class: title # Systems Programming (in Rust) ## Scott Rixner and Alan Cox ### Spring 2026 <footer>©2026 Scott Rixner and Alan Cox</footer> --- layout: true <footer>COMP 477 Spring 2026 • Scott Rixner and Alan Cox</footer> --- ## Systems Programming * **Low-level:** Software that operates close to the hardware and the OS. * **Infrastructure:** operating systems, databases, network services, embedded platforms, ... * **Reliable:** Systems cannot afford to crash. * **Efficient:** Systems require high performance and low overhead. * **Secure:** Systems vulnerabilities affect higher-level software. --- ## Rust for Systems Programming * **Performance:** Comparable to C/C++. * **Safety:** Guaranteed memory safety without a garbage collector. * **Concurrency:** Prevents data races at compile time. * **Goal:** Addressing long-standing challenges in systems software development using modern language features. * **Reality:** ??? --- ## Focus on Systems The course will focus on key aspects of systems programming and the implications of Rust's features and design. * You know how to build software. * We aren't going to teach Rust syntax. * You know how memory works at a low level. * We aren't going to teach about pointers, memory layout, etc. --- ## Course Learning Objectives At the end of this course, you will be able to: * Design, implement, and reason about systems-level software. * Conduct effective code reviews by identifying correctness, performance, safety, and maintainability issues. * Critically evaluate the design choices and trade-offs for systems programming in programming languages. --- ## The Power of Choice for Performance * Systems languages offer multiple ways to solve a problem so you can optimize for your specific constraints. * Simple Example: String Handling * Need a simple, fixed reference? Use `&str`. * Need a growable, heap-allocated buffer? Use `String`. * Need to pass around ownership without copying? Use `Box<str>`. * In this course, "working code" is just a starting point. * You will defend **why** you chose one representation over another. * We will discuss the trade-offs involved in such decisions. --- ## Rust Core Concepts are Simple * At its heart, Rust relies on a few clear rules: 1. Every value has a single **Owner**. 2. You can have **many** immutable borrows. 3. You can have **exactly one** mutable borrow. * If you understand these three points, you understand the language's core. * However, the implications of these rules are complex and far-reaching. --- ## The Complexity is in the Implications * The Benefits: * Memory: No more use-after-free or double-free bugs. * Concurrency: If the compiler knows only one thread can mutate data, data races become "impossible". * The Challenge: * The implications of these "simple" rules are complex and far reaching. * How do you build a doubly-linked list or a shared cache if you can only have one owner? We will spend our time on these high-level architectural consequences rather than Rust syntax. --- ## Example: Shared Memory The Scenario: Multi-threaded access to a shared resource. * **C:** You use a `mutex_t`, but nothing stops you from forgetting to lock it before touching the data. * **Rust:** The `Mutex` *wraps* the data. You literally cannot access the interior value without a lock. The language feature (ownership) forces a design pattern (data encapsulation) that simplifies safety at scale. --- ## Code Review * The process of intentionally and systematically convening with your peers to evaluate the design and correctness of each other's code. * A technical conversation about logic, design, and maintainability, not just bug hunting or a cursory reading. * In professional software engineering (at companies like Google, Amazon, or Meta or for major open-source projects like Linux and FreeBSD), no code reaches production without being reviewed by another engineer. --- ## Why Code Review Matters * You learn how others solve problems and share best practices. * The Rust compiler can catch memory errors, but it can’t catch a flawed algorithm or an inefficient data structure. * Reviewing whether the chosen abstraction (e.g., `Box` vs `Arc`) is actually the right one for the use case. * Systems code lives a long time. If your peers can't understand your code today, your team won't be able to maintain it in six months. --- ## Code Review in this Course You aren't graded on your code; you are graded on your ability to **critique** and **justify** code. * This isn't an "extra" activity: it is 40% of your grade and occupies 5 weeks of the course. * Student Code: Learning from the challenges you faced in your assignments. * External Sources: Examining real-world Rust crates and production systems. --- ## Code Review Mindset * Be kind, but rigorous * The goal is to make the software better, not to "win" an argument. * Ask "why?" * Don't say "this is a bad choice." * Ask "Why did you choose this approach over ...?" * Accept feedback * In this class, "it compiles" is the bare minimum. * "It is elegant and understandable" is the goal. * Be accountabile * You are responsible for the code, even if AI generated it. * If you can't explain it during a review, you don't own it. --- ## Case Studies * Assignments are controlled environments. Case studies show how Rust behaves "in the wild" at massive scale. * Seeing how a specific Rust feature solved a specific