The Rust systems programming language is still in its infancy, having only released the first stable version of the language in 2015, but that hasn’t stopped it from rising to the top of developer charts.
Last year, it broke onto the TIOBE Index Top 20 list of the most popular programming languages for the first time, and it continues to win over more developers. It has been voted the most loved programming language on the Stack Overflow Developer Survey for the last five years. Out of the developers surveyed using Rust, the report found 86% are interested in continuing to develop with it.
What is all the fuss about?
Developers who have never used Rust might be wondering what all the hype is about. According to Jake Goulding, StackOverflow’s top Rust contributor, “the short answer is that Rust solves pain points present in many other languages, providing a solid step forward with a limited number of downsides.”
Rust was first started as a personal project from Mozilla developer Graydon Hoare in 2006. In 2009, Mozilla started sponsoring the project and the first introduction to the language happened in 2010.
The initial selling point was the promise of memory safety, according to Armin Ronacher, director of engineering at Sentry, an application monitoring and error tracking company. “They didn’t compromise on the core promise of memory safety,” he said. “If you think about all the other languages developed over the last couple of years in that space, there is really no contender. There hasn’t been a language that was ever designed to be as good as C and C++. Rust didn’t compromise as being a replacement for those languages as other languages have.”
There are other systems programming languages like C and C++ that don’t use garbage collection, but they are difficult to program with. According to Blandy, C and C++ enforce rules that make sense in theory, but don’t work in practice. “It’s possible to have rules that are easy to understand, but impossible to follow,” he explained. “It’s like if someone put a chess game in front of you and told you to win it, you know the rules and you’ll do your best, but you can’t just say okay I am going to win it. C and C++ have been putting programmers into that exact situation.”
Rust is designed to accomplish memory safety without the need of a traditional garbage collector. “We agree in this industry that memory safety is necessary because the moment you start to touch bad memory, you are implicitly opening yourself up to a bunch of vulnerabilities,” said Ronacher. “If you look into C and C++ projects, most security vulnerabilities have been a result of a program not dealing with memory properly.”
Rust is able to ensure memory safety through its ownership and borrowing system, which includes a set of rules that the compiler checks to make sure memory usage is safe, the program is free of memory errors when it is compiled, and features don’t slow down the program.
“All programs have to manage the way they use a computer’s memory while running. Some languages have garbage collection that constantly looks for no-longer-used memory as the program runs; in other languages, the programmer must explicitly allocate and free the memory. Rust uses a third approach: memory is managed through a system of ownership with a set of rules that the compiler checks at compile time,” the Rust team wrote in its documentation.
Beyond memory safety
Memory safety is why developers come to the language, but they stay for the package manager and Cargo ecosystem, according to Sentry’s Ronacher. According to the Rust team, developers love Rust’s build system and package manager because it is able to handle a lot of tasks such as building code, downloading libraries, and building libraries.
“The fact that you can build your project with all the dependencies without having to pull in another tool is what makes people happy. It comes out of the box full-featured and with a good development experience,” said Ronacher.
When free software developer Blandy looked into why people choose the languages they choose, the number one consideration is not the language itself, but the libraries and tools they connect to.
According to Ronacher, developers enjoy working with Rust over C and C++ because it’s less prone to crashes and its tooling is much stronger. He explained that while the compiler integration for C and C++ might be good, the tooling is bad and requires external dependencies. Additionally, if developers want to reuse code someone else wrote, it’s hard to do in C and C++ because of a lack of a package manager. Ronacher also explained many C++ libraries are difficult to add to large projects because of the lack of standardized strings and common types. Rust’s packaging ecosystem makes it easier to do iterative development and doesn’t require developers to reimplement everything or make everything consistent with the codebase.
“That is a huge reason why Rust is so successful, because you can actually both integrate with the existing codebases, but when you start from scratch you can put in so many dependencies much easier than you can in C and C++,” said Ronacher.
As a result of the memory safety, Rust also resolves a lot of concurrency issues, making it much easier to write concurrent programs with Rust than other languages, Blandy explained.
“Memory safety bugs and concurrency bugs often come down to code accessing data when it shouldn’t. Rust’s secret weapon is ownership, a discipline for access control that systems programmers try to follow, but that Rust’s compiler checks statically for you,” the Rust team wrote in a post. “For concurrency, this means you can choose from a wide variety of paradigms (message passing, shared state, lock-free, purely functional), and Rust will help you avoid common pitfalls.”
Helping to avoid those pitfalls actually forces developers to write good quality code, according to Maxwell Flitton, an R&D software engineer in financial tech and author of Rust Web Programming. “When you compile, you are very confident that it is going to work and you are less likely to get bugs that creep in,” he said.
Beyond the code, Rust has a strong and welcoming community around it, according to Shane Miller, the senior engineering manager of the Rust platform at AWS, which recently announced it would sponsor the project. “Rust really focuses on providing a great experience for people. The Rust community is particularly welcoming, reaching out to those who haven’t traditionally participated in systems programming or open source.”
The limitations of Rust
Rust is both safe and manages to reach really close to what the C and C++ languages can do, but it is a more restrictive language and comes with its limitations, according to Blandy.
For instance, the way Rust is able to provide security guarantees is by restricting what developers can do. “Rust takes pointers and pointers are this functional thing in every language — in Java every object is a pointer to that object. They are ubiquitous and Rust restricts how you can use them. It basically says there are some rules. I am only going to let you use them in a certain fashion. It challenges the programmer,” said Blandy.
Blandy also mentions that the debugging support in Rust is not up to the level of C++.
In addition, while Rust is memory efficient, it takes way too long to compile programs. “It rivals C++ in how slow it is to compile the code. Once it is compiled, it runs really fast, but the compile times are really bad,” said Ronacher.
Web development has also been an area where Rust hasn’t been too strong, but Flitton believes that’s changing, especially as the world becomes more digital. The 2020 State of the Developer Ecosystem Report by JetBrains revealed while Rust is mostly used for systems programming, 44% of respondents are now using it for web development. “In the beginning, Rust was mostly associated with embedded systems or robotics, but it has matured and stable frameworks have started to come out. The possibilities with web development are opening up for some core services that take a lot of traffic or require a lot of processing power,” he said.
Learning Rust has also been a problem in the community because a lot of developers feel too intimidated to take it on, according to Flitton. “Rust has this very nasty image of, it is going to be really hard to code. It’s really fast, but going to be hard to code…but not really. It is memory safe and if you focus on a few quirks initially then you can pick it up quite quickly,” he said.
The problem has been because it forces you to do good quality coding, it can be annoying for developers who picked up bad habits and don’t want to change the way they code. “There is a saying that a bad workman always blames his tools. When I first started to get Rust programs compiled, I was incredibly frustrated because it kept saying you haven’t thought about this. I am not compiling because this doesn’t seem safe. So I was quite frustrated, but when you look at it it is just forcing safety,” said Flitton.
Ronacher added that the way developers learn Rust is different from the way they learn other languages. “If you go into the mindset learning Rust the same way you approach other languages, you are going to have an uphill battle because the language will punish you in ways that you wouldn’t expect,” he said.
However, Flitton believes Rust can help developers realize all the things they’ve been doing wrong and in turn make them better for it.
Top tech companies turn to Rust
After working with and incorporating the language in many of its services, Amazon announced in 2019 that it would sponsor the Rust project. The first notable product the company wrote in Rust was Firecracker, an open-source virtual machine manager. The language is also used in Lambda, EC2 and S3 Amazon services.
“Since that launch we’ve found more opportunities to build high-performance customer experiences quickly and securely. Rust helps us deliver fast, robust services to AWS customers at scale, and our responsibility and investment in the Rust ecosystem and community of builders grows with our adoption,” said Shane Miller, the senior engineering manager of the Rust platform at AWS.
At the end of last year, Amazon revealed it started to hire Rust contributors to ensure the language got the time and resources necessary to improve. The company also started to build a team around the Rust asynchronous runtime Tokio, and invest in developer tools, infrastructure components, interoperability and verification.
“We believe Rust changes the game when it comes to writing safe systems software. Rust provides the performance and control needed to write low-level systems, while empowering software developers to write robust, secure programs,” said Miller.
In 2019, Microsoft also revealed it started to experiment with Rust after it saw a need for a safer systems programming language. “We’re using languages that, because they are quite old and come from a different era, do not provide us the ability to protect ourselves from … vulnerabilities,” Ryan Levick, cloud developer advocate at Microsoft, said in a video. “C++ is not a memory safe language and no one would really pretend that it is,” he said.
Microsoft has since been moving toward using Rust over C and C++, and rewriting low-level components of the Windows codebase in Rust.
“For C++ developers used to writing complex systems, using Rust as a developer is a breath of fresh air. The memory and data safety guarantees made by the compiler give the developer much greater confidence that compiling code will be correct beyond memory safety vulnerabilities. Less time is spent debugging trivial issues or frustrating race conditions. The compiler warning and error messages are extremely well written, allowing novice Rust programmers to quickly identify and resolve issues in their code,” Adam Burch, software engineer at Microsoft, explained in a post.