Listen to this story
Last week, Google announced that the Chromium project would support the use of third-party Rust libraries for C++ going forward. This is part of their initiative to not only move away from using C++ in their toolchain, but also build out a comprehensive Rust toolchain upon which to build Chromium. This move is the first of many to enable the usage of Rust code in the Chromium binary from next year onwards.
Bringing Rust into Chromium will net a host of benefits for developers in the Chrome ecosystem. Firstly, adding Rust will remove the need for an inter-process communication pipeline, which enables interaction between the various processes running in the browser. Secondly, the usage of Rust will promote more safety in the code, as it is safer in terms of memory management and has a lower propensity to induce application-breaking bugs.
Chromium’s security will also be bolstered by Rust’s memory safety and reduced bug density. Moreover, using Rust will also enable the Chromium team to stick more closely with their Rule of Two. In addition to the added safety this will provide, bringing in Rust will also speed up their development process due to the reduction in the number of lines of code.
Subscribe to our Newsletter
Join our editors every weekday evening as they steer you through the most significant news of the day, introduce you to fresh perspectives, and provide unexpected moments of joy
The Rule of Two denotes that developers must not pick more than two of untrustworthy inputs, unsafe implementation languages (like C/C++) and high privileges. Any piece of code that has all three of these characteristics poses an extreme security risk to the project.
However, as Chromium is an actively maintained product that multiple browsers are built on, the changes to their codebase must be carried out in a safe and measured way. The team has already tested Rust’s inter-compatibility with C++ through tools such as cxx, autocxx, bindgen, and more, and will slowly add Rust to their software stack as time goes on. Moreover, they have only added support for third-party libraries, adding any other C++ libraries on a case-by-case basis.
The team is also undertaking several measures to maintain compatibility, and are currently planning to support interoperability from one direction only, C++ to Rust. They aim to achieve this by building out a narrow interop API that can effectively communicate between C++ and Rust code, keeping in mind the differences between the two languages. This set of tools will enable the team to allow the two languages to ‘understand’ each others’ fundamental concepts.
This move also follows the larger industry trend of switching away from C++ to improve memory safety. Microsoft has also begun to adopt Rust on their Azure platform for the same reason, with companies like Apple following suit to improve the industry standard for memory safety. These moves not only solidify Rust’s growing position as a C/C++ alternative, but also make the applications we use everyday safer and less buggy.