top | item 28092678

(no title)

eafer | 4 years ago

If you are thinking about rust, we don't have any data about it in the context of the kernel yet, not even for device drivers. It may prevent some exploitable bugs, but those aren't a big concern for filesystems - otherwise they wouldn't be put inside the kernel at all. The reality is, we don't know if it would help; and given how conservative we all are with our filesystem implementations (for good reasons), it's possible that we never will.

discuss

naasking|4 years ago

I'm not thinking about anything specific, I'm simply disputing your general claim that moving away from C would not help, when it has clearly helped in every single other domain of software development. I see no real reason why file systems should be any different, but clearly you do, so I was asking you why you think file systems would be different.

And for specific examples of options with better safety records, then sure Rust would be one possibility, as would Ada, or Frama-C if you need to stick with C.

eafer|4 years ago

OK, I thought you meant rust because that's the only other language with chances of getting support inside the Linux kernel right now.

> I'm simply disputing your general claim that moving away from C would not help

I never said such a thing, I said we don't know. As always, in theory, there is no difference between theory and practice; in practice, there is.