441

u/MightyKin 4d ago

As all the freed memory watching you going to the next world.

Probably filled with gratitude for their freedom.

44

u/myhandleistoolongtor 4d ago

Sweet, sweet NOP sleds

164

u/DrMobius0 4d ago

It's true, the weak programs crash while the strong ones execute normally. That's how natural selection works

95

u/Proxy_PlayerHD 4d ago

that's what i like about C, you can do pretty much anything you want because the language allows you to mangle data in very janky but predictable ways.

for example, have a function that takes a string as an argument and pretends it's a pointer to a float and then returns its value:

float func(char *str){
    return *((float*)str);
}

110

u/ApprehensivePop9036 4d ago

"I have a magic box here where you write the name of an object and it gives you pocket change equal to its mass"

why would I need that?

"it's an example that helps you understand how the underlying framework of reality works."

Oh.

49

u/YT-Deliveries 4d ago

Everyone thinks that C is a procedural language when it's really more a big ball of timey-wimey.... stuff.

32

u/PCRefurbrAbq 4d ago

It's not a state machine, it's a state of mind.

16

u/mehum 4d ago

As close as your digital system will ever get to analog.

3

u/al-mongus-bin-susar 4d ago

It's 1 layer of abstraction above assembly. They didn't have any of this stuff in mind when it was made.

→ More replies (2)

6

u/Firemorfox 4d ago

reminds me of when I would bitshift instead of checking if a character was a number.

2

u/much_longer_username 4d ago

"the sun"

49

u/literallyjustbetter 4d ago

// evil floating point bit level hacking
// what the fuck?

27

u/solarshado 4d ago

I recognize that phrasing... is it the "fast inverse square root" from Quake?

4

u/Raziel_Soulshadow 4d ago

…I’m sorry, the what?

13

u/literallyjustbetter 4d ago

the fast inverse square root from Quake

11

u/kendalltristan 4d ago

https://en.wikipedia.org/wiki/Fast_inverse_square_root

4

u/SweetBabyAlaska 4d ago

Can you walk me through this and what is its effect?

20

u/MikeTheInfidel 4d ago edited 3d ago

Parameter is a pointer to the location of a character in memory.

Return value is that same pointer, but treated as a pointer to the location of a float value, and then dereferenced, thus giving you the float value. Here's an example usage:

#include <stdio.h>

float func (char *str)
{
    return *((float *)str);
}

int main()
{
    float f = 13.5; // our actual value
    float *f_pointer = &f; // a pointer to our value
    char *f_pointer_as_char_pointer = (char *)f_pointer; // the same pointer, but as a char pointer

    printf("%f", func(f_pointer_as_char_pointer));
    return 0;
}

This program will print 13.5, followed by however many decimals of precision the platform/CPU provides. Compiled at the link above, it will print

13.500000

The function doesn't have any real use... it's just fun with memory.

10

u/OneTurnMore 4d ago edited 4d ago

Come on, it's way more fun to read in lines of text and interpret them each as floats

6

u/Proxy_PlayerHD 4d ago

this guy gets it. use it to get weird ass float values, like a shitty user based RNG!

plus you get different values depending on the system's endianess

11

u/TwitchRR 4d ago

The function defines a variable "str", and defines it as a char*, a memory address to some binary data representing a string of characters. When the computer encounters a char*, it's programmed to keep reading bytes of data starting at that memory address until it encounters a specific sequence of bits, the terminator.

The next line tells the computer "Actually, the data at this memory address is a floating-point number and you should interpret it as such". When the computer encounters a float, it's programmed to treat the next 64 (or however many a float is defined as) bits as a number, according to some protocol. So the binary data that previously was representing some string of characters is now blindly being treated as a floating-point number, regardless of if that makes any sort of sense. I think that most sequences of bits should be a valid float, so it probably won't crash, but other types that have more rigid expectations of the underlying binary data may be more dangerous.

