Re: C aggregate passing (Rust kernel policy)

From: Gary Guo
Date: Sat Feb 22 2025 - 09:15:36 EST

Next message: Thorsten Blum: "Re: [PATCH] bcachefs: Remove duplicate condition in return statement"
Previous message: Ingo Molnar: "Re: [PATCH] rseq: update kernel fields in lockstep with CONFIG_DEBUG_RSEQ"
In reply to: Ventura Jack: "Re: C aggregate passing (Rust kernel policy)"
Next in thread: Ventura Jack: "Re: C aggregate passing (Rust kernel policy)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 22 Feb 2025 03:06:44 -0700
Ventura Jack <venturajack85@xxxxxxxxx> wrote:

> >Gcc used to initialize it all, but as of gcc-15 it apparently says
> >"Oh, the standard allows this crazy behavior, so we'll do it by
> default".
> >
> >Yeah. People love to talk about "safe C", but compiler people have
> >actively tried to make C unsafer for decades. The C standards
> >committee has been complicit. I've ranted about the crazy C alias
> >rules before.
>
> Unsafe Rust actually has way stricter rules for aliasing than C. For
> you and others who don't like C's aliasing, it may be best to avoid
> unsafe Rust.
>

I think the frequently criticized C aliasing rules are *type-based
aliasing*. Rust does not have type based aliasing restrictions.

It does have mutability based aliasing rules, but that's easier to
reason about, and we have mechanisms to disable them if needed at much
finer granularity.

Best,
Gary

Next message: Thorsten Blum: "Re: [PATCH] bcachefs: Remove duplicate condition in return statement"
Previous message: Ingo Molnar: "Re: [PATCH] rseq: update kernel fields in lockstep with CONFIG_DEBUG_RSEQ"
In reply to: Ventura Jack: "Re: C aggregate passing (Rust kernel policy)"
Next in thread: Ventura Jack: "Re: C aggregate passing (Rust kernel policy)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]