Feedback

"C++ is a better C" but...

Within C++, there is a much smaller and cleaner language struggling to get out. Bjarne Stroustrup

Why G-WAN, Global-WAN and SLIMalloc do not rely on 'more modern' C++

We will focus on tangible issues such as (1) code clarity, freedom to innovate, (2) performance, and (3) security.

In short: bad languages are created by people that believe they "know better"... than everyone else (a rather hazardous assumption). So, they write libraries which are enforced as part of the language design. Libraries that you cannot avoid are straight-jackets – you cannot escape them to write something better (and "better" means suitable for the task pursued by you, the programmer – so nobody knows better than you).

Good languages let you do anything you need (or want to try – to test if you are right). Enhancing the language is possible but most of the time what you want to achieve can be done as a library – even for critical achievements like adding "memory-safety" to C/C++ (without touching the language). And if you really need to mess with the language design, you can act at the preprocessor level (like done by G-WAN to add new #pragma directives and existing C keywords new transparent capacity).

Despite being 50 years old, the free C programming language is still used to write operating systems (by far the most demanding programs) because C fits the task – much better than the 'more modern' (yet much more unsafe and far less capable!) patented programming languages endlessly promoted by the security holes vendors relying on C/C++ while claiming that "Using C and C++ is bad for society, bad for your reputation, and it's bad for your customers":

.NET    (since 2002) 1995 CVE records (90.6 security holes per year, "memory-safe" language)
• Java    (since 1995) 2538 CVE records (87.5 security holes per year, "memory-safe" language)
• GLibC (since 1987)     174 CVE records ( 4.7 security holes per year, "memory-UNsafe" language)

The industry giants have many reasons to invite with financial incentives (or to force with government policies) the competition to use their inferior languages: (1) being the only ones to keep using C/C++, (2) injecting (and selling) vulnerabilities in their proprietary language runtimes automatically updated online, (3) exercising a kill-switch on anyone, anytime, etc.

Only C can keep you, the programmer, in charge (C lets you ditch GLibC – a poor implementation of the "C standard library" – and even the C executable startup code if you want or need to do so). You can use another "C standard library" or create your own... while there's no such a choice made available by C++ and the so-called 'more modern' programming languages.

This page lets you check the facts to let you then make yourself an informed opinion.

If, at this stage, you think that my posture is an exaggeration, you should read what ACM and Turing award winners say about C++ (all the more modern languages are a caricature of the defects introduced by C++) before continuing to read my prose.


C++ Imposes an Artificially Bloated Cryptic Syntax

Let's say that you are a student, or a parent – not a seasoned programmer. Your first reaction when facing modern C++ source-code will be: "it's very complex"... to the point that you may start doubting that C.S. (Computer Science) is for you, or for your kids. 45 years ago, I have learned programming with the assembly language (which I have enjoyed) but I am not sure that my enthusiasm would have survived C++.

A seasoned programmer in asm or C will say: "C++ is pointlessly unreadable". Why "pointlessly"? Because in C the same functionality is written in less characters – even for the most trivial things like an automatic cast and a standard-library call:

 C   |  FILE *outStream = writeStdout ? stdout : pStream;
 C++ |  std::ostream * outStream = writeStdout ? &std::cout : dynamic_cast(pStream);

Both examples are taken from a real-life recent Academic C++ "high-performance" library.

 C   |  int time_now_sec = time(0);
 C++ |  std::chrono::system_clock::time_point time_now_sec = std::chrono::system_clock::from_time_t(time_t_now);

C++ is horribly unreadable – to the point where you will spend hours looking for what std:: library function you need, and then, after you have picked one, you cannot even be sure of what will happen when you run the generated executable (that's why Google wrote its humongous 'Abseil' C++ library). Yet, universities and policy-makers insist to skip C or present it as an inferior, obsolete vestige of the past, most probably to eradicate C as a free tool for all – and to impose instead the reign of patented, constantly mutating arbitrary nonsense.


C++ (Agnonizingly Slowly) Generates unsafe machine-code Bloat

OK, we have seen that there's a C++ syntax overhead, but what about the C++ machine code overhead in a real-life high-performance system libraries, written by the "top of the line" market players that happen to be OS vendors?