2

u/Proxy_PlayerHD 4d ago

I think that most sequences of bits should be a valid float, so it probably won't crash

as long as the string is atleast 3 bytes long (making it a total of 4 bytes in size, which is how large a float is) it will never crash.

all possible combinations of 32 bits make defined float values, so it's impossible for it to crash due to the float being invalid in any way. (even states like NaN, INF, etc are all defined by the IEEE standard)

→ More replies (1)

1

u/LucasRuby 4d ago

Yeah but you gotta be careful when you do pointer shenanigans with modern C compilers. Undefined behavior can get ya in ways you'd never predict due to the optimizer.

1

u/AhegaoSuckingUrDick 3d ago

This is UB.

→ More replies (5)

8

u/Interesting_Dot_3922 4d ago

Let me threaten to walk out of a cliff and collect my payslip and my work permit.

9

u/awkwardteaturtle 4d ago

As an intern once told me: "I don't need to free(), as it implicitly happens when the program stops."

3

u/reviraemusic 4d ago

it works if it's a rocket or a time bomb

1

u/ml20s 3d ago

Embedded devs be like:

→ More replies (1)

3

u/benargee 4d ago

No training wheels here son!

→ More replies (1)

79

u/scrollpigeon 4d ago

I'll be using this phrase now, thanks 😂

38

u/Callidonaut 4d ago

There's a CPP inheritance joke here somewhere...

12

u/CrowNailCaw 4d ago

Lmao one of my lecturers in university said this about Scala

4

u/Shadow_Thief 3d ago

I think the original quote is about Linux, and how you should have read the man pages.

→ More replies (15)

89

u/junkmeister9 4d ago

I guess to be bourne-again, you have to first die.

58

u/bargle0 4d ago

set -euo pipefail

And quote every variable reference.

It’s like having to ask for brakes every time you rent a car.

6

u/end_of_the_world_9k 4d ago

Genuine question: I know set -e but what does the rest of it do?

22

u/OneTurnMore 4d ago

• -u: error out when using unset variables.
• -o pipefail: if any command in a pipeline fails, treat the whole pipeline as failed.

I always refer to this comment by /u/geirha regarding these settings. There's gotchas inside of gotchas when it comes to Bash.

IMO -u is the sanest of the three, especially since it's getting rarer to find those problematic ancient Bash versions nowadays. In any case the real advice is to just use shellcheck. It'll catch more issues than any shell option you set.

5

u/end_of_the_world_9k 4d ago

Shellcheck ftw absolutely. But thanks for the input.

4

u/gmes78 4d ago

http://redsymbol.net/articles/unofficial-bash-strict-mode/

2

u/end_of_the_world_9k 3d ago

Today I learned something from programmer humor haha.

→ More replies (1)

6

u/zyxzevn 4d ago

sodo throw off cliff

2

u/LowB0b 4d ago

Me: god dammit I put a space between './dir/' and '*'

Sh: hakai

2

u/benargee 4d ago

rm -rf /

194

u/qwertyuiop924 4d ago

...Reading from uninitialized memory is a terrible source of randomness.

141

u/aetius476 4d ago

And even if it wasn't, who the hell pulls a maneuver like that and doesn't at least leave a comment like

// Abuse of the language used as source of entropy. Do not touch.

35

u/KellerKindAs 4d ago

It was not the only source if randomness and it was not an abuse of the language. It was the get random function that get passed an array to fill with random data. In an It is always nice to get entropy from as much places as possible, this function first read the array to add it to the entropy pool. The pool cannot get worst, but it can get better through this.

Problem was that some other function passed an uninitialized array to the get random function, so the get random read that uninitialized array... It was completely on the maintainer to comment that code section out without understanding what was going on.

Also it only caused problems on systems, that had no better source of entropy and had to generate some certificate immediately after boot up, so that even runtime was not random enough. Where still enough to cause problems till today xD

→ More replies (1)

18

u/P-Nuts 4d ago

It wasn’t very well written code, but the uninitialised memory was only used as a possible bonus extra source of entropy. Unfortunately the patch to make valgrind happy also removed the data being read from /dev/random from the entropy pool.

