fn analyze_slice(slice: &[u32]) { println!("first element of the slice: {}", slice[0]); println!("last element of the slice: {}", slice[slice.len()]); }
fn main() { let arr: [u32; 3] = [ 0, 1, 2 ]; analyze_slice(&arr[0..5]); // this compiles without any warning }
>thread 'main' panicked at 'range end index 5 out of range for slice of length 3', src/main.rs:10:20
wow! no UB! no segfaults! cope harder
Jacob Long
>despite the retardedly horrible compile time, xer's compiler couldn't detect such an obvious out of bound access and had to insert RUNTIME checks braindeath
if you're going to complain about a language while having only rudimentary level knowledge about it, just stick to one liner bait instead. why would you just go ahead and show everyone that you don't understand what memory safety even means
>you don't understand what memory safety even means Rust trannys constantly shifting goal posts like gnome fags. >you aren't qualified to have an opinion >got a source for that? Citation? >I'm a rebel, all of the corporate world just happens to agree with me because I'm so smart Imagine being so incompetent that you never learned how to use malloc() and free(). Imagine shitting on a language your entire shitty ecosystem is built on top of.
Dominic Long
>Rust trannys constantly shifting goal posts like gnome fags.
yeah, I've only written a bit of rust but I thought OP's example should be caught by the compiler..? what's the issue
Aaron Wilson
that's a lot of words that you could have instead used to show how that breaks memory unsafety
Blake Gonzalez
>fails at basic static analysis and needs to rely on runtime checks go compile C code with `-fsanitize=address` CONGRATZ, now C is memory safe as well.
Lucas Wood
>this compiles without any warning I mean, why shouldn't it, it's still memory-safe at runtime
Aiden Flores
I bet that e-mail probably went right over your head. Do you understand the underlying issue here, aka memory overcommitment?
Owen Reed
Rust does catch this. Select "Tools" then "Clippy" from the dropdown in the upper left. You should always have Clippy enabled.
``` Checking playground v0.0.1 (/playground) error: range is out of bounds --> src/main.rs:10:27 | 10 | analyze_slice(&arr[0..5]); // this compiles without any warning | ^ | = note: `#[deny(clippy::out_of_bounds_indexing)]` on by default = help: for further information visit rust-lang.github.io/rust-clippy/master/index.html#out_of_bounds_indexing
error: could not compile `playground` due to previous error ```
Isaiah Morales
Clippy detects it, but not the actual compiler for whatever reason.
James Long
This
Jose Sanders
OK. Just not the compilers job, that's fine. But they should improve that error message. Why not just point to where the array size was set?
Robert Rogers
rustc doesn't (even attempt to) detect it because actual static bounds checking is a difficult problem in the general case.
clippy handles some trivial cases like that one.
Carter Lewis
Because it points to the piece of code that tried to go oob
>constantly shill about compile time detection >cant detect such an obvious error what's the fucking point. >it's still memory-safe at runtime so is C code compiled with `-fsanitize=address` these delusional retards think they've revolutionized programming because they inserted hidden runtime checks.
Josiah White
You cannot have a precise and sound general static analysis that detects whether any access to an array might be out of bounds. So therefore Rust does not require that for every access to an array it can be statically excluded that the access is out of bounds.
Hunter Brown
I'm say what I wanted is arr[5]
Eli Baker
>The compiler can't detect /every/ OOB >Therefore the compiler shouldn't detect /any/ OOB But I thought safety was important? Or are the lives of airplane passengers not as important as your shitty ethereum clone #68927391?
Ian Hughes
I don't know. Isn't the size part of the type for a Rust primitive array? The docs don't really say in a way that makes me sure. All you'd need to do is communicate that a function may read up to a specified index at the call site and compare the passed in array against it.
Aiden Hall
>Isn't the size part of the type for a Rust primitive array? The problem is that the index expression used to access the array might be arbitrary at runtime, and its possible values cannot be determined beforehand.
Jaxson Diaz
>But I thought safety was important Well, at least it is memory safe, by crashing instead of doing an unsafe memory access there. Ideally there should be a warning for possibly unsafe accesses (what a static analyzer would do) and yes, possibly even compiler errors when there is definitely an access out-of-bounds happening.
Daniel Nguyen
0..5 isn't an arbitrary expression. The fact that fucking clippy can detect this makes it all the more embarrasing that rustc doesn't.
Camden Martin
>might be Yes nobody is expecting rust to catch that an int you received over the network can't index an array. I'm talking about the static case.