C/C++ undefined behavior everywhere & AI agents build Paxos in Rust - Hacker News (May 20, 2026)

First up, a blunt take on C and C++: undefined behavior isn’t some rare edge case—it’s everywhere. The argument is that the standards give compilers and hardware permission to assume certain “impossible” situations never happen, which means ordinary-looking code can become untrustworthy across platforms and builds. The post walks through examples that many developers have written without thinking twice—like passing the wrong kind of char into ctype helpers, relying on null pointers coming from zeroed memory, float-to-int conversions that silently step outside defined territory, or type mismatches in variadic functions such as printf-style calls. Why it matters: UB is not just academic. When untrusted input can influence an out-of-bounds read, a divide-by-zero, or a bad pointer access, correctness and security become moving targets—especially as compilers get more aggressive and environments get more diverse.

A particularly timely twist: the author claims LLMs are surprisingly effective at spotting undefined behavior, even in mature codebases, and argues we should use automated assistance to tackle UB at scale. Not as a replacement for reviews or sanitizers, but as another layer that can quickly flag risky patterns humans often miss. The bigger point is practical: legacy C and C++ aren’t going away, but the cost of leaving undefined behavior lurking in production code keeps rising—for reliability, portability, and even compliance expectations.

Staying in the “hard software” lane, an engineer shared a build log for a production-style multi-Paxos consensus engine written in Rust—created with heavy help from AI coding agents. The goal is to modernize gaps in Microsoft Azure’s older Replicated State Library approach, especially around pipelining and persistence in non-volatile memory, with an eye toward modern cloud and AI-heavy workloads where latency and throughput are everything. The headline number: they report going from tens of thousands of operations per second to hundreds of thousands through rapid AI-assisted instrumentation and profiling loops. Why it matters: regardless of the exact numbers, it’s a real-world example of AI shifting from “autocomplete” to an accelerant for performance work and systems iteration—domains that used to be stubbornly human-time-bound.

What made that Paxos story more credible is the discipline around correctness: lots of tests, plus “code contracts”—preconditions, postconditions, and invariants—that AI helped draft and then translate into targeted and property-based tests. They even credit this workflow with catching a subtle safety bug early. That’s the interesting pattern: AI isn’t just generating code; it’s increasingly used to generate the scaffolding that makes code safer to evolve—tests, assertions, and the kind of guardrails consensus software can’t live without.

On the AI platform front, Google introduced Gemini 3.5, starting with Gemini 3.5 Flash, positioning it for long-horizon agentic work—multi-step tasks where a model has to keep context, coordinate tools, and actually finish the job. Google’s pitch is speed plus stronger reasoning for coding and agent workflows, and it’s being paired with an agent-first orchestration layer to manage multiple sub-agents under supervision. They also emphasized safety work—more cyber and hazardous-domain safeguards and extra interpretability-driven checks—which is becoming table stakes as models get more capable at taking actions, not just generating text.

And Google didn’t keep that capability in the lab: Search is being reshaped around it. AI Mode is now powered by Gemini 3.5 Flash by default, with a more conversational flow and multimodal inputs—images, files, even browsing context—so you can stay in one thread instead of re-querying from scratch. The more consequential change is the push toward “Search agents”: always-on helpers that monitor sources and send synthesized updates, plus more agentic booking where Google can handle parts of the interaction on your behalf. Why it matters: this is a shift from searching for information to delegating tasks—useful when it works, but it raises the bar on trust, transparency, and how errors get corrected when the agent, not the user, is driving.

Now for a pair of preservation wins. First, someone launched a simple but valuable index of archived FiveThirtyEight pages—tens of thousands of entries, browsable by date and author, pointing straight into the Internet Archive. FiveThirtyEight has been culturally influential in data journalism, and its content has become harder to navigate as the live site has changed over time. Why it matters: public memory on the web is fragile. An index like this turns “technically archived” into “actually usable,” which is a big difference for researchers, students, and anyone trying to cite history accurately.

Second, the Virtual OS Museum aims to make computing history runnable, not just collectible. It packages a huge library of historical operating systems and classic applications into a single Linux-based virtual machine that works on common hypervisors, with snapshots so you can experiment and roll back when things break. The point isn’t nostalgia—it’s accessibility. When old environments become easy to boot and explore, it gets dramatically simpler to teach system design, understand compatibility constraints, and preserve software that would otherwise rot behind emulator setup pain.

One more story on governance and control in tech: Swiss cloud provider Infomaniak moved majority voting rights into a public-interest foundation designed to block takeovers permanently. It’s a structural response to consolidation pressure and geopolitical uncertainty, and it comes with a charter that commits to principles like independence, privacy, and restrictions on training AI on customer data without explicit consent. Why it matters: for organizations handling sensitive data, “who can buy your vendor” is a real risk. This is one model for baking long-term constraints into ownership—whether you love the approach or not.

Finally, a reminder that systems thinking extends beyond software. Japan’s widespread hay fever problem is being tied to postwar reforestation choices—large monocultures of cedar and cypress that now release enormous volumes of pollen into nearby cities. The response isn’t simple, because forests also stabilize slopes and store carbon, so “just cut them down” creates new problems. Why it matters: this is a case study in long-term consequences—how large-scale optimization for one goal can produce decades-later externalities, and why policy fixes often require careful, multi-objective engineering rather than a single-metric solution.