{"id":1004,"date":"2016-07-21T00:38:04","date_gmt":"2016-07-20T22:38:04","guid":{"rendered":"https:\/\/blog.mi.hdm-stuttgart.de\/?p=1004"},"modified":"2023-06-07T14:59:37","modified_gmt":"2023-06-07T12:59:37","slug":"rust-fast-and-secure","status":"publish","type":"post","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2016\/07\/21\/rust-fast-and-secure\/","title":{"rendered":"Rust &#8211; fast and secure"},"content":{"rendered":"<p>Rust, a fairly new programming language promises to be fast and secure. The following blog entry discusses how Rust tries to achieve these two goals.<\/p>\n<p>The key concept is that every resource always belongs to exactly one variable. More precisely one lifetime, which is normally automatically created on variable creation. The concept of lifetimes would go into too much detail, so in this blog entry we assume that lifetimes and variables are the same. If you want to learn more about lifetimes or any other topic of Rust, you can read \u201cthe book\u201d \u2013 the main resource when learning Rust: <a href=\"https:\/\/doc.rust-lang.org\/book\/\">https:\/\/doc.rust-lang.org\/book\/<\/a><\/p>\n<p><!--more--><\/p>\n<p>If the programmer creates a new resource, for example a vector (which is a dynamic growable array) this vector always belongs to one variable. The following line creates a new vector in Rust:<\/p>\n<pre class=\"prettyprint lang-rust\" data-start-line=\"1\" data-visibility=\"visible\" data-highlight=\"\" data-caption=\"\">let v = vec![1, 2, 3, 4];<\/pre>\n<p>If we would assign this vector to another variable then the vector is \u201cmoved\u201d, which means that the original variable isn\u2019t usable anymore. The following lines would compile:<\/p>\n<pre class=\"prettyprint lang-rust\" data-start-line=\"1\" data-visibility=\"visible\" data-highlight=\"\" data-caption=\"\">let v = vec![1, 2, 3, 4];\n\nlet v2 = v;<\/pre>\n<p>However, the next lines would not:<\/p>\n<pre class=\"prettyprint lang-rust\" data-start-line=\"1\" data-visibility=\"visible\" data-highlight=\"\" data-caption=\"\">let v = vec![1, 2, 3, 4];\n\nlet v2 = v;\n\nv.push(5);<\/pre>\n<p>Because the vector was moved from v to v2, the variable v is not usable anymore. There are two different behaviors in Rust when the programmer assigns a variable to another:<\/p>\n<ol>\n<li>moving\n<ul>\n<li>The variable which was assigned from is not usable anymore.<\/li>\n<\/ul>\n<\/li>\n<li>copy\n<ul>\n<li>All data in the variable is copied to another variable.<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<p>The default behavior is moving. If a type implements the special trait Copy (which is like a Java interface), then the type is copied instead. A Vector does not implement this trait which means that a vector is always moved. It does not implement Copy because it is not certain how large the amount of data is inside the vector. If it would have a gigabyte of data, then copying would take a lot of performance which maybe would not be expected by the programmer.<\/p>\n<p>Both of these behaviors enforce the key concept of Rust: After assigning a resource to a variable this resource always belongs to one variable.<\/p>\n<p>Because of this concept, Rust can always free\/delete\/remove a resource once the variable which it belongs to runs out of scope.<\/p>\n<pre class=\"prettyprint lang-rust\" data-start-line=\"1\" data-visibility=\"visible\" data-highlight=\"\" data-caption=\"\">{ \/\/&lt;----- Scope starts\n\n    let v = vec![1, 2, 3, 4];\n    \n    \/\/Some Code\n\n} \/\/&lt;------ Scope ends, v is deleted<\/pre>\n<p>Rust is able to automatically determine when a variable is not used anymore during compile time. This means that the language does not need any garbage collector which is a huge performance boost in real time applications. Other programming languages with garbage collectors could sometimes pause the whole application because the garbage collector needs to be run.<\/p>\n<p>This concept also makes multithreading more safe because a variable always has to belong to one thread. This permits race conditions.<\/p>\n<p>When a variable is given to a function it is also moved\/copied. This means that the variable would not be usable anymore if the Copy trait is not implemented and it is given to a function. This behavior would not be sufficient for real applications. Therefore, Rust had to implement another way to share data between scopes\/functions. This technique is called borrowing.<\/p>\n<p>Borrows are essentially references with extra rules. Every variable in Rust has two possible mutability settings: mutable and immutable. Mutable means that the variable can be changed, immutable means that it cannot be changed (like java final variables). This also applies to borrows, a borrow can be mutable or immutable.