a) I think Rust is making a mistake by considering boundary checks only
on memory accesses
b) No, it really wouldn't be ridiculous, if you've checked it properly
at a QA stage. By definition, it's ridiculous to KEEP checking it, once
it's already been checked thoroughly, as a proper QA process would do.
On 27/03/14 23:16, Corey Richardson wrote:
It's not about debugging, it's about memory safety. It'd be ridiculous
to disable bounds checking just because you've done QA. How many
security exploits are over- or under-flows?
On Thu, Mar 27, 2014 at 7:16 PM, Lee Braiden <leebr...@gmail.com> wrote:
I think the point is that the compiler should not be forcing people to do
things, but enabling people to do things, with sensible defaults.
Personally, whilst I would advocate MORE bounds checking in rust for
debugging / prototyping purposes, I don't think bounds checking is even
ideal. It's a useful tool WHILST prototyping software, but if you really
want to ensure quality, you do a full QA process, examining all boundary and
corner cases closely. When that's been done, then bounds checks become both
unnecessary, and inefficient. No, not massively unnecessary or inefficient,
but unnecessary and inefficient, all the same.
--
Lee
On 27/03/14 23:09, Matthew McPherrin wrote:
I think your hypothetical situation of saving millions by disabling
bounds checks is absurd: To save $10 per machine, assuming $0.20 per
kilowatt-hour, and saving 50 nanojoules per bounds check, you'd need
to be avoiding about 10^14 check. That's equivalent to avoiding 1
million bounds checks every second. Even if you had hundreds of CPU
cores running at full processing power, I would posit that there are
bigger problems, and you're probably spending way more power on cache
misses or something.
On Thu, Mar 27, 2014 at 1:42 PM, Tommi <rusty.ga...@icloud.com> wrote:
On 27 Mar 2014, at 22:17, Steve Klabnik <st...@steveklabnik.com> wrote:
Why isn't there a compiler flag like 'noboundscheck' which would
disable all bounds checking for vectors? It would make it easier to have
those language performance benchmarks (which people are bound to make with
no bounds checking in C++ at least) be more apples-to-apples comparisons.
Also, knowing there's a flag in case you need one would put
performance-critical people's mind
A flag that removes safety is pretty antithical to the goals of the
language, IMHO.
Yes, I agree it's not the official Rust way of things. But not providing
the option seems quite totalitarian. An example use case might be a company
that runs its code on 100,000 servers, and has do so for many years without
a hiccup. They realize they could save millions of dollars a year in
electricity bill by disabling bounds checking, and that's what they decide
to do. At this point they would really like to have that compiler flag.
_______________________________________________
Rust-dev mailing list
Rust-dev@mozilla.org
https://mail.mozilla.org/listinfo/rust-dev
_______________________________________________
Rust-dev mailing list
Rust-dev@mozilla.org
https://mail.mozilla.org/listinfo/rust-dev
_______________________________________________
Rust-dev mailing list
Rust-dev@mozilla.org
https://mail.mozilla.org/listinfo/rust-dev
_______________________________________________
Rust-dev mailing list
Rust-dev@mozilla.org
https://mail.mozilla.org/listinfo/rust-dev