SLIMalloc's core secure memory allocator uses less than 2,000 lines of C code. The rest of its code (almost 8,000 lines of code) is for the many SLIMalloc features that other allocators don't offer at all... yet SLIMalloc is by far the smallest of the available high-performance memory allocators:

Allocator            Language     blank-lines      comment-lines       code-lines
------------------   ----------   -----------   --------------------   ----------
Facebook  JEmalloc   C, C++          9,954      11,383 (18% of code)     62,708
Google    TCmalloc   asm, C, C++     8,917      12,417 (23% of code)     54,068
Microsoft MIMalloc   C               2,359       3,421 (27% of code)     12,461
TWD       SLIMalloc  C               1,482       7,638 (76% of code)      9,995

This table only includes each company's source code used by its memory allocator (without any security features for JEmalloc and TCmalloc). This lines of code count does not include system libraries or third-party libraries (like libunwind, used by TCmalloc and, as an option, by Jemalloc – SLIMalloc having no third-party dependencies).

Google TCmalloc, the only one to use asm, also relies on the Google Abseil C++ library (an additional 159,540 lines of code – without blanks and comments) to which it may add the "probabilistic" Google GWP-Asan library (slowing-down TCmalloc by a factor 2, in an attempt to secure it).

How does this gargantuan amount of C++ code, written by the GAFAM – the best-financed and most-widely praised experts available, translate into performance?

SLIMalloc II benchmark

Not very well, to say the least.

Especially if you consider the fact that SLIMalloc is the only one here to deliver "memory-safety" to C and C++... in real-time, faster than those who are unsafe and inject their by-design vulnerabilities in all the system, libraries, applications and... the so-called "memory-safe" runtimes of Java and .Net where "memory corruption" is exploited for decades.

Think that memory-safety is a virtual and benign threat?

2024: a GLibC heap-based buffer overflow "Grants [Remote] Attackers Root Access on Major Linux Distros".

"A threat actor could exploit the flaw to obtain elevated permissions via specially crafted inputs to [network] applications that employ these [syslog] logging functions."

Think that memory allocation issues are rare? The GAFAM claim that "memory-safety issues" account for:

"70% to 90% of the root causes of all vulnerabilities" that APPLE, MICROSOFT and GOOGLE report as "unfixable" [1] [2] [3].

C++ Google TCmalloc and C++ Facebook JEmalloc have their own by-design "unfixable" security holes.

C++ is not a "better C", it's a mutilated C designed to castrate software engineers, silently enforcing the wrong thing on their behalf – at every possible choice they are deprived from.

Writing programs, involves design and implementation choices. These choices make the difference between utter stupidity and great programs.

C++ (Java, .Net. etc.) consistently enforces utter stupidity (more details about that later). C lets you be the one in charge.
Pick your poison.

C++, like MICROSOFT, has a passion for unavoidable by-design bloat and security holes*... and it hides its sins by working very hard to transform the source code your write into what its authors want to promote... (they have a sponsor to please):

(*) "How do you protect what you want to exploit?"
      –Scott Charney, VP "Trustworthy Computing", MICROSOFT

Like I want my car to obey to my command when I drive, I want my compiler to execute the code I write. I don't want my car or my compiler to become creative on my behalf – especially if that's always to do much worse than me! A lot of what makes me enjoying driving or programming is predictability and the choice of action at all times. Remove this and both activities, driving and programming, become nightmares.

Be afraid of the people that make your life more complicated than necessary... while they pretend to simplify your life.

Be very afraid.


The Flawed C++ Goals

As time goes, C++ becomes bigger and bigger. It's like if gazillions of headless chickens are allowed to add every single library they have heard about – just for the sake of "completeness" (incompatibilities, obsolescence and redundancy are celebrated as... "achievements").

A programming language SHOULD NOT TRY TO BE the most complete collection of libraries. It should be the most effective way (simplest, most efficient) to write all the possible types of applications and libraries.

The focus of "standard libraries" should be limited to accessing the OS services (clocks, network, storage, display, keyboard/mouse, printer, etc.) and the language primitives (arithmetic, strings, timers, events, errors, etc.) – while leaving room for improvement (the ability to ignore the language "standard" string/network/math library to use your own).

So, C++ is a State-sponsored abomination (killing initiatives and skills to impose arbitrary "compliance" – an ever-moving target) while C is the undisputed reference (the freedom to do as well as possible, and to accumulate strategic skills).

Chose your poison: waste your life as the slave of a cruel an unjust master forcing you to stay a weak, rampant mollusk all your life, or work hard to become your own master (strong enough to shame those in power).


