|
|
|
|
|
|
by tialaramex
593 days ago
|
|
|
"What it says on the C++ box" is indeed enough for (parts of) 26262 And that's a problem, because what it says is vague and not very helpful for the problem we actually wanted to solve. It's enough by fiat - the people responsible for 26262 wanted to be allowed to write C++, so the bar has to be low enough to be cleared by C++. This problem grows in magnitude as the software in a safety of life critical system grows. To be clear: I don't think either of these general purpose programming languages is appropriate for use in safety of life applications. I think a provably correct program ought to be table stakes - But, a bar set low enough that you can write C++ is always going to be low enough for Rust to just step over it like it's barely even there. |
|
|