Jump to content

Senior Microsoft exec says Windows 11 kernel will soon be booting with Rust inside


Recommended Posts

  • 2 weeks later...

This is exciting.


I am not a Rustacean, only having read about half of The Book and unsuccessfully attempted to port one of my old applications to Rust.  But my understanding is one of the big benefits of Rust is improved memory safety.  In C and C++, it's all too easy to reason incorrectly and not bounds check or double free or something of that sort, resulting in bugs such as buffer overflows that are one of the leading causes of security holes in software in general, including but certainly not limited to Windows.  As more of Windows is converted to Rust, its security should improve.


Put another way, C and C++ have a bit of a reputation of being "footguns" - they make it easy to shoot yourself in the foot.  Even experienced developers may make mistakes, and put a developer who doesn't have a solid understanding of pointers on a C or C++ project, and they are going to make mistakes.  When those aren't caught before release, they eventually wind up being covered by Patch Tuesday.


The downsides of Rust?  One of the main ways it improves memory safety is with its "borrow checker" concept that is unique to Rust (at least among major languages), and tends to take some time to wrap one's head around even as an experienced developer in other languages.  An incomplete understanding of the "borrow checker" concept is why my port of an old application to Rust failed; if I'd ported it to C++ I probably would have had security flaws, whereas in Rust I didn't, but it simply didn't work, giving some error about the borrow checker not being happy even though I thought based on reading The Book that it would be, and I didn't invest the time to figure out why.  I've talked with some other developers who picked up Rust on the side and also gave up around the same place; when I attended a Rust talk a few years ago the speaker (who is a well-known Rustacean) admitted that "borrow checking" took a bigger chunk of Rust's "unique features to learn" budget than they had expected.  So, Microsoft will have to invest more in training.


At least as of a few years ago, Rust also was really slow to compile, like an order of magnitude or two slower than C++.  Once it is compiled, its speed is comparable to C++, but that compilation process is slower, so Microsoft may need more big iron to compile Windows than they have before.  I'm sure this has improved somewhat since I looked at it, but how much is an open question.


I actually wound up writing a bunch of C code for fun the month after I failed to pick up Rust.  Yes, it felt dirty writing all that C after dabbling with oh-so-pure Rust.  And I likely committed some pointer crimes in the process.

  • Thumb Up 2

Desktop: Core i5 2500k "Sandy Bridge" | RX 480 | 32 GB DDR3 | 1 TB 850 Evo + 512 GB NVME + HDDs | Seasonic 650W | Noctua Fans | 8.1 Pro

Laptop: MSI Alpha 15 | Ryzen 5800H | Radeon 6600M | 64 GB DDR4 | 4 TB TLC SSD | 10 Home

Laptop history: MSI GL63 (2018) | HP EliteBook 8740w (acq. 2014) | Dell Inspiron 1520 (2007)

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Terms of Use