D mentioned on Rust discussions site

Dibyendu Majumdar mobile at majumdar.org.uk
Mon May 25 11:33:21 UTC 2020 

On Monday, 25 May 2020 at 08:48:33 UTC, Ali Çehreli wrote:
> On 5/24/20 4:08 AM, Dibyendu Majumdar wrote:

>> 
>> Well the jury is still out on these. Until we see a real OS 
>> written in Rust or D or Zig - he proof is not in claims but in 
>> the doing.
>
> It would be wasteful to write an OS to prove the claims. Unless 
> there is a technical impossibility, then it's doable.
>

Of course that would be silly. My assumption is that someone will 
write an OS in one of these languages because of security 
concerns. I think Google is looking at using Rust in Fuchsia. 
Fuchsia is interesting because the kernel was initially in C, but 
now I believe mostly it is in C++ to gain additional type safety.

https://fuchsia.googlesource.com/fuchsia/+/refs/heads/master/docs/project/policy/programming_languages.md

> Let's do it the other way: What proof there is for the claim 
> that those languages cannot be used for writing OSes? I know D 
> enough to know that it can be used to manage a CPU, send 
> electrical signals to all the I/O devices around it, etc.
>

Well there are several things to consider.

First is memory safety - I believe the only way to write OS in D 
or Rust is to use unsafe constructs in parts. Arguably this can 
be done in C++ too - mostly use smart pointers for example, and 
make restricted use of unsafe code.

Secondly a real world OS that is used can tell us if truly the 
resulting OS was more secure than say Linux which is written in 
C. Right now there are theoretical claims that the OS will be 
more secure.

In case of Rust there is an additional question - can development 
scale? Rust is particularly hard programming language in my view. 
Writing simple linked list or tree structure is not a trivial 
task in Rust. So can it scale to thousands of developers?

Finally performance impact of safe code. One of the reasons why 
folks use unsafe practices is that it is most performant.

I am not suggesting that D cannot be used to write an OS, but it 
remains to be seen whether an OS written in D or Rust is actually 
more secure in the real world.

More information about the Digitalmars-d mailing list