Windows is now written in Rust
-
We should be concerned - a lot... If the developers of MS can develop safe code only using Rust we should run an hide... (safe code should not be a function of language)
"If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization." ― Gerald Weinberg
-
Their coding skills are probably a bit rusty :-\
I think - based on the behavior of other large companies I see around me - it is the other way around... They way too green, so they try to get rusty...
"If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization." ― Gerald Weinberg
-
We should be concerned - a lot... If the developers of MS can develop safe code only using Rust we should run an hide... (safe code should not be a function of language)
"If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization." ― Gerald Weinberg
Kornfeld Eliyahu Peter wrote:
(safe code should not be a function of language)
While true to a point, safe code is darn near impossible in C, C++, and any other language that uses null terminated strings and uncounted buffers. Microsoft's own reporting shows that about 70% of their security vulnerabilities are the result of mishandling memory, including buffers (string or otherwise) and free after deallocation errors. Digital Equipment Corporation showed us how to write safe code back in the 70s with their VMS system. All buffers were OS level descriptor managed and all parameters to system calls were validated, throwing an exception if the parameters weren't valid. K&R, while successful at creating an OS (Unix), should be demonized for doing so using what was known at the time to be unsafe computing methodologies.
-
Link is from CodeProject Insider email Microsoft is rewriting core Windows libraries in Rust • The Register[^] "Microsoft is rewriting core Windows libraries in the Rust programming language, and the more memory-safe code is already reaching developers....began in 2020...DWriteCore now consists of about 152,000 lines of Rust code...(Win32 GDI) is being ported to Rust and so far has 36,000 lines of Rust code" So about 200,000 lines of new code - with of course the possibility of introduced bugs. And the Windows code base is about 50 million lines of code. So only about 248 years for the rest of it. And naturally we can all be sure that Microsoft will be steady and hold the course on this initiative just like all of the others it has undertaken.
I would suggest they oil the machine up and fix the existing problems instead of having us field test yet another VISTA.
Give me coffee to change the things I can and wine for those I can not! PartsBin an Electronics Part Organizer - An updated version available! JaxCoder.com Latest Article: Simon Says, A Child's Game
-
We should be concerned - a lot... If the developers of MS can develop safe code only using Rust we should run an hide... (safe code should not be a function of language)
"If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization." ― Gerald Weinberg
Kornfeld Eliyahu Peter wrote:
(safe code should not be a function of language)
100%. Crazy thing is, we all know how to check for bounds, etc. in code. It's not magic. Just programmers get lazy and/or the business expects everything done in a day. No different than unit testing... most devs still don't do it or if they do it then it's not done well.
Jeremy Falcon
-
Kornfeld Eliyahu Peter wrote:
(safe code should not be a function of language)
While true to a point, safe code is darn near impossible in C, C++, and any other language that uses null terminated strings and uncounted buffers. Microsoft's own reporting shows that about 70% of their security vulnerabilities are the result of mishandling memory, including buffers (string or otherwise) and free after deallocation errors. Digital Equipment Corporation showed us how to write safe code back in the 70s with their VMS system. All buffers were OS level descriptor managed and all parameters to system calls were validated, throwing an exception if the parameters weren't valid. K&R, while successful at creating an OS (Unix), should be demonized for doing so using what was known at the time to be unsafe computing methodologies.
obermd wrote:
about 70% of their security vulnerabilities
Perhaps. Still leaves the other 30%. Plus all of the other bugs as well. And refactoring code is in fact likely to lead to those. Not to mention of course that if that small subset of code has security vulnerabilities then shouldn't it just be fixed?
-
Kornfeld Eliyahu Peter wrote:
(safe code should not be a function of language)
100%. Crazy thing is, we all know how to check for bounds, etc. in code. It's not magic. Just programmers get lazy and/or the business expects everything done in a day. No different than unit testing... most devs still don't do it or if they do it then it's not done well.
Jeremy Falcon
Jeremy Falcon wrote:
most devs still don't do it or if they do it then it's not done well.
Because they get rewarded for other things. Like closing tickets. Or lines written. Or just showing up every day. If bugs were tracked to the programmer and it impacted them financially then they would pay more attention.
-
Jeremy Falcon wrote:
most devs still don't do it or if they do it then it's not done well.
Because they get rewarded for other things. Like closing tickets. Or lines written. Or just showing up every day. If bugs were tracked to the programmer and it impacted them financially then they would pay more attention.
Boss: Hey is that feature you've been working on for the last 3 months ready to release? Me: Not if I get fined for bugs. Boss: How long? Me: About 3 more months of testing. Boss: (~ear piercing scream of anguish~) OK. No fines. Release it. You're right. I'm rewarded for other behavior. :-D
-
Jeremy Falcon wrote:
most devs still don't do it or if they do it then it's not done well.
Because they get rewarded for other things. Like closing tickets. Or lines written. Or just showing up every day. If bugs were tracked to the programmer and it impacted them financially then they would pay more attention.
jschell wrote:
If bugs were tracked to the programmer and it impacted them financially then they would pay more attention.
It already kinda does. Most companies add the code quality (how bug free your code is) to a developers KRA and if it is not met, it impacts your financial growth in the org. However, it may still be not enough maybe because when it is met, it doesn't really help you grow faster. In that case the bell curve comes to the rescue of the management. If code quality had a more consistent positive impact in the industry I think devs would certainly pay more attention.
-
jschell wrote:
If bugs were tracked to the programmer and it impacted them financially then they would pay more attention.
It already kinda does. Most companies add the code quality (how bug free your code is) to a developers KRA and if it is not met, it impacts your financial growth in the org. However, it may still be not enough maybe because when it is met, it doesn't really help you grow faster. In that case the bell curve comes to the rescue of the management. If code quality had a more consistent positive impact in the industry I think devs would certainly pay more attention.
GKP1992 wrote:
Most companies add
Most? Certainly none that I have worked at. No one even mentioned it at any of those companies. In comparison many companies ask about things like unit testing and many explicitly make it a feature when posting jobs. No one has ever mentioned it in an interview.
