• More precision of my philosophy about safety-critical systems and C++ a

    From Amine Moulay Ramdane@21:1/5 to All on Thu Nov 11 13:00:39 2021
    Hello,


    More precision of my philosophy about safety-critical systems and C++ and Rust programming languages..

    I am a white arab from Morocco, and i think i am smart since i have also invented many scalable algorithms and algorithms..

    Here is more proof that Rust has to be used in safety-critical systems:

    "Safe Rust guarantees an absence of data races, which are defined as: two or more threads concurrently accessing a location of memory."

    So i think that detecting races with the other ways than the one of Rust are NP-hard and they do report false alarm in that many of reporting race conditions are not real ones, so C++ has not to be
    used in safety-critical systems.

    And read my previous thoughts:

    I think i am smart, and i will say that C++ has not to be used
    in safety-critical systems, and we have to use Rust in safety-critical
    systems because it is suited for safety-critical systems and
    safety-critical systems are those systems whose failure could result in loss of life, significant property damage, or damage to the environment, here is why:

    Difficulties in race Detection

    "When using multiple semaphores in static race detection is NP-hard
    [9], which means it is hard to find an efficient solution. If the synchronization mechanism is weaker than semaphores, an exact
    and efficient algorithm does exist [10]. Otherwise, only heuristic
    algorithms are available [3, 5]. Because heuristic algorithms will
    only report potential race conditions, which means there may be
    false alarm in that many of reporting race conditions are not real
    ones. However, since detecting race condition is NP-hard
    problem, one will never know which of them are real race
    conditions. And, this is the reason why it is difficult to use a tool
    to find race conditions accurately."

    Read more here on the following paper so that to notice it:

    https://www.sjsu.edu/people/robert.chun/courses/cs159/s3/Y.pdf

    Also C++ has the following problems:

    - C++ is a highly complex language. Learning and fully understanding C++
    requires a huge learning effort. C++ code does not always do what one
    would ‘intuitively’ expect from looking at the source code. At the
    same time, the high complexity of C++ increases the probability of
    compiler errors. C++ compiler writers are only humans, after all.

    • While being a strongly-typed language, C++ leaves too many holes to
    circumvent the type system, deliberately or unintentionally.

    More of my philosophy about C++ and Rust and Microsoft and safety-critical systems..

    I invite you to read the following from Microsoft about Rust programming language:

    Microsoft: Rust Is the Industry’s ‘Best Chance’ at Safe Systems Programming

    https://thenewstack.io/microsoft-rust-is-the-industrys-best-chance-at-safe-systems-programming/

    I think that the above article is not correct, since i think that
    Rust is suited for safety-critical systems, so i think Rust is better
    than C++ in the safety-critical systems, but i think that C++ will
    still be useful with the Address sanitizer and ThreadSanatizer,
    and read my below thoughts since i have just added something in them:

    More of my philosophy about memory safety and inheritance in programming languages..

    "Address sanitization is not a security feature, nor does it provide memory-safety: it's a debugging tool. Programmers already have tools to detect that the code they've written has memory problems, such as use-after-free or memory leaks. Valgrind is
    probably the best-known example. This gcc feature provides (some of) the same functionality: the only new thing is that it's integrated with the compiler, so it's easier to use.

    You wouldn't have this feature turned on in production: it's for debugging only. You compile your tests with this flag, and automatically they detect memory errors that are triggered by the test. If your tests aren't sufficient to trigger the problem,
    then you still have the problem, and it'll still cause the same security flaws in production.

    Rust's ownership model prevents these defects by making programs that contain such defects invalid: the compiler will not compile them. You don't have to worry about your tests not triggering the problem, because if the code compiles, there cannot be a
    problem.

    The two features are for different sets of problems. One feature of address sanitization is to detect memory leaks (allocating memory and neglecting to free it later). Rust makes it harder to write memory leaks than in C or C++, but it's still possible (
    if you have circular references). Rust's ownership model prevents data races in sequential and multi-threaded situations (see below). Address sanitization doesn't aim to detect either of those cases. But you can use ThreadSanatizer"

    And using just plain C#, it has better memory protection, since the GC and runtime make it impossible to leak, double-free, or access out-of-bounds. C# has unsafe blocks just like Rust does. Safe Rust is just as safe from memory safety problems as safe C#
    .

    I think that a programming language has to provide "inheritance",
    and the new Rust programming language doesn't provide it and i think that it is a deficiency in Rust, here is why:

    As a software developer you have to become more efficient and productive. So you need to make sure the code you write is easily reusable and maintainable. And, among other things, this is what inheritance gives you - the ability to reuse without
    reinventing the wheel, as well as the ability to easily maintain your base object without having to perform maintenance on all similar objects.


    Thank you,
    Amine Moulay Ramdane.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)