The Hidden C++ (and new languages) Pursued Agenda

An old saying attributed to the NSA claims that "a haystack is required to hide a needle":

  • C allows you to do anything you wish, including mistakes, but it does not encourage them.
  • C++ prevents you from doing most of the good things, and it silently enforces the worse – without you being able to escape it (generating hidden memory allocations, locks, side-effects, mixing data and code(!), redefining the language grammar, etc.).

I believe that the initial motivation behind C++ is the existential need for some Academics to pretend that they have made progress:

(then, MICROSOFT has funded C++ for the sake of artificially slowing-down software in order to sell more OS licenses)
(then, the GAFAM pretended to hate C/C++ while still using it, so that they could enforce their patented backdoors)

  • Academics, those in charge of teaching to our kids, are notoriously in-love with abstractions (they routinely build cathedrals based on hazardous assumptions that have no relation with reality, like Big-O ignoring the cost of each CPU instruction, Encryption ignoring the underlying number theoretical assumptions, or Quantum-Physics based on postulates – the "NewScience" religiously enforcing dogmas). So, despite ever-failing to make things work as expected, they argue that 'correctness' requires these extra details in the name of "safety" (another abstraction that they have never made tangible).

  • Engineers, those in charge of making planes fly rather than fall, are notoriously in-love with efficiency and reliability. So they argue that life is too short to waste it with a pointlessly obscure syntax: compiler warnings tell you (if you wish so because they can be disabled) if you have made a mistake... and an engineer has delivered automated safety for C/C++ with SLIMalloc in 2020.

The need to deliver on time and budget is pushing engineers to be less relaxed about hazardous genetic experiments (patiently feeded with radio-active waste and toxic emissions to discover new, eye-opening, "unexpected outcomes" like global massive sterility and death rates increases) than some Academics, who enjoy their capacity to afford (always at the expenses of the taxpayer) a passion for recurring eye-wateringly-expensive failures (this documentary is a perl, you will enjoy watching it).

  • Academics leave school as students to re-enter it as teacher/researcher. They cannot be fired and enjoy a guaranteed retirement.
  • Engineers leave school to become responsible doers, with their revenue, freedom and retirement not guaranteed by anyone.

Chose your poison: be a man – with the risk to fail, or enjoy being a State-protected parasite – always willing to please for a grant. Academics are not all parasites, but ALL the most capable Academics I know have been facing the hostility of a majority of their honorable colleagues all their life (another sacrifice to take into account).


The By-Design C++ Dirty Secrets

C++'s father Bjarne Stroustrup claims that "C++ code is not larger than C" and that "C++ is a better C" (hence, probably, the '++').

Yet, the C99 standard specification takes 224 pages while C++ requires 1376 pages... with the C++ committee using a much smaller font and more lines per page (in a vain attempt to deny a cruel reality?).
Bjarne may have meant that "C++ code is not larger than C"... if you don't take into account the humongous C++ runtime – many versions of which are not even compatible (even the C++ ABI has changed!) – which is even more shameful for anything calling itself a "better language".

Bjarne also said that the "C++ Boost library is well-engineered" while this code is clearly inefficient, that is, if design, size, speed, readability and portability are points worth considering.

Would C have made "Boost" better-engineered? While C does not let a+b; weight 10 MB without (macro) agonizing pains, C++ is a perpetual invitation to do the wrong choice. Either you carefully avoid C++ features because you known and understand their implementation, or your blindness makes you fall in the trap.

Abstraction is achieved at the expense of how computers work (hence the fat and wonderful bugs it drags). And the heavy '++' is dangerous for the unsuspecting masses because it hides its sins:

  • C++ objects invoke hidden memory allocations (even before main() is started) replicated in 'inline static' functions – in both cases, this cost can easily be avoided in C but is imposed by C++;

  • C++ classes mix code and data (violating a major taboo in computer-science) facilitating "memory-unsafety" exploitation by, for example, overwriting function pointers with an OOB (Out of Bounds) memory access on a dereferenced class member (a critical by-design security flaw that almost all the more recent languages have happily inherited from C++);

    Dynamically-loaded shared libraries enforce such function pointers: after decades of denial (by the OS vendors), this critical data has been stored by the system executable loader in a read-only memory segment... but I have never seen applications doing that when their code uses the dlfcn.h dynamic linking loader system interface to manually get and store function pointers.

    Library callbacks (another example of by-design function pointer nonsense), are totally useless, and should be ditched: since all library functions have reserved names, it is trivial to reserve such a name for a USER-DEFINED function (implemented by the application, and called by the library). The first function parameter will be the library instance's context so that many instances will be able to operate concurrently without name-space pollution.