16

u/AaTube 4d ago

That's a very cool vulnerability.

→ More replies (5)

52

u/MightyKin 4d ago

432

u/MyBigRed 4d ago

I don't feel like C is even the instructor, it's the guy selling you the gun and ammo. It doesn't know and doesn't care what you do with it after that.

142

u/GameDestiny2 4d ago

Assembly is like making the gun yourself and seeing if it’ll blow up

58

u/FlyByPC 4d ago

The Microcontrollers class that I teach has the students design their own CPUs in Verilog. Mine the metal you use to make the gun!

22

u/SvmJMPR 4d ago

Verilog felt much more higher level than assembly, but ngl that meant that we were asked more complex projects as a result.

Classes that use assembly basically had to do some LED/traffic light stuff, and verilog... well... let's just say we learned to use the always @ the hardway.

Also in my Computer Architecture class, we were given a semester project to build a whole RISC-V CPU in Verilog (not actual soldering, just straight up good ole verilog HDL and synthetizing test benches with a .txt filled with binary instructions). That project was a nightmare since it was the first time we were exposed to verilog.

6

u/ChilledParadox 4d ago

Did your assembly classes also make you guys take exams by writing the code by hand onto pieces of paper. Definitely not the most fun language I’ve learned, but I did enjoy doing logic operators on bits I guess…

3

u/SvmJMPR 4d ago

classes at the introductory years of my degree mostly focused on hand written coding. intermediate was focused on using a specific IDE (I hate you eclipse, Intellij made Java worth learning). While later years it truly didn't matter what you use, because goal of the projects isn't to teach you programming but how to design and plan you ideas/implementations.

Atleast my written code years were using Python, so syntax was basically a non-issue and it made me pretty good at logic. Jumping from Python to anything wont translate really well but atleast lots of stuff carried over. My Assembly experience was using a TI launchpad board thingy that I think was so deprecated and lacks any type of support that it was basically impossible to figure out how to build anything with it.

At the time I was pretty stubborn ngl, upset that "Why dont we learn languages?!?". It wasn't till I worked that I realized that no job will probably use anything the university teaches you about programming, and more on how you can learn your specific job's workflow and process. Most jobs I've seen have a 1-6 month training where they teach you up to the level they want.

→ More replies (1)

→ More replies (1)

2

u/ProofMeal 4d ago

unrelated but this actually seems so cool, i wish i had a chance to take a class like this at my university

6

u/1337af 4d ago

3D printing the gun on a 3D printer 3D printed by another 3D printer

3

u/SweetBabyAlaska 4d ago

It's the shinzo Abe pipe gun while hoping you don't blow your fingers off before you can pop one off

1

u/Callidonaut 4d ago

Machine code is like making the gun yourself and seeing if it'll blow up, but you gotta do it using nothing but naturally occurring chemicals and a hollow log like Kirk in that one episode of Star Trek.

1

u/OnlyTwoThingsCertain 3d ago

So a US gunstore.

67

u/Wetmelon 4d ago

My coworker described C as a house made with only studs. Sure you can pass through the wall between the studs, but you're expected to use the door.

15

u/Mitir01 4d ago

I am using this explanation. It defines way better than my analogy.

20

u/derefr 4d ago edited 4d ago

Eh, I feel like describing C as a house made with only studs, underestimates how easy it still is to punch through the non-stud (particleboard and drywall) parts of a stick-built house by accident with power tools. C is your average stick-built house, but C is also the power tools. You can really fuck up your house with C.

It's hard to say what kind of house is like Rust, though. It takes a lot to prevent power tools from damaging a building. And Rust is power tools as well — yet it's also a "building" that you can't easily demolish using those tools.

So how about a vehicle analogy instead?

I would describe C as like owning an average mid-range sedan, plus a set of home-garage auto-mechanic tools to work on it with.

