Re: [rust-dev] Compiling with no bounds checking for vectors?

Fri, 28 Mar 2014 06:04:24 -0700 

On 28/03/14 23:49, Tommi wrote:

On 28 Mar 2014, at 14:27, Daniel Micay <danielmi...@gmail.com> wrote:


On 28/03/14 08:25 AM, Tommi wrote:

On 28 Mar 2014, at 05:56, Patrick Walton <pcwal...@mozilla.com> wrote:

I think that Rust should give you the ability to opt out of safety, but on a 
per-operation basis. Having it as a compiler option is too much of a 
sledgehammer: often you want some non-performance-critical bounds to be checked 
in the name of safety, while you want some bounds checks to be turned off.

One other argument I can give for a "sledgehammer" feature like this is that it can be 
used as a marketing tool against people who are worried about performance. You can say to those 
people: "Look, if, at the end of the day, you decide that you'd rather take raw speed over 
safety, then there's this compiler flag you can use to disable all runtime memory safety checking 
in your code and get performance on par with C++".

It's called `unsafe`. There's a whole keyword reserved for it.

 From a marketing standpoint, I don't think that the following sounds very 
appealing:
"Look, if, at the end of the day, you'd rather choose raw speed over safety, then 
you can go over all the hundreds of thousands of lines of code you have and change 
everything to their unsafe, unchecked variants".
Flip it around: "Look, if, at the end of the day, you'd rather choose safety over raw speed, then you can go over all the hundreds of thousands of lines of code you have and change everything to their safe, checked variants". Getting code correct is the first step to getting it fast: it doesn't matter how fast a program runs if it's just doing the wrong thing really quickly (e.g. exposing the users computer to hijacking).
Most code isn't in a tight inner loop, and so the piece-of-mind of it being safe by default is worth the effort one has to put in to profile and examine the very core logic that gets called millions of times. It's much harder to use automated tools to find all of the memory safety bugs. And anyway, as Daniel and Patrick say, if you don't need the utmost safety, then Rust isn't the language you're looking for: things like C++ work well in the speed department, at the cost of safety. 


Huon
_______________________________________________
Rust-dev mailing list
Rust-dev@mozilla.org
https://mail.mozilla.org/listinfo/rust-dev

Reply via email to