Yeah, it’s not a small change. If there was a simpler way to make C memory-safe, it would have been done decades ago. It’s just a different language too, which is fair given how much younger it is.
D kind of did that (C pointers are still an option, alongside with the preferred dynamic arrays, which has the memory safety features), and once I’ve seen a C compiler fork that retroactively added D-style memory safety features, although they also very much insisted on the “const by default” mantra.
I think this is one of those things where there’s no “kind of”. Pointers were added for a reason, you’re probably not going to implement a database very well without them. If you use them, at some scale you’re inevitably going to have memory bugs. Technically, if you were to only use hardcoded printfs, C is memory safe too.
If there was a simpler way to make C memory-safe, it would have been done decades ago.
We’ve had compile time sanitizers (-fsanitize=blah in gcc/clang) and runtime sanitizers (valgrind) for ages. I don’t know how they stack up against rust’s compile time sanitizers, but it’s something.
Yeah, it’s not a small change. If there was a simpler way to make C memory-safe, it would have been done decades ago. It’s just a different language too, which is fair given how much younger it is.
D kind of did that (C pointers are still an option, alongside with the preferred dynamic arrays, which has the memory safety features), and once I’ve seen a C compiler fork that retroactively added D-style memory safety features, although they also very much insisted on the “const by default” mantra.
I think this is one of those things where there’s no “kind of”. Pointers were added for a reason, you’re probably not going to implement a database very well without them. If you use them, at some scale you’re inevitably going to have memory bugs. Technically, if you were to only use hardcoded printfs, C is memory safe too.
We’ve had compile time sanitizers (-fsanitize=blah in gcc/clang) and runtime sanitizers (valgrind) for ages. I don’t know how they stack up against rust’s compile time sanitizers, but it’s something.