1. 32
  1. 10

    It’s a bit sad he’s taking Rust mostly as a stepping stone to sell his thing. For example, he’s not showing any examples of code that actually has that problem. But, he’s definitely right.

    That being said, I find the following comment from Manish worth cross-posting: https://www.reddit.com/r/rust/comments/7sq8xl/unsafe_zig_is_safer_than_unsafe_rust/dt75ny6/

    I mean, unsafe C++ is also safer than unsafe rust (all zig is unsafe zig, all c++ is unsafe c++)

    Generally c++ does try to make it tedious to do really footgunny things. It’s hard to compare because UB is UB and nasal demons come out regardless, but ime the scarier kinds can be harder to trigger in c++ in many cases. Plus Rust has noalias. But this is very anecdotal, others may disagree.

    1. 4

      I don’t see why it is sad, it seems quite intelligent for him to adopt strategies that reach his target audience. What would really be sad is if he did all that work making zig and nobody gave it a shot because there was no reasonable way to get people to read about it.

      1. 4

        It’s generally not a good strategy to take simple shots at others. We’re as excited about zig as anyone else, but this sets up for an annoying and unnecessary competition.

        Framing it as “Zig gets pointer alignment right” and using Rust as an example later in the post is a much better strategy. People appreciate if you point out flaws in a not-too-annoying way. That’s for example a reason why I promote Pony at any moment I can, they really get this right.

        In any case, I definitely don’t intent on telling you how you should feel about it. I don’t like it and Rust happens to be the project I align with :).

        1. 4

          I understand what you’re saying about putting it in a positive light instead, but honestly I’m not sure I would’ve read the article if it had been “Zig gets pointer alignment right”.

          Rust has taken a similar approach, many times it has taken “shots” at C++ and Go (I say “Rust” but of course it’s about individuals) and that is fine IMO. It is both helpful for the language to get attention, and helpful for the reader to have it compared to something more widely known.

          I’m keeping an interested eye on Zig as I think it can turn into something great, that “better C” place that’s closer to C than Go and farther from C++ than Rust (that’s my impression of the language, I may be wrong as I don’t follow it that closely yet).

          1. 3

            I don’t see it as taking a shot at Rust. At the end of the day here’s what I think will happen:

            • Rust will improve handling of this particular problem (there’s no fundamental reason Rust can’t do it)
            • Zig gets some attention

            Both wins, in my book.

            1. 7

              I don’t see it as taking a shot at Rust.

              The post starts with a language that’s safe-by-default with the temporal safety very rare in general. Cyclone and Clay are only predecessors coming to mind. The post then drops into unsafe Rust to focus on its weakest area: an area where you really want external tools like symbolic analysis or fuzzers running on it like with C. Then, post compares another language, Zig, with less safety in general to Rust in unsafe mode to show unsafe Rust is less safe in a specific case. Readers will find that the post pushing Zig sniping a weak area of Rust is also written by the author of Zig.

              That is exactly how most language promoters take a cheap shot at another language getting more attention. You might have not intended it that way but many readers will perceive it that way. skade’s suggested framing here is always better for this sort of thing. Double true if you’re authoring both the post and a competing language.

              And good luck on Zig since it’s an interesting language in the system space which I love seeing people try to improve. :)

            2. 2

              It’s generally not a good strategy to take simple shots at others. We’re as excited about zig as anyone else, but this sets up for an annoying and unnecessary competition.

              It is a competition already, people can only use a finite number of programming languages. If someone is using rust on a project, they are not using zig and vice versa.

          2. 1

            Not requiring a keyword to do unsafe operations doesn’t mean all code in a language is unsafe, it just isn’t explicitly spelled out when it is.

            1. 6

              Sure, but it means that any line of code is potentially unsafe.

              1. 5

                I like that the unsafe keyword in Rust makes it explicit. Makes it very easy to grep for unsafe behavior without additional tooling. Also frees up the mind from remember a list of unsafe operations while programming or while understanding other people’s code.

                1. 3

                  That’s exactly it. Wirth did this in his languages like Oberon. Safe by default with unsafe modules saying so loud and clear.

            2. 1

              the store has undefined behavior if the alignment is not set to a value which is at least the size in bytes of the pointee

              The alignment is 4. The pointee is size 1. 4 is at least 1?

              1. 7

                It’s the other way around. The bytes are guaranteed to be aligned to 1, but the store requires the bytes to be aligned to at least 4.

                1. 1

                  I think he was making a language joke about how english lets “at least” mean both “mathematically not less than” and “not less restrictive than”. In this case, the two meanings are opposite. Ha, ha.