[MichaelGG]

I'm guessing because Nim gets portrayed as safe, or offers some safe features, but overall is not memory safe. Rust has worked very hard and gotten through the problem of having memory safety, with zero runtime cost and reasonably good language features.

Since it's 2015, it seems fair to point out when a new language offers something neat, but in a way that isn't safe.

[Pharohbot]

Nim is as safe as any other language. Perhaps it's not as safe as Rust but that brings specific trade offs most people dont wan't to deal with. I don't understand why people think that Nim is "terribly unsafe" when in reality it's like any other language

[steveklabnik]

> Nim is as safe as any other language.

With regards to memory safety, it is not. https://news.ycombinator.com/item?id=9050999 is an old comment from Patrick, but in today's Nim, it segfaults in both release and development modes for me. Rust's guaranteed memory safety means that Rust code (without explicit unsafe, the vast vast majority of code) cannot segfault.

> I don't understand why people think that Nim is "terribly unsafe" when in reality it's like any other language

For example, unless I write a bad cext, I cannot get Ruby to segfault.

None of this makes Nim a bad language. All languages have tradeoffs.

[Pharohbot]

Yes Rust is more safe than Nim, I'm not arguing that. I'm also not arguing that Nim is as safe as languages with automatic memory management.

EDIT: Also, Nim is planning on turning those segfaults into runtime NilErrors and a nilChecks flag that will check for them at compile time, you can also avoid this by annotating Pointers with `not nil`

[steveklabnik]

Cool. When you said 'any other language,' I thought you were speaking more broadly than C or C++.

[Pharohbot]

I probably should have been more clear, but I think it's safe to say that unlike C/C++, Nim can handle these types of issues like other languages that deal with pointers (Java, Go etc) with control from the programmer. The only memory safe language I know is Rust, but I am probably wrong on that part, so that's why I singled out Rust on how It's safer than Nim.

[MichaelGG]

That's not at all the impression I get from reading the Nim manual. It sounds rather clear when it says unsafe over many different features. Can you declare a function pointer and point it at anything? It allows unchecked array access - what's stopping traditional overflows? I've not used Nim, but compiling to C and exposing a lot of C-like functionality seems to indicate that code will still be subject to the same types of errors. Why do you say this isn't the case? Why does the manual not mention such things? (Another example: doesn't Nim need most objects to be GC allocated to be safe? So if you're not using GC (which I imagine lots of perf sensitive code will want to avoid), what's preventing errors there?)

Maybe I've got the wrong impression and their docs are terribly misleading and there are safety checks all over. But I found the dics easy to understand last time I read them and the safety issues seemed clearly marked and more or less where'd you expect.

[heinrich5991]

It has a feel of a scripting language, but as far as I can tell, it rather has the safety of C/C++, which I personally wouldn't call "safe like any other language".

[Pharohbot]

Why not? I'm interested to know because in my opinion I don't see it any less safe than languages that don't have automatic memory management and/or languages like Rust.

[jibalt]

"Why not?"

Because it isn't true.

"in my opinion I don't see it any less safe than languages that don't have automatic memory management"

Strawman ... the comment was about scripting languages.

"and/or languages like Rust"

Then it would be unwise to pay any attention to your opinion.

[Pharohbot]

> Because it isn't true

Did you not see the other person who just said that?

> Strawman ... the comment was about scripting languages.

I do not have a clue what you are trying to say...

[MichaelGG]

Because it is flatly untrue? Memory safety is rather a binary thing. C# without /unsafe is safe. Same for Java and Rust. Not true for Nim or C/C++. Rust is unique in doing this without any GC or other runtime overhead, AFAIK, which makes it a bit special.

[rbehrends]

Nim does not have a separate unsafe keyword, because all unsafe features are already characterized by keywords; that's a result of its Pascal heritage. To check whether a piece of Nim code is safe, you check for the presence or absence of these keywords; e.g., you can grep for "ptr" in Nim, while grepping for "*" in C# isn't particularly helpful. Every unsafe feature in Nim has an associated keyword/pragma. Having a special "unsafe" keyword that says, essentially, "this procedure can contain other unsafe keywords" is sort of superfluous.

Note: these unsafe features have two purposes. One is to interface with C/C++ code. The other is to be able to write close-to-the-metal code in Nim rather than in C (where you wouldn't gain any safety by using C, but lose the expressiveness of Nim). This is, for example, how Nim's GC is itself written in Nim.

None of the unsafe features are necessary for high-level programming, i.e. unless you actually want to operate that close to the metal.

[pcwalton]

Presumably there are plans to disallow accidental sending of thread-local GC'd pointers to other threads as well?

[dbaupp]

There's undefined behaviour in the "main" language, e.g. https://news.ycombinator.com/item?id=9050999

[Pharohbot]

Do you have any specific examples of these unsafetiness in Nim?

[MichaelGG]

Pointers?

[jibalt]

"Nim is as safe as any other language."

That is factually false.

"Perhaps it's not as safe as Rust"

And there even you have contradicted yourself.

"Perhaps it's not as safe as Rust but that brings specific trade offs most people dont wan't to deal with."

That much is true ... and can be said without telling falsehoods, like your first statement.

"I don't understand why people think that Nim is "terribly unsafe" when in reality it's like any other language"

You are confused by your own strawman.

[Pharohbot]

when --nilChecks:On become a thing, dereferencing null pointers will be like Java, a NilError (NullPointerException in Java). This is why I said it's as safe mainstream languages that dont have AMM but languages like Rust are safer than those mainstream languages. any others to point out?