D mentioned on Rust discussions site

Paulo Pinto pjmlp at progtools.org
Mon May 25 12:09:28 UTC 2020 

On Monday, 25 May 2020 at 11:33:21 UTC, Dibyendu Majumdar wrote:
> On Monday, 25 May 2020 at 08:48:33 UTC, Ali Çehreli wrote:
>> On 5/24/20 4:08 AM, Dibyendu Majumdar wrote:
>
>>> 
>>> Well the jury is still out on these. Until we see a real OS 
>>> written in Rust or D or Zig - he proof is not in claims but 
>>> in the doing.
>>
>> It would be wasteful to write an OS to prove the claims. 
>> Unless there is a technical impossibility, then it's doable.
>>
>
> Of course that would be silly. My assumption is that someone 
> will write an OS in one of these languages because of security 
> concerns. I think Google is looking at using Rust in Fuchsia. 
> Fuchsia is interesting because the kernel was initially in C, 
> but now I believe mostly it is in C++ to gain additional type 
> safety.
>
> https://fuchsia.googlesource.com/fuchsia/+/refs/heads/master/docs/project/policy/programming_languages.md
>
>> Let's do it the other way: What proof there is for the claim 
>> that those languages cannot be used for writing OSes? I know D 
>> enough to know that it can be used to manage a CPU, send 
>> electrical signals to all the I/O devices around it, etc.
>>
>
> Well there are several things to consider.
>
> First is memory safety - I believe the only way to write OS in 
> D or Rust is to use unsafe constructs in parts. Arguably this 
> can be done in C++ too - mostly use smart pointers for example, 
> and make restricted use of unsafe code.
>
> Secondly a real world OS that is used can tell us if truly the 
> resulting OS was more secure than say Linux which is written in 
> C. Right now there are theoretical claims that the OS will be 
> more secure.


That one is easy, IBM i and IBM z/OS are written in a mix of 
Assembly and PL/S. Modern versions now also include C++, but it 
wasn't there during their first 20 years.

Unisys ClearCase MCP, written in NEWP, an almost safe systems 
programming language, 10 years older than C, the OS doesn't do 
Assembly, all CPU low level features are exposed as compiler 
intrisics.

Was one of the first OSes to introduce the concept of unsafe code 
already during the 60's, any executable or library with unsafe 
code is tainted and requires admin being signed off by the admin 
for execution.

Unisys still keeps it around and sells it to governments and 
business that need three letter agency security level access for 
data processing.

Common to all of them, C is only used on the POSIX containers.

More information about the Digitalmars-d mailing list