Rust: A Systems Programming Language with Modern Comforts

on

The following is the outline of a project I’ve recently completed about the Rust programming language.

Overview

Rust is a systems programming language designed for writing safe, concurrent, and fast applications.[1] Armed with a strong community, the development of the language is driven by the idea that not everything in Computer Science must be a trade-off.[2, 13:00] In its language design, Rust chooses to build off of its predecessors and focus on one primary concept that makes it unique: its well defined system of ownership and borrowing of resources. The following research centers around three major topics – a high level of discussion of what Rust does to accomplish its goals, various companies’ experience using Rust in their production code environments, and the side-effects of the major design decisions in Rust.

What Makes Rust Special

As a systems programming language, Rust’s major competitors are C and C++. The overall syntax and semantics of Rust are based on C/C++ as well as ML/Haskell.[3, 1:25]

Memory Management[3]

Unlike other modern compiled languages that use a Garbage Collector, like Go, Rust avoids GC because it removes control provided by deterministic destruction of resources, requires an inefficient runtime, and because it is not effective at solving many other types of memory and data issues. Rust’s core distinct feature is its memory management using a system of ownership and borrowing.

  • Ownership: Only one party owns a given resource (stack data, heap data, files, etc.) at any given point of a program. This ownership can be transferred between parties. The resource is automatically destroyed as soon as the most recent owner goes out of scope.
  • Borrowing: The owner of a resource can delegate two types of borrows:
    • Shared: Multiple parties may access the resource that has been shared to them, but no parties may mutate the data while any shared borrows are issued.
    • Mutable: A single party may access and mutate the data, but no other parties are permitted to access or mutate the data simultaneously.

Modern Offerings

Rust also provides a modern set of tools both within the language and as additional officially maintained applications to set it apart from the languages it intends to replace.

  • Functional Programming: Rust provides many features characteristic to functional programming languages[2, 21:40] like lambdas/closures and higher-order functions
  • Cargo: A build and dependency management tool that eliminates the need for many uses of Makefiles when building low level code as well as provides access to the official Crates.io repository of prebuilt libraries for use in projects.[1]
  • Rustup.rs: The Rust toolchain installer that provides easy access to downloading, installing, and updating the Rust binaries and source.[1]

Production Results

  • MaidSafe:[4, 27:15] A secure, distributed Internet storage solution
    Pros: Very quick to develop with, 10x reduction in codebase size
    Cons: Loss of support from C++-only vendors
  • Dropbox:[4, 36:40] Core compression system for storing customer data.
    Pros: Important safety and correctness guarantees can be made for storing unknown files
    Cons: The compiler is very slow with large codebases
  • Mozilla:[5] Firefox
    Pros: Zero errors errors in over 1 Billion executions of the code
    Cons: Work to integrate Rust into the existing C++ build
  • Coursera:[6] Assignment Grading
    Pros: Safety guarantees when executing untrusted code, maintainable ecosystem
    Cons: Only a niche component in a large stack
  • Skylight:[4, 46:10][7] Ruby application performance monitoring.
    Pros: No segfaults, no resource leaking, no waiting for GCs
    Cons: Steep initial learning curve

Discussion

One of Rust’s key focuses is reliability, and it shows strongly in the feedback from the production users of the language. Through its strong typing system and enforcement of resource ownership, Rust is able to guarantee that common memory errors like dangling pointers, aliasing, and invalidated iterators[3] do not occur. This class of bugs is the most common in critical security issues of applications written in lower level languages.[4, 52:00]

This reliability does not come without its costs, however. In its current form Rust’s resource ownership paradigm can make the language difficult to read and write initially. In addition, using the compiler to enforce the strict typing and ownership as well as to resolve the abstractions the language provides adds a fairly significant compile-time cost to using the language.

While the strict rules and compiler can make this language time consuming, these costs are often quickly recovered thanks to the lack of time spent on debugging hard-to-find memory errors. In addition to this, the strong Rust community is very welcoming and helpful to newcomers, which helps further drive down the initial cost of learning the language.

Rust’s core memory paradigms also make implementing parallel systems very seamless. In fact, many major parallel methods flow very naturally from the core concepts of Rust. For example, locking a Mutex is just like the mutable borrow, and the concepts used for managing readers and writers in a parallelized database can be drawn from the overall system of borrowing where readers use shared borrows and the writers take mutable borrows.

Conclusion

While it is unlikely that larger companies will abandon their C and C++ code like MaidSafe has[4, 27:15] or Mozilla plans to[5], Rust has definitely found a strong starting point as a niche language that provides systems-level performance to groups that have stringent safety and correctness requirements.

Future discussion/direction

Rust is still quite a young language, with its first stable release less than two years ago, and while it has seen adoption by several major companies it still has a ways to go before reaches the mainstream. Rust’s use in production will likely continue to be a hot topic in the years to come.

 Project Poster

This project also required the submission of a final poster version: Download [pdf | 156kB]

References

  1. The Rust Programming Language.” Official Rust Documentation. 22 Nov 2016.
  2. Turon, Aaron, Niko Matsakis. Opening Keynote. RustConf 2016. 10 Sep 2016.
  3. Turon, Aaron. “The Rust Programming Language.” Colloquium on Computer Systems Seminar Series. Stanford University. 11 Mar 2015.
  4. Klabnik, Steve. “Rust in Production.” Philly ETE. 12 Apr 2016.
  5. Herman, Dave. “Shipping Rust in Firefox.” Mozilla Hacks. 12 Jul 2016.
  6. Saeta, Brennan. “Rust & Docker in production @ Coursera.” Building Coursera. 7 Jul 2016.
  7. Katz, Yehuda. “Rust Means Never Having to Close a Socket.” Skylight.io Blog. 7 Oct 2014.