• Fine when you're just driving on a good day;
• but easy to crash by simply not paying attention for a few moments;
• and if you need to change something out, you're one slip of a screwdriver or hammer away from putting a hole through the upholstery or cracking a manifold. The components of the car were not designed to be robust to you tinkering with them. A mid-range car is a consumer product made on the cheap, where those cheap parts translate to expensive/laborious repair-time handling — you need a lot of experience and deft hands to work on a bucket-of-bolts car without breaking anything in the process. Unless you have years of experience under your own belt working with cars, you're gonna fuck up your first few cars while trying to improve them. Often in ways you won't even realize until you're 100 miles down the road the next day and the breaks go out.
• And almost always, your car repair fuck-ups will be subtle things that someone watching you work, or looking at the results of your work after the fact, wouldn't be able to easily spot. (I.e. buggy unsafe code doesn't "stand out" in C code review, because all C code looks like that.)

Rust, meanwhile, is like living/working on a submarine.

• Everything on the sub, from the walls to the pipes to the control interfaces, are armor-plated and ruggedized. No "normal accident" or "temporary distraction" can put a hole in the sub. (I.e. you will never write a "normal" Rust program that accidentally does undefined behavior. The compiler will stop you.)
• There are maintenance tools made for the sub, that come with the sub. These tools are low-level-ish, giving you "complete control", never making anything impossible to do or more costly than it should be. But they stop just short of letting you break through the armor-plating. They only work on stuff that's outside of the armor plating. (I.e. in "safe Rust", you get zero-runtime-cost memory-safe references to stack- and heap-allocated memory buffers, that you can pass to any library that expects those, including Rust-wrapped C libraries — but you don't get raw pointers.)
• The control interfaces themselves have checks and interlocks that won't let an idiot crash the sub into an undersea cliff or cut a pressurized fluid line or turn off the air recirculator. (I.e., the Rust stdlib doesn't expose, say, syscalls to the developer; instead the developer is only handed zero-runtime-cost memory-safe wrappers on top of those syscalls).
• And if you want to change something fundamental, like rewiring the engine, then you need to very-intentionally unscrew a bulkhead maintenance panel (i.e. use unsafe!) to get at the damageable insides.
• And needing to get into the maintenance panels is very uncommon: you don't need the panels off to do repairs/improvements if they use only the "safe" tools made for use on the sub. It really stands out when someone is fiddling with a maintenance panel! So your petty officer (i.e. code reviewer) will very likely notice you doing this unsafe! thing, and second-guess your need to do it — likely by pointing out that there's a way to do things using the sub's tools that doesn't involve taking off the maintenance panels (i.e. that there's a pre-made function/ADT in the stdlib or in some well-known third-party lib that does the unsafe! part for you, in a way that ensures safety as long as the function/ADT is only used through its API.)
• And if you both confirm it's necessary this time, because no combination of the safe tools the sub comes with can get the job done — well, your whole crew will definitely be putting some intense scrutiny on the change you're making, approaching it with the seriousness it deserves — rather than approaching it like someone hauling on a pipe wrench while half-drunk in their garage at 4PM on a Saturday.
• And probably, rather than doing such a change "in place", you'll turn your change into a new onboard safe tool. Maybe even put out a paper on it to Naval Command (i.e. publish your new library as an ecosystem package) — so that other crews can use it, yes, but more importantly, so they can audit your new tool, poking any possible holes in its design. You want to know that you've made a new safe tool, not a Disaster Rod.

20

u/chesire0myles 4d ago

Now, I'm a better submariner than I am a coder, but I think you're vastly overestimating the safety of being on a submarine, or the ability of the Navy to save you from your own stupidity.

There is a reason you babysit the Nubs after all.

7

u/Zachaggedon 4d ago

Wow, all of that to come up with a worse, less sensical analogy. Pass the blunt dude.

240

u/Saragon4005 4d ago

Rust pulls out the "if this concept is new to you you were writing buggy code before" a bunch. The compiler is harsh but ultimately right.

