[Info-vax] Rust as a HS language, was: Re: Quiet?
Arne Vajhøj
arne at vajhoej.dk
Tue Apr 5 20:01:07 EDT 2022
On 4/5/2022 3:21 PM, Bill Gunshannon wrote:
> On 4/5/22 14:55, Dan Cross wrote:
>> Hmm, that's a third-party package using unsafe code.
>> That's a third-party package using unsafe code.
>> I don't think it has much to do with what I said above at all,
>> frankly. I never said that the language was a panacea that
>> prevents _all_ bugs. But it significantly raises the bar over
>> just about everything else out there.
>
> And then provides a way to override all the safeties because sometimes
> you just need to get the job done. By the way, for the few remaining
> Ada advocates out there, Ada did the same thing with allowing safeties
> to be turned off so you could write "unsafe" but functional code. So
> did most versions of Pascal. C just doesn't make you turn the safeties
> on and off.
I think there is a big difference between what older languages (Ada,
Pascal etc.) did and what Rust/C# does with unsafe blocks.
The older languages typical enable/disable per compilation
unit and common practice is to enable/disable for the entire
project.
(admitted Ada can simulate a block with pragma's)
The Rust/C# approach make it easier to limit the unsafe
part of the code.
And this is not just theory. It can be confirmed by looking
at real world code.
For C# then practically nobody use unsafe - it must be like
0.001% of all C# code that is unsafe.
For Rust the number is probably a bit higher as Rust is used
for more low level stuff. But the fraction typical given
on the net is 1%.
And that percentage does matter. It is way easier to do
extensive code review of memory access in 1% of the code
than in 100% of the code.
Arne
More information about the Info-vax
mailing list