is it time to rewrite the operating system in rust
play

Is it time to rewrite the operating system in Rust? Bryan Cantrill - PowerPoint PPT Presentation

Feb 03, 2023 •9 likes •239 views

Is it time to rewrite the operating system in Rust? Bryan Cantrill CTO bryan@joyent.com @bcantrill Spoiler alert What even is the operating system? The operating system is harder to define than it might seem For every definition,

  1. Is it time to rewrite the operating system in Rust? Bryan Cantrill CTO bryan@joyent.com @bcantrill

  2. Spoiler alert

  3. What even is the operating system? • The operating system is harder to define than it might seem… • For every definition, it can be easy to come up with exceptions • At minimum: the operating system is the program that abstracts hardware to allow execution of other programs • The operating system defines the liveness of the machine: without it, no program can run • The operating system software that runs with the highest level of architectural privilege is the operating system kernel • …but the kernel is not the entire operating system!

  4. Operating system implementation history • Historically, operating systems — née “executives” — were written entirely in assembly • Starting with the Burroughs B5000 MCP in 1961, operating systems started to be written in higher level languages… • In 1964, when Project MAC at MIT sought to build a successor to their Compatible Timesharing System (CTSS), they selected the language (PL/I) before writing any code (!) • But PL/I had no functioning compiler — and wouldn’t until 1966

  5. 
 
 
 
 
 
 PL/I in Multics • The decision to use PL/I in Multics was seen by its creators as a great strength, even when reflecting back in 1971: 
 Source: “Multics: The first seven years,” Corbato et al. • …but that the compiler was unavailable for so long (and when was available, performed poorly) was a nearly-fatal weakness

  6. The birth of Unix • Bell Labs pulled out of the Multics project in 1969 • A researcher formerly on the Multics effort, Ken Thompson, implemented a new operating system for the PDP-7 • The system was later ported to the PDP-11/20, where it was named Unix — a play on “eunuchs” and a contrast to the top- down complexity of Multics • Unix was implemented entirely in assembly!

  7. Unix and high-level languages • The interpreted language B (a BCPL derivative), was present in Unix, but only used for auxiliary functionality, e.g. the assembler and an early version of dc(1) • Some of the B that was in use in Unix was replaced with assembly for reasons of performance! • Dennis Ritchie and Thompson developed a B-inspired language focused on better abstracting the machine, naming it “C” • Perhaps contrary to myth, C and Unix were not born at the same instant — they are siblings, not twins!

  8. The C revolution • C is rightfully called “portable assembly”: it is designed to closely match the abstraction of the machine itself • C features memory addressability at its core • Unlike PL/I, C grew as concrete needs arose • e.g., C organically adopted important facilities like macro processing through the C preprocessor • Standardization efforts came late and were contentious: C remains infamous for its undefined behaviors

  9. Operating systems in the 1980s • As the minimal abstraction above the machine, C — despite its blemishes — proved to be an excellent fit for operating systems implementation • With few exceptions, operating systems — Unix or otherwise — were implemented in C throughout the 1980s • Other systems existed as research systems, but struggled to offer comparable performance to C-based systems

  10. Operating systems in the 1990s • In the 1990s, object oriented programming came into vogue, with languages like C++ and Java • By the mid-1990s, C-based systems were thought to be relics • …but the systems putatively replacing them were rewrites — and suffered from rampant Second System Syndrome • They were infamously late (e.g. Apple’s Copland), infamously slow (e.g. Sun’s Spring), or both (Taligent’s Pink) • Java-based operating systems like Sun’s JavaOS fared no better; hard to interact with hardware without unsigned types!

  11. Operating systems in the 2000s • With the arrival of Linux, Unix enjoyed a resurgence — and 
 C-based operating systems became deeply entrenched • With only a few exceptions (e.g., Haiku), serious attempts at 
 C++-based kernels withered • At the same time, non-Java/non-C++ languages blossomed: first Ruby, and then Python and JavaScript • These languages were focused on ease of development rather than performance — and there appears to be no serious effort to implement an operating system in any of these

  12. Systems software in the 2010s • Systems programmers began pining for something different: the performance of C, but with more powerful constructs as enjoyed in other languages • High-performance JavaScript runtimes allowed for a surprising use in node.js — but otherwise left much to be desired • Bell Labs refugees at Google developed Go, which solves some problems, but with many idiosyncrasies • Go, JavaScript and others are garbage collected , making interacting with C either impossible or excruciatingly slow

