You’ve no doubt noticed the recent acceleration of the transition from Flash in favor of HTML5, thanks in large part to Apple’s refusal to support Flash on iPhone and iPad. First YouTube, and now TED, Vimeo, CBS, and Time and The New York Times are adding support for HTML5 in addition to, or instead of, Flash.

I’ve lately come to dislike Flash for personal reasons. Specifically, the Shockwave Player plugin is buggy and keeps hanging Chrome in particular and costing me a few minutes every few days while I wait for the “want to kill this plugin?” dialog to come up. It’s not the end of the world, just an annoyance. But it is annoying.

Aside: This seemed to start, or at least get a lot more frequent, around the time I installed Windows 7, which means we can have many interesting discussions about who broke whom. However, in searching around I see on Web forums there’s been a lot of chatter about Shockwave Player crashes on multiple browsers and OSes.

But given that the world is starting to move on anyway, and because I like to tinker, I wondered what “the Web without Flash” would look like on my PC. I already know what it looks like on my iPhone, but the PC gets heaver use and I generally use it to visit richer sites.

So yesterday I decided to take the plunge and uninstall Flash entirely. Flash used to be a de rigueur add-on. Now I’ll see what the Web is like without it.

So far, so good. My Machine Architecture talk on Google Video doesn’t play, but other than that the main difference is just that I see less distracting content and that I get a cute little bar at the top of many pages asking me to install a plugin to fully display the page; dismissing the bar only lasts for the duration of the page, but I find that the bar quickly fades into the background of consciousness.

We’ll see how long I can last sans Flash.

This morning, the C++0x Final Committee Draft (FCD) text was completed by our tireless project editor Pete Becker, approved by the review committee of Steve Adamczyk and Howard Hinnant, and sent to SC22 for FCD ballot. The SC22 secretariat has informed us that the FCD ballot will begin today and close on July 26.

Thank you to everyone involved with the C++ committee for the huge amount of work they’ve invested over the past six months and more to resolve design corner cases, drive down issues list bug counts, and make it possible for us to approve several key papers and unanimously vote out an FCD two weeks ago in Pittsburgh. After two more weeks of hard work to apply the approved papers to the working draft, today the baby was ready to dress up in a cute ISO cover sheet and show to the world. As Joe Biden might say, this is a big deal.

The FCD document will be freely-as-in-beerly available on the committee’s 2010 papers page in about a week, when the post-meeting mailing goes up. Watch that space for details.

[Updated 3/26 to spell out “Final Committee Draft”]

Software-related

PDF the Most Common Malware Vector (Schneier)
It’s almost non-news, because it’s been obvious for years that this was coming. Malware writers target the common programs and formats. Several years ago, I talked to senior developers from a major software company on multiple occasions about memory safety and secure coding, and at the time they weren’t interested because exploits didn’t affect them (yet). As an example, I pointed out: “Look, do you think software like Acrobat Reader needs to care about secure coding? – But of course it does. Isn’t it obvious that it’ll be targeted sooner rather than later?” Moral: If you write popular software, the need for secure coding affects you and your product; if it doesn’t today, it will tomorrow. (Obligatory note: This isn’t just about C and C++. Every mainstream language lets you write exploitable security flaws.)

Visual C++ Developer Survey (MSDN)
”As we wrap up Visual Studio 2010, we are starting to plan the next release of Visual C++. … We would like to better understand what you do.”

General information/amusement

Distributed Version Control is here to stay, baby (Joel on Software)
Evidently the last Joel on Software article, too.

The Hobbit to begin shooting in July (Variety)
Where can we buy fake foot hair for the premiere?

Really.

Direct link.

[Updated 3/17 for clarity.]

On this blog, I’ve always been happy to follow a policy of not editing or filtering comments, and to let comments stand whether the commenter agrees with me or not. However, recently a few comments have strayed into name-calling (e.g., I’d never heard the term “freetard” until last week), and I’ve decided to start moderating all comments, and to remove some existing comments that seem to me to be disrespectful of others.

Fortunately, the vast majority of comments aren’t like that, and opinions that respectfully disagree with my own or with those of other commenters continue to be welcome. Thanks for understanding.

