1. 39

  2. 9

    The above analysis of the age of memory safety bugs in Android (measured from when they were first introduced) demonstrates why our memory-safe language efforts are best focused on new development and not on rewriting mature C/C++ code. Most of our memory bugs occur in new or recently modified code, with about 50% being less than a year old.

    Android’s certainly invested significantly in the sanitizer space over the past few years so it’s good to see that it has paid off to a point where they don’t feel the need to prioritize rewriting.

    1. 3

      I tried to skim the article, but I didn’t find it; are there concrete areas that they are working on in rust, or is it everywhere and they will just do interior?

      For example, Fuchsia seems to have chosen the network subsystem to productionalize with rust: https://fuchsia.dev/fuchsia-src/contribute/roadmap/2021/netstack3

      1. 3

        There is some rust in Bluetooth stack, but I don’t know details: https://android.googlesource.com/platform/system/bt/+/master/gd/rust/

        1. 2

          Apparently yes, and they’ll be telling us more about it soon:

          For the past 18 months we have been adding Rust support to the Android Open Source Project, and we have a few early adopter projects that we will be sharing in the coming months. Scaling this to more of the OS is a multi-year project. Stay tuned, we will be posting more updates on this blog.

          That’s the closest it came to answering your question.

          1. 2

            The new Keystore 2.0 implementation is being written entirely in Rust and we might see it shipped as early as Android 12