Using Elain — Rust library // Lib.rs as an inspiration: extend #[repr(align(N))] to where N can be any constant-evaluable expression, not just a positive integer.
Thoughts on this? Inspired by approach from @scottmcm: #[repr(align(…))] should allow any constant expression, not just integer literals - #4 by scottmcm
Using Elain — Rust library // Lib.rs as an inspiration: extend #[repr(align(N))] to where N can be any constant-evaluable expression, not just a positive integer.
Thoughts on this? Inspired by approach from @scottmcm: #[repr(align(…))] should allow any constant expression, not just integer literals - #4 by scottmcm
Using Elain — Rust library // Lib.rs as an inspiration: extend #[repr(align(N))] to where N can be any constant-evaluable expression, not just a positive integer.
Thoughts on this? Inspired by approach from @scottmcm: #[repr(align(…))] should allow any constant expression, not just integer literals - #4 by scottmcm
Using Elain — Rust library // Lib.rs as an inspiration: extend #[repr(align(N))] to where N can be any constant-evaluable expression, not just a positive integer.
Thoughts on this? Inspired by approach from @scottmcm: #[repr(align(…))] should allow any constant expression, not just integer literals - #4 by scottmcm
Using Elain — Rust library // Lib.rs as an inspiration: extend #[repr(align(N))] to where N can be any constant-evaluable expression, not just a positive integer.
Thoughts on this? Inspired by approach from @scottmcm: #[repr(align(…))] should allow any constant expression, not just integer literals - #4 by scottmcm
I assume this is about not wanting to handle PI? Couldn't your crash reporter filter this out on the client side with a regex, at least as a stop-gap solution?
We definitely can, but I'm a bit reluctant to as a permanent solution in case someone (like me) messes with the panic messages more.
Echoing the whole string seems clearly wrong and unnecessary, so at least this one I think we…
I assume this is about not wanting to handle PI? Couldn't your crash reporter filter this out on the client side with a regex, at least as a stop-gap solution?
We definitely can, but I'm a bit reluctant to as a permanent solution in case someone (like me) messes with the panic messages more.
Echoing the whole string seems clearly wrong and unnecessary, so at least this one I think we…
I assume this is about not wanting to handle PI? Couldn't your crash reporter filter this out on the client side with a regex, at least as a stop-gap solution?
We definitely can, but I'm a bit reluctant to as a permanent solution in case someone (like me) messes with the panic messages more.
Echoing the whole string seems clearly wrong and unnecessary, so at least this one I think we…
I assume this is about not wanting to handle PI? Couldn't your crash reporter filter this out on the client side with a regex, at least as a stop-gap solution?
We definitely can, but I'm a bit reluctant to as a permanent solution in case someone (like me) messes with the panic messages more.
Echoing the whole string seems clearly wrong and unnecessary, so at least this one I think we…
I assume this is about not wanting to handle PI? Couldn't your crash reporter filter this out on the client side with a regex, at least as a stop-gap solution?
We definitely can, but I'm a bit reluctant to as a permanent solution in case someone (like me) messes with the panic messages more.
Echoing the whole string seems clearly wrong and unnecessary, so at least this one I think we…
I assume this is about not wanting to handle PI? Couldn't your crash reporter filter this out on the client side with a regex, at least as a stop-gap solution?
We definitely can, but I'm a bit reluctant to as a permanent solution in case someone (like me) messes with the panic messages more.
Echoing the whole string seems clearly wrong and unnecessary, so at least this one I think we…
I assume this is about not wanting to handle PI? Couldn't your crash reporter filter this out on the client side with a regex, at least as a stop-gap solution?
We definitely can, but I'm a bit reluctant to as a permanent solution in case someone (like me) messes with the panic messages more.
