frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Rust Devs Think We're Hopeless; Let's Prove Them Wrong (With C++ Memory Leaks)

https://www.babaei.net/blog/rust-devs-think-we-are-hopeless-lets-prove-them-wrong-with-cpp-memory-leaks/
27•zdw•1y ago

Comments

eptcyka•1y ago
Memory leaks are by far the least interesting class of defect that Rust helps with - leaking memory is safe.
genter•1y ago
Until the kernel kills you for being OOM.
YZF•1y ago
That's still safe.

EDIT: Safe in the sense you're not writing into memory you don't own, e.g. write after release, buffer overflows etc.

scotty79•1y ago
Program that no longer runs is the safest.
aquariusDue•1y ago
For true safety we must prevent it from being written in the first place /s
dmit•1y ago
That's the true meaning of backward compatibility. The [backward] refers to the time scale.
drivingmenuts•1y ago
stomps butterfly

I've just saved untold generations from certain calamity.

** 6,000,000 years later **

Butterfly King: This chimpanzee-descended motherfucker ….

airstrike•1y ago
I'll add that even safety itself is not the sole reason why some people prefer Rust. There's a lot to Rust besides that and sometimes it's not about memory safety as much as it is about steering you into patterns Rust devs perceive as better overall.
jayd16•1y ago
Possible attack vector, though.
andrewflnr•1y ago
The least interesting attack vector. You can fix it by rebooting.
Arnavion•1y ago
And in fact is not even something that Rust does differently from C++. Memory releases in Rust are handled by dtors just like they are in C++. What a weird article.

(The only difference is that Rust defaults to moving while C++ defaults to copying, and Rust moves don't leave a moved-out object behind while C++ does, so the dtors in Rust are simpler and called fewer times than the equivalent C++ code.)

dmit•1y ago
Yes, the only difference.
api•1y ago
The problem with unsafe languages is not that you can’t write safe code in them with skill and discipline.

The problem is that programmers don’t always do that, either because they are not that experienced or they are in a hurry.

The real danger is when code is long lived and worked on by multiple people. One bad commit after a late night hacking session and now there is a zero day just waiting to be discovered.

Safe languages don’t rule that out but they make it profoundly less likely.

bluGill•1y ago
I write C++ all the time and I still cannot convince many developers to use unique_ptr over new. It isn't that hard to write code that doesn't leak but if you bypass the language features it cannot help you.

for that matter though I've seen rust programmers put everything in unsafe.

on_the_train•1y ago
There's static analysis which can effectively force these things. C++ problems are self-inflicted
bluGill•1y ago
There is but we have code predating c++11 that isn't worth rewriting. So the static analisys is off. We do use lots of static analisys but that one is too hard to fix all the old code that we have decades of proff works and isn't leaking (much?)
andrewflnr•1y ago
I mean, a sufficiently safe language would rule it out. Either one not expressive enough to express memory unsafety (i.e. GC or fully linear types with no escape hatches) or one that requires a machine checked proof of safety to compile. These options just happen to be too big of a pain in the assembly for today's appetite.
api•1y ago
There are lots of languages where true memory bugs are impossible. As you say they are higher level and usually GC.
andrewflnr•1y ago
Right, the interesting case would be the formal proof. Though, I suspect there are fewer high-level languages where memory bugs are actually impossible than you would naively think. I've segfaulted Python by accident, only using the standard library (concurrency shenanigans if I recall). You can probably do worse if you try. To make a truly memory-safe language, you would need to carefully design and implement the standard library, disallow all native code extensions, and probably more I'm not smart enough to figure out. So, not Java, not Python. Maybe some Schemes?
shmerl•1y ago
No, C++ is hopeless. No need to bend over backwards to try to disprove it. It's not only about memory safety, some of it is about legacy stuff and backwards compatibility it's forever stuck with.
tom_•1y ago
This only works with the VC++ CRT, which is potentially a bit limiting!

