On Apr 24, 2006, at 17:03:46, Avi Kivity wrote:Don't discount exceptions so fast. They're exactly what makes the code clearer and more robust.Alan Cox wrote:There are a few anti C++ bigots around too, but the kernel choice of C was based both on rational choices and experimentation early on with the C++ compiler.
Times have changed, though. The C++ compiler is much better now, and the recent slew of error handling bugs shows that C is a very unsafe language.
I think it's easy to show that the equivalent C++ code would be shorter, faster, and safer.
Really? What features exactly does C++ have over C that you think make that true? Implicit memory allocation? Exceptions? Operator overloading? Tendency to use StudlyCaps? What else can C++ do that C can not?
For example, I could write the following:
class Foo {
public:
Foo() { /* ... init code ... */ }
~Foo() { /* ... free code ... */ }
int do_thing(int arg) { /* ... code ... */ }
private:
int data_member;
};
Or I could write it like this:
struct foo {
int data_member;
};
int foo_init() { /* ... init code ... */ }
int foo_destroy() { /* ... free code ... */ }
int foo_do_thing(int arg) { /* ... code ... */ }
The "advantages" of the former over the latter:
(1) Without exceptions (which are fragile in a kernel), the former can't return an error instead of initializing the Foo.
They only seem relocatable with your C glasses on. Put on your C++ glasses (much thicker), and initialization no longer seems trivially movable.
(2) You can't control when you initialize the Foo. For example in this code, the "Foo item;" declarations seem to be trivially relocatable, even if they're not.
spin_lock(&foo_lock);
Foo item1;
Foo item2;
spin_unlock(&foo_lock);
It isn't. It's nice for other application domains (matrix algebra, etc.) not for kernels.
(3) Foo could theoretically implement overloaded operators. How exactly is it helpful to do math on structs?
Does that actually make it any easier to understand the code? How does it make it more obvious to be able to write a "+" operator that allocates memory?Not all C++ features need to be used in the kernel. In fact, not all C++ features need to be used, period. Ever tried to understand code which uses overloaded operator,() (the comma operator)?