Originally posted by cl333r
View Post
Announcement
Collapse
No announcement yet.
The Latest Progress On Rust For The Linux Kernel
Collapse
X
-
Originally posted by dragonn View Post
Of course, I fixed it but didn't erase the original .
Nothing changes it that the borrow checker has nothing to do with refcell.
Ok, let us fly a rocket to the moon, we have two rockets, a C and a Rust rocket. Both of the have a bug, because even in Rust you can have a bug.
Now, first flies the C rocket:
- the bug triggers, some race conditions occurs, some data get corrupted and now the rockets turns down and flies straight into a city nearby.
Ok, but the software didn't crash!
Now the rust rocket flies:
- the bug triggers, refcell does a panic, safely unwinds the program. Some overwatching hardware watchdog detects that, probably first tries to restart the program, if not goes into self destruct mode in the air, safely above the starting pad.
YOU HAVE NO IDEA WHAT A "safety critical system" is and how they work, the worst thing you want is a silent data corruption without any traces and logs.
Yet another analogy: you have a penis but you're not a rapist, yet Rust would treat you like a rapist because Rust's train of thought goes like this: Rapist has penis, you have penis, therefore you have to be treated like a rapist, just in case, for security purposes, which in Rust's case means - crashing the app. And all I'm saying is that in like 99+% of the time people with penises are not rapists they're normal people and shouldn't be jailed "for security reasons, just in case".
- Likes 1
Comment
-
Originally posted by cl333r View Post
That's the point you're getting wrong. I'm not talking about buggy C++ code, I'm talking about code that isn't buggy - that just has aliased mutability. Many (apparently beginner) Rust users think that aliased mutability = bug. It only means it could be a bug.
Yet another analogy: you have a penis but you're not a rapist, yet Rust would treat you like a rapist because Rust's train of thought goes like this: Rapist has penis, you have penis, therefore you have to be treated like a rapist, just in case, for security purposes, which in Rust's case means - crashing the app. And all I'm saying is that in like 99+% of the time people with penises are not rapists they're normal people and shouldn't be jailed "for security reasons, just in case".
- Likes 3
Comment
-
Originally posted by jacob View PostWTF does that even mean? There is no difference on RefCell behaviour relating on the code path it comes from.
Originally posted by jacob View PostThat's not a Rust fanboy train of though, that's a correct train of thought. Having a program that can misbehave but this time around didn't because we got lucky, that's utterly worthless. The point is to develop a program that CAN'T misbehave. By the way, if you think that having RefCell in its std lib makes Rust somehow bad, then I presume you also hate C11 for having mtx_t since multiple mutating aliases and data write races are very closely related problems,
- Likes 1
Comment
-
Originally posted by cl333r View PostMany (apparently beginner) Rust users think that aliased mutability = bug. It only means it could be a bug.
In rust you always you are doing aliased mutability and when you do it the wrong way it will in a predict stop the program and show where the error happen.
So no how is Rust worse in the case then C/C++? They only thing it forces on you that you know you are doing aliased mutability.
About analogy, they is one small problem, code isn't people, but you might compare code to tools. Why does most countries in the world not allow having weapons by civilist even when most of them wouldn't do any harm with it and would have it only for protection? Because "for security reasons, just in case", when you want a weapon you need to go through some tests and have a valid reason for it, not "just in case for defending" with is exactly what Rust does.
Rust doesn't prevent from writing absolutely bad code, but it makes it hard for you and allows other developers see issues in your code right away.
- Likes 2
Comment
-
-
Originally posted by cl333r View PostWrong. You can call into (say) a function that borrows() while the object is already borrowed, and some other code can call that function with the object unborrowed, in one case the same function fails, in another succeeds.
But if the panicking (which is a GOOD THING) still bothers you, why you don't at least look up its documentation? You would see, among other things, that it has a "try_borrow()" method that will not panic but instead return an error so that you can handle the conflict gracefully if needs be. I'm not aware of any other language that would let you detect the situation and handle it.
BTW don't be mistaken by the word "borrow" here, it doesn't imply that it's somehow related to the borrow checker as you seem to believe,
Originally posted by cl333r View PostLucky? You're "lucky" with the Linux kernel? And Rust programs "can't misbehave"? Sorry you're too stupid to argue about nuances you don't or can't even grasp. Have a nice day.
That's why safety critical systems don't usually use general-purpose OSes.
- Likes 1
Comment
-
-
Originally posted by cl333r View PostYet another analogy: [...]
you like surfing on the roof of cars, but you never had an accident, yet Rust would treat you like a looser because Rust's train of thought goes like this: Roof surfing is really dangerous, you could fall down and cause accidents, therefore you have to be treated like a noob, just in case, for security purposes, which in Rust's case means - crashing the app. And all I'm saying is that in like 99+% of the time people surfing on cars don't cause accidents, they're normal people and shouldn't be jailed "for security reasons, just in case".
Comment
-
Originally posted by jacob View PostBTW don't be mistaken by the word "borrow" here, it doesn't imply that it's somehow related to the borrow checker as you seem to believe,Last edited by mdedetrich; 12 September 2021, 05:48 PM.
- Likes 1
Comment
Comment