I was really hoping that certification involved some kind of testing to insure that the compiler always produces correct code, though I'm not sure that's even possible. "Always" covers a lot of ground.
It sounds like it's more a "cover your ass" kind of thing. Is there any part of the certification that involves behavior of the tool?
Disclaimer: I'm one of the founders of Ferrous Systems
> I was really hoping that certification involved some kind of testing to insure that the compiler always produces correct code, though I'm not sure that's even possible.
This is not what certification does or even aims to achieve. To boil it down in very few (grossly simplifying) words, certification provides a process framework that ensures that defects found are handled and adressed. No compiler is perfect and none will ever be, but the goal is to document the behavior of the compiler (which we did by boiling down all of the RFCs into the ferrocene language spec https://spec.ferrocene.dev/index.html), ensure that all of these requirements have associated tests and document that association and then document where the compiler misbehaves, as well as ways to detect and avoid that misbehavior.
If misbehavior is found in a future rust version, our task is to identify which of the certified version(s) are affected and notify our customers on how to handle the issue. Handling the issue does not always require a patch to fix it, it can also be handled by providing a suitable tool to detect it (a lint, binary checker, ...) and associated documentation on how to adress it in the customers code.
> Is there any part of the certification that involves behavior of the tool?
It sounds like it's more a "cover your ass" kind of thing. Is there any part of the certification that involves behavior of the tool?