on "Was CrowdStrike a Null pointer related C++ bug?"
1 Like
IMHO most coders don't get that OOP is not universally useful in practice, just like any other paradigm. Every tool has practical limits and should be used when appropriate. Languages like Haskell, Rust, Smalltalk, Lisp, Forth and assemblers can teach one so many ways of describing their intentions, that they will soon forget that OOP even exists and consider it a niche tool. Then I wake up.
4 Likes
There's even a conspiracy theory that the Rust Foundation's 501 organization type was chosen so it can conduct lobbying. The implication being that the Rust Foundation is behind government recommendations to move toward memory safe languages. (Big Borrow-Checker, if you will).
here - DARPA: Translating All C to Rust (TRACTOR) - #4 by blonk
3 Likes
Funny quote from @shepmaster from his announcement of Margo, a Cargo registry only using static files:
Want to have a crate with a million features? Host your own registry and revel in the combinatorial explosion of choices!
9 Likes
Hilarious exchange from this thread got me cracking up:
16 Likes
hahaha 
> The randomness is deterministic
Me explaining miri isolation mode badly
4 Likes
... opaque number sequences (
<GitHub>"issue numbers") are not very informative about what is behind that pointer, and pretending they are is harmful. People could provide, instead, actual reasons for things, which do not require dereferencing random pointers, which thrashes cache.
I never thought about numbered cross-links this way, but I found the analogy refreshingly enlightening.
14 Likes
I'm pretty sure I'm the only person ever to single handedly write a complex GPU kernel driver that has never had a memory safety kernel panic bug (itself) in production, running on thousands of users' systems for 1.5 years now.
Because I wrote it in Rust.
18 Likes
In a discussion touching on custom registries, after noting that crates.io will enforces all dev-dependencies of a crate to exist:
2 Likes
Another funny one:
2 Likes
Sort of like the rationale I picked up way back in the early 2000s for how to use hyperlinks properly.
I can't remember if it was something to do with the theory of hypermedia that I was reading in some "rationale for spec" text somewhere or if it was just tips for SEOing Google PageRank, but it was very focused on avoiding links with names like "here" and, instead, applying the underlying philosophy that, if it weren't a hyperlink (eg, if you Ctrl+P'd a dead-tree copy and the site didn't do any CSS tricks to expose the URL), it'd still be useful to manually look up what the link was supposed to take you to.
In the case of GitHub issues, that'd be hyperlinking with the text "<org>/<proj>#<issue number>: <issue title>" to provide the closest thing GitHub has to citing via Title+ISBN.
4 Likes
Hey.
CEO of Foresight here.
Foresight began as a high performance geometry mathematics project. It has since evolved into a business focused on handling massive quantity of 4D spatial data.
Our problem has always been correctness, and performance. These things Rust does better than any other programming language I've come across (I began my career as a C++ dev).
Given our positive experience with Rust for mathematics, it seemed like a clear choice to reach for it when we set our to build UI.
Since then, and the many decisions UE and Unity have made. We have grown to appreciate what turned out to be a tremendously good decision.
I could go into a lot of detail over the benefits of ECS, and the value of Bevy. But I will instead say, there is no C++ or C# engine that we can get at a reasonable price point that lets us build what we do.
4 Likes
Rigorous safety is a carrot-and-stick approach. The stick comes first.
5 Likes
[Rust] is a conspiracy to popularize programing language concepts from the 80s
16 Likes
New users feel like iteration times are so slow and it takes forever to get going with Rust. But if there's a library available, I feel like I'm roughly as productive with Rust as I am with Ruby, if not more, when I think about the whole amount of work I'm doing. I haven't really figured out how to talk about that without sounding purely like a zealot, but yeah, I feel like Rust is actually very, very productive, even though many people don't see it that way initially.
Steve Klabnik @ Oxidize Conference: https://youtu.be/q8qn0dyT3xc?t=2784
10 Likes
(this post is now quoting itself; is this a quine?)
8 Likes
Rust is a programming language, a fungus, a survival game and oxidation of iron.'
From Aalto University courses: Aalto FITech101 Courses
It amused me how they listed the definitions of Rust in order of importance. Nice Rust course by the way.
12 Likes
reddit user SteveA000 recommended @steveklabnik comment from reddit:
https://www.reddit.com/r/rust/comments/1fofg43/comment/lopwnyd/
Just to provide another perspective: if you can write the programs you want to write, then all is good. You don't have to use every single tool in the standard library.
I co-authored the Rust book. I have twelve years experience writing Rust code, and just over thirty years of experience writing software. I have written a macro_rules macro exactly one time, and that was 95% taking someone else's macro and modifying it. I have written one proc macro. I have used Box::leak once. I have never used Arc::downgrade. I've used Cow a handful of times.
Don't stress yourself out. You're doing fine.
20 Likes
Google Online Security Blog: Eliminating Memory Safety Vulnerabilities at the Source
Fighting against the math of vulnerability lifetimes has been a losing battle. Adopting Safe Coding in new code offers a paradigm shift, allowing us to leverage the inherent decay of vulnerabilities to our advantage, even in large existing systems. The concept is simple: once we turn off the tap of new vulnerabilities, they decrease exponentially, making all of our code safer, increasing the effectiveness of security design, and alleviating the scalability challenges associated with existing memory safety strategies such that they can be applied more effectively in a targeted manner.
This approach has proven successful in eliminating entire vulnerability classes and its effectiveness in tackling memory safety is increasingly evident based on more than half a decade of consistent results in Android.
2 Likes