Christophe de Dinechin <dinec...@redhat.com> writes: >> On 26 Jan 2020, at 16:04, Peter Maydell <peter.mayd...@linaro.org> wrote: >> >> On Sun, 26 Jan 2020 at 08:10, Christophe de Dinechin >> <dinec...@redhat.com> wrote: [...] >> You'd have more luck persuading me we should move to Rust: >> at least then we'd get some clear benefits (no more buffer >> overrun security bugs) for the upheaval :-) > > This is largely a myth as soon as you need to do “your own stuff”. > Example: CVE-2019-18960, https://seclists.org/oss-sec/2019/q4/141.
I think "largely a myth" is too harsh. Yes, it's not a silver bullet to insta-slay all memory and concurrency safety vampires. It does provide useful guarantees, though. How useful exactly in practice time will tell.