← Back to context

Comment by ben-schaaf

21 hours ago

> Is there a difference between c++ and java/go/etc if you enforce at code review for C++ to use only auto memory management like smart ptrs, containers, etc?

Smart pointers and containers are nowhere near memory safe, just enforcing their use gets you nowhere. `std::vector::operator[](size_t)` doesn't check bounds, `std::unique_ptr::operator*()` doesn't check null.

> Imo the strong point of rust is compile error if you try to use an obj after move (unlike c++ with undef behavior

The state of a value after being moved is defined by the move constructor. It is unspecified by the spec, but it's generally not undefined behavior.

3 comments

ben-schaaf

Reply
pjmlp  17 hours ago

They do when using hardned runtimes configuration, which was compiler specific, and starting with C++26 is officially part of the standard.

It naturally doesn't cover C style programming in C++.

Moldoteck  19 hours ago

What you mean by smart ptrs not being memory safe? Vector access can be done with at method

  • pjmlp  17 hours ago

    Which unfortunately most people avoid using, and until C++26 there is no at() for span.

    The best is really to enable compiler specific hardening.