Posts by containerizer

Re: Excessive hardware requests, lack of backwards compatibility, taliban OO approach...

> You have just given away as someone who juses Java because told so, and because Sun relesease it for free. And knows nothing about it really. That is the only reason why Java became so popular.

Nonsense. Free C/C++ compilers, and other useful languages like Perl, were widely available at the time when Java began to gain traction in the early 2000s.

Re: The new COBOL

Why would you have to deal with Tomcat ? Any reasonably modern Java application will be using a DI framework (these have been available since 2006ish) that hides the underlying web server implementation pretty well.

Re: The new COBOL

> The Java community's general insistence to resort to XML based dependency injection to circumvent the type system's diktats are a motivation here. But that's far from a desirable feature.

FWIW that's about 20 years out of date. The DI frameworks (of which the widest used is Spring) handle this with annotations, much neater and easier to maintain than XML.

Re: re: Rust may be modern, but so is Windows 11…

> The formal language definition is a key design deliverable for any “well designed” programming language.

No true Scotsman ..

Re: Fair comment by Linus

It does.

If someone submits a change that breaks another component, they are expected to include fixes as part of their submission.

If the "other component" they break is something to do with Rust, then they need to know Rust in order to fix it. In other words, kernel developers would be required to master two languages, not just one.

Remember that a lot of devs are volunteers. They're doing this because they enjoy it. Forcing things on them that they don't see the point of is a good way to get them to leave.

Re: Fair comment by Linus

The problem with this is that there is no stable "C API" within the kernel. There never has been.

when kernel developers make changes to subsystems that break other things, they are expected to update those other things at the same time.

How does that approach work if the thing they break is the Rust layer ?

The solutions are limited :

- introduce a stable C API in the kernel. Most of the kernel developers won't tolerate that as it adds overhead.

- all kernel developers must learn Rust to avoid breaking the Rust layer. Ditto.

- accept that Rust will be broken from time to time. I don't think the Rust guys would accept this - they'd constantly be playing catchup.

> Why would be sign a pledge to an organisation that is openly hostile to him ?

What's hostile about pledging to respect the outcome of a vote ?

> after not being invited to the first 4 (cos the RNC didn't want him)

This is a flagrant misrepresentation. Trump refused to sign a pledge where he would support whichever candidate won the nomination. Why do you think he refused to agree to this simple condition ?

> You mean like the debates he wasn't invited to?

No, I mean the debates he could have attended if he signed up to the conditions of the debate. Which he refused to do.

> The people voted in the various primaries and voted for Trump. This is democracy in action. If they wanted someone else they could have voted for someone else.

Thank you for explaining the concepts of democracy and the party nomination process to me, but I was already aware.

> Its not like the RNC just decided that Trump is the candidate and it doesn't matter what the party at large wanted

I didn't say the RNC decided anything. I said that Trump mounted a reverse takeover of the GOP and ended up dominating it to such an extent that he thumbed his nose at their own nomination process and still won.

> I mean, something like that would NEVER happen with the DNC now would it? *cough* Hillary *cough* Harris *cough*. Heaven forbid the party ruling elite just pick who they want!

I think you are confusing me with someone who is defending the Democrats.

As things stand, neither party has this kind of coherent discipline. They don't have the same culture of whips/party line that we do. Heck they had to get George Clooney in to get Biden to step down.

I think it's because the US is so geographically distributed. It also has had, until recently, a culture of slowing the workings of politicians and political institutions. In addition, the party's elected representatives have limited control over who gets nominated for the presidency, which is why Trump (historically a registered Democrat) was able to mount what was effectively a reverse takeover of the Republican Party. His takeover was so complete that he didn't even bother going through the motions of campaigning to be the presidential nominee.

If there is any justice, what follows will be a rout of the Republican Party which will lock them out of power for several decades. This happened in the 1930s following the Great Depression.

Re: That's the point

> For some ridiculous reason banks have continued to give him loans (I have my guesses - evil).

After his string of casino bankruptcies, the banks stopped lending him money. That's why he had to go to the Russians. Eric Trump admitted this in an interview some time ago.

Re: Shaking

what do you think Biden should have done ?

Re: Operating systems always "unsafe"

> You have to develop your own safety for an operating system,

No, you don't. That's the whole point.

> C is perfectly safe as long as you know what you are doing.

This is true of a lot of things considered dangerous for humans.

> but there is no way to do all the things that have to be done and still have a compiler run the safety

Excepting memory-mapped hardware, have you got any examples ?

> Safety has to be hardware dependent.

No it doesn't. There are many widely used memory-safe programming languages.

Re: Not magical thinking

They are static, but they are also things which are only necessary in a type-unsafe language. You don't need address checking in a language that validates address accesses at compile time. You don't need undefined behaviour checking in a language that has no undefined behaviour.

The second sentence is effectively suggesting that Rust's capabilities are not proven to work. Given the widespread adoption and the fact that Linus Torvalds thinks it is worth at least trying it in the kernel, I think the burden of proof is upon you to show that all these very clever people are wrong about Rust, not anyone else.

Re: Can have it both ways

>The whole reason people are using rust in the kernel is because it makes also makes some kernel code easier to maintain.

It makes some kernel code easier to maintain for some people, and makes life harder for others. It means that instead of having to learn one language, kernel devs have to learn two, because now any breaking changes they make could effect the Rust layer as well as the C codebase.

Re: This is the scariest part of all this, IMO

> it's an announcement that he plans to sabotage someone else's work, not because it has a technical flaw, but because he doesn't like it.

This is a mischaracterisation of what Hellwig said.

He didn't say he didn't like Rust. He said that maintaining two codebases in the same kernel would be too difficult and would threaten the future of the kernel.

I don't think he should be disciplined for saying this.