<\/p>\n<p>To create an immutable borrow you\u2019d write:<\/p>\n<pre class=\"prettyprint lang-rust\" data-start-line=\"1\" data-visibility=\"visible\" data-highlight=\"\" data-caption=\"\">let mut v = 5; \/\/creates a new mutable variable\n\n{\n\n    let vref = &amp;v; \/\/borrows the value of v as immutable reference\n    \n    println!(\"{}\", *vref); \/\/prints the value 5 to console\n\n}<\/pre>\n<p>And to create a mutable borrow:<\/p>\n<pre class=\"prettyprint lang-rust\" data-start-line=\"1\" data-visibility=\"visible\" data-highlight=\"\" data-caption=\"\">let mut v = 5; \/\/creates a new mutable variable\n\n{\n\n    let vmutref = &amp;mut v; \/\/borrows the value of v as mutable reference\n    \n    *vmutref = 6; \/\/changes the value of v\n    \n    println!(\"{}\", *vmutref); \/\/prints the value 6 to console\n\n}<\/pre>\n<p>These borrows should raise several questions in your mind. If we have borrows, doesn\u2019t this destroy the key concept that a resource always has to belong to one variable? What about race conditions? When should Rust free a resource if there are maybe some borrows left to the resource? Remember: there is no garbage collections and normally no reference counting.<\/p>\n<p>These questions are solved once you understand the various rules of borrows. After all, borrows are not called references. This is because there are rules which don\u2019t apply to references of languages like Java.<\/p>\n<p>There are two important rules for borrows:<\/p>\n<ol>\n<li>Exactly one (not both!) of the following rules have to be true for any scope:\n<ul>\n<li>There is exactly one mutable borrow<\/li>\n<li>There are one or more immutable borrows<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<p>This rule permits race conditions. If there is only one borrow which is able to change the value and no other borrows then there can`t be any race conditions. The same applies to the second sentence. If there is no borrow which possibly changes the value, then there can be several immutable borrows which are only able to read the value. Read only never leads to race conditions.<\/p>\n<ol start=\"2\">\n<li>All borrows must leave their scope before the owning variable leaves its scope.<\/li>\n<\/ol>\n<p>This rule enforces that Rust is still able to know when it should free a resource. Because there can\u2019t be any borrows left once the resource gets freed there is no possibility for use-after-free errors.<\/p>\n<p>These rules make sure that the key concept of Rust is not broken. A resource still belongs to only one variable and if that variable runs out of scope the resource can be freed safely. Note that there are other safety concepts in Rust, which can be read about in \u201cthe book\u201d: <a href=\"https:\/\/doc.rust-lang.org\/book\/\">https:\/\/doc.rust-lang.org\/book\/<\/a><\/p>\n<p>In conclusion, Rust is fast because it has no garbage collection overhead and it is safe because multithreading is handled in a safe way as well as variable deletion.<\/p>\n<p>&nbsp;<\/p>\n<h3>Research question:<\/h3>\n<p>\u201cWhich big projects use Rust?\u201d<\/p>\n<p>There are whole projects which use Rust exclusively, as well as projects which start to replace some of their components with components written in Rust.<\/p>\n<p>There are several big companies that support Rust. Mozilla, Samsung, GitHub, Dropbox\u2026 just to name a few.<\/p>\n<p>Mozilla was an early adopter of the programming language Rust. Security is a valuable goal of web browser developers. In this year (2016) Mozilla started to reprogram several of Firefox\u2019s components with Rust and to deploy them in their releases. Meanwhile Samsung and Mozilla are working on a completely new rendering engine which uses Rust exclusively (\u201cServo\u201d) for rendering web layouts.<\/p>\n<p>Dropbox started to reprogram several components of their backend systems which handle many petabytes of data every week.<\/p>\n<p>Rust is a low level programming language \u2013 that\u2019s the reason why it\u2019s possible to program whole operating systems in rust. \u201cRedox OS\u201d proves this.<\/p>\n<p>\u201cPiston\u201d is a Game Engine, written exclusively in Rust.<\/p>\n<p>This list is not complete. Still it should give you a good impression of how fast Rust is growing.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<h3>Other research questions, without answers yet:<\/h3>\n<p>\u201cHow fast will Rust grow in popularity?