On 29/03/14 08:53 AM, Zoltán Tóth wrote: > Devs, please explain how such option could decrease the safety of the > language. As it would be just that, an option, an opt-in one. > > IMHO it even could increase the safety of Rust. There are some extreme > optimizing C++ programmers currently. Yes, they are a small fraction, > but they exist. And they may want to switch to Rust too. What would they > do in Rust? Use 'unsafe' everywhere? Think about library developers, who > may not know how deep in loops their procedures will be used. But if > there was such an option, then they could code most stuff as safe; they > could enjoy the runtime checks during development, saving lots of > debugging time; and switch them off only in the last build. > > I admit I am very noob in Rust. I do not want to push. I am just curious > about your thinking.
Yes, you should use `unsafe` if you want unchecked indexing. You need to carefully think about each location this is done. In general, an out of bounds failure is considered a *runtime error*, not a logic error. It is not incorrect to write code indexing out of bounds, just like it is not incorrect to write code attempting to parse an integer and failing when it is invalid. A library author should not be lazy to the point where they *assume* every indexing operation, including those expanded from third party macros, is guaranteed to never go out of bounds regardless of the input given to the library functions. If they want to remove the bounds checks, they need to actually think about whether this holds for each one.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Rust-dev mailing list Rust-dev@mozilla.org https://mail.mozilla.org/listinfo/rust-dev
