Undefined behaviour never was so nice! (Yes, I know that it’s well defined by implementation, but doesn’t this sound like it?)
TWiR quote of the week
This needs some more context. “It” here refers to “nested generic types”. So:
[Using a nested generic types is] like building stuff with LEGO…
Not sure if you want to reference r/rustjerk in the quote but I post this anyways:
I’ve found that people who hate the borrow checker are usually ones that can’t figure out why they always have so many weird bugs
by Inityx
I’m batch-processing thousands of high-resolution TIFF images so these are processes that I start at the end of the day and let run overnight. I have multiple Java implementations that can do this; none of them perform at the same level as my novice Rust implementations.
The security barrier must be earlier. It will make everything easier to secure. By analogy, it’s like securing your own house. You can lock points of entry to your house, and it’ll work fine for the entire house. But if you move the security barrier to wrong place because you assume burglars may freely roam inside your house, you’ll end up with locks on your bathroom, padlocks on your drawers, gates on your bed, TV stored in a safe, and kitchen utensils chained to walls.
Here, your OS is your house. If you work with assumption that you let malware in, and running viruses is normal part of Rust development, you’ll need extraordinary level of sandboxing paranoia similar to having things in your house chained to walls. It’s going to be incredibly hard to secure everything, and it’s going to be incredibly inconvenient to use the language that has to act at all times as if all your code was infected and dangerous.
A better approach is to make sure that there’s no path from the guest bedroom to the master bath. That means an OS should not be a monolithic whole, where penetrating any component gives full access to everything. For example, there is no reason why a network interface needs access to the file system, but that’s exactly what an exploit from a couple of years ago used. What we need is isolation among the components of the OS. CapRos and seL4 are examples of how it can be done by applying the Principle of Least Privilege at a finer level of granularity than the whole OS.
[Rust’s] unique selling point is that it unlocks a level of performance and flexibility that was previously not possible without investing in deep platform-specific knowledge and expensive quality assurance processes.
impl Drop for Mic {}
from http://fitzgeraldnick.com/2018/12/13/rust-raps.html
Honestly, the whole thing deserves to be the quote of the week, but it’s a bit long for a quote…
People aren’t kidding when they say Rust gives you superpowers. We spend more money on log storage than all of our servers combined. We can process so many requests [that] we have to spend more to store the logs from those requests than it costs us to actually process them.
State of the crates.io — Sean Griffin
Time: 24:29
Using [traits] for Inheritance was like putting car wheels on a boat because I am used to driving a vehicle with wheels.
In theory it would be entirely reasonable to guess that most Rust projects would need to use a significant amount of
unsafe
code to escape the limitations of the borrow checker. However, in practice it turns out (shockingly!) that the overwhelming majority of programs can be implemented perfectly well using only safe Rust.
“All the type and lifetime checking is great, but it didn’t prevent me from being completely retarded every now and then.”
Alan Trick, https://alantrick.ca/writings/programming/python_to_rust/
Found this in the old question on SO, looks like a rather laconic explanation:
Lifetimes are needed to prevent errors, but explicit lifetimes are needed to protect what little sanity programmers have.
When a turbo fish is very long, does it become a turbo eel?
– @Enet4
https://chat.stackoverflow.com/transcript/message/45076604#45076604