Announcement

Collapse
No announcement yet.

Linux's V4L2 VP9 Codec Kernel Code Rewritten In Rust For Better Memory Safety

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • oleid
    replied
    Originally posted by Anux View Post
    Ups right, i didn't look at all of them sorry.
    I was just wondering, because that's not a vulnerability in safe rust. That's about an incorrectly wrapped C API, which leads to undefined behaviour. I mean, sure, if the unsafe part lies, anything can happen in the safe part. But I wouldn't call that "error in safe rust".

    Leave a comment:


  • Anux
    replied
    Ups right, i didn't look at all of them sorry.

    Leave a comment:


  • oleid
    replied
    Originally posted by Anux View Post
    Unbelievable! There is unsafe code under the unsafe keyword! Who would have thought that?

    Your first link with cve-rs is actually a vulnerability in safe rust,
    You mean this cve?

    The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.

    Leave a comment:


  • Nth_man
    replied
    Originally posted by Anux View Post
    Unbelievable! There is unsafe code under the unsafe keyword! Who would have thought that?
    Mmm... "bugs in a number of packages, including [the Rust standard library and the Rust compiler](https://www.infoq.com/news/2021/11/rudra-rust-safety/) as well as the 30 most popular crates based on their downloads." 🤔

    Leave a comment:


  • Nth_man
    replied
    Originally posted by sobrus View Post
    - rust compiler is written in rust
    > Isn't Rust self-hosted already?

    Technically, the LLVM part isn't.
    -- https://www.phoronix.com/forums/forum/phoronix/latest-phoronix-articles/1353403-mesa-git-makes-it-easier-activating-rusticl-opencl-device-support?p=1353465#post1353465​

    Leave a comment:


  • Weasel
    replied
    Originally posted by oleid View Post
    Trouble happens when people change the meaning of the function, documentation is updated but not all places the function is used are correctly updated.
    Sadly, the compiler doesn't detect documentation changes. This is where a proper type system becomes important.
    I agree, but that's like changing the function's underlying behavior. In such case the responsible thing to do is to remember changing the documentation and verify all call sites. You, as the guy changing it, not someone else.

    And yes I'm fully aware this doesn't happen in practice and the next poor guy has to pick up the trash left by some outsourced "programmer".

    Leave a comment:


  • bug77
    replied
    Originally posted by uid313 View Post

    While Rust does not have classes, interfaces and inheritance it does have something pretty similar.
    Instead of classes there are structs.
    Instead of interfaces there are traits.
    Just like a class can have methods, a struct can have methods.
    Just like a class can have static methods a struct can have a associated functions.
    The terminology is a bit different, but much of it works the same except that there is no inheritance. GTK is object-oriented and it is available for Rust.

    Inheritance is sometimes the right solution but sometimes not, in other languages inheritance is the only way to do something, so people overuse inheritance instead of using better and more suitable solutions such as composition. Rust offers enum with variants where each variant can be a struct which is a solution that often makes more sense than inheritance.
    While your mind will naturally try to translate what it knows about other languages when you learn a new one, the secret sauce is actually to try to forget everything you know and learn the new language from scratch. It's only after you learn how the new language is supposed to be wielded that you should start porting over patterns and other concepts.
    Case in point, after years of Java, I learned Go and Rust. Neither is about OOP so I "unlearned" OOP. And then I found a lot of suboptimal things I was doing in Java. And it made me a better Java programmer overall.

    Note that I take no issue with what you posted, you evaluation seems spot on. I just thought I should add to that.

    Fwiw, to this day I don't get "composition over inheritance", considering inheritance is implemented via composition anyway.

    Leave a comment:


  • sobrus
    replied
    Originally posted by uid313 View Post

    While Rust does not have classes, interfaces and inheritance it does have something pretty similar.
    Instead of classes there are structs.
    Instead of interfaces there are traits.
    Just like a class can have methods, a struct can have methods.
    Just like a class can have static methods a struct can have a associated functions.
    The terminology is a bit different, but much of it works the same except that there is no inheritance. GTK is object-oriented and it is available for Rust.

    Inheritance is sometimes the right solution but sometimes not, in other languages inheritance is the only way to do something, so people overuse inheritance instead of using better and more suitable solutions such as composition. Rust offers enum with variants where each variant can be a struct which is a solution that often makes more sense than inheritance.
    Yup, that's why I've written "at least says so". Objects can be "emulated" in both rust and go
    But they're not objects per-se.

    Ah and I've forgot to mention that Rust has excellent, up-to-date documentation in form of The Book:
    Last edited by sobrus; 29 February 2024, 09:18 AM.

    Leave a comment:


  • uid313
    replied
    Originally posted by sobrus View Post
    Rust is harder at first, because it deviates from old Pascal/BCPL/C/C++/Java/C# school.
    Especially ownership may be hard to follow at first, since it's not explicitly visible at first sight, and will cause a lot of compilation errors
    And it's not object oriented (at least says so, just like go)
    While Rust does not have classes, interfaces and inheritance it does have something pretty similar.
    Instead of classes there are structs.
    Instead of interfaces there are traits.
    Just like a class can have methods, a struct can have methods.
    Just like a class can have static methods a struct can have a associated functions.
    The terminology is a bit different, but much of it works the same except that there is no inheritance. GTK is object-oriented and it is available for Rust.

    Inheritance is sometimes the right solution but sometimes not, in other languages inheritance is the only way to do something, so people overuse inheritance instead of using better and more suitable solutions such as composition. Rust offers enum with variants where each variant can be a struct which is a solution that often makes more sense than inheritance.

    Leave a comment:


  • kloczek
    replied
    Originally posted by Nth_man View Post

    Static Analyzer Rudra Found over 200 Memory Safety Issues in Rust Crates
    Developed at the Georgia Institute of Technology, Rudra is a static analyzer able to report potential memory safety bugs in Rust programs. Rudra has been used to scan the entire Rust package registry and identified 264 new memory safety bugs.


    CVEs (Common Vulnerabilities and Exposures) in Rust programs:
    The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.
    ROTFL

    Leave a comment:

Working...
X