Also, the DEBUG_NEW thing is useless in practice since, from memory, it stops you using placement new, and dependencies typically don't participate, so a zillion unlabeled leaks is the usual result from the common case of you failing to call some dependency's free function.

And the allocation IDs (and therefore _CrtSetBreakAlloc) are pretty worthless in practice for multithreaded programs, because the allocation order isn't deterministic.

I use the LEAK_CHECK_DF flag in the programs I write (and the CHECK_ALWAYS_DF is worth investigating too), but the only point is to indicate whether there are leaks on exit, yes/no. If no, great; if yes, well that's useful information, but the actual output is almost never helpful. (Though occasionally I do somehow introduce a leak from something that happens before the first thread is created.)

yusina•1y ago
It's 2025 and we are still discussing memory leaks. The very existence of this article is an indication that C++ (used like that) has an issue. Non-kernel programmers should not even be able to create memory leaks by mistake.

Well, unless they are doing something incredibly stupid including stepping over several explicit warnings of "don't do this unless you are very sure about what you are doing".

teleforce•1y ago
It's really a shame isn't it? It's 2025 and we still have no programming languages that have impeccable GC for automatic memory management rather than forcing programmer to wrestling and fighting for manually managing the memory [1].

Auto industry kind of solved this automation mechanism for example with the new high performance Toyota GR Corolla has a new automatic gear transmission that's proven as fast if not faster than the manual version [2]. The same goes to F1, the epitome of car racing performance.

[1] Understanding Memory Management, Part 5: Fighting with Rust (101 comments):

https://news.ycombinator.com/item?id=43882291

[2] 2025 Toyota GR Corolla's New Automatic Gearbox Democratizes Fun:

https://www.caranddriver.com/reviews/a62672128/2025-toyota-g...

linotype•1y ago
I’ve seen way more comments from C++ developers complaining about Rust developers insulting them than I’ve seen Rust developers actually insulting C++. It’s weird to see how attached people are to programming languages, though it’s weird to me too how attached people are to ICE/drivetrains.
sunrunner•1y ago
I think that's because the Rust developers are having too much fun sitting on their high horse shouting about how great the horse is to need to spend time yelling about the people _not_ on the horse, while the C++ developers don't have a horse to yell about so need one to yell _at_ instead.
squirrellous•1y ago
It’s about jobs and livelihoods, even if not everyone will admit it. It’s easy to emotional when the argument boils down to “your skills are now outdated, go learn a better one”.
fithisux•1y ago
c++ is a huge language, with lots of backwards compatibility.

I think c++ should keep the good modern things and fork (restart) from there by breaking backwards compatibility, c++23 will be frozen with some fixes.

Show HN: Dataset for AI training and fine tuning

https://neurvance.com/
1•Adam_SDDk•2m ago•0 comments

Steven Soderbergh defends using AI in a documentary about John Lennon

https://apnews.com/article/john-lennon-steven-soderbergh-ai-cannes-documentary-7794a4344ed455cae4...
1•smurda•2m ago•0 comments

AI Revenue May Jump 5x to $200B This Year as Spending Race Intensifies

https://www.fidelity.com/news/article/company-news
1•gluke_bywalker•2m ago•0 comments

New arsenal jersey with Deel (YC) on the sleeves

https://arsenaldirect.arsenal.com/Football-Shirts-and-Kit/Home/Arsenal-adidas-26-27-Authentic-Hom...
2•aaqaishtyaq•4m ago•0 comments

We engineered RAG to be 50% faster

https://elevenlabs.io/blog/engineering-rag
1•ChicknNuggt•4m ago•0 comments

Show HN: Uber burned its 2026 AI budget by April. Why? 73% redundant reads

https://argosbrain.com/blog/re-read-tax
1•CataDef•4m ago•0 comments

PostgreSQL ext makes LLM available as an index for similarity searches,inference

https://codeberg.org/gregburd/pg_infer
1•kermatt•4m ago•0 comments

What's My Size?: How to Read a Size Chart

https://truestyle.substack.com/p/whats-my-size-how-to-read-a-size
1•crescit_eundo•6m ago•0 comments

