Comment Re:Further Proof Rust on Linux Kernal is Sabbotage (Score 2) 76
There's a valid argument to adding the SILK parallelism extensions to GCC and Clang, then seeing if these could improve Linux kernel performance.
There's a valid argument for using SEL4's theorem idea and writing theorems for core components, like the memory manager, to establish correctness in sections of code small enough and structurally simple enough for this to be doable.
Rust is currently slower (but not by much) than C, but does offer a few gems to improve robustness. Which, of course, you wouldn't need if you had the theorems, but you can't use theorems to robustify non-deterministic code. So allowing Rust is not necessarily bad, it's just not a direction I'd go for any code segment where formalism offers a wider range of advantages with no additional skills being required.
So I'm OK with Rust, it's merely not the first step I, personally, would have taken. There are, after all, a lot more mathematicians capable of writing theorems than there are Rust kernel programmers capable of writing truly safe Rust code. And Rust really only gives memory safety, the theorems would provide functional safety too.