[bluGill]

Depends, i know one company that spent billions swithicg to memory safe stuff, but after a few years an experienced team did a project in both the memory safe new stuff and in parallel the same in C. The C code was done in a week, the new stuff 3 months. They are back to C for everything and the people pushing memory safety are gone.

The right tools mater. The memory safe stuff above was autosar, so not something often discussed here. Rust is getting interest from the above team but after the above burn they are slow to try new things.

[pencilguin]

We may presume the Modern C++ version would have been done even faster, then, and without memory faults.

[bluGill]

The team in question had decades of c experience, and was doing all new stuff (maybe half of all work?) In autosar. I was working with them on an unrelated C++ project and I can assure you the C++ they write was not very good since the only C++ stuff was things they didn't want to do.

[RealityVoid]

I work with AUTOSAR. I am fairly confident that AUTOSAR itself is the problem and not representative of the productivity you would gain from memory safe stuff. I can also say that the AUTOSAR stacks themselves offer no memory guarantee and have seen way too many bugs in those stacks to have any sort of faith in them.

[pencilguin]

We may presume that, coming in C++, competent modern C++ developers could be found, unlike for immature languages.

Building everything performance-critical with immature languages is not a viable alternative. But building with modern C++ is one.