The central appeal of Mozilla's Rust language is that it provides a safe platform for fast systems programming -- as fast as C but with safety features that C doesn't have by default.
But given all the infrastructure already written in C, what's the best way forward? Rewriting it from scratch in Rust is one possibility, but here's another: Convert legacy C projects semi-automatically into Rust via new tooling that's getting a boost from Mozilla.
C in, Rust out
What Corrode does not do (yet) is take constructs specific to C and rewrite them in memory-safe Rust equivalents. In other words, it performs the initial grunt work involved in porting a project from C to Rust, but it leaves the heavier lifting -- for example, using Rust's idioms and language features -- to the developer.
Corrode is written not in Rust but in the functional language Haskell. Sharp attributed this decision mostly to the fact that "I couldn't find a complete enough C parser for Rust, and I was already familiar with the language-C parser for Haskell."
One disadvantage to this approach is that it requires anyone who works on the project to know both Haskell and Rust. Both languages have fairly small user bases compared to C, and Haskell is markedly different from Rust in terms of syntax and concepts. That said, Sharp doesn't believe this will be a major obstacle for talented developers. "I believe that if you can write Rust, you can pick up enough Haskell to work on Corrode."
Sharp also hasn't ruled out the possibility of eventually porting Corrode to Rust. When asked whether such a feat was possible, he responded, "I've avoided relying on lazy evaluation [in Haskell], etc, so I think Corrode's algorithms should port easily to Rust. So, yeah, probably!"
Bring out your dead (projects)!
Sharp isn't the only one who finds this project worthwhile; Mozilla has decided to provide funding for Sharp to work on Corrode. With Mozilla's help, Sharp is working on a method to take existing open source projects written in C that are still in wide use but have fallen out of active maintenance, and give them a new and more secure lease on life by converting them to Rust.
Sharp's quest for such projects led him to CVS, the version control system that was last updated in 2008 and has a code base of 50,000 lines of C. Most projects use one of CVS's replacements, such as Subversion or Git, but Sharp pointed out that "there are still tons of open source projects where their history is only available via CVS." Bringing CVS up to date would allow the histories of those projects to be more readily preserved.
Fixing CVS is only half the mission. Sharp plans to first bring Corrode up to speed to allow as much of CVS's codebase as possible to be parsed automatically. He will then figure out what in CVS needs to be fixed manually and use that in turn to find strategies to further automate Corrode's output.
It's not as if there aren't plenty of other projects, both legacy and current, that could stand to be ported to Rust.
Rust may be the most popular and visible project to provide a safer alternative to C, but it's scarcely the only one. The Zig project and Microsoft's Checked C both provide various idioms for ensuring memory and behavioral safety, and they hew more closely to C than Rust does.
But Rust's momentum -- both as a community and a project -- and its advanced toolchain and growing package library, have placed it in the forefront in many peoples' minds as a long-term solution for C's long-standing problems.