[Note: I usually post trip reports after the public post-meeting mailing goes live a few weeks after the meeting, so that I can provide links to minutes and papers. This time, I wanted to post the report right away to share the news. If you’re interested in the post-meeting papers, including the official minutes, watch the 2010 papers page which is where they will appear in a few weeks.]

 

The ISO C++ committee met in Pittsburgh, PA, USA on March 8-13, 2010, hosted by the CERT Software Engineering Institute at Carnegie Mellon University. As usual, about 50 experts attended, and we had eight official national body delegations from Canada, Finland, France, Netherlands, Spain, Switzerland, United Kingdom, and United States.

The meeting just concluded a few minutes ago (yes, the meetings run through Saturday afternoon). Here are some highlights of what happened today, which was another landmark in the progression of the C++0x standard.

Approved Final Committee Draft (FCD) for C++0x

The biggest news is that this afternoon we voted in the final remaining feature changes to C++0x, and to much applause then unanimously approved the text for international ballot as a Final Committee Draft (FCD). FCD means that, assuming no surprises, we intend to do only bug fixes and editorial corrections for the next year or so, and then ballot a final standard. If we can do that, assuming all goes well, C++0x could officially be published as soon as next year as ISO C++ 2011, and we can stop with the “x-is-hex” jokes and just start calling it C++11.

This is a big milestone, and it was achieved thanks to removing a couple of controversial features last summer and a whole lot of work by the ISO C++ committee members over the past six months in particular. That work includes countless hours spent between our full face-to-face meetings at face-to-face ad-hoc meetings to swat library bugs, teleconferences on resolving core language questions, and triple-digit person-hours invested in four teleconferences during December-February purely about C and C++ compatibility that have greatly helped to identify and attempt to resolve minor areas of divergence between the C++0x draft standard and the C1x draft standard (as both are now in progress; C1x is targeting completion and publication in 2012).

All in all, your committee members have put in an enormous amount of effort to bring this in, and the draft is in far better shape for this meeting than anyone could have expected last summer. For comparison, in my and several others’ opinions, it’s in better shape than the FCD of the C++98 standard.

Since we’re closing down this round of standardization, we didn’t make many exciting technical changes. Here are two technical highlights of the meeting that are likely of general interest, finally adopting changes we’ve contemplated before.

Removed Export Template

As I reported after the last meeting (here and here), the committee considered the question of whether to deprecate, remove, or leave in the “export template” feature.

For context, the only reason we’re even considering this is because Edison Design Group (EDG), the only company to ever implement export, is recommending export be removed or deprecated. Recall that back in the 1990s the committee originally voted the feature in over EDG’s objections in the first place, then in the late 1990s and early 2000s EDG graciously and gallantly went on to invest enormous effort to implement the feature in order to conform to the standard, and so the committee was loath to punish them again by now removing the feature on them. However, given the passage of time, EDG reports that their experience in the field has been that nearly no one actually uses the feature, and that it would be right (and okay with EDG) to deprecate or remove it.

At our previous meeting, the general sentiment was in favor of deprecation only. However, at this meeting EDG reported that they would prefer the feature to be removed rather than just deprecated, because a deprecated feature is still part of the standard and required for conformance. By removing it from C++0x, it removes the maintenance burden of being forced to support export indefinitely to maintain full standards conformance (though of course EDG will continue to support it as an extension in their compiler front end for however long seems right based on their own customers’ demand).

The committee agreed, and today voted to remove export entirely from C++0x. The “export” keyword is still reserved for future use, but has no defined meaning in the C++0x standard.

Deprecated Exception Specifications, Added noexcept

As also considered at our previous meeting, this week we went ahead and deprecated throw-specifications (e.g., throw(), throw( Base, Derived1 )). For rationale, see the two background references referred to in the proposal, one of which is an article by me:

• H. Sutter. “A Pragmatic Look at Exception Specifications”
• Boost. “Boost Exception Specification Rationale”

As noted in the second reference, “A non-inline function is the one place a ‘throws nothing’ [i.e., throw()] exception-specification may have some benefit with some compilers.” Because this would have some utility, there is a replacement for empty exception-specifications… the noexcept keyword, which has the basic use syntax “void f() noexcept {…}”. It optionally takes a compile-time constant true/false expression that if true means the noexcept is in force, which helps libraries to write efficient overloads. This feature will be written about for years to come, but that’s the basic idea.

