It’s certainly why it is being used to build browsers and OSs now. Those are places were memory management problems are a huge problem. It probably doesn’t make sense for every match 3 game to be made in Rust, but when errors cause massive breaches or death, it’s a lot safer than C++, taking human faulability into account.
Question would be rather: why is something like C++ needed for such simple apps?
C++ seems to be in that weird in-between place of offering high level features to be reasonable productive, but still doesn’t enforce/guarantee anything to make these features safe. I’d argue, very few programs need that. Either you’re writing business stuff, then you want safety (Java, C#, rust), or you’re writing embedded/low level stuff, then you want control (C, ASM).
The room for “productive, but not interested in safety” is basically just AAA games, I guess.
Well you’re not going to write asm if you want your code to be portable at all, and believe it or not C++ has a lot of features to help you not shoot yourself in the foot that C doesn’t have (ex. OOP, RAII, smart pointers).
C wasn’t really designed with dynamic memory management in mind. It was designed for someone who has absolute control over a machine and all the memory in it. malloc() and free() are just functions that some environments expose to user mode processes, but C was never designed to care where you got your memory or what you do with it.
No wonder everyone’s crazy about Rust.
It’s certainly why it is being used to build browsers and OSs now. Those are places were memory management problems are a huge problem. It probably doesn’t make sense for every match 3 game to be made in Rust, but when errors cause massive breaches or death, it’s a lot safer than C++, taking human faulability into account.
Question would be rather: why is something like C++ needed for such simple apps?
C++ seems to be in that weird in-between place of offering high level features to be reasonable productive, but still doesn’t enforce/guarantee anything to make these features safe. I’d argue, very few programs need that. Either you’re writing business stuff, then you want safety (Java, C#, rust), or you’re writing embedded/low level stuff, then you want control (C, ASM).
The room for “productive, but not interested in safety” is basically just AAA games, I guess.
C is almost the old “steady” standard now it feels like. It’s so flexible and the frameworks are already built…
…except that we also end up with cracks in our foundations like this exploit constantly being exposed as a result of all that C
Well you’re not going to write asm if you want your code to be portable at all, and believe it or not C++ has a lot of features to help you not shoot yourself in the foot that C doesn’t have (ex. OOP, RAII, smart pointers).
C wasn’t really designed with dynamic memory management in mind. It was designed for someone who has absolute control over a machine and all the memory in it.
malloc()
andfree()
are just functions that some environments expose to user mode processes, but C was never designed to care where you got your memory or what you do with it.What makes rust so resiliant against these types of atacks?
deleted by creator
But it’s harder and easier to spot.
You’ll never be 100% safe, but a proper lock is better than a “plz no steal” note.
Yes, it was just discovered on this year’s POPL that rust’s type system is not sound with respect to deadlock freedom.
https://dl.acm.org/doi/abs/10.1145/3571229
(of course this is not arguing that everyone should stay on C or CPP, just confirming the point that Rust will allow stupid things.
deleted by creator