Hacker News new | ask | show | jobs
by marhee 487 days ago
> The majority of bugs (quantity, not quality/severity) we have are due to the stupid little corner cases in C .... Things like simple overwrites of memory (not that rust can catch all of these by far), error path cleanups, forgetting to check error values, and use-after-free mistakes.

What's the reach here of linters/address san/valgrind?

Or a linter written specifically for the linux kernel? Require (error-path) tests? It feels excessive to plug another language if these are the main arguments? Are there any other arguments for using Rust?

And even without any extra tools to guard against common mistakes, how much effort is solving those bug fixes anyway? Is it an order of magnitude larger than the cognitive load of learning a (not so easy!) language and context-switching continuously between them?
1 comments
raverbashing 487 days ago
You can't valgrind kernel space

Linters might be helpful, but I don't remember there being good free ones

The problem here is simple: C is "too simple" for its own good and it puts undue cognitive burden on developers

And those who reply with "skill issue" are the first to lose a finger on it

link
marhee 487 days ago
> You can't valgrind kernel space > Linters might be helpful, but I don't remember there being good free ones

I should have Googled:

https://www.kernel.org/doc/html/latest/dev-tools/

So many tools here. Hard to believe these cannot come close to what Rust provides (if you put in the effort).

link
chippiewill 487 days ago
Rust forces you to encode much more explicitly information about lifetimes and ownership into the code. Tools can only do so much without additional information.
link
Avamander 487 days ago
Those solve a bunch of problems and can avoid a lot of issues if used properly, but it's time-consuming and cumbersome to say the least. Nowhere near as seamless or holistic as what Rust has to offer.
link
marhee 487 days ago
> but it's time-consuming and cumbersome to say the least

Only when writing code (and not even that: only when doing final or intermediate checks on written code). When reading the code you don't have to use the tools. Code is read at lot more then being written. So if tools are used, the burden is put only on the writer of the code. If Rust is used the burden of learning rust is put both on the writers and readers of the code.

link
estebank 487 days ago
The same information that is useful for compilers (like rustc) and linters to reason about code, is also useful for humans to reason about code.
link
Filligree 487 days ago
I find reading Rust much easier than writing it. It’s not actually that complicated a language; the complexity is in solving for its lifetime rules, which you only do when coding.
link