Rust Articles
-
Autogenerating Rust-JS bindings with UniFFI
This blog post will walk through how we developed UniFFI: a Rust library for auto-generating foreign language bindings. We will walk through some of the issues that arose along the way and how we handled them.
-
Fuzzing rust-minidump for Embarrassment and Crashes – Part 2
For the last year, we've been working on the development of rust-minidump, a pure-Rust replacement for the minidump-processing half of google-breakpad. The final part in this series takes you through fuzzing rust-minidump.
-
Porting Firefox to Apple Silicon
The release of Apple Silicon-based Macs at the end of last year generated a flurry of news coverage and some surprises at the machine’s performance. This post details some background information on the experience of porting Firefox to run natively on these CPUs.
-
A New Backend for Cranelift, Part 1: Instruction Selection
This post will describe my recent work on Cranelift as part of my day job at Mozilla. In this post, I will set some context and describe the instruction selection problem. In particular, I’ll talk about a revamp to the instruction selector and backend framework in general that we’ve been working on.
-
Securing Firefox with WebAssembly
Protecting the security and privacy of individuals is a central tenet of Mozilla’s mission. While we continue to make extensive use of both sandboxing and Rust in Firefox to address security challenges in the browser, each has its limitations. Today we’re adding a third approach to our arsenal. RLBox, a new sandboxing technology developed by researchers at the University of California, San Diego, and the University of Texas, Austin, allows us to quickly and efficiently convert existing Firefox components to run inside a WebAssembly sandbox.
-
Crossing the Rust FFI frontier with Protocol Buffers
The Firefox Application Services engineering team made the decision to use Rust to build cross-platform components for Firefox Sync, powering Firefox Accounts across many devices. They are implementing core business logic using Rust and wrapping it in a thin platform-native layer, such as Kotlin for Android and Swift for iOS.
-
Fast, Bump-Allocated Virtual DOMs with Rust and Wasm
Dodrio is a new virtual DOM library that is designed to leverage the strengths of both Wasm’s linear memory and Rust’s low-level control by making extensive use of fast bump allocation. Early benchmarking results validate Dodrio’s design and show that it already has best-in-class performance. Now we're seeking feedback from real-world usage.
-
Implications of Rewriting a Browser Component in Rust
There have been 69 security bugs in Firefox’s style component since the browser was first released in 2002. If we'd had a time machine and could have written this component in Rust from the start, 51 (73.9%) of these bugs would not have been possible. Rust isn't foolproof, but by removing the burden of memory safety, Rust lets programmers focus on logical correctness and soundness.
-
Fearless Security: Thread Safety
Multithreading allows programs to do more faster, but adds synchronization bugs and attacks. Programming languages have evolved different concurrency strategies to help developers manage both the performance and security challenges of multi-threaded applications. Diane Hosfelt explores the challenges of thread safety, and the approach that Rust takes.
-
Fearless Security: Memory Safety
Memory safety violations leave programs vulnerable to security threats like unintentional data leakage and remote code execution. There are ways to ensure memory safety, including smart pointers and garbage collection. Research engineer Diane Hosfelt explains how Rust’s ownership system achieves memory safety while minimizing performance costs.
