Originally posted by ultimA
View Post
Code:
unique_ptr<int> a[100]; *a[3] = 10;
Or how about this one:
Code:
unique_ptr<int> foo() { int a; return unique_ptr<int>(&a); }
Originally posted by ultimA
View Post
Originally posted by ultimA
View Post
There was a study published by Google showing that about 50% of their memory-related bugs in C++ were less than 1 year old. That doesn't mean that their new code is somehow dramatically worse than old code, it means that as older bugs get fixed, new ones are unstoppably coming in.
Among the other reasons why C++ can't be as safe as Rust:
- Rust's type system is strong, provably sound and uses Hindley-Milner inference, C++'s is weak (albeit very slightly stronger than C's)
- Rust has well defined move semantics, move in C++ is basically undefined behaviour
- (consequence of the above) in Rust all objects have a clear lifetime, functions can be data sinks and it is possible to enforce that an object cannot ever be used after a certain operation. In C++ this does not exist.
- in Rust the compiler ensures that all possible values in match{} (switch in C++) are covered, in C++ it doesn't
- Error management in Rust is entirely under the scope of the type system, borrow checker, is itself memory safe, thread safe and provably handles all cases. in C++ you have sometimes potentially null pointers (which is not possible in Rust), sometimes exceptions that involve very strange and often unpredictable pointer lifetime and aliasing errors and can actually themselves crash your code
- Rust is safe from data races, which is proven at compile time with no need for runtime support.
Originally posted by ultimA
View Post
Comment