  13. Rust? • Rust is a systems software programming language designed around safety, parallelism, and speed • Rust has a novel system of ownership, whereby it can statically determine when a memory object is no longer in use • This allows for the power of a garbage-collected language, but with the performance of manual memory management • This is important because — unlike C — Rust is highly composable, allowing for more sophisticated (and higher performing!) primitives

  14. Rust performance (my experience) Source: http://dtrace.org/blogs/bmc/2018/09/28/the-relative-performance-of-c-and-rust/

  15. Rust: Beyond ownership • Rust has a number of other features that make it highly compelling for systems software implementation: • Algebraic types allow robust, concise error handling • Hygienic macros allow for safe syntax extensions • Foreign function interface allows for full-duplex integration with C without sacrificing performance • “unsafe” keyword allows for some safety guarantees to be surgically overruled (though with obvious peril) • Also: terrific community, thriving ecosystem, etc.

  16. Operating systems in Rust? • If the history of operating systems implementation teaches us anything, it’s that runtime characteristics trump development challenges! • Structured languages (broadly) replaced assembly because they performed as well • Viz., every operating system retains some assembly for reasons of performance! • With its focus on performance and zero-cost abstractions, Rust does represent a real, new candidate programming language for operating systems implementation

  17. Operating systems in Rust: A first attempt • First attempt at an operating system kernel in Rust seems to be Alex Light’s Reenix, ca. 2015: a re-implementation of a teaching operating system in Rust as an undergrad thesis • Biggest challenge in Reenix was that Rust forbids an application from handling allocation failure • The addition of a global allocator API has improved this in that now a C-based system can at least handle pressure… • …but dealing with memory allocation failure is still very much an unsettled area for Rust (see Rust RFC 2116)

  18. Operating systems in Rust since 2015 • Since Reenix’s first efforts, there have been quite a few small systems in Rust, e.g.: Redox, Tifflin, Tock, intermezzOS, RustOS/QuiltOS, Rux, and Philipp Oppermann’s Blog OS • Some of these are teaching systems (intermezzOS, Blog OS), some are unikernels (QuiltOS) and/or targeted at IoT (Tock) • These systems are all de novo , which represents its own challenges, e.g. forsaking binary compatibility with Linux and fighting Second System Syndrome

  19. Operating systems in Rust: The challenges • While Rust’s advantages are themselves clear, it’s less clear what the advantage is when replacing otherwise working code • For in-kernel code in particular, the safety argument for Rust carries less weight: in-kernel C tends to be de facto safe • Rust does, however, presents new challenges for kernel development, esp. with respect to multiply-owned structures • An OS kernel — despite its historic appeal and superficial fit for Rust — may represent more challenge than its worth • But what of hybrid approaches?

  20. Hybrid approach I: Rust in-kernel components • One appeal of Rust is its ability to interoperate with C • One hybrid approach to explore would be to retain a 
 C-/assembly-based kernel while allowing for Rust-based 
 in-kernel components like device drivers and filesystems • This would allow for an incremental approach — and instead of rewriting, Rust can be used for new development • There is a prototype example of this in FreeBSD; others are presumably possible

  21. Hybrid approach II: Rust OS components • An operating system is not just a kernel! • Operating systems have significant functionality at user-level: utilities, daemons, service-/device-/fault- management facilities, debuggers, etc. • If anything, the definition of the OS is expanding to distributed system that represents a multi-computer control plane — that itself includes many components • These components are much more prone to run-time failure! • Many of these are an excellent candidate for Rust!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Starting Rust from a Scripting Background Run Rust Deploy, Write, and Improve Rust Write Rust

Starting Rust from a Scripting Background Run Rust Deploy, Write, and Improve Rust Write Rust

http://talks.edunham.net/scale15x Rust 101 E. Dunham @qedunham Intro Starting Rust from a Scripting Background Run Rust Deploy, Write, and Improve Rust Write Rust Improve Rust E. Dunham @qedunham March 5, 2017

865 views • 75 slides
Confluence Let ( A , ) be a rewrite system. b and c A are joinable, if there is an a such

Confluence Let ( A , ) be a rewrite system. b and c A are joinable, if there is an a such

Confluence Let ( A , ) be a rewrite system. b and c A are joinable, if there is an a such that b a c . Notation: b c . The relation is called Church-Rosser, if b c implies b c . confluent, if b a

665 views • 18 slides
Real-Time Operating system (RTOS) Real-time Embedded systems often have real-time computing

