Announcement

Collapse
No announcement yet.

Experimental Patches For Rust-Written Linux Network Drivers

Collapse
X
Collapse
 
  • Page of 5
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 5 template Next
  • #11
    Originally posted by ClosedSource View Post
    As far as I can tell, he knows very little other outside Assembly, C, bash, and how to write Makefiles. However, he is clearly better than most people today in C. The guy could easily write a book called "The Torvalds principles of C code" and it would be used to teach college students about C. Rust exists to solve problems the Torvalds doesn't have.
    IMHO the exact reason Torvalds learned so much about avoiding C problems is the reason one could say he has a lot of C problems.

    He has to review everyone else's C code and their problems, and every time a fix for a bug or security issue derived from bad C code is necessary in the Linux kernel he is reminded of each mistake they made and he didn't catch either.

    I suspect his exposure to a repeating range of C mistakes that could simply not exist anymore made Rust compelling to him. IIRC he said as much at some point, but I'm not gonna go through the trouble of finding a quote.
    • Likes 7

    Comment

    • #12
      Originally posted by marlock View Post
      IMHO the exact reason Torvalds learned so much about avoiding C problems is the reason one could say he has a lot of C problems.

      He has to review everyone else's C code and their problems, and every time a fix for a bug or security issue derived from bad C code is necessary in the Linux kernel he is reminded of each mistake they made and he didn't catch either.

      I suspect his exposure to a repeating range of C mistakes that could simply not exist anymore made Rust compelling to him. IIRC he said as much at some point, but I'm not gonna go through the trouble of finding a quote.
      Well put.
      • Likes 1

      Comment

      • #13
        Originally posted by marlock View Post
        I suspect his exposure to a repeating range of C mistakes that could simply not exist anymore made Rust compelling to him. IIRC he said as much at some point, but I'm not gonna go through the trouble of finding a quote.
        There's no such thing, I'm afraid. If the compiler can take the burden on accessing memory in a safe way off the hands of the developer, why would you want to wrestle that back? I mean C has surely gained a lot of features of time, but memory safety isn't one of them, is it?

        Fwiw, I don't even see Rust as a C competitor. I see it more like the evolution of C. And by that, I mean C has grown a lot, but, over time, has become encumbered by its huge legacy. During that time, these concepts of borrow checker and lifetimes were developed in the academia, but couldn't be retrofitted to C. So we had to invent a new C for that.
        • Likes 4

        Comment

        • #14
          Originally posted by bug77 View Post

          There's no such thing, I'm afraid. If the compiler can take the burden on accessing memory in a safe way off the hands of the developer, why would you want to wrestle that back? I mean C has surely gained a lot of features of time, but memory safety isn't one of them, is it?
          "If a sound static analyzer were deployed, we could make C code with zero memory safety issues and do it without the hack of compiler added runtime checks [...] to claim memory safety. The aviation and nuclear power industries have been doing this for years". There is more information available.
          • Likes 1

          Comment

          • #15
            Originally posted by lowflyer View Post

            No. He doesn't.
            Says who?
            • Likes 1

            Comment

            • #16
              Originally posted by Nth_man View Post

              [I]"If a sound static analyzer were deployed
              Do you know any that works in a multi threading context? And does it work with dynamic memory? Is multi threading used in nuclear power plants and aerospace at all?
              • Likes 3

              Comment

              • #17
                Originally posted by bug77 View Post

                There's no such thing, I'm afraid. If the compiler can take the burden on accessing memory in a safe way off the hands of the developer, why would you want to wrestle that back? I mean C has surely gained a lot of features of time, but memory safety isn't one of them, is it?

                Fwiw, I don't even see Rust as a C competitor. I see it more like the evolution of C. And by that, I mean C has grown a lot, but, over time, has become encumbered by its huge legacy. During that time, these concepts of borrow checker and lifetimes were developed in the academia, but couldn't be retrofitted to C. So we had to invent a new C for that.
                I think you got my meaning in reverse and you're defending the same idea as me...?

                The Rust compiler can take a sizeable portion of that burden away and that's at least one reason why Torvalds thought adding another language to the kernel was worth the trouble when others proposed including Rust
                • Likes 3

                Comment

                • #18
                  Originally posted by patrick1946 View Post

                  I have seen some of his C++ code in his diving app. I am not even sure he knows enough for that. 😚
                  Do you mean something that can be seen on https://github.com/subsurface/subsur...s&type=commits ?

                  Comment

                  • #19
                    Originally posted by marlock View Post

                    I think you got my meaning in reverse and you're defending the same idea as me...?

                    The Rust compiler can take a sizeable portion of that burden away and that's at least one reason why Torvalds thought adding another language to the kernel was worth the trouble when others proposed including Rust
                    Yes, I think we're in agreement.
                    Not only is the compiler taking a sizable portion of the burden away, it takes arguably the heaviest burden, in the sense that memory safety is the hardest thing for which a developer could build a mental model to try to solve it themselves.
                    • Likes 2

                    Comment

                    • #20
                      Originally posted by Nth_man View Post

                      "If a sound static analyzer were deployed, we could make C code with zero memory safety issues and do it without the hack of compiler added runtime checks [...] to claim memory safety. The aviation and nuclear power industries have been doing this for years". There is more information available.
                      "we can fix it with tooling" has been the promise for the past 50 years, and yet here we still are
                      • Likes 8

                      Comment

                      Previous 1 2 3 4 5 template Next
                      Working...
                      X