Announcement

Collapse
No announcement yet.

Rust For The Linux Kernel Sent Out For Review A Fourth Time

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #51
    Originally posted by pabloski View Post
    Who knows, maybe even MS engineers are stupid.
    Their OS is broken by design, so no doubt.

    Comment


    • #52
      Originally posted by jacob View Post
      The Linux kernel for example already had a new buffer underflow exploit this year (CVE-2022-0185).
      I bet it's not C fault, but some developer. It's quite hard language, but very powerful one.

      Comment


      • #53
        Originally posted by Volta View Post

        That's something new! The most advanced and successful operating system kernels are written in C. Probably the most advanced data base is written in C. Automotive industry (and any other serious industry) depends on C.
        And what other choices you have before Rust? Really? The only other choice was C++, a lang with adds more complexity without solving ANY C problems.
        And other langs like Java, Python etc. are just not sensible option for some tasks, you just didn't have before Rust a choice if you need a lang with is compiled without a GC.
        Also, I completely don't get how the whole "C is more successful" is an argument here, you are comparing a language with had ~40 years of time to adopt on the market vs ~10 years. Of course at this point in time C will be more "successful", that doesn't mean in 30 years Rust can be at this point now C is and even beyond that.
        How is this even an argument? Man, it is like saying that fuel powered cars are more "successful" then electric because we used them over 100 years and electric cars are only recent getting tracking. HOW IS THAT EVEN AN ARGUMENT?!

        Comment


        • #54
          Originally posted by Volta View Post

          I bet it's not C fault, but some developer. It's quite hard language, but very powerful one.
          I think the point being made here is that whether you're a great/average/crappy programmer, that the use of Rust would significantly reduce or eliminate these types of vulnerabilities from ever occurring...or you could just publicly shame thousands of developers. Hmmm....what to choose.

          I mean, programming languages are as insecure or secure as much as the developer themselves. If Rust provides a good framework, there will be less bugs just because it's harder for issues to sneak in (but not impossible). C just allows way too many to sneak in and that's the main issue with it.
          Last edited by akira128; 13 February 2022, 08:18 AM.

          Comment


          • #55
            Originally posted by betty567 View Post
            Rust is an attempt to bolt low level features onto a high level language, and it has never been successful, nor will it be.
            Both are an attempt to make programming "easier" for people that cannot handle true low level programming.
            Rust is not a high level language, try again.

            Comment


            • #56
              Originally posted by Volta View Post

              That's something new! The most advanced and successful operating system kernels are written in C. Probably the most advanced data base is written in C. Automotive industry (and any other serious industry) depends on C.
              Actually if you get serious enough they don't depend on C. In this ream you have languages like Ada or Erlang because of the guarantees they provide. Or in cases iike sel4 (the only actually formally verified kernel) you have Haskell.

              Languages like Haskell are also used a lot in defense, at least when you don't need real time guarantees. And in any system that is really mission critical, even if it is written in C they use theorem proves like Coq or Isabell where as Rust already has the theorem prover built into the language.

              Originally posted by betty567 View Post

              Then why don't you explain it all to us, Smitty?
              In terms of design Rust is basically variant of C with parametric polymorphism, traits and a linear type system to prove memory flow. It doesn't have any GC and memory allocation in Rust is manual, just like in C.
              Last edited by mdedetrich; 13 February 2022, 08:14 AM.

              Comment


              • #57
                Originally posted by Volta View Post

                Can you show us how successful the Rust is? I'm not against it, but I'm trying to figure out on what basis some people formulate their claims.
                https://kerkour.com/rust-in-production-2021/

                Comment


                • #58
                  Originally posted by betty567 View Post
                  C is excellent for an OS kernel because memory management is 100% up to the developer. You decide your own allocation strategy, you decide when and how to initialize memory, your own re-use strategy, and you decide when to free memory.
                  There are many people using Rust for embedded software development today. Perhaps do a quick Internet search for `no_std rust` and `embedded rust`. You get to decide your own allocation strategy, when and how to initialize memory, your own re-use strategy, and when to free memory. Guess you think Rust is excellent now?

                  There are no features that must be abstained from when doing low-level things, there is no "unsafe" portion of the language that one must rely exclusively on in these low-level scenarios.
                  This ignores the fact that all C code is by default unsafe, and there is no way to build safe abstractions in C. You can't prevent a programmer from calling your API with invalid memory addresses. Everyone writing C libraries is eternally engaged in defensive programming techniques to handle unexpected inputs. Whereas in Rust you have clearly defined types, ways of encoding constraints into types, and the ability to fully capture and ration ownership of data.

                  No "garbage collection", which is a "for dummies" feature for people who cannot keep track of allocations. But Rust doesn't use "garbage collection", it uses "unicorn farts that nobody can quite describe" but don't call it garbage collection, because garbage collection has a negative connotation. Rust is a win for it's own marketing folks, and nothing else.
                  Is this what you would say about C++? Rust uses the same garbage collection mechanism as C++ — RAII. The compiler tracks the lifetime of variables and inserts drop methods after the last reference of the variable in the code. There's an established spec for the order that the drop methods are invoked, and the order that fields in a struct are dropped. The killer feature of Rust is in how the compiler enforces aliasing XOR mutability, utilizes an ownership model, and allows the programmer to tag lifetimes of references.

                  20 years ago, these "unicorn farts" were thoroughly described and explained in an AT&T Labs research paper: https://www.cs.umd.edu/projects/cycl...ne-regions.pdf
                  Last edited by mmstick; 13 February 2022, 08:29 AM.

                  Comment


                  • #59
                    Originally posted by dragonn View Post

                    And what other choices you have before Rust? Really? The only other choice was C++, a lang with adds more complexity without solving ANY C problems.
                    And other langs like Java, Python etc. are just not sensible option for some tasks, you just didn't have before Rust a choice if you need a lang with is compiled without a GC.
                    Also, I completely don't get how the whole "C is more successful" is an argument here, you are comparing a language with had ~40 years of time to adopt on the market vs ~10 years. Of course at this point in time C will be more "successful", that doesn't mean in 30 years Rust can be at this point now C is and even beyond that.
                    How is this even an argument? Man, it is like saying that fuel powered cars are more "successful" then electric because we used them over 100 years and electric cars are only recent getting tracking. HOW IS THAT EVEN AN ARGUMENT?!
                    How "successful" a language is can be difficult to define.....but popularity and widespread adoption (especially by big companies) can be one indication of "success" right? That's just one metric. There's also functionality...and perhaps the rate of vulnerabilities should be thrown in there.

                    According this report (written 2 years ago):
                    https://www.whitesourcesoftware.com/...ing-languages/

                    The C programming language accounts for the highest percentage of all vulnerabilities (out of 7 the languages that were tracked/polled) with over 77% in the last 10 years, and 47% for the previous year.

                    I understand that C has an incredibly large user-base, but damn that's a high number.
                    Last edited by akira128; 13 February 2022, 08:47 AM.

                    Comment


                    • #60
                      Originally posted by Volta View Post

                      I bet it's not C fault, but some developer. It's quite hard language, but very powerful one.
                      That's a silly thing to say. Memory errors (among others) should be a thing in the first place. Developers shouldn't HAVE to worry about stupid mistakes like that. The C language, in fact, is neither hard not powerful. It's very easy to learn but it's expression power is extremely weak, which means developers must spend their time paying attention to problems that should not exist. That's in comparatively simple programs. In complex ones... we'll, you get CVEs.

                      Comment

                      Working...
                      X