Not trying to be a Rust advocate and I actually don't work in it personally.

But Rust provides both checked alternatives to indexed reads/writes (compile time safe returning Option<_>), and an exception recovery mechanism for out-of-bounds unsafe read/write. Fil-C only has one choice which is "crash immediately".

▲

uecker 2 hours ago | parent [-]

What makes you think that one can not add an explicit bound check in C?

▲

tialaramex 2 hours ago | parent | next [-]

It's trickier than it looks because C has mutable aliases. So, in C our bounds check might itself be a data race! Make sure you cope

	▲	uecker an hour ago \| parent [-]
		Depending on what you are doing, yes. But the statement I responded to "your only choice is crash" is certainly wrong.

▲

omcnoe 2 hours ago | parent | prev [-]

If you can correctly add all the required explicit bounds checks in C what do you need Fil-C for?

	▲	kimixa an hour ago \| parent \| next [-]
		Same reason any turing complete language needs any constructs - to help the programmer and identify/block "unsafe" constructs. Programming languages have always been more about what they don't let you do rather than what they do - and where that lies on the spectrum of blocking "Possibly Valid" constructs vs "Possibly Invalid".
	▲	uecker an hour ago \| parent \| prev [-]
		For temporal memory safety.