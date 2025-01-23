Memory safe programming languages are on the rise. Here's how developers should respond:
Developers across government and industry should commit to using memory safe languages for new products and tools, and identify the most critical libraries and packages to shift to memory safe languages, according to a study from Consumer Reports.
The US nonprofit, which is known for testing consumer products, asked what steps can be taken to help usher in "memory safe" languages, like Rust, over options such as C and C++. Consumer Reports said it wanted to address "industry-wide threats that cannot be solved through user behavior or even consumer choice" and it identified "memory unsafety" as one such issue.
The report, Future of Memory Safety, looks at range of issues, including challenges in building memory safe language adoption within universities, levels of distrust for memory safe languages, introducing memory safe languages to code bases written in other languages, and also incentives and public accountability.
During the past two years, more and more projects have started gradually adopting Rust for codebases written in C and C++ to make code more memory safe. Among them are initiatives from Meta, Google's Android Open Source Project, the C++-dominated Chromium project (sort of), and the Linux kernel.
In 2019, Microsoft revealed that 70% of security bugs it had fixed during the past 12 years were memory safety issues. The figure was high because Windows was written mostly in C and C++. Since then, the National Security Agency (NSA) has recommended developers make a strategic shift away from C++ in favor C#, Java, Ruby, Rust, and Swift.
The shift towards memory safe languages -- most notably, but not only, to Rust -- has even prompted the creator of C++, Bjarne Stroustrup and his peers, to devise a plan for the "Safety of C++". Developers like C++ for its performance and it still dominates embedded systems. C++ is still way more widely used than Rust, but both are popular languages for systems programming.
[...] The report highlights that computer science professors have a "golden opportunity here to explain the dangers" and could, for example, increase the weight of memory safety mistakes in assessing grades. But it adds that teaching parts of some courses in Rust could add "inessential complexity" and that there's a perception Rust is harder to learn, while C seems a safe bet for employability in future for many students.
[...] To overcome programmers' belief that memory safe languages are more difficult, someone could explain that these languages "force programmers to think through important concepts that ultimately improve the safety and performance of their code," the report notes.
Are you or your employer using or considering memory safe languages, and if so what is your opinion of them in your particular sphere?
(Score: 2) by hendrikboom on Thursday January 26, @06:42PM
I use Scheme these days, which descends from the oldest of the memory-safe languages, Lisp 1.5.
(Score: 0) by Anonymous Coward on Thursday January 26, @06:50PM
It's the Rise of Rust.
(Score: 2) by hendrikboom on Thursday January 26, @06:53PM
There's a widespread practice to write libraries in C, because most other languages have foreign function interfaces allowing them to call code written in C. A library written in C can this easily be called from a variety of other languages using C calling conventions.
A library written in garbage-collected languages isn't so easily callable, even from another garbage-collected language. Thus each of these memory-safe garbage-collected languages forms an isolated island, difficult to use together with other such languages.
This is a hindrance to being able to write widely-used program libraries in a memory-safe language. The bridges between languages are traps for any attempt to write memory-safe code.
We need a standard garbage-collector interface mechanism which could be used to bridge the gape between the garbage collectors in different languages.
Perhaps a component of this could be a uniform mechanism for describing the low-level data structures used in a language to the garbage collector so that it can garbage-collect uniformly across language boundaries.
-- hendrik