Date: Tue, 10 Sep 2024 23:49:49 +0900 From: Tomoaki AOKI <junchoon@dec.sakura.ne.jp> To: Kyle Evans <kevans@FreeBSD.org> Cc: freebsd-hackers@freebsd.org Subject: Re: The Case for Rust (in any system) Message-ID: <20240910234949.85d5a48c9b9f7bcf945794fc@dec.sakura.ne.jp> In-Reply-To: <49239d9a-aece-4b6b-b896-d7b4899149fc@FreeBSD.org> References: <CAOtMX2iCNX5OkdeghnbmcMrO0UYWwm4zfxFSZGznOznu%2Bmh5rA@mail.gmail.com> <49239d9a-aece-4b6b-b896-d7b4899149fc@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 9 Sep 2024 16:11:40 -0500 Kyle Evans <kevans@FreeBSD.org> wrote: > On 9/5/24 13:09, Alan Somers wrote: > > By now I expect that most of you have seen the long list of new > > security advisories that just came out. Strikingly, all were the > > result of memory handling errors. And none of them wouldn't have > > happened if their respective programs had been written in a > > memory-safe language. > > > > In fact, of all the C bug fixes that I've been involved with (as > > either author or reviewer) since May, about three quarters could've > > been avoided just by using a better language. > > > > The real takeaway here is that C is no longer sufficient for writing > > high quality code in the 2020s. Everyone needs to adapt their tools. > > Programmers who don't will increasingly come to resemble experimental > > archaeologists, i.e. people who learn flintknapping to "keep the > > knowledge alive". Such people are valuable, but definitely niche. I > > for one don't want my career to go in that trajectory. > > > > To summarize, here's the list of this week's security advisories, and > > also some other recent C bug fixes of my own involvement: > > [... snip ...] > > If even half of the energy that has gone into these threads would've > been spent on a proof-of-concept rust-xtoolchain implementation with > some motivating cases instead, we'd be in a lot better place to actually > have these conversations. > > Thanks, > > Kyle Evans Shawn would be working on the PoC now. Let's see how it goes. The worst is that the work is rejected AFTER it's almost done. It's clearly wastes of times/efforts. My guess about this thread is that it is needed to determine what is acceptable, what's not, what's needed to be confirmed. Clarifying the above as much as possible before starting the work is a good thing. Now we know how many pros&cons exists, and what are proposed as possible alternatives. Unfortunately, it's still "chaotic" and maybe need some more times. And discussions are ongoing at forums.frebsd.org, too. [1] It already is quite a long thread. [1] https://forums.freebsd.org/threads/the-case-for-rust-in-the-base-system.92024/ -- Tomoaki AOKI <junchoon@dec.sakura.ne.jp>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20240910234949.85d5a48c9b9f7bcf945794fc>