[libre-riscv-dev] offtopic: memory safety

Luke Kenneth Casson Leighton lkcl at lkcl.net
Wed Jul 17 21:37:10 BST 2019


On Wed, Jul 17, 2019 at 9:22 PM Jacob Lifshay <programmerjake at gmail.com> wrote:
>
> I found a great article about what memory safety means in languages like C,
> C++, and Rust, describing why "what the hardware does is not what your
> program does":
> https://www.reddit.com/r/rust/comments/cd522f/what_the_hardware_does_is_not_what_your_program/

 as someone who was brought up on systems-level programming (samba,
freedce, apache2), i am staggered beyond belief at the level of
complete incompetence and ignorance that seems to be spreading, which
even *requires* these kinds of posts.

 of even deeper concern is that they're used to justify one language
over another for completely inappropriate purposes.

 certain classes of problem (certain classes of services) *require* a
deep understanding of both that service *and* the hardware *and* the
OS on which it is running *and* the compiler, and if you do not have a
full understanding of all of those, there is simply no getting round
any of those requirements by "picking an alternative language that's
quotes better quotes".

 in the case of the samba team "leaders", they simply genuinely had no
idea - and no respect for - the dual nature of the two OSes that they
were working with (windows *and* unix).  it was too much for them, and
they made - repeatedly - poor design choices as a result.

there's a rather long ongoing thread on comp.arch about undefined
behaviour, where several extremely experienced programmers are
participating.

l.



More information about the libre-riscv-dev mailing list