| ▲ | crote 2 hours ago | |
> And you cant rewritte 50 years of C in Rust You don't have to. Google already showed that the vast majority of memory safety bugs are in newly-written C code. Stop writing new C code (which the industry already seems to be moving towards) and the problem will eventually solve itself - even with plenty of C code still around. Besides, very few (if any) pieces of code have been around for anywhere close to 50 years. Over time components naturally get refactored or rewritten for all sorts of reasons. And if you're rewriting anyways, why not switch to a more secure language? Don't allow C for rewrites and over the years every C component will eventually be replaced by a non-C one without forcing a big C-to-Rust rewrite. | ||
| ▲ | panick21_ an hour ago | parent [-] | |
Can you show me that research? Also, nothing new in C is just not happening, there is massive amounts of things that will not switch for decades. Why not just switch to a slightly different compiler and core, and then you make all your old code safe without verifying it. And your new code in whatever language is also safe. Also it helps with debugging. Also it helps you enforce security constraints on higher level. CHERI also gives you features you can build more on-top off. The silicon area and the performance hit are pretty minor, if it 'just' works for most code and most open source code just works, many people will want to use it. Yes most bugs are new code, but plenty of bugs aren't and with CHERI I can be much more confident in running all that stuff. Specially older code that isn't as well used and tested as say Linux kernel. | ||