Conversation

Patrick Walton
@pcwalton
Go has GC and Rust doesn't. If you were to design an explicitly C-like language with memory safety and without GC, it would look a lot more like Rust than Go. The idea that Rust was designed by a bunch of C++ fans is absurd. Most of us were ML fans more than anything. t.co/SWJhLJptY3
This Tweet is unavailable.
3
238
This Tweet was deleted by the Tweet author. Learn more
Patrick Walton
@pcwalton
The issue is that generics are basically a requirement for memory safety without GC as Rust does it. Otherwise you can't create safe abstractions, which would mean that every time you want a linked list you have to write unsafe code. That would undermine memory safety.
2
15
This Tweet was deleted by the Tweet author. Learn more
Daniel Micay
@DanielMicay
Go is only memory safe if you force the runtime to use a single OS thread. It's not memory safe by default. It doesn't pay the price of providing safety in the presence of data races like Java. The built-in map and slice types don't maintain memory safety during data races.
1
7
Patrick Walton
@pcwalton
Replying to
@DanielMicay
I’ve had famous security people tell me that there is no way that issue could be exploited. I was skeptical but I was willing to concede the point at the time 🤷‍♂️
1
5
Daniel Micay
@DanielMicay
Replying to
@pcwalton
It's definitely exploitable. The chance of a successful exploit is likely very low in most cases, but an exploit can be targeted at a fleet of devices and even a 1/10000 chance of success is a massive problem. In many cases, there's process respawning allowing repeated attempts.
1
4
Show replies
This Tweet was deleted by the Tweet author. Learn more
Daniel Micay
@DanielMicay
Slices and maps aren't implemented with locks and manage memory based on multi-word fields in a non-transactional way. It would be possible to make a memory safe implementation of those data structures but they're core data structures used everywhere and it'd destroy performance.
1
1
Show replies