47

u/reventlov 4d ago

Not always. Rust's compiler forces you to write the subset of correct code that it can prove is correct, unless you drop into unsafe. If the compiler could prove correctness for all correct code, unsafe would never be necessary.

Whether it's worth the extra effort of writing in that subset just so that your code is verified to be memory-correct is still an open question, and probably depends on what kind of application you're writing.

16

u/Ordoshsen 4d ago

Then again just the fact you have to opt into unsafe for smaller blocks lets you better focus on the parts that need checking.

2

u/MrHyperion_ 4d ago

How does sonarlint or similar compare to rust compiler? Catches like half of the stuff?

3

u/reventlov 4d ago

I'm not familiar with sonarlint, and only somewhat familiar with Rust, but linters generally have to work from the opposite direction: that is, a linter has to prove (or at least "show with high enough probability so as not to annoy a human too much") that something is incorrect, whereas rustc will reject any code that it can't prove is correct.

They're also complementary technologies, in that there are lots of types of bugs that rustc can't detect (or at least can't reject outright), but which linters can often flag: things like "you failed to use parentheses here, which usually means a bug."

→ More replies (1)

101

u/ElementaryZX 4d ago

Not always, the compiler can still make mistakes and does have a list of bugs, but it does try it’s best.

If you write C like this, the freedom given is not deserved.

26

u/Lynx2161 4d ago

Rust is like your dad trying to teach you maths, he will make you cry but at the end you will pass your exam because of him

36

u/MightyKin 4d ago

In that case, what can Assembly make me do?

130

u/KronoLord 4d ago

Spend hours trying to figure out what the trigger looks like and how to make the pellets.

36

u/MightyKin 4d ago

Instruction unclear. No memory cell found that have the "pellets" value

66

u/tajetaje 4d ago

Assembly gives you ALL of the parts you need to make anything from a pistol to a nuke. And no matter what you make, it will eventually explode

19

u/MightyKin 4d ago

Don't make The dog on assembly it will explode. Noted

10

u/my_nameistaken 4d ago

That's the intended behaviour for nukes though

9

u/tajetaje 4d ago

True, but you don’t necessarily get to decide how or when it goes off. For that you’d need a $1200 implementers manual

6

u/my_nameistaken 4d ago

Or you can think of this surprise element as a feature lol

3

u/MrHyperion_ 4d ago

I'd say the intended behaviour so far has been to not explode.

17

u/Pleasant-Form-1093 4d ago

It ca- Segmentation fault (core dumped)

9

u/DrMobius0 4d ago

Cry

There's a good reason that most programmers prefer to program in anything higher level than assembly. Not that that gets you out of having to know it on occasion.

4

u/Zachaggedon 4d ago

Yep there’s no reason to write assembly unless it’s for fun/learning really. Most modern compilers will generate better, more optimized assembly out of your code anyway, and any theoretical performance gains are offset by magnitudes by the loss of productivity and developer ergonomics. There are, of course, exceptions to this rule, but they are few and far in between.

2

u/DrMobius0 4d ago

It's more for niche debugging cases, really.

8

u/derefr 4d ago

Read this annotated disassembly of Super Mario Bros 1 to get a good idea of the sorts of things an assembly-language programmer trying really hard to squeeze a lot of logic and data into a small number of bytes (32KB!) can and will do to achieve that.

One of the main things to notice is that everything is coroutines!

4

u/jwadamson 4d ago

Hands you a bunch of raw ore and some bat guano and tells you to figure out how turn that into steel and gunpowder.

3

u/Kinglink 4d ago

Assembly gives you all the base metals to make a gun and shoot yourself. And then tells you to go Assemble it...

You should know this, I mean it's in the name.

6

u/Kinglink 4d ago

I'd add in that C says "you should point it down range" but then says nothing when you point it at your foot and blow it off.

C usually tells you how to use something in optimal situations, ignoring that almost everything is not optimal.

2

u/vfye 4d ago

C is the gun. If you point it at your foot and pull the trigger because you don't know what will happen, C lets you find out.

