| ▲ | landr0id 3 hours ago | |
If you have a codebase that uses unsafe, I highly recommend running your tests through Miri (cargo miri nextest) and seeing what spills out. I ran tests for a codebase at work through Miri a while ago and found a couple of distinct classes of UB: https://github.com/rust-lang/miri/issues/1807#issuecomment-8... These can be summarized as: 1. Converting a reference to the first field of a struct to a pointer of its parents struct type 2. Functions with signature (&self) -> &mut self_inner_field_type 3. Having a mut pointer to the data inside of a Box<T> #1 and #3 were somewhat surprising to me. #2 seems to be common enough that there's even a clippy lint for it. A lot of C and C++ developers understand that undefined behavior is bad, but in practice observe its impact less. From my own experience, Rust's optimizations are pretty aggressive and tend to surface UB in way more observable ways than in C or C++. | ||
| ▲ | ahartmetz 2 hours ago | parent [-] | |
>Rust's optimizations are pretty aggressive ...which is great. In C++, the compiler has to be cautious due to unpredictable side effects of damn near everything, i.e. it can hardly assume that any data is unaffected across most function calls. | ||