C ++ Creator criticized imposition of safe programming languages

Björn Strautrup ( BJARNE STROUSTRUP ), Creator of C ++, published objections against the conclusions made in the ANB report in which organizations in which organizations are It was recommended to move away from the use of programming languages, such as SI and SI ++, transferring memory control into a developer, in favor of languages, such as C#, GO, Java, Ruby, Rust and SWIFT, which automatically control the memory or perform inspections of safe work with memory during compilation.

According to Straustrup, the safe languages ​​mentioned in the ACH report do not actually exceed C ++ in important applications from its point of view. In particular, developed In recent years, basic recommendations for the use of C ++ ( C ++ Core Guidelines ) Safe programming methods and prescribe the use of means guaranteeing Safe work with types and resources. At the same time, developers who do not need such strict security guarantees are left to continue using old development methods.

Straurup believes that a good static analyzer corresponding to the C ++ Core Guidelines recommendations can provide the necessary guarantees of c ++ code security, requiring significantly less costs than the transition to new safe programming languages. For example, most of the Core Guidelines recommendations are already implemented in a statistical analyzer and a safe work with memory from Microsoft Visual Studio. Part of the recommendations is also taken into account in the statistical analyzer Clang Tidy.

The object of criticism has also been the emphasis of the ANB report only on the problems of working with memory, ignoring many other problems of programming languages ​​that affect safety and reliability. Straustrup considers safety as a broader concept, the various faces of which can be achieved by a combination of the style of writing code, libraries and static analyzers. To control the inclusion of rules ensuring the safety of working with types and resources, it is proposed to use annotations in the code and compile options.

In applications in which productivity is more important than security, this approach makes it possible to selective use of funds that guarantee security only where it is necessary. Safety improvement tools can also be used partially, for example, first limit yourself to the rules for checking the ranges and initialization, and then gradually adapt the code for more stringent requirements.

/Media reports cited above.