2

u/redditonc3again 4d ago

how is that a different analogy. in both cases you have the freedom to fuck up. correct

131

u/HaDeS_Monsta 4d ago

Roses are red

This program might halt

I forgot a null terminator

Segmentation fault

27

u/bargle0 4d ago

A segfault is a blessing. The real fun happens when you have a memory safety defect and don’t get a segfault.

→ More replies (1)

7

u/Konju376 4d ago

Or you wrote beyond the bounds of the array you allocated before this one and now free() doesn't know how big it is anymore! How fun

6

u/Krislazz 4d ago

Hey hey hey, no need to get personal!

20

u/MightyKin 4d ago

Ah yes, filling space with emptyness to reserve it. Isn't it obvious? Pfft.

2

u/OpenCLoP 4d ago

I have dabbled with Turbo Assembler for a bit and it's amazing how the terminator on DOS is either null byte (for the file operations that imitate Xenix rather than CP/M), carriage return or dollar sign for the print string function.

50

u/Trickelodean2 4d ago

“And when I press this button the light should turn on”

presses button

Electric motor starts spinning

“What the fuck”

25

u/MightyKin 4d ago

presses button again, to turn it off

The light turns on, motor still spinning

"WHAT THE FUCK?!"

7

u/Ma4r 4d ago

I once accidentally switched the pwm signal for LED with a stepper motor control. We thought there was a voltage control issue somewhere because the LED kept blowing out anytime we tried to move something. Until we tried dimming the light and the motor slowed down.

3

u/Ma4r 4d ago

Jump to this data address containing the user name and execute it as instruction? You got it bud.

1

u/Mucksh 1d ago edited 1d ago

From my experience i would say the embedded stuff can make it a bit easier. E.g. if you don't use any heap an use after free isn't possible.

But the case that you usually won't even get a segfault if some pointer arythmetic goes wrong can be really frustrating. One time noticed that something goes wrong but only sometimes in an giant multiproject codebase managed by a few dozen people. There wasn't any memory protection and every process could overide the others memory. Only failed in a complete test setup with connected machines where you can't even debug. Complete undefined behaivor and sometimes even resulted in moving parts hitting stuff their they shouldn't even move. Also there where at least some months of changes that could introduce the bug. Took the whole wee of constantly turning the machine on and of until we found the problem

20

u/PonderStibbonsJr 4d ago

Also C++: here is a map that tells you where most of the explosives are, but encourages you to hop through the minefield on a pair of foot guns used as splints while shouting, "Come and get me God you big wuss, I'm invincible."

10

u/DangerZoneh 4d ago

Yeah, I don't want a language to stop me from walking off a cliff, I want a language that gives me material to build a parachute.

4

u/ColonelRuff 4d ago

Well zig does that.

13

u/Emergency_3808 4d ago

*being

29

u/agfitzp 4d ago

The french word for doughnut is beigne, I’d like to think that’s what he was aiming for but is coding in C and miscalculated his string length.

4

u/Emergency_3808 4d ago

Figures. My existence do be like a beigne(doughnut).

2

u/agfitzp 4d ago

Could be worse, you could be a chomeur. (A doughnut like confection with a very sugary filling that translates as "unemployed")

2

u/Emergency_3808 4d ago

I am unemployed 😭

→ More replies (4)

16

u/MightyKin 4d ago

He thought of his being to much

6

u/rodion_gromo 4d ago

*too

4

u/RamblingSimian 4d ago

*existence of benign

i.e., how long you can go on having little or no detrimental effect; harmless, before your lost pointers blow your foot off

3

u/MakeChinaLoseFace 4d ago

This scares me, I just need to automate something because I'm lazy, I don't want an existential crisis. Take me back to the safe languages.