    Since these callbacks are technically useless, the only reason why we are taught to use callbacks is to make sure applications will have function pointers stored at known locations (function parameter, struct/class field/member)... easily patched by OOB memory access violations – leading to arbitrary remote code execution.

    All function pointers uses can be avoided with features being listed in a simple enum passed to a switch(). This is much simpler, faster and safer. Yet, I have never seen any open-source programs doing that.

    All of these programming errors are left as an exercise in C, and enforced by the design of the "more modern" programming languages – hence today's cyber chaos.

    As usual, follow the money to find who deserves the blame.


  • C++ virtual inheritance and virtual functions double the machine code size – as well as the execution time;

  • C++ templates are encapsulating encapsulated layers – why not write code targeting clarity, speed or both?

  • C++ has long lost contact with the reality, with ever-increasing compilation times and increasingly obscure error messages;

  • C++ standard libraries, mostly redundant, have grown without any discipline or insight – and have increased the C++ surface of vulnerability while decreasing the ability for C++ developers to write their own functions;

  • C++ defeats the purpose of programming – which is all about making choices at every possible step (design and implementation) to write the best code your need – something that C celebrates like no other portable programming language (by just providing access to base programming and OS features).

    I started programming in 1979 at age 11 in assembly-language because there was nothing else available but the BASIC language (the 'B' is for 'Beginner' – and if you felt the need to push its very frustrating limits then asm was the only option at the time). When I have been able to find a C compiler I enjoyed the same level of freedom offered by asm – without the pain of learning every (ever-increasing) CPU vendor's instruction set. Bad programmers make bad asm programs. Good programmers get the most of any programming language, that is, when it's not a straight-jacket.

    C++ users are developers, not programmers: they blindly use C++ features without even understanding how these features work, and as a result, by learned helplessness (maliciously induced ignorance) rather than vice, these people are unable to merely question the fact that they need to redesign the ready-to-use black-boxes instead of relying on the junk-food they are served.

    When, after decades of denial, they realize the tax they have paid because of scale of their ignorance and misplaced trust in sub-standard design, code and documentation quality, it's too late.

In a world populated by multi-core CPUs, a runtime's inefficiency hurts performance and scalability, even before your coding skills. This has a bit more costly consequences than the mere "philosophical choices" that C++ would like you to embrace.

Conclusion: C++ is almost* as efficient as C only if you do not use the '++'. What a progress, really.
[*]: this is no longer the case because C++ is no longer C with more features: the gargantuan C++ runtime trashes your disks and CPU caches, and successfully compiling perfectly legitimate clean C code with a C++ compiler has become an agonizing pain.


What the Most Recognized Experts Say About C++

Others – including recognized academic experts (and several ACM/Turing award winners) – have been more sanguine:

"When I write a C program of any size, I probably will wind-up using 75, 80, 90% of the language features. In other words, most of the language is useful in almost any kind of program. By contrast, if I write in C++ I probably don't use even 10% of the language, and in fact the other 90% I don't think I understand."
- Brian Kernighan

"C++ is an insult to the human brain."
- Niklaus Wirth

"I invented the term 'Object-Oriented', and I can tell you I did not have C++ in mind."
- Alan Kay

"There are only two things wrong with C++: The initial concept and the implementation."
- Bertrand Meyer

"C++'s greatest weakness is complexity. For almost every rule in C++, there are exceptions, and often there are exceptions to the exceptions. For example, const objects can't be modified, unless you cast away their constness, in which case they can, unless they were originally defined to be const, in which case the attempted modifications yield undefined behavior.
As another example, names in base classes are visible in derived classes, unless the base class is instantiated from a template, in which case they're not, unless the derived class has employed a using declaration for them, in which case they are."
- Scott Meyers

"Within C++, there is a much smaller and cleaner language struggling to get out."
- Bjarne Stroustrup

"The languages that succeed [to C] are very pragmatic, and are very often fairly dirty because they try to solve real problems. C++ is a great example of a language that in many ways has serious flaws."
- Brian Kernighan

"Whenever the C++ language designers had two competing ideas as to how they should solve some problem, they said, 'OK, we'll do them both'. So the language is too baroque for my taste."
- Donald E Knuth

"C++ certainly has its good points. But by and large I think it's a bad language. It does a lot of things half well and it's just a garbage heap of ideas that are mutually exclusive. Everybody I know, whether it's personal or corporate, selects a subset and these subsets are different. So it's not a good language to transport an algorithm – to say, 'I wrote it; here, take it.' It's way too big, way too complex."
- Ken Thompson

