OK. I meant that if the type system Rust bases its memory-safety on didn't admit *any* way to do linked lists without unsafe, the whole formalism would be a lot less impressive/valuable than I thought it was...
-
-
I didn't even know it was possible, now I want to learn what a linked list looks like without using unsafe
2 replies 0 retweets 2 likes -
Replying to @andy_kelley @RichFelker and
use Rc and Weak Presumably y'all are talking about doubly linked lists, singly linked lists are possible to do efficiently in safe code
4 replies 0 retweets 6 likes -
Replying to @ManishEarth @andy_kelley and
(it bugs me that in these discussions nobody ever clarifies which type of linked list they mean and the discussion invariably becomes "[doubly] linked lists are hard in rust" "what? [singly] linked lists are hard? rust is stupid"
1 reply 0 retweets 2 likes -
Replying to @ManishEarth @andy_kelley and
I find most conversations about what " rust can't do", "unsafe means rust is broken", etc... Frustrating.
1 reply 0 retweets 3 likes -
Replying to @Brittain_Ben @ManishEarth and
That’s where I find the kernel analogy helpful. Sure, userspace code can’t directly talk to I/O devices. It can’t even allocate memory on its own! But nobody would say “memory protection is broken” for that reason.
2 replies 0 retweets 4 likes -
Replying to @pcwalton @Brittain_Ben and
You expect userspace not to be able to do those things because they're fundamentally about control over shared/external resources. Linked lists are not. You expect(*) unprivileged code to be able to make linked lists.
2 replies 0 retweets 0 likes -
Replying to @RichFelker @pcwalton and
Nodes in a doubly linked list are a shared resource though
1 reply 0 retweets 2 likes -
Replying to @Brittain_Ben @pcwalton and
Except they're not if no reference to the list leaks outside of a local, single-thread context.
1 reply 0 retweets 0 likes -
Replying to @RichFelker @Brittain_Ben and
That’s why we have LinkedList<T>…
1 reply 0 retweets 1 like
Anyway, I agree there should be some kind of type system extension to allow you to prove linked lists and trees correct. I doubt it’ll matter much in practice, which is why it’s been low-priority, but it would be a good thing to have. (Been saying this for years BTW)
-
-
Replying to @pcwalton @RichFelker and
It would be instructive to try to look at how, say, ATS, or Idris, does it and see how far you can get replicating whatever people do there in Rust’s type system.
1 reply 0 retweets 0 likes -
Replying to @pcwalton @RichFelker and
I’m sure you won’t get all the way since those are dependent type systems but it’d be interesting to see what we’re missing.
1 reply 0 retweets 0 likes - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.