memory safety with rust
play

Memory Safety with Rust Will Crichton Todays goals When is memory - PowerPoint PPT Presentation

Mar 18, 2023 •354 likes •614 views

Memory Safety with Rust Will Crichton Todays goals When is memory allocated and deallocated? Where does memory live? What kinds of pointers does Rust have? Memory management goal: Allocate memory when you need it, and free it when

  1. Memory Safety with Rust Will Crichton

  2. Today’s goals When is memory allocated and deallocated? Where does memory live? What kinds of pointers does Rust have?

  3. Memory management goal: Allocate memory when you need it, 
 and free it when you’re done.

  4. stack 0800000016 heap (uninitialized data) bss (read-only data) rodata data text 0000800016 interrupt vectors

  5. void main() { Mutating the vector Vec* vec = vec_new(); freed old contents. vec_append(vec, 107); int* n = &vec->data[0]; 107 vec_append(vec, 110); 110 printf(“%d”, *n); } data 107 length vec capacity Dangling pointer: pointer Aliasing: more than to freed memory. one pointer to same n memory.

  6. How can we solve this? 1. Only delete objects when no references exist • Garbage collection • Java, Python, Javascript, Ruby, Haskell, … 2. Prevent simultaneous mutation and aliasing

  7. Aliasing Mutation Ownership (T)

  8. fn give() { fn take(vec: Vec<i32>) { let mut vec = Vec::new(); // … vec.push(1); } vec.push(2); Take ownership take(vec); of a Vec<i32> … } 1 data data 2 vec vec length length capacity capacity

  9. Compiler enforces moves fn give() { fn take(vec: Vec<i32>) { let mut vec = Vec::new(); // … vec.push(1); } vec.push(2); take(vec); … vec.push(2); Error: vec has been moved } Prevents: - use after free - double moves - …

  10. Aliasing Mutation Shared borrow (&T)

  11. Aliasing Mutation Mutable borrow (&mut T)

  12. fn lender() { fn use(vec: &Vec<i32>) { let mut vec = Vec::new(); // … vec.push(1); } vec.push(2); “Shared reference use(&vec); to Vec<i32>” … } Loan out vec 1 data 2 vec length capacity vec

  13. Aliasing Mutation Shared references are immutable : fn use(vec: &Vec<i32>) { vec.push(3); vec[1] += 2; } Error: cannot mutate shared reference

  14. Mutable references fn push_all(from: &Vec<i32>, to: & mut Vec<i32>) { for elem in from.iter() { to.push(*elem); } } mutable reference to Vec<i32> push() is legal

  15. Iteration fn push_all(from: &Vec<i32>, to: & mut Vec<i32>) { for elem in from.iter() { to.push(*elem); } } from to 1 … 1 2 3 elem

  16. What if from and to are equal? fn push_all(from: &Vec<i32>, to: & mut Vec<i32>) { for elem in from.iter() { to.push(*elem); } } 1 … 1 2 2 3 3 elem 1 dangling pointer

  17. fn push_all(from: &Vec<i32>, to: & mut Vec<i32>) {…} fn caller() { let mut vec = …; push_all(&vec, & mut vec); } shared reference Error: cannot have both shared and mutable reference at same time A &mut T is the only way to access the memory it points at

  18. Lifetime of a value = lifetime of a name fn main() { let x = 1; { let y = 2; let z = &x; // y and z deallocated, 2 gone } // x deallocated, 1 gone }

  19. What if I don’t know how long an object should live?

  20. Where are my objects allocated?

  21. C/C++ rules Variables are always on the stack Values on the stack by default malloc/new allocates on the heap

  22. Stack vs. heap Variables always reside on the stack, just like C Normal owned data (T) also on the stack Box<T>: pointer on stack to heap &T: pointer on stack to wherever T is

  24. Structs and closures

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introduction to rust and its memory safety Lukas Prokop 2020-09-18 for IAIK About me

Introduction to rust and its memory safety Lukas Prokop 2020-09-18 for IAIK About me

Introduction to rust and its memory safety Lukas Prokop 2020-09-18 for IAIK About me Sofuware developer PhD student in post-quantum cryptography at IAIK 1 Speaker at RustGraz (twitter @RustGraz) What is rust? What is rust?

