TWiR quote of the week

I think the security of the internet is incredibly important obviously and I want it to be secure and I think bringing rust there is absolutely going to help it. Just by default it eliminates some of the most classic types of vulnerabilities.

But I don't think that's the most exciting part. I think the most exciting part is that the set of people for whom it is possible to implement these types of things, like who writes coreutils, who writes curl, who does those things. That used to be a really small pool of people. That had to be people who knew the dark arts, and only them and only their buddies or something.

And it's the goal of rust to empower that to be a larger group of people and ultimately I think that that is what is going to happen which means the sheer number of people will be larger, and also the diversity of that set of people is going to grow. And I that that that will probably actually do more for the security and usefulness of these tools than eliminating underfined behaviour.

Ashley Williams on Free as in Friday (quote starts 46:48)

11 Likes

"Clever" memory use is frowned upon in Rust. In C, anything goes. For example, in C I'd be tempted to reuse a buffer allocated for one purpose for another purpose later (a technique known as HEARTBLEED).

— Kornel, in Speed of Rust vs. C.

4 Likes

Whilst Rusts memory safety rules no doubt help greatly to prevent memory related security issues. I would not over sell the point.

It is still trivially easy to reuse a byte buffer for multiple purposes. For example to receive data into and then send that data elsewhere.

One of the first bugs I made in Rust was just doing a read into a buffer and then a write from the buffer. Forgetting the read might not filled the entire buffer and writing the entire buffer rather than the length that was read. Thus potentially sending sensitive data to the wrong place.

In C it's perfectly rational to overuse linear search and linked lists, because who's going to maintain yet another half-assed implementation of hash table? There are no built-in containers, dependencies are a pain, so I cut corners to get stuff done. ... OTOH in Rust it takes only 1 or 2 lines of code to get very high quality implementations all kinds of containers. This means that my Rust programs can afford to use proper, incredibly well-optimized data structures every time.

— Kornel Speed of Rust vs. C

11 Likes

Do we permit gifs?

if a rustacean says something about an "invariant lifetime" in response to your question, it is too late, there is no escape, you are now one with the crab

2 Likes

This is just to say,
I have rebased
the feature branch
opened against
master

and which
you might have been
already working
on fixing

Forgive me,
the diff was so trivial
so minor
so smol

-- Jubilee on rust-lang zulip

3 Likes

Given Linus's well known position on C++ in the kernel (for those who are not familiar with it, imagine five minutes of swearing, followed by "Over my dead body"), this is practically a warm welcome.

-- lurgi on /r/rust

11 Likes

Reddit done gone 503.

This is a better link: https://www.reddit.com/r/rust/comments/mbhr0i/linus_torvalds_on_where_rust_will_fit_into_linux/

1 Like

This falls in the general category of "running down other languages/projects/people" (in this case, C++, and promoting Linus's rants about it), which I don't think we should highlight in a quote of the week.

6 Likes

Running down other languages or not, I was a little surprised that when the notion of using Rust in the kernel came up Linus did not immediately knock it down. I should not have been surprised though, Linus does not poo poo ideas on emotional grounds, he would have though about it first.

I don't believe Linus ever had any "rants". That word implies a very emotional outburst, frothing at the mouth with anger uncontrollably and so on. Linus is not like that. Apparently some got upset over his wording sometimes. But as far as I can tell he was only speaking straight and getting to the point, which is the normal mode of communication in Finland. A characteristic I prefer to falsely polite and long winded talking around and around when it comes to getting the job done properly.

Anyway, my only reservation of introducing Rust into the main line kernel would be the need to carry around LLVM to build a kernel. A large dependency too far. If the kernel could be built with Clang/LLVM or GCC had a Rust front end that would be great.

3 Likes

I don't think that counts as such. OP simply mentioned what Linus' opinion was about C++. They did not endorse it. If anything, the remark sounds sarcastic against Linus' anti-C++ position and/or style.

1 Like

As far as I can tell C was pretty much the only language available to build Linux with at the time. From purely practical considerations never mind any subjective preferences and emotional attachments programmers have for their favourite languages.

Also it makes a lot of sense to me that having selected a language for such a project there would have to be massive advantages in anything else to even consider it. Having a polyglot system is going to be a lot harder to hold together. There have been no languages available with such massive advantages.

Enter Rust... For the first time, since Ada perhaps, a language arrives that does offer new features in terms of program correctness, which are very valuable in projects like an OS kernel.

1 Like

I meant "promoting" in a literal sense (sending attention towards), not endorsing.

2 Likes

-- a look back at asynchronous Rust, @tomaka

9 Likes

What I love about Rust is that it has been developed to solve concrete problems, built on top of the lessons (painfully) learnt while implementing real systems.

-- https://blog.esciencecenter.nl/using-rust-for-scientific-numerical-applications-learning-from-past-experiences-798665d9f9f0

(It's formatted as a quote of some kind, but it's not duplicated from the non-quote parts, so I'm not sure if it's a pull quote, an uncited quote of one of the hyperlinks, or just confusing use of the markup. Google is being unhelpful on that front.)

1 Like

in Lifetime in struct - #2 by trentj

5 Likes

What I actually value on a daily basis in [rust is]
I can call code written by other people without unpleasant surprises.

async fn verify_signature(token: &Jwt) -> Result<Claims, VerificationError>

Looking at a code snippet:

  • I know my JWT token won't be mutated, just accessed (&);
  • I know the function will probably perform some kind of I/O (async);
  • I know that the function might fail (Result);
  • I know its failure modes (VerificationError).

Luca Palmieri on Twitter

9 Likes

As we all know, adding blockchain to a problem automatically makes it simple, transparent, and cryptographically secure.

source (Library for use in C++, but written in Rust)

5 Likes

(for the obtuse among us (including me), if that quote is pulled without context it might be good to note that it's heavily sarcastic, not just uninformed.)

3 Likes

Rust sparks joy.

From Gregory Szorc's Digital Home | Rust is for Professionals

4 Likes