I hadn't actually considered this analogy before: Safe code: userspace. Unsafe code: kernel. Unsafe blocks: syscalls. Unsafe functions: kernel helper functions. Modules using unsafe code: kernel extensions. Native library wrappers: drivers.
-
-
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
To me the unsafe problem is less about making it pointless, and more that when you give people the tool, they absolutely will use it for idiotic things they don't need it for. I'd have rathered you have to link with C to do unsafe things.
-
Just because linking to C feels sufficiently "dirty" to the true believers to keep them from doing it. :-)
- 21 more replies
New conversation -
-
-
This argument starts failing apart when even doing a simple memset requires unsafe(haven't checked lately, but this stays true for quite a long time IMO)
- 6 more replies
New conversation -
-
-
My issue with unsafe is that it is easily hidden. Every crate you use in rust could potentially involve unsafe or ffi code that makes otherwise safe code effectively unsafe without attribution.
-
cargo-geiger!
- 1 more reply
New conversation -
-
-
Whether or not that analogy is useful depends on the frequency of unsafe blocks. Also, you don't need ring 0 to make a tree, graph, doubly linked list, benign race, etc.
-
We hit ring 0 for network, FS access, graphics drivers, to set up IPC, etc., so I feel like there's a commonality that using many basic tools involves less-protected code. And that everyone, OS or PL, would love to further reduce need for unsafety!
- 9 more replies
New conversation -
-
-
" Higher level languages are pointless because sometimes you need assembly. " Is along the same argument
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.