Real-Time Operating system (RTOS) Real-time Embedded systems often have real-time computing

Real-Time Operating system (RTOS) Real-time Embedded systems often have real-time computing constraints (Temporal) Determinism Correctness of system depends not only on the logical result of the computation, but also on the time at which

531 views • 13 slides
Chapter 3: Operating-System Structures System Components Operating System Services

Chapter 3: Operating-System Structures System Components Operating System Services

Chapter 3: Operating-System Structures System Components Operating System Services System Calls System Programs System Structure Virtual Machines System Design and Implementation System Generation Operating System

981 views • 39 slides
Chapter 3: Operating-System Structures System Components Operating System Services

Chapter 3: Operating-System Structures System Components Operating System Services

Chapter 3: Operating-System Structures System Components Operating System Services System Calls System Programs System Structure Virtual Machines System Design and Implementation System Generation Operating System

588 views • 20 slides
TESTING IN RUST A PRIMER IN TESTING AND MOCKING @donald_whyte FOSDEM 2018 ABOUT ME Soware

TESTING IN RUST A PRIMER IN TESTING AND MOCKING @donald_whyte FOSDEM 2018 ABOUT ME Soware

TESTING IN RUST A PRIMER IN TESTING AND MOCKING @donald_whyte FOSDEM 2018 ABOUT ME Soware Engineer @ Engineers Gate Real-time trading systems Scalable data infrastructure Python/C++/Rust developer MOTIVATION Rust focuses on memory

1.47k views • 100 slides
Termination of Rewrite Systems (Overview) 15ai Q: Why should we want terminating rewrite systems?

Termination of Rewrite Systems (Overview) 15ai Q: Why should we want terminating rewrite systems?

Termination of Rewrite Systems (Overview) 15ai Q: Why should we want terminating rewrite systems? A: Weve seen that to be useful a set of rewrite rules should be complete; to check completeness uses the Knuth Bendix procedure; AUTOMATED

189 views • 6 slides
Exceptions and Processes (cont) time multiplexing: operating system alternates which mechanism

Exceptions and Processes (cont) time multiplexing: operating system alternates which mechanism

Exceptions and Processes (cont) time multiplexing: operating system alternates which mechanism for operating system to run: exceptions thread runs on the processor time multiplexing: operating system alternates which CPU: ssh.exe loop.exe

603 views • 18 slides
An operating system designed for use in real-time systems, which is Any computer

An operating system designed for use in real-time systems, which is Any computer

An operating system designed for use in real-time systems, which is Any computer system, embedded or otherwise, that has timeliness requirements. HIT BRAKES!!! Antivirus scanning Print spool emptying Email coming in

689 views • 34 slides
Module 3: Operating-System Structures System Components Operating System Services

Module 3: Operating-System Structures System Components Operating System Services

Module 3: Operating-System Structures System Components Operating System Services System Calls System Programs System Structure Virtual Machines System Design and Implementation System Generation Silberschatz and

714 views • 35 slides
The Rust Programming Language Ben Goldberg Rust A Programming Language for the Future Thank You

The Rust Programming Language Ben Goldberg Rust A Programming Language for the Future Thank You

The Rust Programming Language Ben Goldberg Rust A Programming Language for the Future Thank You Thank you to rust-lang.org for providing content and examples! Overview The sales pitch Use cases The Rust language Other Languages

1.18k views • 63 slides
Module 3: Operating-System Structures System Components Operating-System Services

Module 3: Operating-System Structures System Components Operating-System Services

' $ Module 3: Operating-System Structures System Components Operating-System Services System Calls System Programs System Structure Virtual Machines System Design and Implementation System Generation & %

589 views • 13 slides
OXIDE: THE ESSENCE OF RUST Aaron J. Weiss Northeastern University Rusts rich type system

OXIDE: THE ESSENCE OF RUST Aaron J. Weiss Northeastern University Rusts rich type system

OXIDE: THE ESSENCE OF RUST Aaron J. Weiss Northeastern University Rusts rich type system and ownership model guarantee memory-safety and thread-safety enabling you to eliminate many classes of bugs at compile-time. the

1.27k views • 89 slides
A better picture Many applications Application One Operating System System calls Operating

A better picture Many applications Application One Operating System System calls Operating

Introduction Operating Systems Spring 2003 OS Spring03 What is Operating System? It is a program! It is the first piece of software to run after boot It coordinates the execution of all other software User programs It

