WingNews logo WingNews
top | item 41110642

(no title)

calebpeterson | 1 year ago

Genuine question:

Would you mind explaining to a dev that doesn’t know much (anything) about Rust, how does this settle any debate?

discuss

order

jerf|1 year ago

I believe it goes something like, "I have constructed a strawman that Rust claims that all code written in it is automatically safe by all conceivable definitions of safe, but look, ha ha, here's something that detects unsafe code in Rust!", and I don't mean "code marked in unsafe blocks".

It's a concatenation of several logical fallacies in a row; equivocation, straw manning, binary thinking about safety, several others. It's hard to pick the main one, but I'd go with the dominant problem being a serious case of binary thinking about what "safety" is. Of course, if the commentor is using anything other than Idris for all their programming, they're probably not actually acting on their own accusations.

marcosdumay|1 year ago

> Of course, if the commentor is using anything other than Idris

I'm sure the Idris compiler has bugs somewhere too. If the OP actually programs, they are violating their rationale (I'm quite sure assembly or assembled binary aren't ok either).

spease|1 year ago

They are claiming that because code in ‘unsafe’ blocks in Rust can have undefined behavior, that the language is no safer than C.

This does not settle the debate because unsafe is rarely needed for a typical Rust program. In addition, the presence of an unsafe block also alerts the reader that the set of possible errors is greatly increased for that part of the code and more careful auditing is needed.

It’s a little like saying traffic lights are useless because emergency responders need to drive through them sometimes, so we should just leave intersections completely unsignaled and expect drivers to do better.

Rust is by default restrictive and requires you to explicitly make it unsafe, C/++ are by default unsafe and require you to explicitly make them restrictive.

leftyspook|1 year ago

It is a tool for checking that your unsafe code doesn't cause UB. It doesn't really settle anything, but the commenter uses it as a gotcha to say "rust is no better than C, because you still can compile code that contains UB".

mrweiden|1 year ago

From the original post > It’s not enough to rely on bug-finding tools

From the Miri github: > Miri is an Undefined Behavior detection tool for Rust.

Sharlin|1 year ago

There is no contradiction. The fact that UB-finding tools alone are not sufficient doesn't mean they aren't useful even with a safe(r) language.

In other words, from "safer languages are necessary" it does not follow that "safer languages are sufficient".

keybored|1 year ago

Darpa is already ahead of you all with the hedging:

> The preferred approach is to use “safe” programming languages

“Safe”. Terms and conditions may apply.

PreInternet01|1 year ago

Well, the general 'Rewrite All in Rust' consensus is that it solves all general programming problems, ever.

Yet, the linked repository shows a huge list of cases in which simple, documented use of Rust can cause Undefined Behavior (a.k.a. 'UB')

Pretty much every argument of Rust advocates against C/C++ boils down to either 'but memory safety' or 'but UB'.

Yet there are many convincing counter-arguments that boil down to 'but CompCert' or similar, and, as the linked repository shows, there might be at least some truth in there?

steveklabnik|1 year ago

No serious person claims that Rust solves every problem ever.

Also, many people cite things like Cargo as a reason to prefer Rust over C and C++, as well as other things. UB is a big part of it, of course, but it isn’t the only thing.

superb_dev|1 year ago

> Well, the general 'Rewrite All in Rust' consensus is that it solves all general programming problems, ever.

No, that’s not the consensus. This is a strawman.

leftyspook|1 year ago

> Well, the general 'Rewrite All in Rust' consensus is that it solves all general programming problems, ever.

a) There is no such consensus. The actual consensus is that even if Rust solved all problems, it would not be financially feasible to rewrite pretty much any substantial project.

b) While Rust does solve many problems, it is nowhere close to solving all safety, otherwise there would be no `unsafe` keyword. Alas, fully proving safety in an impure, turing-complete language is mathematically impossible.

c) The only reason you would think that there's some sort of woke Rust lobby, is if you spend way too much time subjecting yourself to opinions of literal sixteen year olds on twitter.

timeon|1 year ago

> Well, the general 'Rewrite All in Rust' consensus is that it solves all general programming problems, ever.

This is obvious example of strawman. Why are you doing this?