Another self-suggestion:
Robust Underpinnings, Strong Technique
1 Like
Compilers are an error reporting tool with a code generation side-gig.
-- estebank on a Hacker News thread about Rust syntax
9 Likes
It's been 7.5 years since #27060 was reported, but the problem is finally fixed for good. :)
~ Ralf Jung in https://github.com/rust-lang/rust/issues/82523#issuecomment-1416850743
6 Likes
"All the pro C/C++ arguments seem to come down to “Good drivers don’t need seat belts because they don’t get in accidents"
~ otwkme in https://www.reddit.com/r/rust/comments/10rnymj/comment/j6x90x5/?utm_source=share&utm_medium=web2x&context=3
4 Likes
“It’s enjoyable to write Rust, which is maybe kind of weird to say, but it’s just the language is fantastic. It’s fun. You feel like a magician, and that never happens in other languages.”
Parker Timmerman, software engineer
Citation extracted from How Rust went from a side project to the world’s most-loved programming language
8 Likes
I'm not sure if this is fitting for the quote of the week, but I liked the simile enough that I thought it'd be best to let everyone else decide that.
Instead of being dangerous and fun like cigarettes (or French philosophy), C needs to be dangerous and unfun like sewage systems: something that experts handle humble, carefully, and out of necessity, with designs that reflect the societal repercussions of any mistakes.
5 Likes
You've probably come across unsafe. So "unsafe" is a keyword that sort of unlocks super powers and segfaults.
-- Arthur Cohen, in his talk A deep dive inside the Rust frontend for GCC at FOSDEM'23
Edit: There are quite a few quotable lines in this talk.
5 Likes
From this thread:
3 Likes
and as much as i dislike the
cargo-geigerconcept, the name … kind of works
unsafeis a lot like uranium. it’s just one more metal ore you can process, refine, and machine. it doesn’t combust in atmosphere, it doesn’t corrode or make weird acids. unless you go out of your way to make it dangerous you don’t even have to worry about critical masses. you can work with it pretty normally most of the timebut if you don’t know exactly what it is, what it does, and how to work with it, it will cause mysterious illnesses that only crop up long after you’ve stopped touching it
-- myrrlyn @ https://www.reddit.com/r/rust/comments/11eyu50/i_love_rust_i_have_a_pet_peeve_with_the_community/jahdf3b/
11 Likes
Another thing that I found interesting was hiring Rust developers. Turned out that I thought it would be hard and in a sense I was right. But the last three developers which were hired they didn't use Rust before at all, but still in their second day [..] their commits were already used in production. Pair programming of course helps a lot with this, but I reasonably cannot see anymore that Rust is hard to learn. People can pick it up really really quickly.
-- Markus Klein, "Rust at Aleph Alpha" talk at Rust Linz Meetup (link to youtube)
7 Likes
Memory management is the least interesting application of borrow checking.
5 Likes
The Rust compiler is a thousand unit tests that you don't have to write
-- I built a startup in Rust, I would do it again. | Cloak
(Echoing exactly the reason I'm migrating as much of my development effort as is feasible to Rust.)
Also, give the section it comes from a read. It's possible I misjudged where the boundary lies for the best quote and someone else may want to propose a different cropping.
11 Likes
The generated program is a random sequence of bytes that just happens to take the shape of a seemingly working program by accident. Such is the joy of code that causes UB. You cannot deduce anything from what happens when you execute a program with UB, since that act is by itself meaningless. You need to establish that your program has no UB before making any inference based on what you see the program do after it came out of the compiler.
Ralf Jung on Is read_volatile on uninitialized memory really undefined behavior?
13 Likes
It's a shame the one I proposed came in at the beginning of the week while this one came in at the end and didn't have time to accumulate votes. I think this one deserved it more.
2 Likes
You're not fighting the compiler you're fixing bugs.
8 Likes
(I'd like to also suggest considering rolling over the RalfJ quote to this week's consideration as well; it's a good quote.)
Accounting for arbitrary shenanigans going on is the default state of the compiler; any optimizations have to prove that there aren't problematic shenanigans going on. The purpose of UB is carving out semantic space where the user code promises not to be doing any shenanigans, in order to make proving the absence of shenanigans somewhat practical.
Myself (@CAD97), in discussion about shenanigans before main. (edited very slightly for formatting)
6 Likes
As part of this work, I even found two memory safety bugs in the DRM scheduler component that were causing kernel oopses for Alyssa and other developers, so the Rust driver work also benefits other kernel drivers that use this shared code! Meanwhile, I still haven't gotten any reports of kernel oopses due to bugs in the Rust code at all
14 Likes