Echoing the whole string seems clearly wrong and unnecessary, so at least this one I think we…
ConradIrwin:
currently we see: "begin <= end (4 <= 3) when slicing
test. I'd like this to become "byte index range starts before end (4..3)"
Hmm, this is particularly gratuitous right now:
byte index 1000 is out of bounds of `aseirughaoirughaoerghaoerghaorvlijesr;oibgfhs;eroignvs;eorigjhvas;loijhvsoeruifpsioreuyhfgvosliueryhvglaiueyrhvfgliuhrlukvzyhrvlkusrdyhvlkzuyrsvhlkuyhfgbrlixuyvlikzu…
ConradIrwin:
currently we see: "begin <= end (4 <= 3) when slicing
test. I'd like this to become "byte index range starts before end (4..3)"
Hmm, this is particularly gratuitous right now:
byte index 1000 is out of bounds of `aseirughaoirughaoerghaoerghaorvlijesr;oibgfhs;eroignvs;eorigjhvas;loijhvsoeruifpsioreuyhfgvosliueryhvglaiueyrhvfgliuhrlukvzyhrvlkusrdyhvlkzuyrsvhlkuyhfgbrlixuyvlikzu…
ConradIrwin:
currently we see: "begin <= end (4 <= 3) when slicing
test. I'd like this to become "byte index range starts before end (4..3)"
Hmm, this is particularly gratuitous right now:
byte index 1000 is out of bounds of `aseirughaoirughaoerghaoerghaorvlijesr;oibgfhs;eroignvs;eorigjhvas;loijhvsoeruifpsioreuyhfgvosliueryhvglaiueyrhvfgliuhrlukvzyhrvlkusrdyhvlkzuyrsvhlkuyhfgbrlixuyvlikzu…
ConradIrwin:
currently we see: "begin <= end (4 <= 3) when slicing
test. I'd like this to become "byte index range starts before end (4..3)"
Hmm, this is particularly gratuitous right now:
byte index 1000 is out of bounds of `aseirughaoirughaoerghaoerghaorvlijesr;oibgfhs;eroignvs;eorigjhvas;loijhvsoeruifpsioreuyhfgvosliueryhvglaiueyrhvfgliuhrlukvzyhrvlkusrdyhvlkzuyrsvhlkuyhfgbrlixuyvlikzu…
ConradIrwin:
currently we see: "begin <= end (4 <= 3) when slicing
test. I'd like this to become "byte index range starts before end (4..3)"
Hmm, this is particularly gratuitous right now:
byte index 1000 is out of bounds of `aseirughaoirughaoerghaoerghaorvlijesr;oibgfhs;eroignvs;eorigjhvas;loijhvsoeruifpsioreuyhfgvosliueryhvglaiueyrhvfgliuhrlukvzyhrvlkusrdyhvlkzuyrsvhlkuyhfgbrlixuyvlikzu…
ConradIrwin:
currently we see: "begin <= end (4 <= 3) when slicing
test. I'd like this to become "byte index range starts before end (4..3)"
Hmm, this is particularly gratuitous right now:
byte index 1000 is out of bounds of `aseirughaoirughaoerghaoerghaorvlijesr;oibgfhs;eroignvs;eorigjhvas;loijhvsoeruifpsioreuyhfgvosliueryhvglaiueyrhvfgliuhrlukvzyhrvlkusrdyhvlkzuyrsvhlkuyhfgbrlixuyvlikzu…
programmerjake:
I'd argue a variable number of arguments is a less problematic form of overloading since it's much easier to see the difference between
f(a, b, c)andf()than it is betweenf(a, b, c)andf(x, y, z)(which can only differ in argument types).
This is true, to some extent. See e.g. Erlang and Prolog (though they have both forms of overloading really: functions pattern…
programmerjake:
I'd argue a variable number of arguments is a less problematic form of overloading since it's much easier to see the difference between
f(a, b, c)andf()than it is betweenf(a, b, c)andf(x, y, z)(which can only differ in argument types).
This is true, to some extent. See e.g. Erlang and Prolog (though they have both forms of overloading really: functions pattern…
Sorry for the essay I couldn't figure out a way to condense it without losing info.
TLDR: unsafe is useful because it is rare, and making it less rare by applying it to general invariants/preconditions doesn't actually help ensure correctness.
Vorpal:
There is a lot of Rust code at this point. I get 6.7 million results for unwrap and 18.2k results for unwrap_unchecked (filtered on…
I'd like to take a moment to reflect on the discussion so far. The OP went through multiple revisions in response to the feedback here, and I owe the thread a clearer account of what I've heard, what I've accepted, and what remains open.
First things first - I owe an apology. The tone of initial draft was too assertive for what should have been an open question. Moreover,…
ia0:
There's actually a difference here. The reason language UB is special is that when debugging you usually read the source Rust code, not the target machine code (which you didn't write, so why read it?). This is what the quote by @scottmcm meant. You want explainability at source level. There is no such equivalent reasoning for library UB.
It's analogous to saying that you don't usually…
tczajka:
This is similar to how language UB exists for reasons beyond what hardware can't handle.
There's actually a difference here. The reason language UB is special is that when debugging you usually read the source Rust code, not the target machine code (which you didn't write, so why read it?). This is what the quote by @scottmcm meant. You want explainability at source level. There is…
tczajka:
This is similar to how language UB exists for reasons beyond what hardware can't handle.
There's actually a difference here. The reason language UB is special is that when debugging you usually read the source Rust code, not the target machine code (which you didn't write, so why read it?). This is what the quote by @scottmcm meant. You want explainability at source level. There is…
steffahn:
@scottmcm do you perhaps know/remember whether or not this kind of observation [that – unlike making writes unsafe in current Rust – making reads unsafe (on top of language-feature-supported unsafe writes) can be quite effectively&conveniently achieved through a wrapper type, with relatively few drawbacks?] had even been raised / noticed when the lang team decided/voted in…
ia0:
Actually the inner module solution is more expressive, as you point out, because you can choose which operation(s) is/are unsafe: reading and/or writing.
Indeed; that’s why I’m thinking that unsafe fields make most sense as a convenience feature of sorts, and as such it should support the most common case. IMO it’s going to be much more common that reads (including: taking an…