Mermaid Diagrams Are Unreadable in Real-World Technical Docs

https://clairetsao.substack.com/p/mermaid-diagrams-are-unreadable-in
1•missmoss•7m ago•0 comments

The Simplicity Trap: Why AI is making us "simple" in the wrong way (or not)

https://higashi.blog/2026/05/09/simplicity/
1•yuedongze•7m ago•0 comments

Trump cuts to weather data could make forecasts less reliable, warn experts

https://www.theguardian.com/us-news/2026/may/18/trump-cuts-ai-weather-prediction-forecasts
1•Gedxx•7m ago•0 comments

We Have Prison Gangs (2024)

https://asteriskmag.com/issues/08/why-we-have-prison-gangs
1•surprisetalk•8m ago•0 comments

'AI' Could Lead to a Rise in Research Slop

https://www.nominalnews.com/p/ai-research-slop-p-hacking
2•NomNew•9m ago•0 comments

1024000^2 Blocks, 2B2T Minecraft Server World Download Project, and Discoveries

https://github.com/2b2tplace/1m_release
1•exploraz•11m ago•0 comments

Bad News for the Average Pentester

https://www.atredis.com/blog/2026/5/15/bad-news-for-the-average-pentester
2•speckx•13m ago•0 comments

GoDaddy Agent Naming Service (ANS)

https://www.godaddy.com/ans/
3•hasheddan•13m ago•0 comments

Sharla Boehm, the programmer whose code underpins the Internet

https://www.scientificamerican.com/article/the-programmer-whose-code-underpins-the-internet/
2•dxs•13m ago•0 comments

When Fast Fourier Transform Meets Transformer for Image Restoration

https://github.com/deng-ai-lab/SFHformer
1•teleforce•13m ago•0 comments

The Plan to Make American Crime Obsolete (A16Z Show)

https://open.spotify.com/episode/3leFhrUTOzmhoqQwS8F4BR
1•fallinditch•15m ago•0 comments

Building Vector Similarity Search in PostgreSQL with Pgvector

https://machinelearningmastery.com/building-vector-similarity-search-in-postgresql-with-pgvector/
2•eigenBasis•16m ago•0 comments

Scripts and Aliases for Your Linux

https://alexeev-dev.bearblog.dev/scripts-and-aliases-for-your-linux/
2•alexeev-prog•16m ago•0 comments

Booking.com and Weaviate

1•CShorten•18m ago•0 comments

Agent Braille – 8-bit state encoding for LLM agents, ~92% fewer tokens than JSON

https://github.com/Tetrahedroned/Agent-Braille
4•Octothorped•18m ago•0 comments

Pre-announcement of BIND 9 security issues scheduled for disclosure 20 May 2026

https://lists.isc.org/pipermail/bind-announce/2026-May/001294.html
2•bpoyner•19m ago•0 comments

Actually, Democracy Dies in H.R.

https://www.nytimes.com/2026/05/18/world/americas/actually-democracy-dies-in-hr.html
3•mitchbob•20m ago•1 comments

Understanding the Go runtime: the "select" statement

https://internals-for-interns.com/posts/go-runtime-select/
3•valyala•20m ago•0 comments

$6 gas and refinery fears collide with California's climate ambitions

https://calmatters.org/environment/climate-change/2026/05/carbon-market-free-permit-california/
1•cdrnsf•21m ago•0 comments

Don't make fun of renowned Dan Brown

https://jimmyakin.com/2024/03/dont-make-fun-of-renowned-dan-brown.html
1•tibbar•21m ago•0 comments

Attempts at a Horse

https://bestofm.com/q/5
1•lhmiles•21m ago•0 comments

Tell HN: Writing an LLM critique/takedown? – Do not use an LLM to write it

1•evolve2k•23m ago•3 comments