Hacker News new | ask | show | jobs
by guywithahat 269 days ago
As far as I can tell, modern C++20/23 is as safe (if not safer) than rust. So much of rust compares itself to C++99, where modern C++ doesn't use exceptions, has smart pointers (RAII), improved casting and array management, and has an extensive suite of checking tools and flags. The conversations I've seen at my company for using rust tend to be "well it would be tun to do something different", which just aren't very compelling to me. I worry Rust is going to end up like Haskell in 5 or so years
4 comments
jcranmer 269 days ago
> As far as I can tell, modern C++20/23 is as safe (if not safer) than rust.

It is not. Rust will, for example, prevent the following memory-safety issue from compiling:

    std::vector<T> meow;
    T &x = meow[i];
    meow.push_back(...); // Oops, x is now dangling, maybe!
    x.a = ...;
(This sort of pattern is responsible for nearly 100% of the C++ memory safety issues I know I've committed in the past several years.)
link
wffurr 269 days ago
C++ is getting safer, but it has a long way to go to match Rust's safety guarantees. Google is doing a lot with spatial safety with hardened libc++, bounds checks for C-style arrays, and safe buffers; but temporal safety is a lot harder without more information in the source code.

Running sanitizers and such is quite expensive too. It burns a lot of cycles to run msan, asan, tsan, valgrind, etc.

Whereas catching these bugs at compile time saves everyone a lot of time and money.

TBH I don't find the reasons in the article particularly compelling. Rust has a lot of industry backing now and is pretty clearly the way forward to systems programming. Writing Rust wrappers over the various libraries they use is largely a one-and-done issue, and they can publish them to Cargo and share the load of keeping them updated. If ISO or various governments get their act together with a real software liability regime or cyber security requirements, companies with big legacy C++ code bases will be in a tough spot. Second best time to start writing safe code in your project is now.

link
tcoff91 269 days ago
The sanitizers and static analysis tools are not as good as the borrow checker for preventing data races.
link
ancwrd1 269 days ago
You can easily introduce memory-related issues in the "modern C++" and the compiler won't say a word even with pedantic checks.
link