
Microsoft's Safe Systems Programming Languages Effort (Rust) - Leace
https://mybuild.microsoft.com/sessions/61de34c5-b111-4ece-928f-541854875862?source=sessions
======
server_bot
Good intro to the benefits of Rust for a broad audience, but one important
omission: the Use-After-Free and Double-Free protection he mentioned is
provided by compile-time static analysis, but Rust also does runtime bounds
checks to prevent classic stack smashing (with minimal performance overhead).

That may not seem like a big deal for the x86_64 world where modern
mitigations largely make shellcode a thing of the past (hence heap
exploitation, ROP/JOP, etc) but it is a BIG DEAL for embedded microcontrollers
that lack OS/HW memory protection - an area where #![no_std] Rust shines.

As a security researcher and not a developer, let me be very frank: you should
STRONGLY consider Rust in place of C or C++. But know that release profile
builds don't do integer overflow checking, so don't get cocky :P

~~~
dpc_pw
Just to add to that: Integer overflows in release builds can be turned on, and
even when they are off, at very least they are not UBs. More info in
[http://huonw.github.io/blog/2016/04/myths-and-legends-
about-...](http://huonw.github.io/blog/2016/04/myths-and-legends-about-
integer-overflow-in-rust/).

~~~
server_bot
Thanks for pointing that out and linking through to a great resource!

------
melling
He mentions this book as “the book” on Rust.

[https://www.amazon.com/Rust-Programming-Language-Steve-
Klabn...](https://www.amazon.com/Rust-Programming-Language-Steve-Klabnik-
ebook/dp/B071YKRV8Q)

I think it’s also available for free online. Here? [https://doc.rust-
lang.org/book/](https://doc.rust-lang.org/book/)

~~~
Boulth
Yep. Although in my opinion Programming Rust [0] is better even though dated.
The word goes that the 2nd edition will be out by the end of the year.

[0]: [https://www.amazon.com/Programming-Rust-Fast-Systems-
Develop...](https://www.amazon.com/Programming-Rust-Fast-Systems-
Development/dp/1491927283)

~~~
hobos_delight
I read v1 of The Book and then Programming Rust, and I found the latter to be
better suited to the way I absorb things.

Both are great and I still refer to The Book (and Programming Rust) from time
to time.

I'd be really keen to pick up v2 of Programming Rust.

------
jbritton
One thing I like about C as a systems programming language is that it is easy
for every other language to bind to it. I’m fine with C++ if the external
interface is extern “C”, but that is often not the case. I don’t know how easy
it is for other languages to bind to Rust. It would be nice if a language
could automatically generate Swig definition files or something similar.
However one is going to run into language semantics and impedance mismatches
with richer languages. The simplicity of “C” makes a nice bind target.
Although I have yet to see a thorough binding to Win32, so I suspect the
preprocessor makes this difficult.

~~~
nathanaldensr
Check out TerraFX[1], created and maintained by Tanner Gooding, owner of
System.Numerics in .NET Core. He uses another project he maintains called
ClangSharp[2] to scan Windows SDK header files and generate blittable,
marshalling-free C# bindings. There are many things in C header files that are
not easily bound, such as macros; we do a lot of manual or partially-automated
work to account for those.

TerraFX is greater than just Windows bindings[3] but it is certainly useful
for even just that. I've contributed a lot of bindings recently for some low-
level Windows headers. Contributions are welcome!

[1] [https://github.com/terrafx/terrafx](https://github.com/terrafx/terrafx)

[2]
[https://github.com/microsoft/clangsharp](https://github.com/microsoft/clangsharp)

[3]
[https://github.com/terrafx/terrafx.interop.windows](https://github.com/terrafx/terrafx.interop.windows)

------
akmittal
Defination of systems programming language is really contradicting. Go was
sold as systems programming language in beginning.

~~~
_bxg1
Kubernetes is written in Go; I would consider that a "systems" project. I
think of "systems" as "software whose purpose is to underpin other software",
excluding same-language libraries and frameworks. This rough definition does a
good job of covering most of the things people mean when they say "systems
programming".

~~~
doliveira
That sounds like a pretty useless definition and needlessly confusing, because
systems programming have always meant something closer to the metal. System as
in Operating System. Sounds like Go people decided to repurpose the term for
whatever reason.

If Kubernetes were written in JavaScript would you call it a systems
programming language as well?

~~~
_bxg1
It wouldn't be written in JavaScript because JavaScript wouldn't serve a
systems use-case very effectively. That's exactly my point.

Assuming Microsoft isn't talking about solely using Rust in Windows The
Operating System and Linux The Operating System, they agree with my
definition.

~~~
doliveira
Kubernetes could have been written in Typescript, for instance. Pulumi is for
writing infrastructure as code in Typescript. Is Javascript a systems
language, them?

Keyword being "closer" to the operating system, of course it doesn't mean just
syscalls and Assembly. If you define "system" in "systems programming" in this
broad sense of "something that other things call" you dilute the meaning of
the term. Any program becomes "systems programming" then.

I'm sure that most people didn't use the term in this sense before Go's
creators did and till this day I see only the Go community re-purposing the
expression. I'd be happy to be proven wrong, though.

