contribute to Cpp2/Cppfront instead, as it's the most practical project so far.

  • @Dominik-K
    @Dominik-K 6 месяцев назад +4

    This talk is highly interesting, very good points

  • @Roibarkan
    @Roibarkan 6 месяцев назад +3

    16:15 JF Bastien’s talk from CppNow 2023: ruclips.net/video/Gh79wcGJdTg/видео.html

  • @SimãoMayunga
    @SimãoMayunga 2 месяца назад

    I love this think!

  • @rationalcoder
    @rationalcoder 4 месяца назад +2

    9:28: "There would be no reason, by definition, to recommend people switch to another language. This is the problem." Interesting take. Certainly not by definition. I would still want to switch off of C++ even if it became more memory safe.

  • @dascandy
    @dascandy 4 месяца назад +5

    No, Herb, @1:07:00 std::regex is horrendously bad in so many ways the best we can recommend is "do not use, ever". I have a draft paper to mark it as "deprecated, please do literally anything else". Do you want that submitted?

  • @Johnkank
    @Johnkank 4 месяца назад +1

    I really hope cppfront takes off. C++ focus shouldn't be about fixing it's bugs and errors. It should transform itself into a different paradigm. It's a language of the engineers, not developers.
    It should provide a base platform to add more derivatives and variants like circle and yet be able to program simply like typescript.

  • @krumbergify
    @krumbergify 6 месяцев назад +5

    Great talk as always!
    Question: With so many copyright holders, will you be able to change the license of Cppfront to a free license?

    • @Roibarkan
      @Roibarkan 6 месяцев назад +1

      I believe the license is creative-commons

    • @krumbergify
      @krumbergify 6 месяцев назад +6

      @@RoibarkanYes, but using NC (non-commercial) and ND (no derivations). This means cppfront can’t be included by default in any GNU/Linux-distribution, no company can use it and those contributors Herb celebrates are technically not even allowed to provide pull requests since that involves modifying the sources.
      Because of that it is hard to take cppfront seriously until Herb switches to a free license.

  • @jaycarlson2579
    @jaycarlson2579 5 месяцев назад

    I am supper impressed with the improvement of C++Front

  • @AdrianMNegreanu
    @AdrianMNegreanu 6 месяцев назад +11

    just adopt Circle as c++2x

  • @driedurchin
    @driedurchin 4 месяца назад

    Herb always gives such a good perspective. I don't agree with his approach of cppfront, but nonetheless I think his metaphor about the door really drove home the point of needing a holistic approach to security.

  • @oconnor663
    @oconnor663 3 месяца назад +3

    15m15s: "Rust unsafe gives you access to 5 or 6 of the knives. We want all the knives."
    I'm not sure what Herb is referring to that unsafe Rust can't do. He might have heard that adding unsafe doesn't magically make your code compile, and that's true, but raw pointers can do anything (transmutes, lifetime extensions, data races, etc.) once you know the syntax and some relevant helper functions/types. The usual suspects like volatile, atomics, and inline assembly are all there.
    Herb, I don't imagine you read these comments, but I would be thrilled to give you a Rust crash course of any length you like. I think taking some time to seriously study Rust and get good at it would be a valuable investment for the future of C++.

  • @MarcEspie
    @MarcEspie 6 месяцев назад +3

    one big question is, why is C++ default regexp so slow compared to perl ?...

    • @lorandpetok6044
      @lorandpetok6044 6 месяцев назад

      From what I've heard the limitations are caused by abi backwards compatibility.

    • @freak82music
      @freak82music 6 месяцев назад +5

      The reason, that I know and is mostly cited in the community, is that they did some "bad" decisions in the implementation but now they can't change it because this will be ABI breakage.

    • @aniketbisht2823
      @aniketbisht2823 6 месяцев назад +1

      ABI issues.

    • @flflflflflfl
      @flflflflflfl 6 месяцев назад +2

      how is that relevant to this talk?

    • @krumbergify
      @krumbergify 6 месяцев назад

      I don’t understand why it is impossible to fix. Why can’t they wrap the old and the new data structures in a union and stay abi compatible?

  • @dariuszantoniuk
    @dariuszantoniuk 4 месяца назад +3

    Great talk, finally we can see Herb come to terms with what needs to be done to fix the issues. What's sad is that all of this took 5 years of denial, hostility towards people pointing out the problems, manipulating definitions, etc. Finally the need to catch up with Rust's state of the art safety support is acknowledged and the plan is somewhat plausible.

    • @josephlunderville3195
      @josephlunderville3195 4 месяца назад +3

      This isn't new, Herb has been working on cppfront -- i.e. a new, safer syntax for C++ -- since at least 2021. None of this talk represents a recent change in attitude that I've seen.

    • @dariuszantoniuk
      @dariuszantoniuk 4 месяца назад

      @@josephlunderville3195 Herb's efforts to fix syntax issues aren't new, yes. Herb's acknowledgement of rust being the state of the art is new.

  • @gast128
    @gast128 5 месяцев назад

    I would have expected some concrete examples of not secure C++ code. Bounds checking could be enforced in a profile by banning operator[] and requiring 'at'. This will cost some performance though (i.e. suppresses compiler optimization). From the past I know that regex are expansive to create. Perhaps also to execute compared to a simple search.

    • @driedurchin
      @driedurchin 4 месяца назад

      A lot of compilers are able to see through .at and still produce optimized code IIRC

  • @Voy2378
    @Voy2378 4 месяца назад +1

    20 years too late... cppcon deleted my comment on their channel for a similar talk, hope ACCU is more tolerant of truth.

    • @shizeeque
      @shizeeque Месяц назад +1

      better late than never.