1.47k views • 82 slides
Rust SGX SDK: Towards Memory Safety in Intel SGX Yu Ding, Ran Duan , Long Li , Yueqiang Cheng ,

Rust SGX SDK: Towards Memory Safety in Intel SGX Yu Ding, Ran Duan , Long Li , Yueqiang Cheng ,

Rust SGX SDK: Towards Memory Safety in Intel SGX Yu Ding, Ran Duan , Long Li , Yueqiang Cheng , Lenx Wei CONTENTS 3 1 2 PART ONE PART TWO PART THREE Why SGX Why Rust Rust SGX SDK PART 1 Why SGX Why SGX War in memory Ring

1.17k views • 51 slides
Memory Safety in Rust Ryan Eberhardt and Armin Namavari April 7, 2020 Last lecture Ryan told us

Memory Safety in Rust Ryan Eberhardt and Armin Namavari April 7, 2020 Last lecture Ryan told us

Memory Safety in Rust Ryan Eberhardt and Armin Namavari April 7, 2020 Last lecture Ryan told us the bad news about C and C++ This lecture, Im going to tell you how Rust addresses some of those issues Disclaimer: you can still write buggy

490 views • 35 slides
OXIDE: THE ESSENCE OF RUST Aaron J. Weiss Northeastern University Rusts rich type system

OXIDE: THE ESSENCE OF RUST Aaron J. Weiss Northeastern University Rusts rich type system

OXIDE: THE ESSENCE OF RUST Aaron J. Weiss Northeastern University Rusts rich type system and ownership model guarantee memory-safety and thread-safety enabling you to eliminate many classes of bugs at compile-time. the

1.27k views • 89 slides
TESTING IN RUST A PRIMER IN TESTING AND MOCKING @donald_whyte FOSDEM 2018 ABOUT ME Soware

TESTING IN RUST A PRIMER IN TESTING AND MOCKING @donald_whyte FOSDEM 2018 ABOUT ME Soware

TESTING IN RUST A PRIMER IN TESTING AND MOCKING @donald_whyte FOSDEM 2018 ABOUT ME Soware Engineer @ Engineers Gate Real-time trading systems Scalable data infrastructure Python/C++/Rust developer MOTIVATION Rust focuses on memory

1.47k views • 100 slides
Starting Rust from a Scripting Background Run Rust Deploy, Write, and Improve Rust Write Rust

Starting Rust from a Scripting Background Run Rust Deploy, Write, and Improve Rust Write Rust

http://talks.edunham.net/scale15x Rust 101 E. Dunham @qedunham Intro Starting Rust from a Scripting Background Run Rust Deploy, Write, and Improve Rust Write Rust Improve Rust E. Dunham @qedunham March 5, 2017

865 views • 75 slides
The Rust Programming Language Ben Goldberg Rust A Programming Language for the Future Thank You

The Rust Programming Language Ben Goldberg Rust A Programming Language for the Future Thank You

The Rust Programming Language Ben Goldberg Rust A Programming Language for the Future Thank You Thank you to rust-lang.org for providing content and examples! Overview The sales pitch Use cases The Rust language Other Languages

1.18k views • 63 slides
Themis: An Efficient and Memory-Safe BFT Framework in Rust SERIAL Workshop, December 9, 2019

Themis: An Efficient and Memory-Safe BFT Framework in Rust SERIAL Workshop, December 9, 2019

Institute of Operating Systems and Computer Networks Themis: An Efficient and Memory-Safe BFT Framework in Rust SERIAL Workshop, December 9, 2019 Signe Rsch, Kai Bleeke, Rdiger Kapitza ruesch@ibr.cs.tu-bs.de Technische Universitt

