this post was submitted on 29 Aug 2024
110 points (96.6% liked)

Rust

6052 readers
120 users here now

Welcome to the Rust community! This is a place to discuss about the Rust programming language.

Wormhole

[email protected]

Credits

  • The icon is a modified version of the official rust logo (changing the colors to a gradient and black background)

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 5 points 3 months ago (12 children)

Behind all the negative tone there is a valid concern though.

If you don't know Rust, and you want to change internal interfaces on the C side, then you have a problem. If you only change the C code, the Rust code will no longer build.

This now brings an interesting challenge to maintainers: How should they handle such merge requests? Should they accept breakage of the Rust code? If yes, who is then responsible for fixing it?

I personally would just decline such merge requests, but I can see how this might be perceived as a barrier - quite a big barrier if you add the learning cliff of Rust.

[–] [email protected] 22 points 3 months ago* (last edited 3 months ago) (2 children)

That seems based on the same misconception as the whole "fighting the compiler" view on Rust, namely that other languages are better because they let you get away with not thinking through the problems in your code up front. I am not surprised that this view is common in the C world which is pretty far on the end of the spectrum that believes that they are a "sufficiently disciplined programmer" (as opposed to the end of the spectrum that advocates for static checks to avoid human mistakes).

The problem you mention is fundamentally no different from e.g. changing some C internals in the subsystem you know well and that leads to breakage in the code in some other C subsystem you don't know at all. The only real difference is that in C that code will break silently more likely than not, without some compiler telling you about it. The fact that the bit you know well/don't know well is the language instead of some domain knowledge about the code is really not that special in practical terms.

[–] [email protected] 9 points 3 months ago (1 children)

That's a very good point. I hadn't considered potential lack of domain knowledge at all. In that case Rust might even help, because it's easier to write interfaces that can't be used wrong - so that even someone without the needed domain knowledge might be able to fix compile issues without breakage.

[–] BatmanAoD 12 points 3 months ago

See also Asahi Lina's thread on this, which explicitly says that Rust is one reason why their drivers cause fewer kernel panics than others: https://vt.social/@lina/113045456734886438

load more comments (9 replies)