As a startup, Qumulo gives its engineers a lot of influence in deciding how we do things. And since joining as an intern five years ago, I’ve gotten to be involved in many of the important decisions Engineering has made. So Qumulo’s decision to start using the Rust Programming Language in our core product by the end of the year is one I’m particularly excited about – both as an engineer and for our product – an enterprise file system called File Fabric, or QF2.
Rust is a systems programming language that has gained a lot of traction in recent years, and for good reason. The language provides a lot of super exciting features. For this article, I am focusing on perhaps the most break-out one — memory safety.
QF2 is currently written in C. This was perhaps not a surprising choice. A lot of system software is written in C, which has been the de facto programming language of many who wish to write software that is “low-level,” or little abstraction over a computer’s instruction set architecture.
Working in C, I’ve seen myself and other programmers continue to write the same bugs over and over — buffer overflows, race conditions, use-after-free, and memory leaks, just to name a few. Historically, we have combatted these memory safety issues with a number of different tools (e.g. Valgrind, Address Sanitizer) and practices – all of which rely on executing a program to determine that there is an issue. This is why the biggest advantage Qumulo has in this battle is our heavy focus on unit testing.
All of this amounts to a lot of spent resources on this problem. The sooner we can detect these issues, the better it is for everyone. The shorter the defect turnaround time is, the more of everyone’s time we save. Rust helps us detect these issues quickly, at compile-time, and can find bugs without even executing the code. It does this by building the concept of memory ownership into the language itself.
Qumulo Engineering’s emphasis on testing is needed because we ship a new version of QF2 every two weeks. We are obsessed with program correctness — an absolute necessity, when any single one of these memory safety issues could turn into a huge deal for one of our customers.
In this sense, Qumulo and Rust are a perfect match for one another. My hope is that Rust can help us do our jobs better. Thus, I join many of my fellow Qumulo engineers in being excited to use Rust.