1.94k views • 32 slides
Rust: Systems Programming for Everyone Felix Klock ( @pnkfelix ), Mozilla space : next slide; esc

Rust: Systems Programming for Everyone Felix Klock ( @pnkfelix ), Mozilla space : next slide; esc

Rust: Systems Programming for Everyone Felix Klock ( @pnkfelix ), Mozilla space : next slide; esc : overview; arrows navigate http://bit.ly/1LQM3PS Why ...? Why use Rust? Fast code, low memory footprint Go from bare metal (assembly; C FFI)

1.41k views • 113 slides
Tremor How Rust killed thousands of cores and TB of memory at Wayfair Agenda A bit about us

Tremor How Rust killed thousands of cores and TB of memory at Wayfair Agenda A bit about us

Tremor How Rust killed thousands of cores and TB of memory at Wayfair Agenda A bit about us What is tremor Tremor Script &lt;3 OSS What is Wayfair? Sells rugs (and couches!) Large online retailer for furniture

851 views • 46 slides
www.rust-lang.org An Overview of the Rust Programming Language Jim Royer CIS 352 April 29,

www.rust-lang.org An Overview of the Rust Programming Language Jim Royer CIS 352 April 29,

www.rust-lang.org An Overview of the Rust Programming Language Jim Royer CIS 352 April 29, 2019 CIS 352 Rust Overview 1 / 1 CIS 352 Rust Overview 2 / 1 References Sample code: Factorial, 1 The Rust Programming Language by S. Klabnik and

589 views • 7 slides
Using Rust on RIOT OS Christian M. Ams uss &lt;ca@etonomy.org&gt; 2019-09-05 RIOT Summit,

Using Rust on RIOT OS Christian M. Ams uss &lt;ca@etonomy.org&gt; 2019-09-05 RIOT Summit,

Using Rust on RIOT OS Christian M. Ams uss &lt;ca@etonomy.org&gt; 2019-09-05 RIOT Summit, Helsinki Outline The Rust language and ecosystem Rust on embedded systems Rust on RIOT Simple things: functions and variables fn

804 views • 24 slides
Memory Safety for Low- Level Software/Hardware Interactions John Criswell Nicolas Geoffray

Memory Safety for Low- Level Software/Hardware Interactions John Criswell Nicolas Geoffray

Memory Safety for Low- Level Software/Hardware Interactions John Criswell Nicolas Geoffray Vikram Adve Montreal or Bust! Memory Safety Future is Bright User-space memory safety is improving Safe languages SAFECode, CCured, Baggy

556 views • 53 slides
Practical Memory Safety with REST KANAD SINHA &amp; SIMHA SETHUMADHAVAN COLUMBIA UNIVERSITY Is

Practical Memory Safety with REST KANAD SINHA &amp; SIMHA SETHUMADHAVAN COLUMBIA UNIVERSITY Is

Practical Memory Safety with REST KANAD SINHA &amp; SIMHA SETHUMADHAVAN COLUMBIA UNIVERSITY Is memory safety relevant? In 2017, 55% of remote-code execution causing bugs in Microsoft due to memory errors Is memory safety relevant? Yes!

827 views • 47 slides
Memory Tagging: e m p o s r r F e p how it improves C/C++ memory safety. Compiler

Memory Tagging: e m p o s r r F e p how it improves C/C++ memory safety. Compiler

r e l i p e m v o i t c c Memory Tagging: e m p o s r r F e p how it improves C/C++ memory safety. Compiler perspective. Kostya Serebryany , Evgenii Stepanov, Vlad Tsyrklevich (Google) Oct 2018 1 Agenda ARM v8.5

504 views • 29 slides
Rust: Reach F us th es ! Nich om as Matsakis 1 Q. What is Rust? Q. Why should I care? 2 Q.

Rust: Reach F us th es ! Nich om as Matsakis 1 Q. What is Rust? Q. Why should I care? 2 Q.

