Hacker News new | past | comments | ask | show | jobs | submit login

You have a point but so does the OP. The classic example that follows the OP's recommendation is allocation failures. Of course, not everyone is happy that String or Vec will panic on allocation failure and wish allocating methods returned a Result instead. But changing all allocating APIs to returning a Result would make others unhappy given how rarely a program can truly recover from an allocation failure.



BTW, overcommit/oomkiller aside, recovery from allocation failure in Rust can be easy and reliable.

There is an assumption carried over from C that code paths handling OOM errors are untested and likely broken. However, Rust doesn't have manually-written error handling paths like that. It has `Drop` which is always correctly inserted by the compiler, and regularly tested on normal function exits.


Rust does have manually-written error handling paths like that. See for example the panic handling in Vec.retain_mut: https://doc.rust-lang.org/src/alloc/vec/mod.rs.html#1577

I doubt most crates handle these scenarios correctly.


This is limited to unsafe code, and the "exception safety" is a known problem to deal with. It can be tested without having to trigger OOM.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: