As I understand it, Rust does not like pointer structures because it does not have garbage collection. (I am talking about things like linked lists, not simply owned pointers like strings and vectors.) So rust encourages array lists instead.
I would expect the C based kernel to be riddled with pointer structures. In which case it is difficult to see how that could be converted to rust unless lots of unsafe code is written.
It is a bit like you can have C with Classes, but real C++ uses RAII which is a diff
Well C doesn't have garbage collection either.. and the kernel code just self-manages all of these structures. You can easily use pointer structure style code without a garbage collector.. maybe that's not trivial in rust.. but it will need to be able to manage it in order to interact with C bindings...
You can easily use pointer structure style code without a garbage collector..
It is indeed easy to write code to manually manage pointers; the hard part is to write it correctly (without introducing memory-leaks, read-after-free errors, and other undefined behavior). And even if you're a seasoned expert in manual object-lifetime-management who never makes a mistake, the junior developer who comes after you to maintain your code probably won't be, so he's likely to add the bugs you carefully avoided. Either way the end-result is buggy code and exploitable security flaws that might have been avoided with a stricter/safer language like Rust.
It's a good argument, but it doesn't apply if you need to be using unsafe code to do the job. And the argument is that you always will be in the contexts that would have the unsafe code anyway.
This isn't a flawless argument, and I can imagine that Rust might well cut down the problems. But the documentation is so bad that I can't be sure.
A couple years back it was C++ (Score:4, Informative)
I still remember when they added C++ to the kernel. They had the same arguments and it never went anywhere.
Like C++, Rust is a different way to structure (Score:2)
As I understand it, Rust does not like pointer structures because it does not have garbage collection. (I am talking about things like linked lists, not simply owned pointers like strings and vectors.) So rust encourages array lists instead.
I would expect the C based kernel to be riddled with pointer structures. In which case it is difficult to see how that could be converted to rust unless lots of unsafe code is written.
It is a bit like you can have C with Classes, but real C++ uses RAII which is a diff
Re: (Score:2)
Re:Like C++, Rust is a different way to structure (Score:2)
You can easily use pointer structure style code without a garbage collector..
It is indeed easy to write code to manually manage pointers; the hard part is to write it correctly (without introducing memory-leaks, read-after-free errors, and other undefined behavior). And even if you're a seasoned expert in manual object-lifetime-management who never makes a mistake, the junior developer who comes after you to maintain your code probably won't be, so he's likely to add the bugs you carefully avoided. Either way the end-result is buggy code and exploitable security flaws that might have been avoided with a stricter/safer language like Rust.
Re: (Score:3)
It's a good argument, but it doesn't apply if you need to be using unsafe code to do the job. And the argument is that you always will be in the contexts that would have the unsafe code anyway.
This isn't a flawless argument, and I can imagine that Rust might well cut down the problems. But the documentation is so bad that I can't be sure.
Re: Like C++, Rust is a different way to structure (Score:2)
It still applies in unsafe code, albeit to a reduced extent. Even so, you don't have to write an entire driver as unsafe.