Giving C a superpower: custom header file (safe_c.h)

(hwisnu.bearblog.dev)

271 points mithcs | 1 comments | 17 Nov 25 10:40 UTC | HN request time: 0s | source

Show context

woodruffw ◴[17 Nov 25 13:30 UTC] No.45953391[source]▶

Intentionally or not, this post demonstrates one of the things that makes safer abstractions in C less desirable: the shared pointer implementation uses a POSIX mutex, which means it’s (1) not cross platform, and (2) pays the mutex overhead even in provably single-threaded contexts. In other words, it’s not a zero-cost abstraction.

C++’s shared pointer has the same problem; Rust avoids it by having two types (Rc and Arc) that the developer can select from (and which the compiler will prevent you from using unsafely).

replies(13): >>45953466 #>>45953495 #>>45953667 #>>45954940 #>>45955297 #>>45955366 #>>45955631 #>>45955835 #>>45959088 #>>45959352 #>>45960616 #>>45962213 #>>45975677 #

accelbred ◴[17 Nov 25 16:49 UTC] No.45955366[source]▶

>>45953391 #

Unfortunately, for C++, thats not true. At least with glibc and libstdc++, if you do not link with pthreads, then shared pointers are not thread-safe. At runtime it will do a symbol lookup for a pthreads symbol, and based off the result, the shared pointer code will either take the atomic or non-atomic path.

I'd much rather it didnt try to be zero-cost and it always used atomics...

replies(3): >>45955580 #>>45956553 #>>45956902 #

eddd-ddde ◴[17 Nov 25 19:11 UTC] No.45956902[source]▶

>>45955366 #

Why use atomics if you don't need them? There really should just be two different shared pointer types.

replies(1): >>45959387 #

1. accelbred ◴[17 Nov 25 22:56 UTC] No.45959387[source]▶

>>45956902 #

I wouldn't mind two types. I mind shared pointer not using atomics if I statically link pthreads and dlload a shared lib with them, or if Im doing clone3 stuff. Ive had multiple situations in which the detection method would turn off atomic use when it actually needs to be atomic.

↑