Hacker News new | ask | show | jobs
by Ygg2 412 days ago
Nonsense, the C guy told me those happen to people that make mistakes, and that he, being the offspring of the Elemental of Logic, and "Hyperspace cybernetic intelligence and juvenile delinquent John Carmack" is completely immune to such pathetic issues. He works at Linux. Yes, all of Linux.
1 comments
uecker 412 days ago
Yes, we need a languages that makes it impossible. But how could this happen in Rust? https://github.com/advisories/GHSA-5gmm-6m36-r7jh But clearly, this does not count because it used "unsafe", so it remains the programmer's fault who made a mistake. Oh wait, doesn't this invalidate your argument?
link
mkj 412 days ago
A random 16 star github repo using unsafe doesn't really tell anyone much.
link
Ygg2 412 days ago
> Oh wait, doesn't this invalidate your argument?

Not really. If you can't be perfect, at least be good.

Unless you want to make an argument that searching all of your code base for UB is better than running on a relatively small subset (20-30%).

Or that Linux should use tracing GC + value types. Which I would find decent as well. But sadly LKML would probably disagree with inclusion of C# (or Java 35).

link
uecker 412 days ago
You can't be perfect. The question is how much improvement "rewriting in Rust" actually brings, how important that is, and what downsides it may have.
link
throwawayqqq11 412 days ago
Another, way more impertant question is, can we keep maintaining legacy C code in community driven FOSS projects, when the world moves on.
link
uecker 411 days ago
Does the world really move on? I think HN could be misleading here. And is moving to evermore complex solution the right answer to mainentance problems? I doubt it.
link
eru 412 days ago
If you really want, you could write your code in Agda or similar and prove it correct. See also seL4 https://github.com/seL4/seL4 which is a proven correct kernel.

https://sel4.systems/Verification/proofs.html

link
uecker 412 days ago
... written in C.
link
eru 412 days ago
It's written in C in the same way it's written in assembly:

C is just used as part of the process to go from a high level spec to executable code.

You can also compile eg Haskell via C.

The subset of C used in seL4 is highly constrained.

link
johnnyjeans 412 days ago
a subset of C is provable, and is the de-facto standard in the industry.

what is it with rust people and thinking robust, automatic correctness checking was invented in the last 20 years?

link
Ygg2 412 days ago
Wow, the Linux kernel must be full of dunces that rather than writing in proven correct C, added another language that other maintainers hate. What morons! /sarcasm

Disclaimer: above is sarcasm, while I don't think Linux Kernel Maintainers are perfect, I don't consider them dunces either. If they can't avoid writing UAF (use after free) or DF (Double free) bugs then what hope does the average C programmer has?

link
immibis 412 days ago
Proven correct C
link