| ▲ | forrestthewoods 3 hours ago | ||||||||||||||||||||||||||||||||||||||||||||||
Rust also has run-time crash checks in the form of run-time array bounds checks that panic. So let us not pretend that Rust strictly catches everything at compile-time. It’s true that, assuming all things equal, compile-time checks are better than run-time. I love Rust. But Rust is only practical for a subset of correct programs. Rust is terrible for things like games where Rust simply can not prove at compile-time that usage is correct. And inability to prove correctness does NOT imply incorrectness. I love Rust. I use it as much as I can. But it’s not the one true solution to all things. | |||||||||||||||||||||||||||||||||||||||||||||||
| ▲ | omcnoe 3 hours ago | parent | next [-] | ||||||||||||||||||||||||||||||||||||||||||||||
Not trying to be a Rust advocate and I actually don't work in it personally. But Rust provides both checked alternatives to indexed reads/writes (compile time safe returning Option<_>), and an exception recovery mechanism for out-of-bounds unsafe read/write. Fil-C only has one choice which is "crash immediately". | |||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||
| ▲ | wakawaka28 3 hours ago | parent | prev [-] | ||||||||||||||||||||||||||||||||||||||||||||||
>And inability to prove correctness does NOT imply incorrectness. And inability to prove incorrectness does NOT imply correctness. I think most Rust users don't understand either, because of the hype. | |||||||||||||||||||||||||||||||||||||||||||||||