←back to thread

C and C++ prioritize performance over correctness (2023)

(research.swtch.com)
92 points endorphine | 1 comments | 28 Mar 25 20:26 UTC | HN request time: 0.201s | source
Show context
netbioserror ◴[31 Mar 25 17:21 UTC] No.43537431[source]
There's a way I like to phrase this:

In C and C++, it's easy to write incorrect code, and difficult to write correct code.

In Rust, it's also difficult to write correct code, but near-impossible to write incorrect code.

The new crop of languages that assert the inclusion of useful correctness-assuring features such as iterators, fat-pointer collections, and GC/RC (Go, D, Nim, Crystal, etc.) make incorrect code hard, but correct code easy. And with a minimal performance penalty! In the best-case scenarios (for example, Nim with its RC and no manual heap allocations, which is very easy to achieve since it defaults to hidden unique pointers), we're talking about only paying a 20% penalty for bounds-checking compared to raw C performance. For the ease of development, maintenance, and readability, that's easy to pay.

replies(2): >>43537487 #>>43545348 #
grandempire ◴[31 Mar 25 17:26 UTC] No.43537487[source]
> but near-impossible to write incorrect code.

Except most bugs are about unforeseen states (solved by limiting code paths and states) or a disconnect between the real world and the program.

So it’s very possible to write incorrect code in rust…

replies(4): >>43537549 #>>43537582 #>>43537814 #>>43538545 #
netbioserror ◴[31 Mar 25 17:36 UTC] No.43537582[source]
True, but I think errors in real-world modeling logic are part of our primary problem domain, while managing memory and resources are a secondary domain that obfuscates the primary one. Tools such as exceptions and contract programming go a long way towards handling the issues we run into while modeling our domains.
replies(1): >>43537653 #
1. grandempire ◴[31 Mar 25 17:43 UTC] No.43537653[source]
Indeed, but you said something more extreme in the first comment.