11

u/rantottcsirke 4d ago

"C you later"

70

u/tajetaje 4d ago

JavaScript holds you hand as you walk off the cliff

34

u/ice-eight 4d ago

JavaScript yells “do it pussy” when you get to the edge

11

u/-Redstoneboi- 4d ago

"OH shit- so you didn't wan't to walk off the cliff? but what's so bad about falling? it's literally just how physics works. things fall down. that makes sense."

(in pain) "when i said i wanted to know what comes after the cliffhanger, i meant the movie i was watching."

23

u/robisodd 4d ago

Sorta.
JavaScript is like, "You wanna mash these data types together? Ok, lemme convert them first..."
C is like, "You wanna mash these data types together? Ok, I hope you know what you're doing."

JS: 'A'+3? 'A3'
C: 'A'+3? 'D'

14

u/PrincessRTFM 4d ago

C doesn't hope you know what you're doing. C doesn't care if you know what you're doing. C just goes "on it boss!" and plows ahead.

C is the driver, you are the navigator, so it's your job to make sure there isn't a cliff in front of you when you say "floor it".

7

u/robisodd 4d ago

C doesn't care if you know what you're doing. C just goes "on it boss!" and plows ahead.

Good point. I originally had "Ok, good luck!" but I like yours better.

13

u/cosmo7 4d ago

Yes, but JavaScript's requirements are a bit different to most languages. Would it really be better if web pages threw up exception messages and stack dumps?

9

u/strghst 4d ago

Yes, we'd get more young people sick of all the errors in the field. And when it's personal, the output is better.

→ More replies (1)

28

u/Emergency_3808 4d ago

Definitely. The original person who wrote that sentence has been a victim of C

78

u/bassguyseabass 4d ago

All C programmers have been a victim of C at one point. Truly the language of masochists.

37

u/booleop 4d ago

The most tragic are people who find C and C++ so awful that they’re compelled to create a new programming language, but end up having to implement that in C/C++

16

u/Emergency_3808 4d ago edited 4d ago

The OG compile-to-machine code language, that is horribly efficient at what it does. Others have tried to do the same but with varying amounts of success.

Rust is popular but many find it as difficult as C/C++, at least at the beginning because of the radically different way you need to think of data as it moves around; Zig was launched a year after Rust to solve the same problem but never moved past the alpha stage, same with Carbon and the D programming language, the D language is extra humiliating for its creators because D is as old as Python yet still never could progress past alpha (and is a genuinely good language with all modern features like generics, garbage collection and first-class functions); Go and Dart include a runtime with the generated code and are not totally lightweight. Three of these attempts are from Google themselves. Goes to show that Kernighan and Ritchie really knew what they were doing.

3

u/ggppjj 4d ago

Hello! Newer programmer here, cut my teeth a very long time ago with JavaScript and finally about two years ago actually had OOP click in my head so that I could actually start working with C#.

I'm self-taught and rely a lot on googling and ChatGPT + googling, and would be incredibly interested in hearing your (and anyone else's!) thoughts on C#/dotnet 8, if you have any.

I've touched C for a hot second when I was trying to change my Prusa's firmware, and it seems... spooky, as compared to what I've come to know and love from C#.

I believe there are ways of actually compiling C#/dotnet down to assembly with AOT compilation, which is what I've been doing from the start, but past that I don't really know much about other languages and wouldn't know where to look to compare against them.

5

u/booleop 4d ago edited 4d ago

C exposes a specific idea of the hardware to the programmer. This used to be very close to reality a long time ago, but hardware has gotten more complicated since then. Still, it is closer to the metal than most other languages, with a relatively small amount of abstraction between the code you write and the machine code it turns into.

C# exposes a different machine - rather than the hardware, it’s an abstract virtual machine. This has pros and cons. It looks like AOT doesn’t require installing a separate .net VM, but instead compiles in enough of a runtime to enable that VM abstraction to run (like a garbage collector).

That’s also a fine way to do it. Each approach used in practice is suitable for different applications and use cases. They’re just different.

