[youdontknowtho]

Again, I get where you are going with this.

Rust isn't the only solution. There are mechanisms that can be used in C++ to make a program memory safe by construction. I'm not even saying that Rust isn't a good solution. (I am saying I don't like the syntax...I'm sure I could get used to it at some point.)

I just get very wary when something has this kind of "evangelism" behind it. That's all. I'm really looking forward to seeing what Mozilla does in Firefox with it.

[zaphar]

The disconnect you two have is that C++ doesn't force you to always use those safety features. Furthermore due to reasons that are entirely non non-technical in nature will never force you to use them. The reason Rust exists is to solve that problem and the result is that an entire set of bugs, that have plagued developers in the target C++ domain for ages, are literally impossible.

ADT's have been known to be a superior way to express state machines for ages but C++ for both technical and non-technical reasons will never actually get them. Rust solves this problem by starting over.

[agumonkey]

Would you mind sharing other "correct by construction" ideas/references/libraries you know ?

[youdontknowtho]

I was mainly talking about the C++ Guideline Support Library and GSL profile "checkers" that have been in process for the last couple of years.

https://blogs.msdn.microsoft.com/vcblog/2015/12/03/c-core-gu...

https://github.com/Microsoft/GSL

https://www.youtube.com/watch?v=JfmTagWcqoE