306 views • 12 slides
www.rust-lang.org An Overview of the Rust Programming Language Jim Royer CIS 352 April 29,

www.rust-lang.org An Overview of the Rust Programming Language Jim Royer CIS 352 April 29,

www.rust-lang.org An Overview of the Rust Programming Language Jim Royer CIS 352 April 29, 2019 CIS 352 Rust Overview 1 / 1 CIS 352 Rust Overview 2 / 1 References Sample code: Factorial, 1 The Rust Programming Language by S. Klabnik and

589 views • 7 slides
Operating System Overview Chapter 2 1 Operating System A program that controls the

Operating System Overview Chapter 2 1 Operating System A program that controls the

Operating System Overview Chapter 2 1 Operating System A program that controls the execution of application programs An interface between applications and hardware 2 1 Operating System Objectives Convenience Makes the

719 views • 33 slides
Day 3 Agenda for Today Formulate simple problem statement Revisit the workload

Day 3 Agenda for Today Formulate simple problem statement Revisit the workload

Day 3 Agenda for Today Formulate simple problem statement Revisit the workload characterization problem. Present detailed (step by step) derivation of the workload. Workload Modeling Workload modeling is used to generate

554 views • 39 slides
DAY 2 Agenda for Today Introduce the workload characterization problem. Discuss a

DAY 2 Agenda for Today Introduce the workload characterization problem. Discuss a

DAY 2 Agenda for Today Introduce the workload characterization problem. Discuss a simple example of characterizing the workload for an intranet. What is workload characterization? What workload we want to characterize?

589 views • 43 slides
The Challenge Mobile Phone Data in the cloud H OW TO KEEP DATA ON YOUR DEVICE F RESH ? Polling

The Challenge Mobile Phone Data in the cloud H OW TO KEEP DATA ON YOUR DEVICE F RESH ? Polling

G OOGLE CLOUD MESSAGING FOR ANDROID Bindu Priya Infosys Limited Image Courtesy: http://developer.android.com/guide/google/gcm The Challenge Mobile Phone Data in the cloud H OW TO KEEP DATA ON YOUR DEVICE F RESH ? Polling Pushing Polling is

462 views • 25 slides
PAID Platform for Active Information Dissemination Client Acceptance Test 10 December 1998

PAID Platform for Active Information Dissemination Client Acceptance Test 10 December 1998

PAID Platform for Active Information Dissemination Client Acceptance Test 10 December 1998 15-413 Software Engineering, Fall 1998 1 Agenda Purpose of Meeting To present and demonstrate the PAID system. Desired Outcome of Meeting

1.08k views • 79 slides
Status of Grid Computing in India P.S.Dhekne, India Coordinator LCG May 2, 2006 P.S.Dhekne, BARC

Status of Grid Computing in India P.S.Dhekne, India Coordinator LCG May 2, 2006 P.S.Dhekne, BARC

Status of Grid Computing in India P.S.Dhekne, India Coordinator LCG May 2, 2006 P.S.Dhekne, BARC Talk at ISGS 2006 Taiwan 1 Mega Science Projects Todays science is based on worldwide collaborations by sharing computations, data and

755 views • 31 slides
Intelligent Locker Classification Barcode Lockers RFID Card Lockers Password Lockers Key

Intelligent Locker Classification Barcode Lockers RFID Card Lockers Password Lockers Key

Intelligent Locker Classification Barcode Lockers RFID Card Lockers Password Lockers Key Lockers Fingerprint Lockers On-line Lockers Intelligent Mailbox Intelligent Locker Common Features Flexible configuration: Building block design,

190 views • 16 slides
Master Thesis Supporting IPv6 host-based multihoming (shim6) in Linux Firewalls Christoph Paasch

Master Thesis Supporting IPv6 host-based multihoming (shim6) in Linux Firewalls Christoph Paasch

Theoretic overview Shim6 and Firewalls: Problem statement Implementation Performance evaluation Configuring a shim6-firewall Conclusion Master Thesis Supporting IPv6 host-based multihoming (shim6) in Linux Firewalls Christoph Paasch

422 views • 31 slides
Creating a Multimedia Presentation Using PowerPoint Slides to Enhance Your Profile of an

Creating a Multimedia Presentation Using PowerPoint Slides to Enhance Your Profile of an

Creating a Multimedia Presentation Using PowerPoint Slides to Enhance Your Profile of an Influential Person Project Summary: When a California company called Forethought, Inc. developed the PowerPoint software program in 1984, they changed forever

213 views • 3 slides

More recommend