← Back to context

Comment by uecker

10 months ago

The example shows that Rust can not even prevent an error as something simple as in a matrix transpose. Sure, you could write safe code, but how does this help if people don't do it? It is the exact same problem as in C and I have seen C code that is very reasonable.

4 comments

uecker

Reply
_ph_  10 months ago

Do you have a link to the code with the error? Following your link I didn't see it.

  • uecker  10 months ago

    This is a better link which then has a link to the Github issues: https://rustsec.org/advisories/RUSTSEC-2023-0080

    • _ph_  10 months ago

      Ok, thanks, finally found the source of transpose. That uses unsafe. Which of course means, all guarantees of safety are off. I am not sure why the usage of unsafe is necessary here, but one way or the other, safety now is in the hand of the programmer.

      My point rather was: wherever you don't use unsafe, you are protected by the compiler from certain errors. Which I consider extremely important, that is why I am a strong proponent of memory-safe languages.

      Now, if there is a question whether Rust requires you to use unsafe to often, that would be a valid technical critique of Rust, but that didn't seem to drive the Linux discussion.

      1 reply →