Runtime binding only occurs for Objective-C interop.
Swift functions are bound at compile time when statically known. Dynamic dispatch is done through vtables for native Swift classes, and through witness tables for protocol existentials.
> "Democracy" is when "bad actors" (as defined by the establishment) are shut out of all online discourse.
The point of ID laws is not to stop "bots" or "sockpuppets", it's to enable governments to shut down the speech of their political adversaries by painting them as dangerous. That is not democracy, that is authoritarianism, even if you absolutely hate the people that are being shut up.
Western countries are not in the midst of polarized political crises because of "external bad actors" or "sockpuppets". They're in these crises because of fundamental contradictions in values and desired policies between different segments of the populace.
The Europeans are currently full steam ahead in attempting to "fix" the situation by criminalizing dissent, which will, in the end, only exacerbate the political crisis by making the democratic system illegitimate.
>[1] https://github.com/swiftlang/swift-evolution/blob/main/propo... -- apologies to the authors, but even as a previous C++ guy, my brain twisted at that. Inside Swift is a slim language waiting to get out... and that slim language is just a safer Objective C.
These kinds of features are not intended for use in daily application development. They're systems-language features designed for building high performance, safe, very-low-level code. It will be entirely optional for the average Swift developer to learn how to use these features, just in the same way that it's optional for someone to learn Rust.
The EU DMA says they have to allow third party browser engines access to the same resources (the JIT) that Safari has. It specifically allows them to place reasonable requirements on those third party alternatives:
> The gatekeeper shall not be prevented from taking, to the extent that they are strictly necessary and proportionate, measures to ensure that third-party software applications or software application stores do not endanger the integrity of the hardware or operating system provided by the gatekeeper, provided that such measures are duly justified by the gatekeeper.
Access to rwx memory is inherently dangerous, and it's completely reasonable to expect third parties to have proven that they are serious about producing a usable browser engine before putting such a risky product on the market for consumers to download. The law does not require them to allow any third party application to access the JIT, only a third party application that competes with Safari (a usable web browser).
> You are claiming that static code analysis tools extensively used in C++ cannot detect all conceivable and hypothetical memory issues. The weasel words in here is that it is possible to detect them, but some can conceivably slip through.
No, there are entire classes of memory vulnerabilities that are impossible to check with static analysis because checking them is equivalent to the halting problem.
> To drive the point home, there are already a few CVEs even from use-after-free bugs in Rust code. What does that make out of the all assertion? Would this be a reasonable argument to reject Rust as an unsafe language?
The CVE that you referenced in the other comment was Rust calling into unsafe C code, as I pointed out. If you have a real example feel free to post it.
> The problem with these claims is that they rely on weak strawmen arguments and a very superficial analysis of the problem space. I get the need to do marketing, but if the audience is technical them don't you think arguments should stand on solid technical ground?
The views I have laid out here are the consensus among compiler engineers and in theoretical computer science. You only have to look at the compiler group at Apple:
- heavily invested in static analysis
- maintains the clang static analyzer
- maintains number of runtime memory analysis tools in Xcode
- not invested in rust at all and seemingly not interested
The reason for this is that static analysis simply cannot do it when the semantic information about lifetimes is lost, even for a group that knows how to write strong static analysis tools. Program flow is too ambiguous without it, so it becomes impossible to detect such memory vulnerabilities without running the program and fuzzing it – an expensive, time consuming, and probabilistic process.
This is not a very good example, because this Rust code is a thin wrapper around pthread_mutex, which is an unsafe API that can cause undefined behavior (such as use after free) if used incorrectly. The Rust code in question is using the unsafe C API incorrectly.
One could say "Rust doesn't stop you from calling out into unsafe C code, so it's still possible to produce memory vulnerabilities in Rust", and it would be true, but it kind of misses the point and only really bolsters the Rust people when they say they want to rewrite everything in Rust.
In Rust, an API with a rule such as "you must check that the mutex is unlocked before you can destroy it" would be implemented using the type system in such a way as to make it impossible to drop it without checking its state. This is something that is not possible to do in C and cumbersome to do in C++.
> mainstream compilers provide support to detect and throw warnings/errors for some of these issues
You cannot detect all of these issues with static analysis. Rust does it by requiring the programmer to annotate lifetime dependencies in the source code. Without this additional semantic information, static analysis cannot fully reason about the lifetimes of variables.
There are efforts by some to introduce lifetime annotations to C++ (https://news.ycombinator.com/item?id=30888172), but any changes to the core language face a very steep uphill battle with the C++ standards committee, so any movement on this is likely to be compiler-specific attribute-based systems, adopted largely by companies invested in a particular compiler ecosystem (such as Apple or Google) to annotate their proprietary code.
On top of this, Rust is a very expressive language, with its features (like enum sum-types, traits etc) making it very easy to implement patterns such as compiler-checked state machines and polymorphism that doesn't involve the recognized downsides of class hierarchies.
It is not for everyone, and not for every kind of project, but its features resonate positively with a lot of people in systems programming because of their experiences with other systems languages and their downsides.
This is why Rust is popular today, particularly in certain communities.
CMake support started as a community project but was adopted officially by Apple after they started adopting some Swift in the compiler codebase – an extremely large and complex CMake project – so the support is extremely robust now.
Comments like this are the clearest sign that this topic has become so politicized that rational judgement is out the window. If fluoride in the water is opposed by *those people*, or is supported by *those people*, then even if new clear evidence comes out one way or another, it will be undermined by not wanting to hand the other side a ‘W’.
I'm not sure why you would think they are climate deniers. The odds are that they are exactly the opposite.
Having been around far left activist groups in my past, there are many who think that doing things like this on purpose is morally justified, because it keeps the conversation on climate change. The media incentivizes it by covering them as "climate-fueled wildfire" stories, every single time.
Wildfires in Canada were at a two-decade low in 2020, during the lockdowns. Think about that.
Swift functions are bound at compile time when statically known. Dynamic dispatch is done through vtables for native Swift classes, and through witness tables for protocol existentials.