\u201d<\/p>\n<p>\u201cHow safe is rust really? Rust does not provide 100% safety. When will there be security holes in projects which are written exclusively in Rust or in its Rust parts?\u201d<\/p>\n<p>\u201cWhich programming language will use the concepts of Rust and adopt them?\u201d<\/p>\n<p>\u201cWill there ever be a Rust++-kind-of-language which supports all parts of object oriented programming?\u201d<\/p>\n<p>\u201cRust vs Go vs D vs ??? \u2013 which language will replace C\/C++ the most?\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Rust, a fairly new programming language promises to be fast and secure. The following blog entry discusses how Rust tries to achieve these two goals. The key concept is that every resource always belongs to exactly one variable. More precisely one lifetime, which is normally automatically created on variable creation. The concept of lifetimes would [&hellip;]<\/p>\n","protected":false},"author":60,"featured_media":1005,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1,26,651,657],"tags":[],"ppma_author":[700],"class_list":["post-1004","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-allgemein","category-secure-systems","category-system-designs","category-teaching-and-learning"],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2016\/07\/Rust_programming_language_black_logo.svg_.png","jetpack-related-posts":[{"id":3747,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2018\/07\/23\/rust-safety-during-and-after-programming\/","url_meta":{"origin":1004,"position":0},"title":"RUST &#8211; Safety During and After Programming","author":"Alexander Georgescu","date":"23. July 2018","format":false,"excerpt":"Summary about Rust and how RustBelt has achieved to prove its safety with mathematical concepts.","rel":"","context":"In &quot;Secure Systems&quot;","block_context":{"text":"Secure Systems","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/system-designs\/secure-systems\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2018\/07\/LambdaRustSyntax-1.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2018\/07\/LambdaRustSyntax-1.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2018\/07\/LambdaRustSyntax-1.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2018\/07\/LambdaRustSyntax-1.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2018\/07\/LambdaRustSyntax-1.png?resize=1050%2C600&ssl=1 3x"},"classes":[]},{"id":20613,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2021\/08\/19\/mechanismen-bei-system-programmiersprachen-zum-erreichen-von-memory-thread-und-type-safety\/","url_meta":{"origin":1004,"position":1},"title":"Mechanismen bei System-Programmiersprachen zum Erreichen von Memory-, Thread- und Type-Safety","author":"Laurin Keim","date":"19. August 2021","format":false,"excerpt":"Motivation Ende letzten Monats (Juli, 2021) hat die CWE (Common Weakness Enumeration) einen Bericht ver\u00f6ffentlicht, welcher die Top 25 der Software-Schwachstellen aufzeigt. Es handelt sich dabei um eine Auswertung von gefundenen Schwachstellen der letzten zwei Jahre in verschiedenen Software-Systemen. Der Bericht umfasst eine Liste der 40 schwerwiegensten Schwachstellen. Dabei handelt\u2026","rel":"","context":"In &quot;Secure Systems&quot;","block_context":{"text":"Secure Systems","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/system-designs\/secure-systems\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":27379,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2025\/02\/28\/ist-rust-enterprise-ready\/","url_meta":{"origin":1004,"position":2},"title":"Ist Rust Enterprise ready?","author":"Paul M\u00f6hring","date":"28. February 2025","format":false,"excerpt":"Rust ist, laut der j\u00e4hrlichen StackOverflow Umfrage1, die am meisten gew\u00fcnschte Programmiersprache. Aber diese Umfrage bezieht sich aber nur auf die Interessen der Entwicklerinnen und Entwicklern und spiegelt nicht die Interessen der Unternehmen. Daher stellt sich die Frage, ob Rust tats\u00e4chlich f\u00fcr den Einsatz in Enterprise-Umgebungen geeignet ist. 1. Was\u2026","rel":"","context":"In &quot;Allgemein&quot;","block_context":{"text":"Allgemein","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/allgemein\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-28-at-19.34.19.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-28-at-19.34.19.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-28-at-19.34.19.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-28-at-19.34.19.