undefined | Better HN

Skip to content

Top Best Ask Show New Jobs

0 pointsthradams2y ago0 comments

The analysis can be disabled or silenced in some functions. the "static state" also can be override. (see the realloc sample)

Because this is C, the programmers can do wherever they want, but before it must do some negotiation with the static analysis.

0 comments

5 comments · 1 top-level

pizlonator2y ago· 4 in thread

I’d rather just have memory safety.

If all you give me is half measures, then I’ll either just use plain old C/C++ or I’ll switch to a totally different language. Maybe one with a GC so I don’t have to please some ownership thingy.

Voultapher2y ago

I think it's a common misconception that ownership is there to make you suffer compiler shenanigans. When in my experience it changes the way you model programs. Turns out, that structuring your program in a way were it's clear who owns what makes for easier to understand and debug programs. It's a bit analogous to static typing, saying I'll use a language like Python without type hints, because its gonna make me avoid compiler errors, is a bit short sighted when I plan on developing the piece of code for a longer time.

Here is a blog post that explains this in more detail https://without.boats/blog/notes-on-a-smaller-rust/.

thradamsOP2y ago

Everything related to safety is on my list. (the list is big) I think big problems can be broken down into smaller ones.

pizlonator2y ago

I don't think it's very compelling to convert C code to a thing that gives you a safety half-measure. You'll still have security bugs, so it'll just feel like theatre.

uecker2y ago

huh? There are also security bugs in Rust, so it is theatre as well?

Pointer ownership could eliminate a class of bugs. And such an approach can be combined with run-time checks for bounds and signed overflow, and then you have a memory-safe C more or less (some minor pieces are still missing, but nothing essential),

j / k navigate · click thread line to collapse