undefined | Better HN

0 pointsthesmallestcat9y ago0 comments

[1] is great. Rephrased, "there isn't runtime bounds checking, unless you use the language. But you can opt out in an `unsafe` block." OK? So we're back to the usual Rust argument: At least your unsafe code is greppable. And I don't think any competent C or C++ developer considers that a worthy tradeoff when it comes with a more complex, constantly evolving language, far less mindshare, slow builds without solutions (unlike C++), and so on.

Regarding [2], I think it's safe to consider any software that takes input as operating in a hostile environment.

0 comments

2 comments · 2 top-level

tupshin9y ago

That is an extreme mis-characterization of stymaar's excellent summary. in short, there are no runtime checks for iterating through an array, and since the general case of random access to an array can't be safe (without dependent typing), that is the one place the runtime checks are automatically added, and even there you can opt out of them. It is easy to get C equivalent speed with far more safety. You are spreading FUD, indeed.

solidsnack90009y ago

Which runtime checks are you concerned about, exactly?

Just array indexing? It would be interesting to see your criticism fleshed out.

I am not sure your criticism will amount to anything if array access is it, though. Posrgres is full of custom data structures and macros as it is. StringInfo and stuff like that -- they are not just "using the language", writing nice simple C code. Probably because databases really push you to use advanced techniques in places.

j / k navigate · click thread line to collapse