Trolol?

How much of the core parts of the kernel do you think have been rewritten since?

> How much of the core parts of the kernel do you think have been rewritten since?

Does refactoring count as rewriting, though?

I've poked-around the NT kernels for XP, XPx64, Vista, 7 SP1, and Win10 22H2[1] in Ghidra as part of a personal quest to find out why my Intel motherboard's XHCI (USB) controller drops random mouse HID packets, and even though the overall structure noticeably changes between releases after zooming-in I'll eventually find the same familiar blocks of code or patterns-of-blocks-of-code all referencing each other like before... just with even more new layers of indirection added in each Windows release.

A good example of this is to compare the disassembly for ntosknrl before - and after - Microsoft added Virtualization-based-security and "Virtual Trust Levels" to the kernel (I forget the exact version, but I think sometime in 2017?): prior to that, Windows' kernel-mode handling of its USER-component's hardware IO (mouse, keyboard, etc) was still fairly recognizable compared to even Windows XP; but post-VTL I saw how the "useful" program-code for processing local user input is wrapped in massive amounts of redirection back-and-forth through the hypervisor when VTL is enabled - it left me feeling like they moved a mountain just for this one single, Enterprise-y, feature while accepting the runtime overhead of all the extra branches and virtual-calls going on (which are trivial and of no consequence on modern hardware); so while I can't fault anyone at MS on the kernel team for their approach, it's a reminder that progress does not come cheap - or without compromises.

I wonder if Microsoft wrapped all the indirection gubbins in #ifdefs to elide it all from their gaming-edition build of Windows 11 for their Steamdeck compete ("ROG Xbox Ally") - I'd like to poke around that OS at some point to see (or maybe they've gone all-in on hypervisor-based security because that's how the Xbox now works?)

[1] Remember kids, keep your own backups of pdb symbols! Microsoft doesn't offer ISO downloads of PDBs to match your install media; now they're all download-on-demand with no guarantees of future availability of symbols for any binaries shipping today: it means debug symbols are now ephemeral and will be highly treasured by collectors in the distant future.

There was a large effort either right before or after Server 2003 to harden the Windows codebase as a whole.

Certainly it hasn't been 100% rewritten, that'd make no sense. But I'm not going to guess how much of it /has/ been rewritten because like you guessing, it'd be an uneducated one.