Hacker News new | ask | show | jobs
by pcwalton 1704 days ago
Adding bounds checks and ASan is not an order of magnitude improvement over C. Chrome, for example, is doing all of this already in C++ in a more advanced way than anything I've seen in Zig. Clang offers UBSan [1], which is extremely advanced. Yet it is not enough.

It is not a "nuanced and balanced" approach: Zig is simply not memory safe.

[1]: https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#...
1 comments
AndyKelley 1704 days ago
If you're shipping a game that runs on a player's computer, you're most likely going to make production builds with -O ReleaseFast (safety checks off). Rust is overkill for this use case. The only benefit memory safety brings to this use case is making debugging easier. But if we're measuring how debuggable a language is, there are many more factors, such as iteration speed due to compilation times.
link
pcwalton 1704 days ago
Memory safety also adds reliability, by catching bugs statically that you didn't catch during (automated or manual) testing. It's the same argument as for static typing.

It's of course true that some developers may judge the tradeoffs differently for their individual projects—that's why they're tradeoffs! But there are benefits to memory safety that go beyond security.

link
Shadonototra 1704 days ago
the only memory safety gamedev needs are bound checking and use after free protections

everything else is just bloat and noise that hurts iteration time

and even if one would still value them, you'd need to check only once for whatever memory check you want to run, when you build your allocators for example, and not at every builds, and you could even write the logic yourself and have a debug allocator to ensure memory safeties

you want sub second and not "double digit seconds" build times

it takes one to try to make a game to trully understand why iteration time is far more important that anything else (other than performance of course)

you don't want to wait multiple seconds everytime you change the speed of your character, or tweak the rendering/AI code

that's why then some devs end up using scripting language and they loose all the advantages of their native language, because they want to speed up iteration time

that's why i personally stick to D for my game, my engine + game fully rebuild in under 1 second

you don't get to create memory bugs when you work on your gameplay code ;)

link
littlestymaar 1702 days ago
> the only memory safety gamedev needs are bound checking and use after free protections

Probably if your game is single-threaded …

Rust's raison d'être was type-check thread-safety, and even if we don't talk about this aspect much anymore it's still the domain where it has no competitors (Pony could have been, but didn't get traction).

And it's invaluable.

link
pcwalton 1704 days ago
> the only memory safety gamedev needs are bound checking and use after free protections

Disagree, but in any case, we're talking about the fact that Zig doesn't provide use-after-free protection.

link
Shadonototra 1704 days ago
Zig is allocator aware, use after free protection is covered with the ``GeneralPurposeAllocator``
link
pcwalton 1704 days ago
Is GeneralPurposeAllocator the one that quarantines memory forever? That isn't practical, as I've mentioned before. To name one problem, allocating 1 byte in a 4kB page leaks the entire page.
link