"Hard to learn" ? Google found that when they trained engineers to write Rust the majority of engineers reported they were confident writing Rust in 2 months or less and a third reported they felt not merely confident but as productive as in other languages in that time. Google describes this as "in line" with numbers for other languages they've taught their engineers so apparently it's not especially "Hard to learn" compared to other languages used at Google.
The problem with this assertion is that it says a lot of different things, some of which I'd believe to be true, and some of which I do not.
> Shouldn’t readability/ understandability be a critical requirement for kernel code?
I don't think anyone is going to say "readability is not important," but the problem is that there's a looming question of "for whom"?
This is basically part of the issue here. You are making an incredibly broad generalization about a fairly complicated topic, one of which we don't even have a lot of evidence about, but many opinions.
Rust is hard/simple. The rules aren't complex. The constructs aren't complex. But it's hard to write because the rules are very restrictive.
Rust is also much easier to read than write (for a reader who understands the rules).
It's optimising for exactly the things you want in systems programming:
Easier to read than the write.
Simple rules that are easy to understand but hard to follow, and that produce simple programs.
Compare that to C which is easy/complex. It's much easier to write than to read. It's easy to learn and write but produces code that's very complex. The rules are all by convention instead of part of the type system.
That's pretty out of context. Before that, they say this:
> The rules aren't complex. The constructs aren't complex.
So yes, once you understand it, you understand it, but they also specifically said it's not hard to get to the point of understanding it. If we're going to assume that any out-of-context quote is equivalent to the entirety of the content, I'll just cite you on this one:
Its pretty easy to learn the rules. Once you've done that you can watch a game and know roughly what is happening. But its still a hard game to master.
> Maybe the answer for more secure kernel code is C with better security analysis tools?
Perhaps like a way of expressing the constraints of a program and automatically checking if portions of a program satisfy those constraints. Aka a type checker.
Type checkers are not enough and there are many constraints they can not check.
>C is not simple. It is small.
C is complex because of undefined/unspecified/implementation defined behaviour. Any language which is used on as wide of a range of platforms will have those issues.
> the relatively simple nature of C is what makes it suitable for large scale kernel development
the relatively simple nature of any language would make it suitable for ANY large scale development
I dont know why you attribute this to kernel development specifically. When you think about kernel development, the uniqe requirement is never "being simple". I would think it has something to do with being closer to bare metal and can do low level instructions performantly.
Hard to learn does not necessarily equate to hard to read. You don't need to learn to work with Rust's borrow checker to understand a bit of code, but figuring out how to change it might take longer.
"Windows NT is written in C and C++, with a very small amount written in assembly language. C is mostly used for the kernel code while C++ is mostly used for user-mode code. Assembly language is avoided where possible because it would impede portability."
> wil was primarily developed by the Windows shell team for writing usermode code, but the NDIS and Bluetooth teams have contributed some small kernel-specific features. Here's a few examples of how you can use wil in your kernel driver:
It's two different concepts. 1) hard to learn 2) hard to read/understand
I would argue rust is hard to learn, and not hard to read or understand once you know it. In my opinion, for example:
Hard to learn, easy to read: Rust
Easy to learn, hard to read: Perl
Hard to learn, hard to read: C++
Easy to learn, easy to read: Python
Even if you don't agree exactly with my opinions, you could maybe see the distinction between (easy/hard to learn) and (easy/hard to read, once you learned it).
I also think that 99% of the difficulty in learning rust is learning how to get to a compiled state. Once the binary is built, you can make a lot more assumptions about it than other binaries (for example, locations of crashes, overflows, ownership, memory freeing can all be detexted). Compare that to c or c++ where getting to a compiled state is way easier, but the resulting binary segfaults or other issues.
I think its more like 90% of language is simple and easy to learn whereas the rest 10% is complex and hard to learn (depending on your experience). You can do a lot just by using 90% of the language. This applies to other programming languages as well - some parts are easy and some are complex.
Shouldn’t readability/ understandability be a critical requirement for kernel code?