As long as Rust can not be compiled via GCC, any discussion on adding rust code to the kernel is a dead end and waste of time.

What parts of the Linux kernel would benefit the most from Rust?

I can imagine WireGuard would be nice to have in Rust. What else?

Device drivers. There are a lot of them, and not everyone tests all of them. Some extra safety guarantees would be nice.

Edit: also, they are optional, so one could leave Rust disabled-by-default and optional for a while.

Yes. C is not memory-safe by design. Some other, rather old programming languages are memory safe too: ADA/SPARK, and most scripting, garbage-collected languages

But what is "unnecessary copying"?

Let's say you develop some library that operates on a vector. You split processing in two, one thread handles the first half of the vector, another thread takes care of the rest. It's "unnecessary" to copy the vector parts, because you simply pass the start and stop indices to each thread. But then some user of your library figures out how to manipulate those indices. Is the copying still "unnecessary"?

Not to mention copying in perfectly acceptable in some context. Just look at how Erlang went about things.

(NB I fully understand a systems programming language has to meet different requirements from more higher level languages.)

No, it is user friendly. Yes it is if you compile stuff on your own download binaries randomly from the internet, it might not. But if you want to use stable software and install stuff from your repo, it is user unfriendly.

Also, if you say the shared libraries model from *all* distros is so crappy, you have no idea what you are talking about. It is one of the most important reasons Linux is so much more secure than Windows.

I have yet to see a single distro maintainer that thinks the Rust build and dependency system is good. It's not unfixeable, but the Rust people just don't care at all (but hey, who cares about security anyway, right?).

It's being worked on. (Through two different avenues, actually. The former being to rewrite a Rust compiler frontend for GCC in the same kind of C++ used for GCC itself so it'll be a first-class GCC citizen like any other native GCC frontend, and the latter being to glue the existing rustc frontend onto the GCC backend to get maximally-compatible-with-the-language results quickly.)

In this context, I assume "unnecessary copying" would be the compiler just "making it work" rather than throwing a "Please clarify how you intended this to work" error.

"Is arguing so hard lyamc had to resort to slippery slope to say anything at all?"

Let's be real about dependencies (seriously, that's the title). The Rust model is more amenable to having a single, auditable version of bits and pieces C and C++ applications rewrite or patch, which aren't suitable to be their own distro-level packages.

Yes, embedding dependency version information in the compiled binaries to improve auditability is still a work in progress, and a statically linked model will result in more bandwidth being used to push updates, but it's questionable whether the absolute bandwidth usage will rise, given that stronger compile-time checking is applied to memory safety, the slice of the pie that accounts for 65-90% of security vulnerabilities.

It's perfectly possible to build a security update model around a combination of:

• Setting a common CARGO_TARGET_DIR so all the distro's Rust packages share a common cache for intermediate build artifacts.
• Running something like cargo-audit on each package's Cargo.lock file to automate checking for Rust dependencies that currently depend on a crate that's had a CVE issued against it.

You're just applying the dependency management and auditing before rather than after the decision of what to break up into which distro packages.

...and, again, there already exist C++ libraries that have to be handled this way because they either make heavy use of templates or are header-only libraries that can't be split out into a dynamic library by design.

Poke, poke. Unapproved post.