41
Memory Safety is a Red Herring
(steveklabnik.com)
Welcome to the Rust community! This is a place to discuss about the Rust programming language.
Credits
How do you succinctly call a language that has all behavior defined or equivalently no undefined behavior (aside from designated regions)? "Memory safety" is nice since it's concise. Is there another term? Maybe just a "safe" language?
I don't understand this fixation with undefined behavior. Its origins are in the design decision of leaving the door open for implementations to employ whatever optimization techniques they see fit without the specification get in the way. This is hardly a problem.
In practical terms, developers are mindful to not rely on those traits because as far as specifications go they have unpredictable implications, but even so they are never a problem. I mean, even in C and C++ it's trivial to tweak the compiler to flag undefined behavior as warnings/errors.
Sometimes it sounds like detractors just parrot undefined behavior as some kind of gotcha in ways I'm not even sure they fully understand.
What problem do you think that undefined behavior poses?
Each implementation that exhibits different behavior doubles the amount of testing needed to ensure cross-platform correctness.
I'm not saying that specifications should necessarily be so locked-down that every conforming implementation has to behave exactly the same way in every conceivable respect, but I do think that the aspects in which they are allowed to differ should be chosen judiciously (and explicitly allowed by the specification).
Not really. The whole point of undefined behavior is that the standard intentionally leaves out any definition of behavior, or the program is already fundamentally broken.
If you insist on unwittingly using code that relies on undefined behavior, you're the one mindlessly writing broken code. It's not the standard's fault that you're adding bugs.
The irony is that compiler implementations also leverage undefined behavior to save you from yourself and prevent programs to crash when they stumble upon the mess you've done with the code.