Mark Russinovich, chief developer of Microsoft Azure CTO and Sysinternals, recently made remarks saying that developers are advised to stop using C/C++ to start new projects, and suggest that Rust can be used in scenarios that require the use of non-GC languages. In response to this remark, foreign media The Register asked Microsoft whether Russinovich’s proposal would be adopted across the company, but did not receive a reply.

At the same time, the website also interviewed Bjarne Stroustrup, the father of C++;Stroustrup It defends C++:

“It’s normal that people – especially some executives – will always be obsessed with new things that promise to make their lives easier. Also, supporting new things is far more than solving the old and well-known tools. Knowledge issues are more exciting. Unfortunately, it often takes years and significant effort for new languages ​​to rival established languages ​​in their wide range of applications. Enthusiasts rarely see this, their Reviews tend to be quite one-sided.”

Stroustrup says he’s been working on improving C++ safety over the years, given how important safety is; the result is now solidly perfect type and memory safety in ISO C++. That is, each object is used according to its defined type; this means eliminating the use of dangling pointers, catching range errors, and eliminating data races.

He also emphasized that every “safe” language, including Rust, has vulnerabilities that allow unsafe code.andabout his co-writing C++ Core Guidelines, the basic idea of ​​this guide is to define a set of rules that must be followed to ensure security, and then enforce it through static analysis. And these rules are needed because no arbitrary C or C++ code by itself can prove to be safe.

“That’s ISO-compliant C++ code, and those who don’t feel like they don’t need security or can’t update their code just yet can just skip running the analyzer. Currently, there are partial implementations of this analyzer in Microsoft Visual Studio, Clang Tidy, and a few other places.“

Stroustrup Point out that it is clear that C++ is actively improving, e.g.Various attempts for flexibility and performance improvement in practical applications.Billions of lines of C++ code have been deployed, so anyone who wants to C++ codeReplacing or enhancing security is a daunting task that needs to be done incrementally. “Otherwise a lot of unsafe C and old-style C++ code will exist ‘forever'”.