[ninkendo]

It’s actually sort of interesting why Linus has basically closed the door on C++ ever getting into the kernel, while Rust seems to have gotten the green light.

If you look at Linus’s initial reasoning [0] (which was from a long time ago, nearly 20 years now, way before C++11), it was because the abstractions it offered/encouraged could make it hard to reason about what’s really happening, which may be bad for kernel code, and that allowing C++ would open the floodgates for C++ programmers to contribute, and Linus famously hated C++ programmers.

Rust-in-the-kernel came up many years later, and IMO if Linus was really honest with himself he’d either (1) not allow rust for essentially the same reasons he disallowed C++, or (2) admit his views have evolved, and say that C++ should be allowed on the same tentative basis that Rust is.

I get that rust offers safety advantages that C++ doesn’t, but I don’t think that’s the complete picture… modern C++ offers so many of the same advantages (although obviously not all) that if we’re really being honest with ourselves, it would seem to be unfair that Rust is let in while C++ is not. Both of them are enormous steps up in safety over C.

[0] https://harmful.cat-v.org/software/c++/linus

[hypeatei]

> Both of them are enormous steps up in safety over C.

I would argue one (Rust) is, but not C++. Rust is more "batteries included" and doesn't require specific compiler flags or complicated tooling, it just works and gives you guarantees out of the box. C++ seems to allow escape hatches by default while Rust requires you to call that out via `unsafe`.

[bfrog]

C++ makes things very hard to reason about still compared to Rust even. C++ programmers are bike shed machines in my experience, always chasing their own ideal of pedantic C++ which does not exist in practice.

How would C++ features like RTTI, exceptions, and the std template library be used? What about the insane ideas of classes and inheritance which induce mind numbing impossible to comprehend code?

Rust is actually pretty readable and reviewable. C++ tends to be mind numbingly hard to review.

[insanitybit]

> not allow rust for essentially the same reasons he disallowed C++,

Unless what he disliked was the inheritance/OOP stuff in C++, which isn't an issue in Rust.

[pjmlp]

Rust has its own flavour of OOP, only data inheritance isn't part of the picture.

Interfaces/traits, dynamic dispatch, static dispatch, encapsulation, polymorphism, traits inheritance, is all there.

Additionally macro system as powerful as Common Lisp, which allows to do stuff that would make Linus blowup on the spot.

[insanitybit]

> Rust has its own flavour of OOP, only data inheritance isn't part of the picture.

I think it's fair to say that Rust is a lot less 'OOP' than C++. There is no concept of 'protected', traits are separate from structs, there's no data inheritance, there's no 'isinstance', dynamic dispatch is explicitly behind 'dyn' keyword, etc.

> Additionally macro system as powerful as Common Lisp,

It's not like the Linux kernel doesn't make use of C's macros.

[pjmlp]

There is no "less" or "more" OOP as per CS definition.

Plain textual text replacement isn't the same as a proper macro system.

[jstimpfle]

Abusing inheritance of virtual methods instead of interfaces (which makes classes closed to extension, and the possibility of overriding non-zero methods is nothing short of weird), and implicit "this" parameter (which makes stuff needlessly hard to read and refactor), are two of the biggest annoyances on my list -- because they are so basic.

[pjmlp]

Well, you can enjoy explicit this parameter in C++23, if that is your thing.

As for the complaints, they are kind of doable in Rust as well.

Use traits with function pointers, empty types, and some macros.