LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Are they using the right technology?

Are they using the right technology?

Posted May 23, 2012 13:03 UTC (Wed) by mpr22 (subscriber, #60784)
In reply to: Are they using the right technology? by NAR
Parent article: A Tale of Two Pwnies (Part 1)

Because if you ask ten different programmers which safe language should be the ubiquitous successor to $UBIQUITOUS_UNSAFE_LANGUAGE, you'll get ten different answers probably including "my completely perfect language that has never been used for any real-world application except its own compiler and in which you need a PhD to write 'Hello World'", "none of them because if you need a safe language to write safe programs you shouldn't be allowed to program", and conceivably "none of them because no programming language should be allowed to achieve ubiquity".

(Log in to post comments)

Are they using the right technology?

Posted May 23, 2012 13:22 UTC (Wed) by NAR (subscriber, #1313) [Link]

And how is that relevant to my comment? The Chrome team could use one language that can avoid buffer overflows and integer overflows/underflows. There are decades old technologies out there with millions of users, making millions of dollars, just choose one. Or invent one (it's not like Google didn't create a language before). It doesn't have to be the "right for all cases" language, it just has to be able to avert these silly mistakes.

Are they using the right technology?

Posted May 23, 2012 15:14 UTC (Wed) by Yorick (subscriber, #19241) [Link]

You are perfectly right — no, they are clearly not using the right language for a security-critical program (which many of them are nowadays). The problem is that, even assuming that Google are free from the common prejudices and management stupidities that plague many companies (language X is unproven, it is too difficult to find programmers who know X, we are an all-Y shop, and so on), the choice is limited for the kind of application they want to write.

There are languages that would do, at least ones that come close enough for a resource-rich company with the right ideas to build on and improve on in the directions required. It's not that we don't know how to avoid C's faults if we get to design something new, and decades of language implementation have also taught us one or two things.

Of course C is difficult to replace in a world that is built around it — OS interfaces, libraries, third-party middleware, IDEs and tools. A modern web browser is formidably complex, being a hybrid of a large-scale GUI application, an embedded language runtime with a native code compiler, and a low-level system component. C and C++ are inadequate for all aspects of it, but can at least be used for all of it and are readily available.

To take an example, the Rust developers may have the right level of ambition. Their design is conservative, avoiding too much fancy language technology, but enough for something that feels reasonably modern and avoids some well-known "billion-dollar" mistakes.

I don't believe that C or C++ can be "fixed", either by extending the language or by inventing new tools. There are simply too many problems and they are too deeply engrained in the design.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds