![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
vak“The goal of this proposal is to advance a superset of C++ with a rigorously safe subset. Begin a new project, or take an existing one, and start writing safe code in C++. Code in the safe context exhibits the same strong safety guarantees as code written in Rust.”
Ну наконец хоть что-то шевельнулось в замшелом болоте развития Си++. 😀 Конкуренция с Rust заставила. Надо будет проштудировать на досуге.
“Here’s the memory safety value proposition: language and library vendors make an extra effort to provide a robust environment so that users don’t have to read the docs. No matter how they use the tooling, their actions will not raise undefined behavior and compromise their software to safety-related exploits. No system can guard against all misuse, and hastily written code may have plenty of logic bugs. But those logic bugs won’t lead to memory-safety vulnerabilities.”
Ну наконец хоть что-то шевельнулось в замшелом болоте развития Си++. 😀 Конкуренция с Rust заставила. Надо будет проштудировать на досуге.
“Here’s the memory safety value proposition: language and library vendors make an extra effort to provide a robust environment so that users don’t have to read the docs. No matter how they use the tooling, their actions will not raise undefined behavior and compromise their software to safety-related exploits. No system can guard against all misuse, and hastily written code may have plenty of logic bugs. But those logic bugs won’t lead to memory-safety vulnerabilities.”
no subject
Date: 2024-09-17 08:01 (UTC)no subject
Date: 2024-09-17 08:06 (UTC)no subject
Date: 2024-09-17 08:13 (UTC)“When [safety] is enabled, all mutations are explicit. Explicit mutation lends precision when choosing between shared borrows and mutable borrows of an object. Rust doesn’t feature function overloading, so it will bind whatever kind of reference it needs to a member function’s object. C++, by contrast, has function overloading, so we’ll need to be explicit in order to get the overload we want. Use mut to bind mutable borrows. Or don’t use it and bind shared borrows.”
no subject
Date: 2024-09-17 08:15 (UTC)no subject
Date: 2024-09-17 16:53 (UTC)no subject
Date: 2024-09-17 17:28 (UTC)But can the same concept be imported into C++? I think it can. There actually already are the syntactic means to express the borrowing and consumption in C++. Borrowing is "const &", and consumption is "&&". So all we need is a way to ban the plain "&" and "*" in the parts of the code that we decree "safe".
no subject
Date: 2024-09-17 17:38 (UTC)no subject
Date: 2024-09-17 17:39 (UTC)no subject
Date: 2024-09-17 18:49 (UTC)no subject
Date: 2024-09-17 19:30 (UTC)no subject
Date: 2024-09-17 20:28 (UTC)no subject
Date: 2024-09-17 22:00 (UTC)no subject
Date: 2024-09-18 03:07 (UTC)no subject
Date: 2024-09-18 03:19 (UTC)no subject
Date: 2024-09-20 04:13 (UTC)