There’s a reason why data races aren’t considered a memory safety issue, because we have a concept that deals with concurrency issues - thread safety.
Also for all it’s faults, thread and memory safety in java aren’t issues. In fact java’s concurrent data structures are unmatched in any other programming language. You can use the regular data structures in java and run into issues with concurrency but you can also use unsafe in rust so it’s a bit of a moot point.
Oof, I guess, you’re not wrong that we’ve defined data races to be the separate issue of thread safety, but I am really not a fan of that separation.
IMHO you cannot cleanly solve thread safety without also extending that solution to the memory safety side.
Having only one accessor for a portion of memory should just be the n=1 case of having n accessors. It should not be the other way around, i.e. that multiple accessors are the special case. That just leads you to building two different solutions, and to thread safety being opt-in.
That’s also the major issue I have with Java’s solution. If you know what you’re doing, then it’s no problem. But if you’ve got a junior hacking away, or you’re not paying enough attention, or you just don’t realize that a function call will take your parameter across thread boundaries, then you’re fucked.
Well, unless you make everything immutable and always clone it, which is what we generally end up doing.
There’s a reason why data races aren’t considered a memory safety issue, because we have a concept that deals with concurrency issues - thread safety.
Also for all it’s faults, thread and memory safety in java aren’t issues. In fact java’s concurrent data structures are unmatched in any other programming language. You can use the regular data structures in java and run into issues with concurrency but you can also use unsafe in rust so it’s a bit of a moot point.
Oof, I guess, you’re not wrong that we’ve defined data races to be the separate issue of thread safety, but I am really not a fan of that separation.
IMHO you cannot cleanly solve thread safety without also extending that solution to the memory safety side.
Having only one accessor for a portion of memory should just be the n=1 case of having n accessors. It should not be the other way around, i.e. that multiple accessors are the special case. That just leads you to building two different solutions, and to thread safety being opt-in.
That’s also the major issue I have with Java’s solution.
If you know what you’re doing, then it’s no problem. But if you’ve got a junior hacking away, or you’re not paying enough attention, or you just don’t realize that a function call will take your parameter across thread boundaries, then you’re fucked.
Well, unless you make everything immutable and always clone it, which is what we generally end up doing.