|
|
|
|
|
|
by ynik
1133 days ago
|
|
|
But Rust has kind of a spec: https://doc.rust-lang.org/reference/
Sure, it's not as well-specified as C++; so one could say it's "not a real spec". But C++ also isn't perfect, there are plenty of programs for which no two compiler developers can agree on whether they have UB. The C++ spec language is just too ambiguous and underspecified in several areas. If you want to be sure, you need an actual machine-checkable formal specification. Neither C++ nor Rust have that. In the end, what really matter is the contract between the programmer and the compiler: are compilers allowed to break a program in weird ways because the programmer forgot about one of the arcane rules in the spec? For C++ and unsafe Rust, the answer is yes (we don't know how to build optimizing compilers for low-level languages otherwise). But for safe Rust, the answer is no. That's a big deal. |
|
|