Here’s the concise summary from the core working group report by Steve Adamczyk (of EDG fame and longtime core working group chair):

We discussed two things related to exception specifications: noexcept (N3050), and deprecating exception specifications (N3051). There was some spirited discussion of what happens when you violate a promise not to throw. In the end, we decided that in such a circumstance terminate() gets called, and it’s unspecified whether any cleanup is done for local variables between the throw point and the point of the violated noexcept. It’s believed that for efficient implementations of exception handling a noexcept will not add any overhead and will not restrict optimization opportunities.

The old-style exception specifications, including the throw() form, will now be deprecated. The library specification needs to be updated to use noexcept instead, and that won’t happen at this meeting.

Note that the decision to call terminate() is not final and alternatives will be considered at future meetings. There was general (but not universal) agreement that the program should not be allowed to continue executing if a noexcept is violated because in that case the program will almost certainly be in a corrupt state, and so the consensus was in favor of guaranteeing to call terminate() instead of allowing arbitrary undefined behavior, but it’s possible that a comfortable middle ground between those two options may yet be found.

Looking Forward

We wrapped up with a presentation of the scheduled dates and locations for the next few ISO C++ standards committee meetings (meeting information link included where available):

• August 2-7, 2010: Rapperswil, Switzerland
• November 8-13, 2010: Batavia, Illinois, USA
• March 21-26, 2011: Madrid, Spain

Finally, here’s a copy of summary slide I presented, which will also be in the post-meeting mailing. Here’s to C++11 (we hope)!

 

In my role as convener of the ISO C++ committee, I get to field a number of questions about the committee and its process. It occurred to me that some of them might be of more general interest, so I’ll occasionally publish an edited version of my reply here in case other people have similar questions. Note that the quoted questions may be paraphrased.

Today’s question comes from someone who recently asked about why, if ISO C++ is an open standard, ISO charges for it and we can’t just download it for free.

The short answer is that people sometimes confuse “open” with “free.” ISO standards aren’t “open” like the O in FOSS, they’re “open” like “not developed behind closed doors.” Anyone who wants to pay for membership in their national body (if their country participates in ISO and in the specific project in question) is able to come join the fun. In free-as-in-beer terms, this means that experts are welcome to come to the ISO brewery at their own expense and volunteer their time to help brew the beer, and then when the beer is ready the customers still pay ISO to drink it (the helpers don’t get a cut of that, only a free bottle for their personal use and the satisfaction of having brewed a mighty fine keg).

Longer answer follows:

ISO C++ claims to be an OPEN STANDARD. Where can I download the OPEN STANDARD for ISO C++.

All published ISO standards are available for sale from the ISO store, via http://iso.org. You can purchase a copy of the latest currently published C++ standard, 14882:2003, here for CHF 380:

• http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=38110

Also, your national standards body may sell a copy. For example, the ANSI store sells a PDF version here for US$ 30:

• http://webstore.ansi.org/RecordDetail.aspx?sku=INCITS%2FISO%2FIEC+14882-2003

However, before you buy one of those, note that we’ve been actively working on a new revision to that standard, and hope to be done in the next year or so. You can get a free copy of the latest (but incomplete) draft of the C++ standard here:

• http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2010/n3035.pdf

Note that this is a working draft as of a couple of weeks ago; it is not the standard currently in force, and it is not exactly the standard that will be published in the next year or two, but it is a draft of the latter that’s in pretty good shape but will still get some editorial corrections and technical tweaks.

By the way, what does it mean, that the STANDARD of a widely used language is OPEN? Especially if I have to pay for it?

All ISO standards are "open standards" in that they’re developed in an open, inclusive process. All member nations of ISO are eligible to participate, send experts, contribute material, vote on ballots, and so forth. Additionally, some working groups, including C and C++, make all of their papers and all working drafts freely available on the web, as with the link above; the only thing a working group is not allowed to make freely available, except with special permission from ISO, is the text of the final standard it produces, because ISO reserves the right to charge for that.

Could you explain to me, what should it mean if the STANDARD of a widely used language was CLOSED?

Generally, that means it was developed privately by some closed industry group or consortium that not everyone is allowed to join and participate in. Some standards are developed behind closed doors controlled by some company or companies. ISO standards are not like that.

Best wishes,

Herb