C ABI happens to be the mixed up with OS ABI, on OS written in C like UNIX clones, on mainframes, and other competing OSes that isn't the case, because they use other systems languages on their stack, or even some kind of bytecode based interoperability format.
However since the context here is game libraries, C ABI == OS ABI pretty much applies everywhere (except WebAssembly or Android JNI) and lets leave at there.
Since C++98, writing a library in C++, even if exposing it as extern "C", provides the following benefits for the quality of code implementation:
- less implicit conversions
- use of reference types instead of pointers for memory accesses we can be sure are never allowed to be null
- use of namespaces instead of Assembly style programming of having to come up with prefixes for code organization
- bounds checking for strings, vectors and other related data structures provided one uses the library types. They can even be left turned on for release mode, if the profiler shows there is no visible impact on hot paths
- use of RAII to manage library internal state and reduce leak occurrences
- ISO C++ working group is actually striving for reducing the amount of UB from its 200+ use cases, unlike ISO C group
- strong typed enums introduced in C++11 don't have implicit conversions and must map to their underlying types
- type safe compile time code execution, specially helpful in games, used for stuff like generating trigonometry tables
- templates as replacement for pre-processor magic that eventually goes subtly wrong when the #include order gets misplaced or too few parenthesis are used
If this still sounds absurd, well all major C compilers are now implemented in C++, Microsoft rewrote their C standard library in C++ with extern "C" entry points, Android NDK is actually implemented in a mix of C++ and Java (via JNI) also using extern "C" calls.
I did, in my first comment.
C++ namespaces lead to much more readable code, compared to these prefixed names.
C++/11 scoped enums eliminate a class of bugs: when you have many different constants on the API surface, multiple functions accepting them, and erroneously use the constant of a wrong function. Example:
enum Lod { Low, High };
enum SomethingElse { Other };
void setLoD( enum Lod v );
void bug()
{
setLoD( Other );
}— Every language out there has a way to call into C
— If your code is slower than C, someone will rewrite it in C.
— If your library is written in C it means it can be used on any OS, console or mobile device and even on the web.
— Not everyone wants to use C++ (some prefer C).
— It is easier in general for a C++ user to use a C library than it is for a C user to use a C++ library.
— C++ is not as easy to write wrappers for in other languages.
— Unless you limit which C++ features you use (to the point where you are pretty much left with C) a lot of people won’t be able to use your library.
PS. If your original comment had been phrased the way you put it here I might have made the same comment, but I would not have downvoted it. Here, you’re at least providing some supporting evidence for your assertions which makes it a much more valuable contribution to the conversation.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1193...
Other than that, I'm not surprised the file in question is C. Even ignoring the fact that it was you to get the link. And even ignoring that it's about a security problem...
Other than that, from a user perspective, software written in C is among the most reliable software I'm using. I'm looking at Linux, vim, xterm and so much of the infrastructure that I don't even know by name.
Some people value "security" more than they value the beauty of a nice, a maintainable, or a practical program. That's ok as far as I'm concerned...
C is a perfectly fine language for tasks of all kinds. The fact that it expects programmers to take greater care when using it is not a reason enough to dismiss it as a general-purpose language. Not everyone needs (or wants) to ride a tricycle wearing knee pads and a helmet to get from A to B.
The reason is very simple, the billions of wasted money fixing security exploits caused by industry's adoption of C.
Morris worm is more than 30 years old, and the old ways can still be used to attack modern systems that people insist in writing using C.
https://msrc-blog.microsoft.com/2019/06/14/prevent-the-impac...
https://support.apple.com/en-us/HT210348
https://msrc-blog.microsoft.com/2019/07/16/a-proactive-appro...
https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Pr...
https://security.googleblog.com/2019/08/adopting-arm-memory-...
Even in 2019, the C ABI is the one universally agreed-upon cross-language ABI for languages compiled to native code.
However given that at least C++ does support ways to tame C, after all the whole purpose was for Bjarne never to repeat his Simula into BCPL rewrite experience ever again, it is up for security conscious to decide what legacy they want to leave, when the option is between both those languages.
On the other hand maybe C should be used to write Skynet, so that we stand a chance.