|
|
Subscribe / Log in / New account

Bjarne Stroustrup’s Plan for Bringing Safety to C++ (The New Stack)

Bjarne Stroustrup’s Plan for Bringing Safety to C++ (The New Stack)

Posted Nov 2, 2023 17:05 UTC (Thu) by ojeda (subscriber, #143370)
In reply to: Bjarne Stroustrup’s Plan for Bringing Safety to C++ (The New Stack) by adobriyan
Parent article: Bjarne Stroustrup’s Plan for Bringing Safety to C++ (The New Stack)

> As for "wc -l" part, the statement is far from true.

From your comment, I think you misunderstand what "safe" means in Rust.

It does not mean "the lines do not have UB because I checked" (like you do in your comment). It is the other way around -- that would be "unsafe" Rust.

In C, essentially any non-trivial line may contain UB. That is why they are "unsafe" in Rust terms, and why the statement about `wc -l` is quite close to reality.

to post comments

Bjarne Stroustrup’s Plan for Bringing Safety to C++ (The New Stack)

Posted Nov 2, 2023 17:29 UTC (Thu) by adobriyan (subscriber, #30858) [Link] (1 responses)

> In C, essentially any non-trivial line may contain UB.

"may contain" doesn't mean "contains". This fixation on UB is partially misguided.

> That is why they are "unsafe" in Rust terms, and why the statement about `wc -l` is quite close to reality.

C/C++ static checkers/compilers don't require to mark code with "safe" or "unsafe" and don't mark code themselves ex post facto.
Rustc requires unsafe marks thus creating the illusion that close to 100% of C/C++ code is unsafe.

I'm writing toy C compiler at the moment:
* C expressions are allocated from stable container,
* expressions form AST with pointers pointing to other expressions,
* pointers to expressions are never freed,
* references and other form of pointers aren't used,
* stable container is globally destructed when program exists (which is waste of cycles but this is for later).

It is easy to verify for a human at high level (and sanitizers confirm) that there are no leaks and
there are no bugs with pointer management despite having a awful lots of pointers.

Bjarne Stroustrup’s Plan for Bringing Safety to C++ (The New Stack)

Posted Nov 2, 2023 17:42 UTC (Thu) by mb (subscriber, #50428) [Link]

> It is easy to verify for a human at high level (and sanitizers confirm) that there are no leaks and
>there are no bugs with pointer management despite having a awful lots of pointers.

Yep. And that is what Rust calls "unsafe code, manually checked".
Safe code would be, if the compiler itself could prove that without human intervention.

Get it now?


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds