Table of Contents
Advocating for Rust at work
Return to Rust outline, Rust, Rust bibliography, Rust courses, Rust terms, Rust topics
Advocating for Rust at work
“What is it like to advocate for Rust at work? After overcoming the initial hurdle, it tends to go well. A 2017 discussion, reprinted below, provides a nice anecdote. One member of Google’s Chrome OS team discusses what it was like to introduce the language to the project: 12” (RiA)
“indy on Sept 27, 2017 Is Rust an officially sanctioned language at Google?
zaxcellent on Sept 27, 2017
Author here: Rust is not officially sanctioned at Google, but there are pockets of folks using it here. The trick with using Rust in this component was convincing my coworkers that no other language was right for job, which I believe to be the case in this instance. That being said, there was a ton of work getting Rust to play nice within the Chrome OS build environment. The Rust folks have been super helpful in answering my questions though.
ekidd on Sept 27, 2017 >
The trick with using Rust in this component was convincing my > coworkers that no other language was right for job, which I believe > to be the case in this instance. I ran into a similar use case in one of my own projects—a vobsub subtitle decoder, which parses complicated binary data, and which I someday want to run as Rust web service. So obviously, I want to ensure that there are no vulnerabilities in my code. I wrote the code in Rust, and then I used 'cargo fuzz' to try and find vulnerabilities. After running a billion(!) fuzz iterations, I found 5 bugs (see the 'vobsub' section of the trophy case for a list https://github.com/rust-fuzz/trophy-case). Happily, not _one_ of those bugs could actually be escalated into an actual exploit. In each case, Rust's various runtime checks successfully caught the problem and turned it into a controlled panic. (In practice, this would restart the web server cleanly.) So my takeaway from this was that whenever I want a language (1) with no GC, but (2) which I can trust in a security-critical context, Rust is an excellent choice. The fact that I can statically link Linux binaries (like with Golang) is a nice plus.
Manishearth on Sept 27, 2017 > Happily, not one of those bugs could actually be escalated into > an actual exploit. In each case, Rust's various runtime checks > successfully caught the problem and turned it into a controlled > panic. This has been more or less our experience with fuzzing rust code in Firefox too, fwiw. Fuzzing found a lot of Rust panics (and Rust debug assertions / “safe” overflow assertions). In one case it actually found a bug that had been under the radar in the analogous Gecko code for around a decade.” (RiA)
“From this excerpt, we can see that Rust language adoption has been “bottom up” by engineers looking to overcome technical challenges in relatively small projects. Experience gained from these successes is then used as evidence to justify undertaking more ambitious work.” (RiA)
“In the time since late 2017, Rust has continued to mature and strengthen. It has become an accepted part of Google’s technology landscape, and is now an officially sanctioned language within the Android and Fuchsia operating systems.” (RiA)