if only the linux kernel would switch to C++, in the long term you could switch to STL strings and even use the new performant STL type safe formatting. rust is not neccesary at all.

C++ with metaprogramming can determine string literals length at compile time very easily. Thats one big reason for the kernel to switch to C++. C++ has better type safety and performance with metaprogramming.

Exclusive references are basically the same as restrict in C. It is however true that C programmers don't generally use it because they prefer making a tangled mess of shared mutability.

Same for Rust, a byte-string literal includes the length too (for example has type ). Rust is basically a C++ that actually enforces the correctness invariants to a much higher degree.

Yeah, the restrict keyword does promise no aliasing. But that is you promising to the compiler. The compiler doesn't check your work in this case (at least I have never seen it report an error wrt restrict).

Rust does check your work, it doesn't let you compile the program unless it can prove that you used references correctly (sure, you can trick the compiler in unsafe blocks, the point of them is telling the compiler "I *did* check my work, but I can't make the compiler understand this construct", they are the exception not the norm in rust code outside foundational libraries and FFI).

C and C++ is as if you are in an unsafe block all the time, with no way to turn it off.

(I have coded C++ for over a decade professionally, and rust for a couple of years as well at this point, though professionally only the last few months. Plain C I thankfully haven't written in many years at this point, though I used to.)

C++ does it in a way that is backwards compatibile with C and i prefer it taht way, if i want to write shitty C code, i can. If the kernel want sto switch compiler to C++ they can, with a bit of heavy lifting. Rust is pointless.