Microsoft gave a status update today on its experiments on using the Rust programming language instead of C and C++ to write Windows components.
In short, the experiments have gone well, and engineers described working with Rust as “generally positive;” however, some features are missing, but the company is willing to help and move the project forward.
Microsoft’s Rust experiments
Microsoft began experimenting with Rust over the summer. In a series of blog posts, the company announced that it would explore the idea of rewriting various products in Rust, a programming language that was built from the ground up with security in mind.
The Redmond-based software giant said it was interested in Rust because, over the past decade, more than 70% of the security patches it shipped out fixed memory-related bugs, an issue that Rust was created to address.
But while Microsoft didn’t specifically say which products would be getting the Rust treatment, the company said it would keep users informed of how the experiments were going.
Today, almost four months later, we got the first feedback.
“I’ve been tasked with an experimental rewrite of a low-level system component of the Windows codebase (sorry, we can’t say which one yet),” said Adam Burch, Software Engineer at the Microsoft Hyper-V team, in a blog post today.
“Though the project is not yet finished, I can say that my experience with Rust has been generally positive,” Burch added.
“In general, new components or existing components with clean interfaces will be the easiest to port to Rust,” the Microsoft engineer said.
Features missing, but willing to help
However, not all things went smoothly. It would have been unrealistic if we expected they would. Burch cited the lack of safe transmutation, safe support for C style unions, fallible allocation, and a lack of support for at-scale unit testing, needed for Microsoft’s sprawling code-testing infrastructure.
“I’m confident that we at Microsoft will be able to help in these endeavors to shape the future of the language to improve its usefulness in these scenarios,” Burch said.
The Microsoft engineer said he sees a bright future for Rust in microcontrollers and low-level systems like kernels and hypervisors, where the language’s security-first features will make it quite attractive once it matures.
Currently, efforts to bring Rust at feature-parity with C are underway, started and support by Intel, another major player on the microcontrollers market.
If Microsoft does go forward with approving Rust rewrites for some of Windows’ components, then it should hurry up if it wants to be the first OS maker that does so, as the Linux project is also looking into using Rust for some of its kernel drivers.