this post was submitted on 21 Apr 2024
320 points (95.2% liked)
Linux
48743 readers
1148 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
It's not "the segmentation fault thing". It's that C allows you to shoot yourself in the foot in many various ways, part of which will immediately show itself in the form of a segfault, part of which may show itself in the form of a segfault minutes, days, or years later depending on how the users use the software, and part of which will not show itself in the form of a segfault ever but make the program unstable in other ways.
Yeah, sure, you can say that it's "a skill issue", but maybe that's not the attitude of the year if you want more contributors in the project, which is a useful goal if you don't want it's developer community to die out or otherwise disintegrate.
That's why the maintainers shouldn't allow anyone to just add any new dependencies without a proper consideration. I don't think this is an unsolvable problem.
I admit to not knowing how running an open source project goes, but wanting more contributors seems like the wrong metric compared to better contributors.
I understand the pitfalls of C are not limited to segmentation faults, but I suspect it would be more productive to fix C by including some of Rust’s better ideas than to throw it away, as seems to be the current trend.
I don’t think Rust is wholly bad, to be clear, but it seems over-engineered to me, and the fact its useful new features don’t even completely work (see rust-cve) isn’t very encouraging.
I would recommend listening to Jonathan Blow’s opinion on Rust, which I tend to agree with. I personally think I’m just going to stick with C until Rust either becomes the standard, or I retire and let the next generation worry about that.
The problem is that you can't just tack Rust's ideas onto an existing language. Generics, traits, lifetimes, borrowing, sum types, and match are key Rust features, but took considerable design time before Rust even reached 1.0. They interlock to produce a pleasant development experience. You can't just attached them to C and call it a day.
Most of the CVE's listed there are in unsafe code in the standard library. At some point, some code is going to have to have to implement the tricky cases. In C, this code is common place, ready for any coder to run into problems. In Rust, these are bizarre edge cases that most people would never trigger.
I haven't heard Jonathan Blow's take yet, but one thing a person pointed out is that he tends to prefer a style that uses a lot of shared state. Rust explicitly discourages that style, considering it a source of bugs.
I encourage you to give Rust a try. It never hurts to have another language in your arsenal. Who knows, you might even find it fun.
I don't have much experience in C, but I'm not sure if bringing Rust's ideas over to C would help.
As I understand, a lot of problems come from either that arrays are actually just pointers and if you don't enforce it's length for yourself then no one will, and in practice they span the entire area of process memory dorwards and backwards too. Or from that you free memory at the wrong time, or you never do that at all.
You can't make mistakes with the first thing in Rust because the compiler takes note of the array's length, and you just can't abuse it as it won't compile then. The second is a nonissue too, as memory management is automatic (kind of).
Fixing C sounds to me like patching up a sieve. That language was designed with those features in mind that make it error prone, and changing them would result in a different language. You would have to change your program anyway, and that probably wouldn't be a small renovation. Also, you often can't afford to not use pointers, because that's how you pass things by reference in C, and besides passing by reference being important for performance reasons (to avoid copies) that's the only option if so you have is a pointer to something, and when it's stored in the heap.