On 2020-02-09 15:05, David Riley wrote: > Correspondingly, the rather heavy requirements for the Go runtime make it a > lot less practical for small embedded use cases (though not impossible, as > recent list traffic indicates). If I were building a small (think <=256k > RAM) embedded system these days,
The bigger issues are a) these systems have no MMU making memory fragmentation/OOM less predictable. So a professional system will avoid dynamic memory completely. Actually Ada has been able to do this arguably better than Rust for a long time. You could probably do it in tinyGo/Go but then you certainly wouldn't be able to use much/any of the standard library probably. Even in C you have to be careful with some microchip vendors code. b) Perhaps rust momentum will carry it through but the microchip dev environments bundle c headers and compilers, peripheral registers in debuggers, so I doubt it. c) Sometimes there is no possibility of a security issue in a particular section of code and energy performance is critical; C/assembly cannot be beaten in performance. > I'd probably go with Rust, largely because I've come to recognize that the > undefined behavior in C/C++ makes writing definitively safe code impossible. Which undefined behaviour do you mean? If you use unsigned (yes Google, unsigned!) and understand the system and known portability isn't an issue then I'm not sure what undefined behaviour you mean. Functions can be written that avoid arrays being used out of bounds etc too. It is perfectly possible to write safe C as long as you are willing to avoid certain features. Why you don't get safe functions by default and a safe version of C by default is largely because elitists have historically required every feature of c left in tact and compiler extensions have tried to permit all features rather than a core subset. It is unfortunate but probably just an artefact of security being historically widely considered unimportant. Linus: A bugs a bug! One of the main drivers of Go was compiler time, how does rust compare there? I don't know much about rust, hearing the learning curve was steep, but development effort and readability may well make application level security issues more likely? It's a complex decision. Do I spend the time developing my IDE and perhaps hit a dead end or an unexpected OOM that is beyond my understanding. Or spend the time ensuring my C code is secure and know it will work well and read well? p.s. Does anyone know how well Rust reads as this is highly important to me? -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/e68e73a4-beff-7f44-2a20-05458d268929%40gmail.com.
