undefined | Better HN

0 pointsgnuvince12y ago0 comments

A safer language with higher-level, low-cost abstractions.

0 comments

13 comments · 1 top-level

Honestly, I've made over 15 games in my career and safety with C++ really just isn't an issue with decent developers. The line between what's a programmer for games and what's a designer is narrowing, most designers are competent programmers. Furthermore, there's some great tools out there to help prevent things like memory leaks. Combine that with good company practice, like code reviews, and it becomes a non-issue.

gnuvinceOP12y ago

I guess, then, that you weren't part of the Battlefield 4 team [1]. I've discussed the issue of the "no decent programmer" fallacy in the past; yes, in theory if programmers were careful and alert, they could create flawless software, yet this never happens in practice because humans are prone to errors (i.e. not understanding a subtlety of the language or library, thinking that a validation is done at a different level of abstraction, failing to imagine what could be an error scenario and how it could occur, etc.). Languages like Rust offer the same capabilities as C or C++, while eliminating entire classes of bug sources.

[1] http://en.wikipedia.org/wiki/Battlefield_4#Technical_issues_...

maccard12y ago

If BF4 was written in Csharp, or java (or rust or go?? I'm sure it would still have just as many bugs. One of peoples biggest complaint is the kill shots that you don't see, but that's a design choice (client side hit detection).

steveklabnik12y ago

Of course, it's impossible to speculate without seeing the codebase, but considering that Rust makes several classes of C++ bugs impossible at compile time, I'd be hard-pressed to imagine that a Rust version wouldn't be less buggy.

2 more replies

pcwalton12y ago

> Furthermore, there's some great tools out there to help prevent things like memory leaks. Combine that with good company practice, like code reviews, and it becomes a non-issue.

The security track record of applications written in C++ disagrees with you.

zanny12y ago

We are talking about new engines written in these languages, though, not multi-decade old codebases still using inline assembler, goto, and pointer arithmetic.

Modern C++ is really safe if you use the subset that involves automatic storage duration, well bounded arrays, etc and use all the warning flags of your compiler, run static analysis, have a robust test framework, etc.

pcwalton12y ago

No, modern C++ is not even close to memory safe. This is my favorite meme to destroy over and over on HN. :)

Consider iterator invalidation, null pointer dereference (which is undefined behavior, not a segfault -- and you can't get away from pointers because of "this" and move semantics), dangling references, destruction of the unique owner of the "this" pointer, use after move, etc. etc.

3 more replies

angersock12y ago

They're talking about games in C++, not random C++ apps. Oranges to apples.

CamperBob212y ago

Selection bias much? The 500,000 C++ applications that have never blown up in somebody's face aren't discussed on Hacker News.

dbaupp12y ago

Maybe most C++ applications are low-value as attack targets, so no-one has bothered to find all the corner cases that make them blow up.

The fact that applications like browsers and operating systems (which are known to be high value targets) have a lot of effort & resources put into security but still have attack vectors makes the "C++ is secure" position fairly indefensible.

bjz_12y ago

pcwalton mainly works on web browser development (Servo), which whilst sharing some goals with game development, also differs in some respects. Although online security is more and more important in games these days, the real appeal of Rust in respect to game development is in providing an alternative to the 'death by a thousand cuts' that can plague large C++ projects.

I've posted a list of the things I consider the most relevant to game development: https://news.ycombinator.com/item?id=7587413 Any one or two of them alone wouldn't really be a compelling enough reason to switch, but put together they form a very compelling value proposition.

zerooneinfinity12y ago

It seems like it's hard to say if Rust really would have eliminated those bugs, the reports are vague and the ones that aren't, e.g. fixed framerate issues, would be an issue either way. My argument isn't solely get good developers and be done with it. It's a combination of things, and one of the most important things is getting good practices in place. I don't know if EA did this but having a good auto-test system in place probably would have caught those crash bugs and prevented the server issue, for example.

bjz_12y ago

> one of the most important things is getting good practices in place

That is really important, but still, wouldn't it be better if you could encode at least some of those good practices into the language itself, rather than relying on humans to be constantly on their game? I'm certainly not perfect, so I would rather my sloppiness be caught earlier rather than having it come back to bite me in the future. See: http://thecodelesscode.com/case/116

j / k navigate · click thread line to collapse

0 comments

13 comments · 1 top-level

zerooneinfinity12y ago· 12 in thread

gnuvinceOP12y ago

[1] http://en.wikipedia.org/wiki/Battlefield_4#Technical_issues_...

maccard12y ago

steveklabnik12y ago

2 more replies

pcwalton12y ago

> Furthermore, there's some great tools out there to help prevent things like memory leaks. Combine that with good company practice, like code reviews, and it becomes a non-issue.

The security track record of applications written in C++ disagrees with you.

zanny12y ago

We are talking about new engines written in these languages, though, not multi-decade old codebases still using inline assembler, goto, and pointer arithmetic.

pcwalton12y ago

No, modern C++ is not even close to memory safe. This is my favorite meme to destroy over and over on HN. :)

3 more replies

angersock12y ago

They're talking about games in C++, not random C++ apps. Oranges to apples.

CamperBob212y ago

Selection bias much? The 500,000 C++ applications that have never blown up in somebody's face aren't discussed on Hacker News.

dbaupp12y ago

Maybe most C++ applications are low-value as attack targets, so no-one has bothered to find all the corner cases that make them blow up.

bjz_12y ago

zerooneinfinity12y ago

bjz_12y ago

> one of the most important things is getting good practices in place

j / k navigate · click thread line to collapse