I came across this article the other day, titled “Why Rust cannot replace C++”.
I feel that the author completely fails to understand the opposing argument. The article claims that with “new” C++ features like smart pointers, you can write safe code in C++, therefore Rust is unnecessary.
But I don’t want a language where I can write safe code, I want a language where I must write safe code.
There’s this common statement that “the cognitive overhead of working with the borrow checker just isn’t worth the security benefits when you can write safe code in other languages”.
But the comparison is always to the “cognitive overhead” of writing something in some other language. When the comparison should be to writing something correctly in some other language.
Sure, it’s much easier to pass pointers (*, &, or shared_ptr) around, but now I have the “cognitive overhead” of ensuring that it’s only accessed from one thread at a time. Or not used after it’s been freed in the former cases.
When I’m working with the borrow checker that is something that I don’t have to think about. It’s less “cognitive overhead”.
@hds I worked 3 years in a C++ team at Google. To my surprise, memory errors were not a problem — when everybody follows https://google.github.io/styleguide/cppguide.html, things actually work very well. Even multi threading was was easy. The base libraries (such as https://abseil.io/) all follow this style and so things work consistently.
I recognize many of the style guide patterns from Rust and I completely agree with you that it has less cognitive overhead to let the compiler remind you than a style guide.
@mgeisler that’s a bit my point. A style guide is useful if you have the time and ability to train people on it, but if checking compliance is something a human has to do then you’ve still got cognitive overhead and humans, of course, get things wrong sometimes.
@hds True! Statically enforced correctness is amazing. However, I think the Rust community should keep in mind that there exist C++ teams who don't struggle with endless memory safety issues.
The code of my old team was not perfect... we did have mysterious crashes and I remember a crash that Rust would have caught: a stack-allocated value created in one thread was used in a longer-lived thread. Wrapping it in std::shared_ptr fixed that — equivalent to wrapping it in Arc in Rust.
Add comment