average c++ dev

lodemike@lemmy.today

Yes I know there are other ways to do it. That's one way.

jmicz3d@lemmy.sdf.org

I work on one of the larger c++ projects out there (20 to 50 million lines range) and though I don't see the full build logs I've yet to see a component that has a warning.

vivendi@programming.dev

Have you heard about cve-rs?

https://github.com/Speykious/cve-rs

Blazingly fast memory failures with no unsafe blocks in pure Rust.

Edit: also I wish whoever designed the syntax for rust to burn in hell for eternity

Edit 2: Before the Cult of Rust sends their assassins to take out my family, I am not hating on Rust (except the syntax) and I'm not a C absolutist, I am just telling you to be aware of the limitations of your tools

qaz@lemmy.world

https://github.com/Shadlock0133/cargo-vibe

I thought it was a joke, but this is actually viable and even configurable

By default, cargo-vibe will, on success, vibe full strength for 3 seconds.

You can change that by setting CARGO_VIBE_PATTERN environment variable. For
example, to set it vibe for 1.5 second on 20% strength, you can do:

CARGO_VIBE_PATTERN="0.2 1.5s" cargo vibe <cmd>

You can also set full patterns of vibes to run, by separating them with slashes
/. Here is one example:

CARGO_VIBE_PATTERN="0.4 1s/0.6 1s/0.8 0.75s/1.0 0.25s"

Wait, there's more! https://github.com/funkeleinhorn/cargo-shock

To let Cargo Shock trigger your shock collar use: cargo shock build

To use it everytime you can alias cargo="cargo shock".

Cargo Shock can also be combined with other tools like Cargo Mommy and Cargo Vibe like this:
cargo mommy vibe shock build ...

And they have a really slick site: https://openshock.org/

drosophila@lemmy.blahaj.zone

I want you to imagine that your comments in this thread were written by an engineer or a surgeon instead of a programmer.

Imagine an engineer saying "Sure, you can calculate the strength of a bridge design based on known material properties and prove that it can hold the design weight, it that doesn't automatically mean that the design will be safer than one where you don't do that". Or "why should I have to prove that my design is safe when the materials could be defective and cause a collapse anyway?"

Or a surgeon saying "just because you can use a checklist to prove that all your tools are accounted for and you didn't leave anything inside the patient's body doesn't mean that you're going to automatically leave something in there if you don't have a checklist". Or "washing your hands isn't a guarantee that the patient isn't going to get an infection, they could get infected some other way too".

A doctor or engineer acting like this would get them fired, sued, and maybe even criminally prosecuted, in that order. This is not the mentality of a professional, and it is something that programming as a profession needs to grow out of.

lodemike@lemmy.today

"washing your hands isn't a guarantee that the patient isn't going to get an infection, they could get infected some other way too".

Every single doctor should know this yes.

It seems people are adding a sentence I didn't say "rust can be unsafe and thus we shouldn't try" on top of the one I did say "programmers should be aware that rust doesn't automatically mean safe".

drosophila@lemmy.blahaj.zone

Then you should probably be a little more explicit about that, because I have never, not once in my life, heard someone say "well you know wearing a seatbelt doesn't guarantee you'll survive a car crash" and not follow it up with "that's why seatbelts are stupid and I'm not going to wear one".

lodemike@lemmy.today

We need to stop attaching shit someone doesn't say to something they did. It makes commutating hostile and makes you an asshole.

Edit: okay that was a bit rude. But it's so frustrating to say something and then have other people go "that means <this other thing you didn't say>!!!11!"

dejected_warp_core@lemmy.world

Ideally? Zero. I'm sure some teams require "warnings as errors" as a compiler setting for all work to pass muster.

In reality, there's going to be odd corner-cases where some non-type-safe stuff is needed, which will make your compiler unhappy. I've seen this a bunch in 3rd party library headers, sadly. So it ultimately doesn't matter how good my code is.

There's also a shedload of legacy things going on a lot of the time, like having to just let all warnings through because of the handful of places that will never be warning free. IMO its a way better practice to turn a warning off for a specific line.. Sad thing is, it's newer than C++ itself and is implementation dependent, so it probably doesn't get used as much.

spacecowboy@lemmy.ca

Even with qualitative measurements they can do stupid things.

