From nobody Tue Sep 10 14:49:49 2024 X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4X367F0QB9z5VwwC for ; Tue, 10 Sep 2024 14:50:01 +0000 (UTC) (envelope-from junchoon@dec.sakura.ne.jp) Received: from www121.sakura.ne.jp (www121.sakura.ne.jp [153.125.133.21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4X367D32ZCz4YkQ; Tue, 10 Sep 2024 14:50:00 +0000 (UTC) (envelope-from junchoon@dec.sakura.ne.jp) Authentication-Results: mx1.freebsd.org; none Received: from kalamity.joker.local (123-1-21-232.area1b.commufa.jp [123.1.21.232]) (authenticated bits=0) by www121.sakura.ne.jp (8.17.1/8.17.1/[SAKURA-WEB]/20201212) with ESMTPA id 48AEnni9008978; Tue, 10 Sep 2024 23:49:49 +0900 (JST) (envelope-from junchoon@dec.sakura.ne.jp) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=dec.sakura.ne.jp; s=s2405; t=1725979789; bh=5LRx4bIIJlK9u6Jw6dHQW4OmwthwukK9ex16GmzILyY=; h=Date:From:To:Cc:Subject:In-Reply-To:References; b=HzuPUO2BfltyyPpXq2Dn4SRRBiNfgzM4cQWQjAEnwnieFHM5WLYqtj2yrVGSz6cXC /0X3G4C4ta7jMFDqJaEZz/DUN7zQPqa9SQ29iiJQr37c3Y5UcFS6A0hG/TpAbffxhp SWjzNor1bAZCjW+7HFUtTqGITknWJYfUe/VRSQZE= Date: Tue, 10 Sep 2024 23:49:49 +0900 From: Tomoaki AOKI To: Kyle Evans Cc: freebsd-hackers@freebsd.org Subject: Re: The Case for Rust (in any system) Message-Id: <20240910234949.85d5a48c9b9f7bcf945794fc@dec.sakura.ne.jp> In-Reply-To: <49239d9a-aece-4b6b-b896-d7b4899149fc@FreeBSD.org> References: <49239d9a-aece-4b6b-b896-d7b4899149fc@FreeBSD.org> Organization: Junchoon corps X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.33; amd64-portbld-freebsd14.1) List-Id: Technical discussions relating to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-hackers List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-hackers@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:7684, ipnet:153.125.128.0/18, country:JP] X-Rspamd-Queue-Id: 4X367D32ZCz4YkQ On Mon, 9 Sep 2024 16:11:40 -0500 Kyle Evans wrote: > On 9/5/24 13:09, Alan Somers wrote: > > By now I expect that most of you have seen the long list of new > > security advisories that just came out. Strikingly, all were the > > result of memory handling errors. And none of them wouldn't have > > happened if their respective programs had been written in a > > memory-safe language. > > > > In fact, of all the C bug fixes that I've been involved with (as > > either author or reviewer) since May, about three quarters could've > > been avoided just by using a better language. > > > > The real takeaway here is that C is no longer sufficient for writing > > high quality code in the 2020s. Everyone needs to adapt their tools. > > Programmers who don't will increasingly come to resemble experimental > > archaeologists, i.e. people who learn flintknapping to "keep the > > knowledge alive". Such people are valuable, but definitely niche. I > > for one don't want my career to go in that trajectory. > > > > To summarize, here's the list of this week's security advisories, and > > also some other recent C bug fixes of my own involvement: > > [... snip ...] > > If even half of the energy that has gone into these threads would've > been spent on a proof-of-concept rust-xtoolchain implementation with > some motivating cases instead, we'd be in a lot better place to actually > have these conversations. > > Thanks, > > Kyle Evans Shawn would be working on the PoC now. Let's see how it goes. The worst is that the work is rejected AFTER it's almost done. It's clearly wastes of times/efforts. My guess about this thread is that it is needed to determine what is acceptable, what's not, what's needed to be confirmed. Clarifying the above as much as possible before starting the work is a good thing. Now we know how many pros&cons exists, and what are proposed as possible alternatives. Unfortunately, it's still "chaotic" and maybe need some more times. And discussions are ongoing at forums.frebsd.org, too. [1] It already is quite a long thread. [1] https://forums.freebsd.org/threads/the-case-for-rust-in-the-base-system.92024/ -- Tomoaki AOKI