"Historically, languages designed for other people to use have been bad: Cobol, PL/I, Pascal, Ada, C++. The good languages have been those that were designed for their own creators: C, Perl, Smalltalk, Lisp."
- Paul Graham

"With C++, it's possible to make code that isn't understandable by anyone, with C, this is very hard."
- Mike Abrash

"In C++ it's harder to shoot yourself in the foot, but when you do, you blow off your whole leg."
- Bjarne Stroustrup

"C++ is the only current language making COBOL look good."
- Bertrand Meyer

"C++ is a pile of crap."
- Theo de Raadt

"To me C++ seems to be a language that has sacrificed orthogonality and elegance for random expediency."
- Meilir Page-Jones

"C++: glacial [agonizingly slow] compiles, insane complexity, impenetrable errors, laughable cross-platform compat[ibility], basically useless tools."
- Aaron Boodman

"Life is too long to know C++ well."
- Erik Naggum

"If you think C++ is not overly complicated, just what is a protected abstract virtual base pure virtual private destructor and when was the last time you needed one?"
- Tom Cargill

"I believe C++ instills fear in programmers, fear that the interaction of some details causes unpredictable results. Its unmanageable complexity has spawned more fear-preventing tools than any other language, but the solution should have been to create and use a language that does not overload the whole goddamn human."
- Erik Naggum

"I may be biased, but I tend to find a much lower tendency among female programmers to be dishonest about their skills, and thus do not say they know C++ when they are smart enough to realize that that would be a lie for all but perhaps 5 people on this planet."
- Erik Naggum

"If you like C++, you don't know C++. There's a mutual exclusion going on here, and I've yet to see a counter-example other than possibly a few of the members of the standards committee."
- Ssylvan (reddit)

"It has been discovered that C++ provides a remarkable facility for concealing the trival details of a program - such as where its bugs are."
- David Keppel

"The latest new features in C++ are designed to fix the previously new features in C++."
- David Jameson

"I consider C++ the most significant technical hazard to the survival of your project and do so without apologies."
- Alistair Cockburn

"C++ has its place in the history of programming languages. Just as Caligula has his place in the history of the Roman Empire."
- Robert Firth

"C++ is a language strongly optimized for liars and people who go by guesswork and ignorance."
- Erik Naggum

"C++: an octopus made by nailing extra legs onto a dog."
- Steve Taylor

"Being really good at C++ is like being really good at using rocks to sharpen sticks."
- Thant Tessman

"Arguing that Java is better than C++ is like arguing that grasshoppers taste better than tree bark."
- Thant Tessman

"C++ is history repeated as tragedy. Java is history repeated as farce."
- Scott McKay

"C++ is like jamming a helicopter inside a Miata and expecting some sort of improvement."
- Drew Olbrich

"C++ will do for C what Algol-68 did for Algol."
- David L Jones

"If C++ has taught me one thing, it's this: Just because the system is consistent doesn't mean it's not the work of Satan."
- Andrew Plotkin

"Java, the best argument for Smalltalk since C++."
- Frank Winkler

"PL/I and Ada started out with all the bloat, were very daunting languages, and got bad reputations (deservedly). C++ has shown that if you slowly bloat up a language over a period of years, people don't seem to mind as much."
- James Hague

"The last good thing written in C++ was the Pachelbel Canon."
- Jerry Olson

"Oh, definitely. C++ may not be the worst programming language ever created, but without a doubt it's the worst ever to be taken seriously."
- Mason Wheeler

"C++ is to C as Lung Cancer is to Lung."
- Anonymous

"C++ is more of a rube-goldberg type thing full of high-voltages, large chain-driven gears, sharp edges, exploding widgets, and spots to get your fingers crushed. And because of it's complexity many (if not most) of it's users don't know how it works, and can't tell ahead of time what's going to cause them to loose an arm."
- Grant Edwards

"Whenever I solve a difficult problem with C++, I feel like I've won a bar fight."
- Michael Fogus

"C is C++ without the BS."
- SocialPhatology

"[Keeping somebody] from using C++ makes me feel like I saved a life"
- Aiju

"C++ is probably the only language where the error [message] can be longer than the program"
- Aiju


How can such a thing – widely considered as an abomination by the best experts (for computer-science, ACM awards are the equivalent of a Nobel prize) – can be funded by the taxpayer during decades, and enforced in universities by nefarious private corporations, tells a lot about the artificially-created root causes of our society's problems.