Date: Sat, 5 Jan 2019 19:41:49 +0000 From: Igor Mozolevsky <igor@hybrid-lab.co.uk> To: Enji Cooper <yaneurabeya@gmail.com> Cc: Hackers freeBSD <freebsd-hackers@freebsd.org> Subject: Re: Speculative: Rust for base system components Message-ID: <CADWvR2ij6rHw-KS6Qm9xMAmJzCCvcpgQ1LHQrGknhiaGep6V1Q@mail.gmail.com> In-Reply-To: <451787DE-0659-4F7D-B011-904F90866DDB@gmail.com> References: <201901021829.x02IT4Kc064169@slippy.cwsent.com> <e954a12f-5d23-7a3f-c29b-c93e1250965c@metricspace.net> <361CCB81-AEB6-4EAC-9604-CD8F4C63948C@gmail.com> <CADWvR2ju7y_rcY3MFe_381yBmPXgm1BA7RzA9ZTUfTtCHdFGLw@mail.gmail.com> <6DF138FB-E730-477A-A992-8FE1944DDE94@exonetric.com> <CADWvR2hETR3j2=aNVGDiYfJeyeqgavDQOuxkxrE%2BVZFfD5BzJg@mail.gmail.com> <451787DE-0659-4F7D-B011-904F90866DDB@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 5 Jan 2019 at 19:16, Enji Cooper wrote: > > > On Jan 3, 2019, at 12:24, Igor Mozolevsky wrote: > ... > > > And by what metric is that "safety" measured, how does one measure > > "safety" objectively? To me, that sounds like a techie version of > > virtue-signalling... Even the Rust-clan seem to be rather confused > > about it: https://doc.rust-lang.org/nomicon/meet-safe-and-unsafe.html > > It=E2=80=99s pretty clear to me what the author means: rust features safe= and unsafe > extensions, much like C++, Java, Perl, python, tcl, etc. Generally speaki= ng, > =E2=80=9Cunsafe=E2=80=9D language features are those that require additio= nal care, like using > malloc/free appropriately, avoiding global state, locking resources as ne= eded, > etc. > > > Btw, Java is "safe" too, and it's been around for *much* longer! > > Not necessarily true. Are you aware of how native java extensions work? > > Java as a language was written to be generic/platform agnostic, however i= n > order to be useful, Java requires platform extensions. As such, Java > supports developers writing glue code in C/C++ (like python extensions), > which can have a host of potential issues with memory leaks, concurrency > safety, etc, in addition to potential issues with security sandboxing and= the like. > > With the number of zero-day bugs in java that have been in the language > in the past few years, I don=E2=80=99t trust the language=E2=80=99s sense= of safety in terms > of memory management and sandboxing in the JVM. You're being deliberately obtuse, right? Because there's no "native Rust extensions" (i. e. you can't make Rust call a buggy and unsafe c-library)? And can you seriously guarantee that there will be no zero-day bugs in Rust libraries, there's probably none *found* yet simply because hardly anyone does anything serious in it! Your slating of Java is just as applicable to Rust with the caveat that Rust has been around and thus explored and abused far less. Why would you trust automagic memory management in Rust when you don't trust Java's? Rhetorical, of course, as there's no sensible answer. -- Igor M.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADWvR2ij6rHw-KS6Qm9xMAmJzCCvcpgQ1LHQrGknhiaGep6V1Q>