For work I have to write code in C# and Microsoft found that null reference exceptions were a common issue. They actually calculated how much these issues cost the industry (some big number) and put a lot of effort into changing the language so there's a lot of warnings when something is null.

But the end result is people just set things to an empty value instead of leaving it as null to avoid the warnings. And sure great, you don't have null reference exceptions because a value that defaulted to null didn't get set. But now you have issues where a value is an empty string when it should have been set.

The exception message would tell you exactly where in the code there's a mistake, and you'll immediately know there's a problem and it's more likely to be discovered by unit tests or QA. Something that's an value that's supposed to be set may not be noticed for a while and is difficult to track down.

So their research indicated a costly issue (which is ultimately a dev making a mistake) and they fixed it by creating an even more costly issue.

There's always going to be things where it's the responsibility of the developer to deal with, and there's no fix for it at the language level. Trying to fix it with language changes can just make things worse.

witx@lemmy.sdf.org

So now we're considering bugs in the compiler as bugs in the language?

vivendi@programming.dev

A) Rust doesn't have a formal specification other than "whatever the fuck our team hallucinated in this compiler version"

B) Doesn't matter the definition if it fucks your day because you're not careful.

Sure sure Heil Rust but be mindful of the fuck you're doing before you get bit ¯\_ (ツ) _/¯

drosophila@lemmy.blahaj.zone

I understand your frustration and I apologize for reading into your comments something you didn't mean. I, too, wish people would say what they mean and mean what they say, and that when you say something its taken to mean what you said.

Unfortunately very often people will make a very reasonable (even factually true) point as a preamble to support something very unreasonable. If you agree with the reasonable point the person will then act like you agree with the unreasonable one. This is not only more time consuming and tiring to argue against, it also lends a great deal more credibility to the unreasonable point than it is really owed. To the uninformed reader to looks like the two sides of the argument partially agree, when nothing could be further from the truth. Its immensely frustrating to have your words used against you like this, so many people try and preempt it by jumping straight to (what they assume to be) the unreasonable point and arguing against it directly.

This is toxic for actual discussion. It means that good faith actors have to add all sorts of qualifications and clarifications about where they stand before they say anything about anything, which is tiring in itself. But its the world that we live in. If someone makes an unqualified comment about the CO2 emissions of volcanoes in a thread about anthropogenic climate change people are going to assume that they don't think climate change is real. And, operating that way, those people will be right more often than they're wrong.

batmanaod@programming.dev

Yeah, and that falls under the first category, bugs in the compiler: https://github.com/rust-lang/rust/issues/25860

(All exploits in that repo are possible due to that bug.)

vivendi@programming.dev

Yeah and those are the ones currently identified (btw that issue isn't completely fixed) because rust never was nor advertised itself as sound. Meaning, you gotta be careful when writing Rust code too. Not as much as C++, but it's not a magical shield against memory problems like people have been shilling it as.

batmanaod@programming.dev

Rust doesn’t have a formal specification other than “whatever the fuck our team hallucinated in this compiler version”

That's simply not true. The Reference, while not an ISO-style formal spec, does actually specify most of the intended language behavior, and incrementally approaches completion over time. But even if you insist on an ISO-style formal spec, there's Ferrocene: https://ferrous-systems.com/blog/the-ferrocene-language-specification-is-here/

it fucks your day because you’re not careful

The cve-rs vulnerability is actually not really something you'd ever write by accident. Also note that the bug report has multiple versions because, even though a "full" solution is pending some deeper compiler changes, the first two three versions of the exploit are now caught by the compiler. So, like I said, the compiler bugs do get fixed over time.

nroth@lemmy.world

0 in our case, but we are pretty strict. Same at the first place I worked too. Big tech companies.

valmond@lemmy.world

Except when you have to cast size_t on int and vice versa (for "small" numbers). I hate that warning.

valmond@lemmy.world

#pragma push

merc@sh.itjust.works

A yes, comments.

int flubTheWozat(void *) {
  for (int i=0; i<4; i++) {
    lfens += thzn[i] % ugy;  // take mod of thnz[i] with ugy and add to lefens.
  }
  return (lfens % thzn[0]) == 4; // return if it's 4ish
}