zlacker

[return to "“Rust is safe” is not some kind of absolute guarantee of code safety"]
1. tcfhgj+w4[view] [source] 2022-10-02 14:53:29
>>rvz+(OP)
> Not completing the operation at all, is not really any better than getting the wrong answer, it's only more debuggable.

Wouldn't be that sure about that. Getting the wrong answer can be a serious security problem. Not completing the operation... well, it is not good, but that's it.

◧◩
2. atoav+35[view] [source] 2022-10-02 14:56:26
>>tcfhgj+w4
I mean if it is a cosmetic thing sure. If it has substantial meaning I would rather have that 5 ton robotic welding arm not move than have it move through my skill.

It is sometimes acceptable to get wrong output. But is nearly always better to know it is wrong.

◧◩◪
3. analog+K9[view] [source] 2022-10-02 15:23:06
>>atoav+35
This sounds like the difference between "fault tolerant" and "fail safe".

Fault tolerant - you get a fault, you keep moving.

Fail safe - you fail, and thus all operations are stopped.

◧◩◪◨
4. atoav+Rh2[view] [source] 2022-10-03 08:30:16
>>analog+K9
I mean the Rust appeal is actually that it foeces you to handle Errors. Whether you then fail or not is your decision. What Rust usually does not do is just fail.

This is good for when the things you are using could error, e.g. when you use an arbitrary unicode string as a filename you might get an error because depending on the OS there might be characters that you cannot use as filenames that are valid unicode (or the other way around, possible filenames that are not valid unicode).

In most programming languages this is something you need to know to catch it. In Rust this is an Error that you can or cannot handle. But you can't forget to deal with it.

[go to top]