CommunityNews

CommunityNews

Linus Torvalds on Rust support in kernel

On Wed, Apr 14, 2021 at 11:46 AM ojeda@kernel.org wrote:

Some of you have noticed the past few weeks and months that
a serious attempt to bring a second language to the kernel was
being forged. We are finally here, with an RFC that adds support
for Rust to the Linux kernel.

So I replied with my reactions to a couple of the individual patches,
but on the whole I don’t hate it.

HOWEVER.

I do think that the “run-time failure panic” is a fundamental issue.

I may not understand the ramifications of when it can happen, so maybe
it’s less of an issue than I think it is, but very fundamentally I
think that if some Rust allocation can cause a panic, this is simply
fundamentally not acceptable.

Allocation failures in a driver or non-core code - and that is by
definition all of any new Rust code - can never EVER validly cause
panics. Same goes for “oh, some case I didn’t test used 128-bit
integers or floating point”.

So if the Rust compiler causes hidden allocations that cannot be
caught and returned as errors, then I seriously think that this whole
approach needs to be entirely NAK’ed, and the Rust infrastructure -
whether at the compiler level or in the kernel wrappers - needs more
work.

So if the panic was just some placeholder for things that can be
caught, then I think that catching code absolutely needs to be
written, and not left as a to-do.

And if the panic situation is some fundamental “this is what the Rust
compiler does for internal allocation failures”, then I think it needs
more than just kernel wrapper work - it needs the Rust compiler to be
fixed.

Because kernel code is different from random user-space system tools.
Running out of memory simply MUST NOT cause an abort. It needs to
just result in an error return.

I don’t know enough about how the out-of-memory situations would be
triggered and caught to actually know whether this is a fundamental
problem or not, so my reaction comes from ignorance, but basically the
rule has to be that there are absolutely zero run-time “panic()”
calls. Unsafe code has to either be caught at compile time, or it has
to be handled dynamically as just a regular error.

With the main point of Rust being safety, there is no way I will ever
accept “panic dynamically” (whether due to out-of-memory or due to
anything else - I also reacted to the “floating point use causes
dynamic panics”) as a feature in the Rust model.

       Linus

https://lkml.org/lkml/2021/4/14/1099

This thread was posted by one of our members via one of our news source trackers.

Where Next?

Popular Linux topics Top

First poster: bot
If you’re looking for a solid web-based Linux admin GUI, look no further than the tried and true Webmin. Jack Wallen shows you how to ins...
New
First poster: bot
The Red Hat-sponsored Fedora Project has released its latest Linux distribution, Fedora 33. https://www.techrepublic.com/article/fedora...
New
New
First poster: bot
It looks like thanks to AMD’s increasing sales and continuing successes in the enterprise space with more HPC wins and the like, AMD is h...
New
CommunityNews
Linux is the poster-child for the C language. But times change. The Rust language has been slowly gathering support for use as a system l...
New
First poster: AstonJ
In a few weeks, Fedora 34 will be released, and alongside it - you will get to use Gnome 40, the next version of this namesake desktop en...
New
First poster: bot
Thirty years ago, Linus Torvalds was a 21 year old student at the University of Helsinki when he first released the Linux Kernel. His ann...
New
First poster: bot
The Linux HOWTOs are detailed “how to” documents on specific subjects. The HOWTO index lists all HOWTOs along with short descriptions. Th...
New
First poster: bot
Linux Sucks 2021 - The End of Linux is Nigh. Welcome to the 2021 edition of Linux Sucks! View video here: This thread was posted by...
New
CommunityNews
As movement toward memory-safe languages, and Rust in particular, continues to grow, it is worth looking at one of the larger scale effor...
New

Other popular topics Top

PragmaticBookshelf
Create efficient, elegant software tests in pytest, Python's most powerful testing framework. Brian Okken @brianokken Edited by Kat...
New
gagan7995
API 4 Path: /user/following/ Method: GET Description: Returns the list of all names of people whom the user follows Response [ { ...
New
rustkas
Intensively researching Erlang books and additional resources on it, I have found that the topic of using Regular Expressions is either c...
New
Maartz
Hi folks, I don’t know if I saw this here but, here’s a new programming language, called Roc Reminds me a bit of Elm and thus Haskell. ...
New
PragmaticBookshelf
Build efficient applications that exploit the unique benefits of a pure functional language, learning from an engineer who uses Haskell t...
New
PragmaticBookshelf
Author Spotlight Jamis Buck @jamis This month, we have the pleasure of spotlighting author Jamis Buck, who has written Mazes for Prog...
New
PragmaticBookshelf
Programming Ruby is the most complete book on Ruby, covering both the language itself and the standard library as well as commonly used t...
New
sir.laksmana_wenk
I’m able to do the “artistic” part of game-development; character designing/modeling, music, environment modeling, etc. However, I don’t...
New
AstonJ
If you’re getting errors like this: psql: error: connection to server on socket “/tmp/.s.PGSQL.5432” failed: No such file or directory ...
New
AstonJ
This is cool! DEEPSEEK-V3 ON M4 MAC: BLAZING FAST INFERENCE ON APPLE SILICON We just witnessed something incredible: the largest open-s...
New