Re: The Case for Rust (in the base system)

From: Matthias Andree <mandree_at_FreeBSD.org>
Date: Mon, 22 Jan 2024 18:17:30 UTC
Am 21.01.24 um 11:24 schrieb Bertrand Petit:

> 	One of the strong values of FreeBSD is its stability. For fun I
> recently booted a 4BSD-something on a VAX emulator and immediately felt at
> ease, because of this stability. I perceive rust, despite some of its
> technical merits, as unable to provide that kind of stability. This language
> is a fast and (still) unstable moving target, so fast that once integrated it
> will immediately be obsolete on release. The integrated version would probably
> only be usable to compile base, countless other packaged versions would be
> required to compile ports---I'm also thinking about llvm here. That is bound
> to be a maintenance nightmare, for the FreeBSD teams and for the users alike.

I have read this thread up to what's here now, and I like that it kept 
to a very useful constructive tone and arguments exchanged.

So, personally, I've always found a language whose compiler gets 
recompiled several times a week if I do ports development is something I 
definitely can't advocate having in source.

The same goes for the 3rd party stuff.

Even if you mirror external dependencies to prevent from losing them 
with some upstream maintainer's decision, and keep maintainable, that 
begs the question: who is reviewing, polishing, maintaining this?  We 
certainly don't want Log4J-like disasters to strike because in all 
convenience and "don't rewrite the world" programmer-time efficiency 
claims we used all sorts of, whoever wrote this, "half the Internet".

I understand that people who have spoken up in this thread have 
inter-individually mixed feelings (meaning one person proposes it, the 
next person is loathe of it) about C++, about the Standard Template 
Library (STL) in particular, and I find it a pity that most arguments in 
this thread around C++ did not mention a standard edition's year.

I have been around C++ since before it became an ISO standard, I have 
seen it on the decline when C++03 seemed to have stalled, but I can 
really sympathize with Microsoft's "Welcome back to C++" approach.  C++ 
has come a really long way, and over the past decade shown to deliver 
continually. C++14 or C++17 is lightyears ahead over what people left 
behind who haven't followed/used it in many years.

So I really would have wished for people to not just write C++ but 
really the minimum/oldest edition they would consider.

I understand why people sometimes steer clear of Standard Template 
Library - but I really liked how clear the dis-/advantages of its 
datatypes and algorithms are laid out.  Yes, you can still shoot holes 
into your extremities when abusing the language, but Rust also has 
unsafe modes...

Rust advocates usually write about safety, but do we really want to 
argue about introducing all this technical debt to just rule out ONE 
PARTICULAR class of errors when there are dozens of others that open up 
security risks?   Seems a bit drastic to me.

Do Rust proponents audit what all the indirect dependencies' codes do 
before referencing them?  Or are there bodies that tell us what 
libraries are safe, when the base language can't dance?

So bottom line, let's see to pushing Rust back and keeping it out of the 
base system until it is stable, mature, and useful without betting and 
risking our world on half of the outside Internet -- and we really know 
it's not just another fad of the decade and have valid use cases that 
really can't be shown in what we have in the base system today.

-- 
Matthias Andree
FreeBSD ports committer, speaking his personal opinion