this post was submitted on 05 Aug 2024
936 points (97.4% liked)
Programmer Humor
19544 readers
491 users here now
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Yeah, it's not a small change. If there was a simpler way to make C memory-safe, it would have been done decades ago. It's just a different language too, which is fair given how much younger it is.
D kind of did that (C pointers are still an option, alongside with the preferred dynamic arrays, which has the memory safety features), and once I've seen a C compiler fork that retroactively added D-style memory safety features, although they also very much insisted on the "const by default" mantra.
I think this is one of those things where there's no "kind of". Pointers were added for a reason, you're probably not going to implement a database very well without them. If you use them, at some scale you're inevitably going to have memory bugs. Technically, if you were to only use hardcoded printfs, C is memory safe too.
We've had compile time sanitizers (-fsanitize=blah in gcc/clang) and runtime sanitizers (valgrind) for ages. I don't know how they stack up against rust's compile time sanitizers, but it's something.
About how an Excel spreadsheet with no formulas stacks up against a corporate accounting suite. Valgrind is how you find the bleeding once you inevitably introduce a memory bug. I don't understand all the fsanitize options, but I'm guessing they aren't a blanket solution, exactly because memory bugs have still been inevitable.
This thread is making me wonder how many people actually understand what Rust does. It rigorously prevents any form of memory error at all in normal code, and unsafe blocks, where needed, tend to be tiny. It makes C segmentation faults look just as goofy as JavaScript type errors.