| > read-before-write is still undefined behaviour, dereferencing null is still undefined behaviour, divide-by-zero You rarely do these in Modern C++. It's your responsibility to check the input of program before doing anything with it. Structured Exception Handling aka SEH Exceptions can catch things like divide-by-zero, read-before-write, dereferencing null > The C-style footguns will probably still be there in 20 years. It's your job to know these footguns. Actually, it will take 2-3 months for a new programmer to separate C++ and C and understand what Modern C++ actually about. > I have mixed feelings on function overloading. It makes it harder to reason about what function is being called. It doesn't because overloading depends on the arguments not on the function names Without overloading, things become ugly. |
As I said before, one way or another, undefined behaviour is still a major problem in C++ codebases. This isn't really up for debate. pjmlp provided a good link on this. Most of Chromium's serious security bugs are due to memory safety issues. [0]
> It's your responsibility to check the input of program before doing anything with it.
C++ makes it the programmer's responsibility to avoid undefined behaviour. Programmers are not capable of doing this reliably. We're now at the point that it's no longer credible to argue otherwise. Even after all these decades it's still a problem for C++.
> Structured Exception Handling aka SEH Exceptions can catch things like divide-by-zero, read-before-write, dereferencing null
Sure, and with GCC/Clang, there are equivalent flags to enable trap-on-error for these errors. They're rarely used in production though, so we still face the consequences of undefined behaviour.
> It's your job to know these footguns.
Again, we've seen that C and C++ programmers simply are not capable of avoiding undefined behaviour. Even Google is unable to keep UB out of their prized Chromium codebase, despite their considerable investment.
> It doesn't because overloading depends on the arguments not on the function names
That's the definition of overloading, not a refutation of my point.
In a language like C with no overloading, the function identifier is enough to uniquely identify the function. You don't need to check if there are overloads, the identifier is enough. If you introduce overloading, that property no longer holds. You might work under the mistaken impression there are no other overloads of a function, or it might be non-trivial to determine the types being passed, especially in the presence of type-inference.
It's resolved at compile time, rather than at runtime, but my point stands.
> Without overloading, things become ugly.
It's a tradeoff.
[0] https://news.ycombinator.com/item?id=26862330