Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The main strength of a memory-safe language is that the safety mechanisms are opt-out, not opt-in: you can confine the unsafe behavior to a small, manageable portion of the codebase. And trying to "fix" C to become a memory-safe language would probably just result in something like a Rust dialect that merely bears more superficial resemblance to C. In any case, thorough re-writing of existing codebases would be required. You might as well re-write in a language that currently exists, rather than add creating a new language to the top of the to-do list.


I would call C++ a memory safe language that has more than a superficial resemblance to C. Rust makes is more obvious when/where you are intentionally opting out, but most C++ memory bugs are where someone opted out of the modern C++ way to use the C way. (including new/delete as the C way).


> I would call C++ a memory safe language

C++ is not, in any sense, a memory safe language.


Then you don't know anything about C++, only the C legacy it is built on. Modern C++ has good data structures and good memory management.

To be fair actually using those features of C++ instead of the C legacy is still catching on. Most instructors aren't even teaching it.

Using C in C++ is like using unsafe everywhere in rust - you can do it, but you lose all the advantages.


Memory safety is not about what a language has. It's about all the things a language doesn't have, doesn't allow.


Even if you stick to "modern C++" and never use C-style pointers, arrays, enums or unions, it is still trivial to have memory errors in C++.


This is a common viewpoint but also wrong. There's plenty of ways to invoke memory unsafety in 'modern' C++: iterator invalidation is probably the biggest source.


While you are technically correct, those who study C++ security note that those are a tiny minority of all security errors. Still an issue, but not nearly as common an issue as the ones that come from the C roots of C++.


No true Scotsman huh?

https://en.wikipedia.org/wiki/No_true_Scotsman

Also can you link to an example of this purported memory safe C++ compiler? Please note for an apples to apples comparison it must reject all memory unsafe non-modern C++ constructs.


Iterator invalidation was the cause of a Firefox zero day in 2016. https://bugzilla.mozilla.org/show_bug.cgi?id=1321066


    std::string_view xx = something_that_returns_a_std_string();
    use(xx); //oops


If C++ compilers had a default mode of rejecting code that was unsafe (any code using raw pointers or unchecked array access, I guess?), then sure- you could call it that. But as it is, no way.


> would call C++ a memory safe language

LOL.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: