Actually hot take: Modern C++ is less safe than classic C++, which is less safe than C.
-
-
new features add some risks, sure, but new safety benefits massively outweigh those in my experience. iow i'd bet real-world c++ code has gotten a lot safer, even if the language has more risks in it if you just count them.
-
I don’t really agree. Most of the new “safety” features (RAII, in particular) are of the form “protects against memory leaks”, which aren’t really safety features in the form of memory safety as memory leaks are safe.
- 6 more replies
New conversation -
-
-
I use lambdas a lot. Can’t remember the last use after free from them. Also, do you seriously and honestly think that Rust is the best solution to use after free? Wouldn’t it better to have a solution that just worked in C++?
-
Yes, I think Rust is the best solution. I don't believe there can ever be a solution that "just works" in C++ for systematic reasons, without changing C++ so much it wouldn't be C++ anymore. Best you could do is lint against common pitfalls like the lifetime profile does.
End of conversation
New conversation -
-
-
I’d love to read that rant in long form.

-
I’d also love to see lambda and string_view related vulnerabilities. I have been expecting them by now, honestly.
- 2 more replies
New conversation -
-
-
I hadn't had to touch any code using C++ lambdas but I saw some Gecko patches as they went by and I have no idea how you're supposed to use them safely.
-
There's static analysis that restricts the types that can be captured by lambdas, which catches some bugs.
- 1 more reply
New conversation -
-
-
C++ lambdas are terrifying.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
It seems like a totally mixed bag. Having better integrated move semantics and so on help. As is almost always the case with closures, they lead to easy dire mistakes. They're almost always a misfeature unless very strictly checked. Their side effects in concurrency are awful
-
My experience trying to use C++ move semantics to enforce linearity constraints is mixed. You don't gain much compile-time safety because moves are nondestructive and you need to support an invalid state. You at best get runtime checking, and you still need discipline to get it
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.