TWiR quote of the week

Maybe a better metaphor would be that the borrow checker won't let you fire at targets smaller than the cone of uncertainty without a backstop to catch the bullet.

3 Likes

from Julien Tinnes' blog: cr0 blog: A few thoughts on Fuchsia security

For system-level folks, Rust is one of the most exciting security developments of the past few decades. It elegantly solves problems which smart people were saying could not be solved.

Fuchsia has a lot of code, and we made sure that much of it (millions of LoC) was in Rust.

Our kernel, Zircon, is not in Rust. Not yet anyway.

5 Likes

Go loses its memory safety guarantees if you write concurrent software. Rust loses its memory safety guarantees if you use non-trivial data structures. C++ loses its memory safety guarantees if you use pointers

David Chisnall on lobste.rs

I don't agree. We can use Rc<RefCell<T>>/Weak<RefCell<T>> and then indeed lose compile-time memory safety, but we usually instead use unsafe code and encapsulate it in crates. There are tons of crates for complex data structures, and they have very strong memory safety guaranteed.

C++ doesn't have any memory safety guarantees at all :grinning_face_with_smiling_eyes:

There's at least an explanation needed here. This is simply not true as-is in the absence of unsafe, and many non-trivial data structures can in fact be implemented without unsafe.

7 Likes

From Freeky on reddit

At last, I can name my unsafe functions appropriately.

unsafe fn e͙̤͎̪͒x̲͓̞̤͍̻̺̂͗͛͆͡t̜̣͊̓ͩ̍̑e̩͖͙͎̼̖͉ͮṇ̨͖̎̓ͅd̗̼͕ͫ̅_̲̦̥̙̙͍͂́l͙͙̦̞̠̃͌͒i̹̘͍̳̊ͪͦͤ͒̊͋f̨ͥ̄̌ḛ̜͗̉̃̎̂̔̐t̩̲̘͕͉̺̫̓͗́i̹̤̭ͭ͆̔ͪͤ͢m̹̤̜̗̫̩͍ͨe̝͒ͣ<'b>(r: R<'b>) -> R<'static>

14 Likes

It's better to do:

unsafe fn extend_lifetime<'a, 'b>(r: R<'a>) -> R<'b>

Because it works better with generics (and you can always return to the above signature by specifying 'b == 'static.

1 Like

No need to discuss the API, this quote is all about the unholy diacritics on the identifier.

3 Likes

I needed to double check but apparently, this identifier is actually literally valid.

Well, it gives a warning at least

warning: identifier contains uncommon Unicode codepoints
11 Likes

This one by @m51.

4 Likes

Linux Fortune: (full text)

What they say:                  What they mean:
Meets Tough Quality Standards   It compiles without errors.

Ok this was not about Rust. It was a joke about languages like C. But with Rust, it's true!

4 Likes

Shameless self-nomination:

When a panic has a payload that's an object which needs Drops,
And the panic hits a catch_unwind for unexpected stops
Before if its Drop panicked we'd just crash to your desktops,
Now the payload gets forgotten, and you'd better grab some mops!

-- https://twitter.com/josh_triplett/status/1407776002973986819

5 Likes
4 Likes

11 posts were split to a new topic: Rust, sloppiness, and gatekeeping

Seems worthy enough of a self-nomination.

4 Likes

By @Ethindp.

10 Likes

Beginning Rust: Uh why does the compiler stop me from doing things this is horrible

Advanced Rust: Ugh why doesn't the compiler stop me from doing things this is horrible

qDot on Twitter

30 Likes

The nasty thing about UB is that it does not guarantee that things will go horribly wrong. UB likes to lure you into thinking that you are fine... until it suddenly pulls the floor out from underneath of you and you plummet into the pit where all your code has been arranged in a nice set of spikes.

RalfJung on IRLO

15 Likes

Just replace the "Advanced Rust" with "Beginner C" (or "Advanced C", for that matter) and this will be perfect :grinning_face_with_smiling_eyes:

Lol I came here because I considered self-nominating, but you people are too quick and exceedingly well informed. :wink:

10 Likes