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-28-at-19.34.19.png?resize=1050%2C600&ssl=1 3x"},"classes":[]},{"id":23666,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2022\/08\/31\/wavebuilder\/","url_meta":{"origin":1004,"position":3},"title":"A Serverless Sky &#8211; Generating Wav Files In The Cloud","author":"pb083","date":"31. August 2022","format":false,"excerpt":"A project by Antonia Dietz and Patrick Baumann Introducing WaveBuilder Did you ever sit at home, during a lonely autumn night, a glass of fine red wine in your hand, asking yourself, the question: What might two sine notes at frequencies 440 and 445 played at the same time sound\u2026","rel":"","context":"In &quot;Cloud Technologies&quot;","block_context":{"text":"Cloud Technologies","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/scalable-systems\/cloud-technologies\/"},"img":{"alt_text":"","src":"https:\/\/lh6.googleusercontent.com\/MaSpL8vcXGnjYnEhCpC8wZdzdfwmnPIeMc7fWkKmP1bbuh3k5T8NIPn-eGy9QjFUwEzCGta6X5knxoaCJNrScdfzDv9bkii3q_0-DQed-mSrfLXkrto1etD2cbGpV6nbyghxVnMCX60tF__zds82jbFvA01HmENYjxdwWrWLSaGiiPJowQFm8kIylA","width":350,"height":200,"srcset":"https:\/\/lh6.googleusercontent.com\/MaSpL8vcXGnjYnEhCpC8wZdzdfwmnPIeMc7fWkKmP1bbuh3k5T8NIPn-eGy9QjFUwEzCGta6X5knxoaCJNrScdfzDv9bkii3q_0-DQed-mSrfLXkrto1etD2cbGpV6nbyghxVnMCX60tF__zds82jbFvA01HmENYjxdwWrWLSaGiiPJowQFm8kIylA 1x, https:\/\/lh6.googleusercontent.com\/MaSpL8vcXGnjYnEhCpC8wZdzdfwmnPIeMc7fWkKmP1bbuh3k5T8NIPn-eGy9QjFUwEzCGta6X5knxoaCJNrScdfzDv9bkii3q_0-DQed-mSrfLXkrto1etD2cbGpV6nbyghxVnMCX60tF__zds82jbFvA01HmENYjxdwWrWLSaGiiPJowQFm8kIylA 1.5x"},"classes":[]},{"id":25110,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2023\/07\/30\/fuchsia-rethinking-os-security-design-after-50-years\/","url_meta":{"origin":1004,"position":4},"title":"Fuchsia: Rethinking OS security design after 50 years","author":"Nikolai Thees","date":"30. July 2023","format":false,"excerpt":"Ever since the inception of Unix in the 1960s, the core design of most general purpose operating systems we use today has remained largely unchanged. However, over time, many of the security principles established during that era have since been deemed outdated. In this article, we will look into Google's\u2026","rel":"","context":"In &quot;Allgemein&quot;","block_context":{"text":"Allgemein","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/allgemein\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2023\/07\/fuchsia_cover-1.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2023\/07\/fuchsia_cover-1.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2023\/07\/fuchsia_cover-1.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2023\/07\/fuchsia_cover-1.jpg?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2023\/07\/fuchsia_cover-1.jpg?resize=1050%2C600&ssl=1 3x"},"classes":[]},{"id":26411,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2024\/09\/15\/costudy-rag-in-aws\/","url_meta":{"origin":1004,"position":5},"title":"CoStudy (Rag in AWS)","author":"Furkan Erdogan","date":"15. September 2024","format":false,"excerpt":"Content RAG FastAPI The task Challenges Introduction to RAG The Journey Deciding on the technologies Easy Decisions The not so easy decisions Development Read in the PDF The text-splitter. Implementing the vector store Creating a retriever Creating retrieval chains Multi-Tenancy Improve Architecture The Architecture Extensibility Interchangeability Learnings Development Team Review\u2026","rel":"","context":"In &quot;Allgemein&quot;","block_context":{"text":"Allgemein","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/allgemein\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_sharing_enabled":true,"authors":[{"term_id":700,"user_id":60,"is_guest":0,"slug":"js323","display_name":"Jakob Schaal","avatar_url":"https:\/\/secure.gravatar.com\/avatar\/0fc96bee99775895613e2388ef36b337e0accf2009d22649deed7853dfd7cb0d?s=96&d=mm&r=g","0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/posts\/1004","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/users\/60"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/comments?post=1004"}],"version-history":[{"count":3,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/posts\/1004\/revisions"}],"predecessor-version":[{"id":1008,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/posts\/1004\/revisions\/1008"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/media\/1005"}],"wp:attachment":[{"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/media?parent=1004"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/categories?post=1004"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/tags?post=1004"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/ppma_author?post=1004"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}