this post was submitted on 19 Mar 2024
143 points (92.8% liked)
Programming
16760 readers
223 users here now
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities [email protected]
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I'm not a Rust developer (yet), but I understand its strength in this regard as: Rust is statically memory safe by default, and code which isn't statically memory safe must be declared with the unsafe keyword. Whereas C++ has not deprecated C-style pointers, and so a C engineer can easily write unsafe C code that's valid in a C++ compiler, and no declaration of its unsafeness is readily apparent to trigger an audit.
It's nice and all that C++ pioneered a fair number of memory safety techniques like SBRM, but the debate now is about safety by default, not optional bolt-on safety. All agree that the overall process to achieve correct code is paramount, not just the language constructs.
It's also just a huge fallacy. He's saying that people just choose to not write memory safe code, not that writing memory safe code in C/C++ is almost impossible. Just look at NASA's manual for writing safe C++ code. It's insanity. No one except them can write code that's safe and they've stripped out half the language to do so. No matter how hard you try, you're going to let memory bugs through with C/C++, while Rust and other memory safe languages have all but nullified a lot of that.
Do you have a link?
https://en.wikipedia.org/wiki/The_Power_of_10%3A_Rules_for_Developing_Safety-Critical_Code
and their 40 page coding standard document. https://ntrs.nasa.gov/api/citations/20080039927/downloads/20080039927.pdf https://ntrs.nasa.gov/citations/20080039927
and their software safety handbook. https://standards.nasa.gov/standard/nasa/nasa-gb-871913
all 389 pages of it https://standards.nasa.gov/sites/default/files/standards/NASA/Baseline/0/nasa-gb-871913.pdf
That first link is about a document from 2006, while C++ became a lot safer with C++11 in 2011. It's much easier to write safe C++ now, if you follow current guidelines:
https://isocpp.github.io/CppCoreGuidelines/
Yeah the standards for safe C++ haven’t changed, no matter how much the language changes.
I would say the standard has changed. The current guidelines require you to use features that didn't exist before C++11. C++11 was a huge change and it made C++ a lot nicer. The updates since then have generally been improvements but more incremental than revolutionary.
Dude core guidelines is like 2000 pages, C++ is a meme language
Print from html to PDF in a browser was 708 pages, so maybe half that if printed like a book (less whitespace etc.). About like a Rust textbook. Still a lot I guess.
Well I'm old so I need a larger font size
Seems very reasonable, apart from an arbitrary number of assertions required per function