rees (rees@breastmilk.club)'s status on Saturday, 09-Dec-2023 23:19:39 JST
-
Embed this notice
rees (rees@breastmilk.club)'s status on Saturday, 09-Dec-2023 23:19:39 JST rees @NEETzsche @Zerglingman @Moon I linked you to a study (and pete, got no replies) on rust creating sound code for kernels
https://dl.acm.org/doi/10.1145/3623759.3624554
>The memory-safe systems programming language Rust is gaining more and more attention in the operating system development communities, as it provides memory safety without sacrificing performance or control. However, these safety guarantees only apply to the safe subset of Rust, while bare-metal programming requires some parts of the program to be written in unsafe Rust. Writing abstractions for these parts of the software that are sound, meaning that they guarantee the absence of undefined behavior and thus uphold the invariants of safe Rust, can be challenging. Producing sound code, however, is essential to avoid breakage when the code is used in new ways or the compiler behavior changes.
>In this paper, we present common patterns of unsound abstractions derived from the experience of reworking soundness in our kernel. During this process, we were able to remove over 400 unsafe expressions while discovering and fixing several hard-to-spot concurrency bugs along the way.