production bug in a database or kernel. * We will examine systems that were **migrated** to Rust from C/C++ to understand the costs and benefits of that transition. --- ## Case Study Focus: Real-World Systems We will look at how Rust is being integrated into modern systems. * [Rust for Linux](https://deepwiki.com/torvalds/linux/2-rust-for-linux). * [Nushell](https://github.com/nushell/nushell): a new type of shell. * [Raft](https://github.com/tikv/raft-rs) consensus in TiKV key-value database. * [Tokio](https://github.com/tokio-rs/tokio) asynchronous runtime for Rust. * [Firecracker](https://github.com/firecracker-microvm/firecracker) microVMs (AWS). --- ## Critical Reflection: Does Rust Succeed? We won't just look at success stories. We will also critically evaluate where Rust **fails** to meet its objectives. * Does the borrow checker slow down development or block correct code? * Is the `unsafe` escape hatch being used too frequently in production? * Does the language complexity create a barrier to entry for new systems programmers? * Is Rust used when it is the right tool, or is it overused because of hype? Develop an informed opinion on when to use Rust and when to use other languages and tools. --- ## How Case Studies Connect to Your Work * **Context for Code Reviews:** When we review your code, we will compare your design patterns to those used in the case studies we’ve discussed. * **Final Reflections:** Your final 15% "Written Reflection" grade will rely on your ability to connect the principles learned in assignments to the outcomes observed in these real-world systems. * **Building a Mental Model:** Transitioning from "writing code" to "designing systems." --- ## Course Roadmap | Component | Duration | | :--- | :--- | | Rust Language & Systems Implications | 4 Weeks | | Effective Code Review Principles | 1 Weeks | | Case Studies: Rust in Real Systems | 2 Weeks | | Structured Student Code Reviews | 5 Weeks | | Critical Reflections on Rust | 2 Weeks | --- ## Assignments * Warm-up: Two individual assignments to learn Rust basics. * System Projects: 1–2 larger assignments building real systems in **pairs**. * AI Policy: You may use **any** resources you like, including AI. * Evaluation: * You will be graded on your **understanding** of what you produced. * This will be verified via code reviews and deep-dives into your logic. --- ## Grading & Participation * 45% Class Participation (self-graded after each class) * 40% Code Review * 15% Written Reflection > We reserve the right to modify your self-assigned participation grade if we believe it does not accurately reflect your engagement. --- class: no-bullets ## Participation Grading Initially: * `(3)` Made multiple substantive contributions. * `(2)` Made one substantive contribution. * `(1)` Present, but made no contributions, was late, or left early. * `(0)` Absent. We will transition to more specific participation criteria when we begin the case studies. --- ## Logistics * Prerequisites * COMP 318 and COMP 321. * COMP 312 concurrent/completed. * Textbook * *The Rust Programming Language* by Klabnik & Nichols. * Available for free online: `https://doc.rust-lang.org/book/` * Accommodations * Contact the DRC and notify instructors within the first two weeks. --- ## Before Next Class 1. Get Rust installed and working on your machine. * `https://rust-lang.org/learn/get-started/` 2. Read Chapters 1-3 of *The Rust Programming Language* on your own. 3. Read Chapters 5-6 for the next class and be prepared to discuss them. --- ## Installing Rust The easiest way to install Rust is through **rustup**, the official installer and version manager. Visit **https://rustup.rs/** and follow the instructions. --- ## Installation Options Windows: * Download and run **rustup-init.exe** from https://rustup.rs/ * Or use Windows Subsystem for Linux (WSL) and follow Linux instructions MacOS: ```bash curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh ``` Linux: ```bash curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh ``` --- ## After Installation 1. Restart your terminal or run: ```bash source ~/.cargo/env ``` 2. Verify installation: ```bash rustc --version cargo --version ``` 3. Keep Rust updated: ```bash rustup update ``` --- ## Your First Rust Program Let's create a "Hello, World!" program to verify everything is working. While you can compile Rust files directly with `rustc`, you'll almost always use `cargo` instead. --- ## Using Cargo Cargo is Rust's built-in build system and package manager. For real projects, use cargo instead of `rustc` directly. Create a new project: ```bash cargo new hello_world cd hello_world ``` This creates: ``` hello_world/ ├── Cargo.toml └── src/ └── main.rs ``` --- ## Cargo Project Structure `Cargo.toml` (project metadata): ```toml [package] name = "hello_world" version = "0.1.0" edition = "2021" [dependencies] ``` `src/main.rs` (your code): ```rust fn main() { println!("Hello, world!"); } ``` --- ## Building and Running with Cargo Build the project: ```bash cargo build ``` Run the project: ```bash cargo run ``` Build for release (optimized): ```bash cargo build --release ``` The `cargo run` command both compiles and runs your program in one step. --- ## Next Steps * You now have Rust installed and working! * Try creating a few simple Rust programs on your own to get comfortable with the syntax and cargo infrastructure.