From nobody Thu Sep  5 20:36:09 2024
X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4X0B3B6Dj2z5TsX7
	for <freebsd-hackers@mlmmj.nyi.freebsd.org>; Thu, 05 Sep 2024 20:36:22 +0000 (UTC)
	(envelope-from asomers@gmail.com)
Received: from mail-vk1-f178.google.com (mail-vk1-f178.google.com [209.85.221.178])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "smtp.gmail.com", Issuer "WR4" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4X0B3B3BTkz4pZ4
	for <freebsd-hackers@freebsd.org>; Thu,  5 Sep 2024 20:36:22 +0000 (UTC)
	(envelope-from asomers@gmail.com)
Authentication-Results: mx1.freebsd.org;
	none
Received: by mail-vk1-f178.google.com with SMTP id 71dfb90a1353d-4fd19da17dfso636139e0c.1
        for <freebsd-hackers@freebsd.org>; Thu, 05 Sep 2024 13:36:22 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1725568581; x=1726173381;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=lbDv8UvJsu6dETEKdr5P2bBqVAHtaWq3UjS71P0ORSA=;
        b=w8NaFp1pICvn6is5DdZPUG2Q9xZnQSGN2X3VSumkEmP5mS6U6LKmcK17efOFtmqL3Y
         oN8hIKT8SYljdkLuDj/sry1exBps8mVuqhAr/Yuj3+H4CgnEjKCJcz4IpuIoDK4aD1Wz
         pxYcNqMnwSZLgMO5Zp0D75S6WsQ+a6FGQSqPd7ImdgnvL/GwnJg+AuM3vk1r+akJKCzj
         +iOegU0zg4opZKximwWIh58zNC3hpbylxWVk905n5ImOPrfEyQvKX6+hTlqXtl/Iu5Ok
         6O+IPxzFE8O7X3xPJQbmPK6Ky00ZH0KdaKnUpn6HpxG48mumX9yJ0yGbJC4UJde0PCTb
         HvZQ==
X-Gm-Message-State: AOJu0YwCqw/Gbmg/wcNTJ6OrZrzzxBgz/L2J+xx2MabsXuo4/p5K4Z44
	WwaYO2lyDsQQ8evWnDFSpa6h55wPGZK0cDZTxl5yDB7bAH29iF4Qcwg04caDfyogALyg9TppknW
	W4V8slXY/IGdL07wHrkkZwkfBKc6f5w==
X-Google-Smtp-Source: AGHT+IEWLBO22iHCQNbu/8WKmrOG1E3rUzV+s3HqJhvSB1Uwj7y0z8SeBrPCKZBjjggNeBRJ32C+T42BmZkGpAQbOfo=
X-Received: by 2002:a05:6122:168d:b0:4f5:d98:5ec3 with SMTP id
 71dfb90a1353d-5019d4952e5mr655286e0c.6.1725568581410; Thu, 05 Sep 2024
 13:36:21 -0700 (PDT)
List-Id: Technical discussions relating to FreeBSD <freebsd-hackers.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-hackers
List-Help: <mailto:freebsd-hackers+help@freebsd.org>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Subscribe: <mailto:freebsd-hackers+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-hackers+unsubscribe@freebsd.org>
Sender: owner-freebsd-hackers@FreeBSD.org
MIME-Version: 1.0
References: <CAOtMX2iCNX5OkdeghnbmcMrO0UYWwm4zfxFSZGznOznu+mh5rA@mail.gmail.com>
 <CANCZdfoHP3G3YMvpqVwpQZSRQ64pnYhBJD60Dcar+BCUaJNL-w@mail.gmail.com>
In-Reply-To: <CANCZdfoHP3G3YMvpqVwpQZSRQ64pnYhBJD60Dcar+BCUaJNL-w@mail.gmail.com>
From: Alan Somers <asomers@freebsd.org>
Date: Thu, 5 Sep 2024 14:36:09 -0600
Message-ID: <CAOtMX2hY22v6w5coXSVEtoKWfJTYY-ML6zt-fUf=R6upc-bvgQ@mail.gmail.com>
Subject: Re: The Case for Rust (in any system)
To: Warner Losh <imp@bsdimp.com>
Cc: FreeBSD Hackers <freebsd-hackers@freebsd.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]
X-Rspamd-Queue-Id: 4X0B3B3BTkz4pZ4

On Thu, Sep 5, 2024 at 2:16=E2=80=AFPM Warner Losh <imp@bsdimp.com> wrote:
>
>
>
> On Thu, Sep 5, 2024 at 12:10=E2=80=AFPM Alan Somers <asomers@freebsd.org>=
 wrote:
>>
>> By now I expect that most of you have seen the long list of new
>> security advisories that just came out.  Strikingly, all were the
>> result of memory handling errors.  And none of them wouldn't have
>> happened if their respective programs had been written in a
>> memory-safe language.
>
>
> FreeBSD represents hundreds of thousands or millions of man hours
> in its current form (depending on how you measure it). It has evolved
> over 30 years. To get to the same level of maturity in a rust rewrite wou=
ld
> take a similar amount of time. But even if it took an order of magnitude
> less because rust is that much better, that represents a huge pool of
> manpower that don't seem to be hanging out around the project just
> waiting for something to do.

Sure.  I for one am not volunteering to rewrite CTL next week.

>
> Where do the resources for this come from? Without enough resources,
> the rewrites will be crap and nobody will want to use them (or maybe even
> FreeBSD). The rewrites to date have lost functionality (though maybe not
> functionality that's important) relative to what they replace.

Which rewrites are you thinking of?

>
> So great, we should switch to rust. But so far we have no way to do that
> incrementally (other than a parallel build system, which isn't very FreeB=
SDish).
> And if we can't even find the resources to do that minimal level of work,=
 how
> can the rest possibly be robustly undertaken?
>
> Warner

Your point is obvious; FreeBSD is too big to rewrite the whole thing.
But my point stands: new projects (whether inside of FreeBSD or not)
should almost always be using a safe language.  And any component that
needs a major overhaul anyway should probably also be written in a
safe language, too.