Re: The Case for Rust (in any system)

From: Warner Losh <imp_at_bsdimp.com>
Date: Thu, 05 Sep 2024 20:16:45 UTC
On Thu, Sep 5, 2024 at 12:10 PM Alan Somers <asomers@freebsd.org> wrote:

> By now I expect that most of you have seen the long list of new
> security advisories that just came out.  Strikingly, all were the
> result of memory handling errors.  And none of them wouldn't have
> happened if their respective programs had been written in a
> memory-safe language.
>

FreeBSD represents hundreds of thousands or millions of man hours
in its current form (depending on how you measure it). It has evolved
over 30 years. To get to the same level of maturity in a rust rewrite would
take a similar amount of time. But even if it took an order of magnitude
less because rust is that much better, that represents a huge pool of
manpower that don't seem to be hanging out around the project just
waiting for something to do.

Where do the resources for this come from? Without enough resources,
the rewrites will be crap and nobody will want to use them (or maybe even
FreeBSD). The rewrites to date have lost functionality (though maybe not
functionality that's important) relative to what they replace.

So great, we should switch to rust. But so far we have no way to do that
incrementally (other than a parallel build system, which isn't very
FreeBSDish).
And if we can't even find the resources to do that minimal level of work,
how
can the rest possibly be robustly undertaken?

Warner