Rust: Reach F us th es ! Nich om as Matsakis 1 Q. What is Rust? Q. Why should I care? 2 Q. What is Rust? A. High-level code, low-level performance Q. Why should I care? 3 Decisions GC Control, flexibility

1.15k views • 67 slides
Ac tion r e se ar c h vs. De sign r e se ar c h: Using Pr ac tic e r e se ar c h as a le ns

Ac tion r e se ar c h vs. De sign r e se ar c h: Using Pr ac tic e r e se ar c h as a le ns

2013-06-10 Ac tion r e se ar c h vs. De sign r e se ar c h: Using Pr ac tic e r e se ar c h as a le ns for c ompar ison and inte gr ation Gran Goldkuhl Research group VITS Dep. of Management &amp; Engineering Linkping University

223 views • 10 slides
34/83 Pustejovsky - Brandeis Computational Event Models 35/83 Pustejovsky - Brandeis

34/83 Pustejovsky - Brandeis Computational Event Models 35/83 Pustejovsky - Brandeis

34/83 Pustejovsky - Brandeis Computational Event Models 35/83 Pustejovsky - Brandeis Computational Event Models 36/83 Pustejovsky - Brandeis Computational Event Models 37/83 Pustejovsky - Brandeis Computational Event Models 38/83

416 views • 24 slides
Analysis Algorithms for Large-Scale Networks Dan Meehan meehan.49@osu.edu Table of Contents

Analysis Algorithms for Large-Scale Networks Dan Meehan meehan.49@osu.edu Table of Contents

Analysis Algorithms for Large-Scale Networks Dan Meehan meehan.49@osu.edu Table of Contents Algorithm analysis overview Degree distribution Characteristic path length Betweenness centrality Exact Approximate

585 views • 23 slides
Privacy-preserving monitoring of an anonymity network Iain R. Learmonth 3rd February 2019 Tor

Privacy-preserving monitoring of an anonymity network Iain R. Learmonth 3rd February 2019 Tor

Privacy-preserving monitoring of an anonymity network Iain R. Learmonth 3rd February 2019 Tor Project whoami Iain R. Learmonth irl@torproject.org @irl@57n.org Tor Metrics Team Member Background in Internet Measurement Contributing to Tor

612 views • 35 slides
From CATS to SAT: Modeling Empirical Hardness to Understand and Solve Hard Computational Problems

From CATS to SAT: Modeling Empirical Hardness to Understand and Solve Hard Computational Problems

From CATS to SAT: Modeling Empirical Hardness to Understand and Solve Hard Computational Problems Kevin Leyton Brown Computer Science Department University of British Columbia CATS Empirical Hardness Models EHMs for SAT SATzilla Intro

1.15k views • 75 slides
Bringing the human back in the loop Joaquin Vanschoren, TU/e (new) data Meta-learning Automate

Bringing the human back in the loop Joaquin Vanschoren, TU/e (new) data Meta-learning Automate

Bringing the human back in the loop Joaquin Vanschoren, TU/e (new) data Meta-learning Automate optimization data analysis improved initial workflows workflows Online collaboration Automating machine learning: a human-robot symbiosis

663 views • 19 slides
Algorithm Analysis: Big O Notation Determine the running

Algorithm Analysis: Big O Notation Determine the running

Algorithm Analysis: Big O Notation Determine the running time of simple algorithms Best case Average case Worst case Profile algorithms

1.28k views • 82 slides
On Human Computer Interaction, HCI Dr. Saif al Zahir Electrical and Computer Engineering

On Human Computer Interaction, HCI Dr. Saif al Zahir Electrical and Computer Engineering

On Human Computer Interaction, HCI Dr. Saif al Zahir Electrical and Computer Engineering Department UBC Human Computer Interaction HCI HCI is the study of people, computer technology, and the ways these influence each other . We study

731 views • 48 slides

More recommend