Re: Not magical thinking

> I dislike the syntax and the borrow checker adds not much to UBSan/ASan/Valgrind

You're comparing static to dynamic analysis. Valgrind/etc won't spot anything unless you have a test cases that triggers the problem.

Re: "it would suck"

> Software is the state of the hardware, and hardware has bugs.

Surely the idea is to have less bugs overall ?

Re: Have They Measured the Whole Problem?

Slight nitpick on an excellent comment : enterprise NICs (and most of the good cheap ones) do DMA, so there is no issue with getting packets out of the NICs internal buffers. This is usually set up as a ring buffer and you can usually configure the size. Of course, you absolutely can get issues if you fail to service the ring buffer quickly enough.

Avoiding dropped packets then becomes a case of tuning the ring buffer size and the parameters which flip between interrupt and polling mode.

No, you definitely do not want PREEMPT_RT in most enterprise settings where maximising workload per watt are prioritised. PREEMPT_RT significantly reduces throughput in order to improve latency. This is rarely what people want.

Re: Confused

Applications indicate they want to read more data by notifying the operating system via select()/poll()/epoll(). These mean "stop me, then wake me up when more data is available". The details of how to discover whether or not data is available are hidden by the kernel so the application doesn't need to care, it just needs to correctly use the proper API. Note that the poll(), epoll() calls are not a direction to the kernel to use polling instead of interrupts.

Imagine it's a web browser waiting for a response from a server. Simplified, the application opens a socket and sends data to the server and waits for the response by calling poll() on the socket.

When that happens, the kernel kicks in. If there is no data on the socket, the kernel won't reschedule the application. Later, the server responds - an interrupt occurs, the kernel reads the data and then places it in the application's socket buffer. The application is then rescheduled and can immediately read the data as soon as it is resumed.

In the alternative world with polling, the application does not change. Instead of waiting for an interrupt, a timer inside the kernel periodically wakes up and checks for data. If it is there, it follows the same series of steps that it did when it got an interrupt. The application does not have to change.

Some network cards, typically the higher-end ones, already effectively support this with a feature called "interrupt coalescing" where they will wait for their buffers to fill up, or for a timer to expire, before notifying the CPU.

The approach mentioned in the article is likely to be beneficial in high throughput scenarios, but not all. There is a crossover point; if your I/O is frequent and regular, polling is more efficient than interrupts due to the extra interrupt servicing overhead. If the I/O is more patchy, polling may waste CPU cycles through doing polling work which rarely finds available data, and it may also introduce latency as a packet will have to wait for the next polling interval before being serviced. According to the article they're adopting a hybrid approach to switch between polling and interrupts depending on the conditions, which is clever. Tune that right and I'd say this feature will end up being enabled by default for most deployments.

Interrupts are great if your I/O comes and goes at random, relatively infrequent intervals, which might be the case for compute-bound workloads

Re: It's not the language, it's just the way it's "talking"

> The precise issue is that C the language is not "memory unsafe" because it doesn't do memory management, the libraries and apps do that.

I am sorry, but you are very wrong.

Managing the stack is a form of memory management and the C language does this. If you declare a variable or an array etc on the stack, or take a pointer to it or dereference it, the compiler generates code for this purpose. Off-by-one errors and other stack-related bugs are a very common cause of instability or security bugs. That's a fundamental feature of C.

The use of malloc() and free() are discussed in the original K&R book and are defined in the ISO C99 spec (safe to assume they are in ANSI C89 and in subsequent ISO specs). They may not be operations that are directly converted into machine code by the compiler but that doesn't mean you can get away with saying they are not part of the language.

If you want to talk about losing credibility, scoring pedantic points by trying to suggest that the language and the support library which forms part of the language specification are not intrinsically linked seems like a good way to do that.

Re: Why a new language?

The whole point of using C is for the compactness and efficiency of the code. If you start adding stuff like this on it defeats the purpose. And unit testing can't give you what compile time memory tracking gives you.

Re: Why a new language?

> In my experience, Rust code is rarely shorter or easier to write than its C counterpart. It takes a lot of discipline to write anything sufficiently worthwhile in it.

This statement is probably not true if the definition of "sufficiently worthwhile" includes a memory safety guarantee.

Re: Why a new language?

> Now had the issue of memory safety, etc, in C (or the lack thereof) been addressed by creating a sub-set of C and/or a few features to mitigate some issues like use-after-free then it would have been fairly trivial to do this

"Come on boffins, get of your backsides and make C safe!"

Re: It's our gift to you this Xmas

it's not the hard leap that's the problem, it's confusing people with newly invented terminology.

Anyway, I'm off to get a life now. Happy Christmas.

Re: Does not compute!

> Oracle and SUSE want customers who are willing to pay for support. The $$$$$$$ focus is behind this move.

The problem that Red Hat had, and which this new group will have, is the cost of building the and maintaining the thing used by all the people who are not willing to pay for support.

I don't think they will, any more than the Americans were unhappy when the Soviet Union invaded Afghanistan. If this group are serious, it means they're going to burn a lot of cash building a stable enterprise OS that they will then give away to people who completely opposed to having to pay for it. They can't do that forever any more than Red Hat could.

If I were Red Hat, I'd be quite pleased. Go ahead, knock yourselves out burning cash and giving stuff to people who won't pay.

Re: Opensolaris anyone? @containerizer

wasn't the "cumbersome LPAR system" basically a port of the long-established virtualization tech from their mainframe line ? I can see why it would have made sense if their enterprise customers loved it (which they did/do).

Re: Opensolaris anyone?

I disagree. The market killed SPARC, along with MIPS and POWER. I think that leaves IBM as the only vendor selling enterprise IT platforms based off a proprietary architecture (which I understand is basically a heavily modified POWER arch under the hood?). We'll see how long that lasts ..