My point is that you *can* do those things in Rust and you *can't* in C.
The actual crash here was a NULL deref. That is one of the most classic footguns of memory-unsafe languages (not just those, also others like Java for some reason). In Rust there are no NULLs, only explicit Option<T>s, which *force* you consider the case of there being no value. Yes, you can still just turn it into "panic if no value" but making it an explicit *decision* that the programmer has to make means it's a lot less likely to happen by accident, and it also means you can outright ban that choice by policy and technical means.
Hector Martin /
npub1qk…9azpx
2024-07-20 10:47:47
in reply to nevent1q…lmsu
Author Public Key
npub1qk9x6yrvten3jqyvundn7exggm90fxf9yfarj5eaz25yd7aty8hqe9azpxPublished at
2024-07-20 10:47:47Event JSON
{
"id": "0ac88d355c97f311724bb0130e5a78fc88db408b6551b939edf749f4d56566fd",
"pubkey": "058a6d106c5e6719008ce4db3f64c846caf49925227a39533d12a846fbab21ee",
"created_at": 1721472467,
"kind": 1,
"tags": [
[
"p",
"058a6d106c5e6719008ce4db3f64c846caf49925227a39533d12a846fbab21ee"
],
[
"proxy",
"https://social.treehouse.systems/@marcan/112818419614191901",
"web"
],
[
"e",
"fa9d6ef9ac8552ce088e83926f2a2e750a20fe430f71755e0498db3a059fabda",
"",
"root"
],
[
"p",
"2ceb75c8271582855ec79d56c3f90da020e88de9f98dd6e76a1c7e436d5da02a"
],
[
"p",
"b907aa0bc5d09107b3070e8b392e2bd310cc538c34c3cbd86a76fb059b2cd073"
],
[
"e",
"65628a312026deea4fa3505d9407772f8c9b918df7bee295265bd473bee3ebae",
"",
"reply"
],
[
"proxy",
"https://social.treehouse.systems/users/marcan/statuses/112818419614191901",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://social.treehouse.systems/users/marcan/statuses/112818419614191901",
"pink.momostr"
],
[
"-"
]
],
"content": "My point is that you *can* do those things in Rust and you *can't* in C.\n\nThe actual crash here was a NULL deref. That is one of the most classic footguns of memory-unsafe languages (not just those, also others like Java for some reason). In Rust there are no NULLs, only explicit Option\u0026lt;T\u0026gt;s, which *force* you consider the case of there being no value. Yes, you can still just turn it into \"panic if no value\" but making it an explicit *decision* that the programmer has to make means it's a lot less likely to happen by accident, and it also means you can outright ban that choice by policy and technical means.",
"sig": "5c2d2d142f5566fbab5997236a9944ddcb02b4c1bcf6a8c10e9c68b460fc59d11a8642b730f1eb5969e80af64ca82784cf37c459708a976e30027ba9cfcc9c68"
}