Re: VMS

Rich <rich@example.invalid> writes:

Rust's "memory safety" is nothing new.  New maybe to "Today's 10,000"
(https://xkcd.com/1053/) but not new to the world of programming.

??? nobody is claiming that memory safety is new with Rust, nor even
that the the techniques it uses are particularly new (although they are
distinct from the approaches found in well-known languages such as Java,
Python, C#, Go, etc).  The novelty is in their delivery in a widely
adopted systems programming language.

Finally, on all but the least powerful microprocessors, a correctly
predicted branch is almost free, and a passed bounds check is easy mode
for a branch predictor.
 
With that in mind, with compilers and microprocessors from this century,
the impact of this sort of thing is rather small. (Ada dates back to
1980, at which time a lot of these technologies were much less mature.)

>
Indeed, yes, on a modern CPU much of the runtime checking is less
performance eventful than it was on 1980's CPUs.  It is not free by any
measure either, some short number of cycles are consumed by that
correctly predicted branch.  For all but the most performance critical
the loss is well worth the gain in safety.  And one could argue that
"performance critical" which in the end results in some sigificant
security breech might not be as "performance critical" as it seems when
the whole picture is taken into account.

Have a look at https://en.algorithmica.org/hpc/pipelining/branching/. In
the P=0 case the loop achieves 1 cycle per iteration. The branch is
free.

Certainly this is a best case that won’t always be achieved, but it’s
quite a good fit to the array bounds checking case. If your program has
had the first round of bugs shaken out, and isn’t receiving adversarial
input, then most array bounds checks will pass.

--
https://www.greenend.org.uk/rjk/