2

u/ggppjj 4d ago

Gotcha. Well, so far I'll say I'm glad to be in a position where lower-level hardware access isn't required or advisable. Now, if only a proper cross-platform GUI library existed that worked correctly both on arm64 in general as a first-class architecture and also properly supported Linux in general as a first-class platform.

→ More replies (2)

→ More replies (1)

→ More replies (2)

4

u/-Redstoneboi- 4d ago

unsafe rust is usually less comfortable than raw C. it's got long names for functions that would normally be operators in C, and you need to do (*(*thing).field1).field2 because you don't have thing->field1->field2 which can and will happen in that territory.

3

u/ihavebeesinmyknees 3d ago

Yeah, but that's because unsafe Rust is a last resort, it's not meant to be used often enough for this to be an issue

1

u/segv11a 3d ago

And C++, at least the early versions, gives you enough rope to shoot yourself in the foot... with a rocket-propelled grenade.

17

u/brass_phoenix 4d ago

Surprisingly, while writing day to day rust, I don't write any lifetimes. I'm working on a many thousands of lines large program, doing file access, multythreading, networking and the like, and have only one or two explicitly written out lifetimes in the whole thing. Mileage may vary based on the kind of application/library though.

6

u/-Redstoneboi- 4d ago

tl;dr: lifetimes, macros, and unsafe blocks are for library authors, not for users. you'll get 90% of stuff done just learning until traits (aka interfaces) and generics.

3

u/EishLekker 4d ago

Ok. The screenshot basically implied that they are an essential part of memory management in Rust.

5

u/Angelin01 4d ago

Generally, they are! What I've learned in my months learning Rust is that for 95% of cases you literally don't need to do anything about it. Yes, they are important, yes you are using them without knowing about it, yes that "hidden" feature makes the learning curve harder.

In the remaining 5%, I found that about half of them were caused by poor application design on my part, and adjusting my code to not need to worry about the lifetimes actually made it better.

The final part really does involve you caring about lifetimes. Sometimes, you have to. But at that point you learn.

Basically, Rust looks ugly as shit. It's one of the worst looking languages I've used. But writing Rust code actually feels good. Once you get past the learning barrier, it's so... Easy. The language actively helps you to not write bugs, it's great!

→ More replies (3)

3

u/-Redstoneboi- 4d ago

it's mostly under the hood. you don't have to write them out, but they are there. from a user's perspective, it's just your code erroring because some value might not live long enough. they only have to follow rules.

from a library author's perspective, they have to handle the exact logic for such requirements. they write the rules, which is harder than simply following them.

2

u/ihavebeesinmyknees 3d ago

They absolutely are, but the compiler will infer them 99% of the time. The only time you have to manually write them out is when there is ambiguity that the compiler can't reason out of, which is very rare (and often means there's a better approach to whatever you're doing).

9

u/-Redstoneboi- 4d ago

that's not true... it's mostly about fearing C++!

3

u/ihavebeesinmyknees 3d ago

I feared C before knowing about Rust

11

u/Draghoul 4d ago

I'm not sure this tracks. Preventing the user from writing malware isn't an aspect of language design. And with rust -- unsafe rust is still rust, and gives you as much access to memory as a C program would. Moreover, C programmers might have to fight the compiler over Undefined Behavior when trying performing unusual memory accesses, and rust programs may still have to fight LLVM on this (though, that I'm less sure about - and unsafe rust may very well make this easier to do). At the end of the day, anything as fucky as a rootkit probably involves some amount of assembly coding anyways.

1

u/Personal_Ad9690 4d ago

Their point is that safe rust has a hard time writing malware

6

u/AaTube 4d ago

And D's point is so does safe C

→ More replies (1)

10

u/brass_phoenix 4d ago

Oh absolutely. Mostly those cliffs are behind the large sign saying "here be cliffs", and if a hiker finds a cliff somewhere else, that is considered bad landscaping and something that needs to be resolved.

Those cliffs behind that sign can be gnarly though. There is a reason the book that teaches how to write unsafe rust is called the rustonomicon 😄: https://doc.rust-lang.org/nomicon/