Python is memory safe? Can’t you access/address memory with C bindings?

  • porgamrer@programming.dev
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    9 months ago

    Lol okay. Here are some concrete examples I don’t have:

    Templates as basic generics

    • Templates still show bizarre error messages far too deep into instantiation, despite at least three major features which provided opportunities to fix the problem (static_assert, type_traits, and then concepts)

    Templates for metaprogramming

    • 33 years after the introduction of templates, there are still many common cases in which the only good way to abstract a pattern is by using a macro, and many cases that neither macros or templates can solve
    • There is finally an accepted proposal to fix part of the problem, which will be introduced in C++26, and probably not usable in real code until 2030 at the earliest
    • In 2035, people will still be reluctantly using string macros and external code generation to solve basic problems in C++

    Safe union types

    • C++17, std::variant was introduced to provide a safe inline union type
    • The main API for accessing it is inexplicably slow, unlike in every competing language
    • The fast alternative is an eyesore that can’t integrate with switch statements except via weird, unmaintainable hacks
    • Everyone keeps using custom struct/union/enum combos instead
    • CVEs everywhere

    Error handling

    • C++ uses exceptions as the primary error handling mechanism
    • Exceptions are so slow and so riddled with problems that some companies ban them, and almost all consider them bad practice for representing common failure paths (e.g. failing to parse something)
    • std::expected eventually approved, similar to Rust’s Result type, but with no equivalent to the ‘?’ operator to make the code readable
    • Now there is a proposal to introduce “value type exceptions” instead, which is gathering momentum before std::expected has even stabilised, but will probably not be available for 10 years

    Subtype polymorphism deprecated

    • Now that virtual methods and inheritance are widely considered tools of last resort, they obstruct the introduction of better alternatives
    • Instead we have widespread use of specialised template structs and CRTP to replace instance inheritance with a kind of static inheritance designed for templates
    • It’s all a hack, and as a result it’s full of edge cases that don’t work very well, and poor tool support

    References

    • Good C++ programmers use references where possible, because pointers can be null
    • Good C++ programmers avoid unnecessary copies and allocations
    • Good C++ programmers avoid patterns that can permit unintended coercions with no error
    • Oh no, I accidentally assigned a reference to an auto variable in a template, and instead of giving a helpful type error it implicitly coerced a new copy of my vast memory buffer into existence
    • Okay fine I’ll pass pointers to avoid this, and just trust they won’t be null
    • Oh no, C++ has standardised the idea that raw pointers represent nullability even in all their newest standard library types (thanks again, std::variant)