(it bugs me that in these discussions nobody ever clarifies which type of linked list they mean and the discussion invariably becomes "[doubly] linked lists are hard in rust" "what? [singly] linked lists are hard? rust is stupid"
-
-
Replying to @ManishEarth @andy_kelley and
I find most conversations about what " rust can't do", "unsafe means rust is broken", etc... Frustrating.
1 reply 0 retweets 3 likes -
Replying to @Brittain_Ben @ManishEarth and
That’s where I find the kernel analogy helpful. Sure, userspace code can’t directly talk to I/O devices. It can’t even allocate memory on its own! But nobody would say “memory protection is broken” for that reason.
2 replies 0 retweets 4 likes -
Replying to @pcwalton @Brittain_Ben and
You expect userspace not to be able to do those things because they're fundamentally about control over shared/external resources. Linked lists are not. You expect(*) unprivileged code to be able to make linked lists.
2 replies 0 retweets 0 likes -
Replying to @RichFelker @pcwalton and
Nodes in a doubly linked list are a shared resource though
1 reply 0 retweets 2 likes -
Replying to @Brittain_Ben @pcwalton and
Except they're not if no reference to the list leaks outside of a local, single-thread context.
1 reply 0 retweets 0 likes -
Replying to @RichFelker @Brittain_Ben and
That’s why we have LinkedList<T>…
1 reply 0 retweets 1 like -
Replying to @pcwalton @RichFelker and
Anyway, I agree there should be some kind of type system extension to allow you to prove linked lists and trees correct. I doubt it’ll matter much in practice, which is why it’s been low-priority, but it would be a good thing to have. (Been saying this for years BTW)
1 reply 0 retweets 2 likes -
Replying to @pcwalton @RichFelker and
It would be instructive to try to look at how, say, ATS, or Idris, does it and see how far you can get replicating whatever people do there in Rust’s type system.
1 reply 0 retweets 0 likes -
Replying to @pcwalton @RichFelker and
I’m sure you won’t get all the way since those are dependent type systems but it’d be interesting to see what we’re missing.
1 reply 0 retweets 0 likes
I have this rough vision of layers of type system complexity, where a more advanced opt-in type system can be used to prove what must be unsafe code today correct, while not leaking through to the outside normal-Rust world to keep the language accessible.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.