Bringing military-grade cybersecurity solutions to the enterprise and critical systems.
Telephone: 310.356.7869

Bjarne Stroustrup's talk on the future of C++

Category: Software

5:58 PM, Tue, Aug 14 2007

Bjarne Stroustrup, the creator of the C++ programming language, recently gave a 90-minute talk on the future of C++ and the C++ standards process. Bjarne Stroustrup talk on C++

Mr. Stroustrup talks about where C++ needs improvements, and how decisions are made about C++, and what's the right way to make these decisions. I won't try to summarize the whole talk, only to highlight a few points that I thought are especially insightful.

Joining the standards group: Anyone who pays the $1,200 and shows up to three meetings can vote on the standard. Unfortunately, there are people who are fanatics about a single issue. Not surprisingly, the people who understand an issue the least can be the most fanatical about it. Fortunately, the committee is dominated by players who are experts, not by single-issue fanatics. "The real problem in the standards committee is the people who think they know everything. They really annoy those of us who know we don't." People like to argue about things which are simple enough to understand without thinking, which is why groups can easily spend most of their time talking about things which are of little importance.

He emphasizes the importance of performance and ability to access the hardware. He makes the point that, even if we have gigabytes of memory these days, we have to pick the best way to use those gigabytes. Performance and optimization matters. I agree that this is true in many cases, but as we see with Java, a high-level byte-code based language can have performance equivalent to C++. He also wants to increase type-safety. With non-typed languages like PHP in fashion these days, it is refreshing to hear that people still understand that strict types make programming easier by making it easier to find bugs.

"People love arguing about things that don't matter, because it's so easy to have an opinion about those things." He gives the example: should there be a space between the star and the variable name in a pointer? He understands not just the technology aspect of this, but the people aspect and how groups make decisions. Contrast his style to the other Scandinavian software leader, Linus Torvalds, who does take a more arbitrary decision-making style. The difference is that C++ is a standard, whereas Linux is a piece of software, a product effectively. I think both Torvalds and Stroustrup are effective leaders because their leadership styles are suited to the technical areas they need to lead. They also both listen.

Threads and thread pools are coming. These days, multi-core computers are standard. We need threads to take advantage of these cores, and putting standard, OS-independent, portable thread support into the language will encourage software to be threaded. He mentions how weird computers are now, with multiple levels of caches on multiple CPUs, branch prediction, and other advanced CPU features. We see in Java that most apps are threaded, which makes it easy to keep an application responsive and also take advantage of the full count of CPUs. Also, standard networking (socket) access is coming to the library.

Indirect and verbose: He makes a mistake in a code example on one of his own slides, which he points out during the talk. It was a simple piece of code to initialize a vector. Unfortunately the idiom for doing this in C++ is, as he says, indirect and verbose. "Do I get this right every time? Do you get this right every time? Probably not." Every time discussion of security in managed languages, such as Java, versus unmanaged languages, like C, comes up, it is pointed out that when a mistake is made in C (or any unmanaged language), that mistake often leads to an exploitable memory error. The response from hordes of old hand C programmers is, "hire good programmers and train them so they know what they are doing." This is the wrong responses. Yes, please do hire good programmers and train them. But we see that even Mr. Stroustrup, who created the language, and has thirty years of full-time professional experience with it, and has written numerous books on it, and is a brilliant person, makes simple mistakes when the language has constructs which are indirect and verbose. Indirect and verbose would describe most of C's memory management, and that's why even the best, most security-conscious C hackers write code with exploitable buffer overflows. It's inevitable, and saying "hire good programmers" is naive, because even the world's best programmers make these mistakes. The solution is to use a managed language, where these exploitable mistakes are inherently impossible. This is why Chiral Software does the bulk of our development work in Java.

"If you have tedious and verbose and indirect code, you make mistakes." In C, or other direct memory access languages, memory mistakes are usually exploitable security holes.

Garbage collection: Mr. Stroustrup says that garbage collection could be implemented in C++, and may be implemented as a standard next year. There are two problems: Resources are automatically freed in C++ when they fall out of scope. This gives a good handle on resource management in C++; he says better than in Java. C++ retains resources for about half the time they are retained in C#. One concern is that, if there is a garbage collector, resource management will become sloppier. The other problem with garbage collection is it can become a performance virus. My comment: GC works well in Java and has many advantages, but obviously, it remains a controversial language feature.

Death threats: During the question session: "Mr. Stroustrup, have you ever gotten a death threat?" "I have never gotten a death threat for any reason, and let's keep it that way." He has a sense of humor, to liven up what what could be a dry topic.

Mars Rover C++ Java will kill C++ in two years, they said in 1996: "There is a lot of Java and there is a lot of C++, and it's a big world, and live and let live." 25 years after the introduction of C++, and 12 after the introduction of Java, both are going strong. C++ is used everywhere, except not in web application development. Mr. Stroustrup makes the point that, in many C-only projects, they go through contortions to do things that are elegant and built-in to C++. Witness the object-oriented structures tacked on to GTK. Why didn't they just use C++? As for the popularity of C++, he asserts (reasonably) that there are billions (plural) of lines of C++ in use on Earth, and even a few on Mars. Ultimately, Java is derived from both the ideas, and the syntax of C++, so even if Java "wins" (whatever that means), C++ still wins.

My conclusion: C++ is widely used, but from listening to this talk, it is obvious that a huge amount of complexity is needed, both in terms of compiler design and in programmer comprehension, to develop in C++. All this complexity exists to give a type-safe generic (templates) which compiles to low-level code. I don't buy this complexity. I'm sticking with Java, which has simplicity: there is no multiple inheritance, generics are simple and clear, there is no pre-processor. Java's performance is comparable to C++, and the compiled binaries are cross-platform. I think that the C++ level is the wrong place to have all this complexity. Write a small VM in C, and do the work in a simple, safe, managed language like Java.

Mr. Stroustrup is an enjoyable and easy-to-follow speaker, even on these highly technical subjects. I hope to attend one of his talks in-person in the future.