* Posts by halfstackdev

11 publicly visible posts • joined 8 Feb 2024

'Key kernel maintainers' still back Rust in the Linux kernel, despite the doubters

halfstackdev

Re: If I understand the logic, I understand the reasoning...

Given that this type of situation was entirely predictable.. then why on earth did they think it was technically feasible to introduce a 2nd language that was unable to read and apply existing C header files ?

They knew Rust couldn’t handle C header files, so they knew that interfaces would have to be manually maintained, so they knew this situation would come up often.

It’s almost like they deliberately set out to make the existing kernel unmaintainable, so as to force a complete rewrite/takeover at some point.

halfstackdev

Sad to see

Anyone remember how the Linux kernel project used to be a small self-funded group of anti establishment hackers, who never seemed to sleep ?

Now it looks like an overstaffed sheltered workshop run by 100 different government departments

It’s literally turned itself into some sort of C++ steering committee, or corporate SAP rollout before our very eyes

It reminds me of the closing scene in Orwell’s Animal Farm, where the starving but “liberated” farm animals get to peek through the window, and see their comrade piggies sitting at the table wearing suits, feasting, laughing and drinking wine with the farmers

Switching customers from Linux to BSD because boring is good

halfstackdev

Re: No security updates

You can upgrade and patch jails individually without needing to reboot the base system

halfstackdev

BSD - Dangerous and Unsafe !

The OP must be mistaken. It’s simply not possible for BSD to have significant uptimes

BSD is doesn’t use the latest memory safe language technology

Dangerous and Unsafe !

Even the kernel code in BSD doesn’t appear to use an npm like package manager to automatically pull in the hundreds of dependencies that must be needed to write even a basic for loop

Dangerous and Unsafe !

The guys writing and maintaining all this unsafe code don’t even use the the latest AI tools to generate half the code … and they are probably not even using an electron powered graphical code editor provided by big tech either. They are probably using vi - without so much as syntax highlighting.

Dangerous and Unsafe !

By rights, BSD must be unsafe and highly unstable. Just booting it up would be enough to catch covid from the experience, let alone experience any uptime at all

Don’t go near BSD unless you are wearing at least 3 layers of government approved masks

Much better to wait a few more weeks until a better operating system is delivered - one written from scratch in a proper memory safe language

Torvalds weighs in on 'nasty' Rust vs C for Linux debate

halfstackdev

Re: Rust is like a car with ABS, TC, airbags, etc.

Good analogy

I would go one step further and say Rust is like a motorbike with airbags, seatbelts, automatic braking, AI lane assist, roll cage, bull bar, .. and a bevy of other perfectly reasonable sounding “safety features” such that the sum of the parts is dangerously unusable contraption that doesn’t belong on the road

LLM-driven C-to-Rust. Not just a good idea, a genie eager to escape

halfstackdev

Brilliant idea

This is a brilliant idea, and I predict that it will be highly successful.

The aim of the project is clearly simple - it’s a money laundering operation that will be used to convert taxpayer funds into real estate, shares, and other hard assets.

String together some buzzwords associated with all the latest things - AI, Rust, Cybersecurity etc .. and use that to pass funding to a project that can’t be measured. Pay a bunch of techs to chase rainbows… and pocket the difference.

At the end of it all, file away a report on the “findings”, rinse and repeat with the next latest thing.

Success !

DARPA suggests turning old C code automatically into Rust – using AI, of course

halfstackdev

Re-encoding human behaviour using Tractor AI

Given that human thoughts and behaviours can essentially be digitised.. we should force all Citizens to take a surgically implanted AI chip that will intercept all neural actions … rewrite them in Rust on the fly .. and then re-output them onto the neural pathways.

The proven power of Rust to detect and correct mistakes is legendary.. so why not apply it to humans ?

No more traffic accidents, food cooked to perfection every time, trains running on time every time, sports stars will shoot a perfect goal with every kick, no more awkward social interactions, no more romantic rejections, pass any exam, take over and land an airliner when the pilot has a cardiac arrest, win a F1 race on your first attempt, win every hand at blackjack, and always roll a 6 on every dice… etc etc.

End hunger, war, poverty, disease, addiction, nasty tweets, and all forms of incorrect thoughts.

We can do this !

CISA looked at C/C++ projects and found a lot of C/C++ code. Wanna redo any of it in Rust?

halfstackdev

Some tooling red flags

Some general traits in dev tooling that should be red flags for the probability of producing reliable and maintainable software

- Is the code easy to read ?

- Can you tell what the code is doing by taking a part of it in isolation, or do you need to read wider implementation to see whats going on ?

- Can you tell by looking at the code where it grabs resources, and where it releases them (from file handles to memory allocation) ?

- Can you tell by looking at a function where it returns, or are there hidden control flow mechanics to jump out early ?

- Does the tooling make it so easy to pile on 3rd party libs as dependencies, that its idiomatic to just pull in a dependency rather than do a trivial implementation inline ?

- Is the tooling backed by a massive marketing machine that makes bullshit promises along the lines that "now anyone can produce perfect code without any experience or skill"

- Are the in-company people that promote these tools obnoxious and humourless assholes with personality defects that make it impossible for them to ingest any critique at all ?

- Are these same people even aware of better alternative tools, or do they dismiss them out of hand, because reasons ?

I don't know of many tools that tick a lot of those boxes. ... but if I did start to see one that scored highly on the above list being pushed into use in an organisation, it would be easy to predict that the product would be s**t, the company culture would be s**t, and the people who had to maintain the pile of s**t would have no work life balance, leading to a collapse of the product in the near term.

Rust developers at Google are twice as productive as C++ teams

halfstackdev

Japanese army study

1937, officers of the Japanese army.. after extensive field testing in controlled conditions.. conclude that infantry on the attack, armed with the bayonet, are twice as effective as defending troops in dug in positions, with machine guns.

No bias here !

Correlation is causation

Using Rust will slash the incidence of tooth decay in half, improve your posture, and increase your chances of winning the lottery all at the same time.

Rust can help make software secure – but it's no cure-all

halfstackdev

A few random points

- It has been demonstrated already that safe Rust is still vulnerable to speculative execution exploits, and memory buffer over read attacks

- Rust sits on top of LLVM, which has thousands of outstanding issues, and a slow response time to getting them fixed

- Code that the Rust compiler can prove to be safe is only a subset of code that is safe. You can write well designed and safe code that the borrow checker cannot compute. To get it through the compiler means breaking a good design and making compromises. A lot of people consider this a good thing … different type of people consider this a bad thing. YMMV

- If you have ever spent a more than a week working triage on large systems, you will already know where most of the bugs come from. It’s usually the code that is hard to read, hard to review. Complex, clever, overly verbose abstractions and data structures have a unique “unsafety” all of their own

- If your product is a static native binary that your users download and run, then yes, memory safety is obviously important. If your product is a hosted service that you maintain.. what is important is the turnaround time for finding + fixing + releasing the bug update. A lot of the time, it is not even the original author that has to do this. The turnaround time is generally a function of how fked up and abstracted the code is.

Burnout epidemic proves there's too much Rust on the gears of open source

halfstackdev

Ah burnout …

Why is it that the Rust project is burning through developers, but other similar open source projects are not ?

What’s the big difference?

Compare to, say Zig / Odin / Bun / Elixir etc

Those projects are smashing it out of park in comparison, and do not have a consistent burnout problem.

All I can think of is that as a contributor to Rust, you have no say in the direction of the project, and have to deal with non-programmers who make all the big calls about priorities. That would be enough to burn anyone out.