Hacker News new | past | comments | ask | show | jobs | submit login

Because in the common case you assume that, if your code is correct, all of your indexing will be in bounds, but for memory safety reasons we need a bug to be reported if memory safety would have been violated. So we allow direct indexing with a panic on out of bounds because it's the most ergonomic for that common case



I've come to believe ergonomics is a siren song here, mostly because recently I've been considering panics as forbidden as memory unsafety is... it's never okay for your embedded system or web server to panic, so don't act like that style is somehow preferable.

If you "know" the index is in bounds, you can get_unchecked. Otherwise you should get. Either would be a sane choice for the index operator.


The bug is not just reported here, the whole computer shuts down and all your unsaved work gets lost. That's not very ergonomic either.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: