Originally posted by cl333r
View Post
Announcement
Collapse
No announcement yet.
The Latest Progress On Rust For The Linux Kernel
Collapse
X
-
Originally posted by cl333r View Post
The borrow checker is a concept whose job is to enforce the borrowing rules, which can be checked at compile or runtime. Period.
- Likes 2
Comment
-
Originally posted by cl333r View PostYou didn't understand: one single function calls borrow_mut() onto the same instance of a RefCell object, let's call this function SuckMuhBalls(), but different callers into SuckMuhBalls() might call SuckMuhBalls() while said RefCell object is already borrowed or not, depending on this SuckMuhBalls() might succeed or crash the app. Hence the problem: how do you know all possible runtime function call paths into SuckMuhBalls() to make sure it never crashes the app?
So in other words, when you have multiple potentially mutable aliases, in Rust the attempt to perform concurrent mutations that would yield an undefined result is caught. In C/C++ the problem of course exists exactly in the same way (there is no magic involved), except that it's not explicitly caught and instead corrupts the app with various and unpredictable consequences. Ultimately RefCell is nothing more or less than a mutex of sorts. You are not seriously saying that mutexes are evil, are you?
Secondly, of course there is a tests coverage problem. That's hard in any language and Rust is no different, but all the same, it's easier in Rust than in say C, precisely because in Rust the behaviour is deterministic. Also, as mentioned, in difficult cases you should use try_borrow() where the type system will force you to really handle the case when you can't borrow the object. C/C++ has no equivalent at all for that. In a broader sense, the C way of signalling a failure is to return NULL or -1, which of course no-one really checks for. How often have you seen C code like:
int *a = malloc(1000);
if (a==NULL) { do_something_sensible_to_handle_it(); }
- Likes 3
Comment
-
Originally posted by oleid View Post
The funny thing about a RefCell is: you rarely use it at all.
Originally posted by oleid View PostIf what you describe would happen in your code, then your callstack would be severely broken anyeay, as the mutable acess is released if access goes out-of-scope.
- Likes 1
Comment
-
Originally posted by oleid View Post
The funny thing about a RefCell is: you rarely use it at all. And in a multithreaded context, the compiler prevents its usage. If what you describe would happen in your code, then your callstack would be severely broken anyeay, as the mutable acess is released if access goes out-of-scope.
- Likes 2
Comment
-
Originally posted by jacob View Post
There are two issues here. First, SuckMuhBalls(), SuckEmAgain() and DontStop() can all reference the same RefCell just like they could have non-const pointers to the same object in C or C++. There is absolutely no problem with that. The difference between Rust and C/C++ is that in Rust, to be able to actually perform a mutating operation, you must borrow() or try_borrow() it first, which is basically a way to saying to the others "I'm about to mutate the object, you can't do it yourself until I'm done".
So in other words, when you have multiple potentially mutable aliases, in Rust the attempt to perform concurrent mutations that would yield an undefined result is caught.
Originally posted by jacob View PostIn C/C++ the problem of course exists exactly in the same way (there is no magic involved), except that it's not explicitly caught and instead corrupts the app with various and unpredictable consequences. Ultimately RefCell is nothing more or less than a mutex of sorts. You are not seriously saying that mutexes are evil, are you?
Originally posted by jacob View PostSecondly, of course there is a tests coverage problem. That's hard in any language and Rust is no different, but all the same, it's easier in Rust than in say C, precisely because in Rust the behaviour is deterministic. Also, as mentioned, in difficult cases you should use try_borrow() where the type system will force you to really handle the case when you can't borrow the object. C/C++ has no equivalent at all for that. In a broader sense, the C way of signalling a failure is to return NULL or -1, which of course no-one really checks for. How often have you seen C code like:
int *a = malloc(1000);
if (a==NULL) { do_something_sensible_to_handle_it(); }
- Likes 1
Comment
-
Originally posted by cl333r View PostI say I used it often because I wrote a C++ like app, not a C like app.
As so often told to rust fanboys: aliased mutability != bug && aliased mutability != your fantasies.
Comment
-
Originally posted by oleid View Post
I'm not really sure what you mean.
Originally posted by oleid View PostStill, you failed to give a proper example.
- Likes 1
Comment
-
Originally posted by cl333r View PostNot concurrent as we're not talking about threads. The mutation would happen sequentially.
Originally posted by cl333r View PostNo way dude, mutexes are absolutely legit. Don't mix a single threaded problem with multithreading. RefCell isn't about "concurrent" mutation, merely about aliased mutability which would happen sequentially.
Originally posted by cl333r View Posttry_borrow() is not an option, if I could I wouldn't have used RefCell to begin with!!
- Likes 3
Comment
Comment