Speculative: Rust for base system components
Enji Cooper
yaneurabeya at gmail.com
Sat Jan 5 19:16:08 UTC 2019
> On Jan 3, 2019, at 12:24, Igor Mozolevsky <igor at hybrid-lab.co.uk> wrote:
...
> And by what metric is that "safety" measured, how does one measure
> "safety" objectively? To me, that sounds like a techie version of
> virtue-signalling... Even the Rust-clan seem to be rather confused
> about it: https://doc.rust-lang.org/nomicon/meet-safe-and-unsafe.html
It’s pretty clear to me what the author means: rust features safe and unsafe extensions, much like C++, Java, Perl, python, tcl, etc. Generally speaking, “unsafe” language features are those that require additional care, like using malloc/free appropriately, avoiding global state, locking resources as needed, etc.
> Btw, Java is "safe" too, and it's been around for *much* longer!
Not necessarily true. Are you aware of how native java extensions work?
Java as a language was written to be generic/platform agnostic, however in order to be useful, Java requires platform extensions. As such, Java supports developers writing glue code in C/C++ (like python extensions), which can have a host of potential issues with memory leaks, concurrency safety, etc, in addition to potential issues with security sandboxing and the like.
With the number of zero-day bugs in java that have been in the language in the past few years, I don’t trust the language’s sense of safety in terms of memory management and sandboxing in the JVM.
Thanks,
-Enji
More information about the freebsd-hackers
mailing list