Memory Safe System Software Development in Rust
"Learn about memory safety and concurrency in Rust with a focus on ownership, moves, and control flow in system software development. Explore how Rust prevents memory leaks and ensures efficiency through compile-time checks. Understand the single-ownership semantics enforced by Rust for safer and more performant programming."
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
E81 CSE 542S: Concurrency and Memory Safe System Software Development Ownership and Moves Department of Computer Science & Engineering Chris Gill cdgill@wustl.edu 1
Safety and Performance in Rust Rust restricts how pointers can be used Prevents memory leaks, double deletion, Does so at compile time for efficiency No expensive run-time garbage collection Still adds some necessary overheads E.g., for scoped allocation and deallocation E.g., to provide concurrency-safe references (but also simpler ones for single threading) 2 CSE 542S Concurrency and Memory Safe System Software Development
Ownership I Rust enforces single-ownership semantics E.g., a variable owns its value E.g., when the owner is dropped, the value is too Strings, vectors, etc. point to memory buffers for which they are the sole owner E.g., they determine when it is allocated or freed A stack variable may have a heap value E.g., the buffer a String or vector points too Other metadata (length, capacity) may be on stack 3 CSE 542S Concurrency and Memory Safe System Software Development
Ownership II Simple numeric and character variables retain ownership of their values over their lifetimes Ownership of a more complex value may move from a variable to another, safely at run-time Similarly to how r-value references work in C++ Reference-counted pointer types provide shared ownership among multiple variables Other references are non-owning pointers, with limited lifetimes: borrow a value reference 4 CSE 542S Concurrency and Memory Safe System Software Development
Moves Variables values often move to another owner E.g., at assignment or being passed into a function Ownership transferred, rather than value copied When transfer occurs, new owner is initialized and original owner becomes uninitialized E.g., Rust flags error if original owner is then used Some operations such as assignment drop a variable s value if it already has one E.g., a string is initialized then assigned another one 5 CSE 542S Concurrency and Memory Safe System Software Development
Control Flow and Indexed Context Both if and else branches can move the same variable s value (making it uninitialized) However, in a loop, while, or for expression, variable must be re-initialized in same iteration Direct assignment of indexed elements is prohibited to prevent some being uninitialized E.g., elements within a vector can t just be moved They must be removed (e.g., popped) before use to initialize or be assigned to another variable, or they must be re-initialized immediately (e.g., replace) 6 CSE 542S Concurrency and Memory Safe System Software Development
Copy Types Simple fixed-length types values aren t moved Instead, their values are copied to initialize, assign These are called copy types in Rust They remain initialized and usable with their values unchanged after their values are used Copy types may be built-in or user-defined Integers, floating point numbers, characters, bool Tuples or fixed-length arrays of copy types Structs whose fields are all copy types 7 CSE 542S Concurrency and Memory Safe System Software Development
Shared Ownership Sometimes having a single owner at a time across scopes can be tedious and error-prone E.g., have to move before owner is dropped Shared ownership relaxes that somewhat E.g., passing a value up and down the stack when involved with recursive or deeply nested functions Rust provides reference counted pointers E.g., Rc when ownership is within a single thread E.g., Arc when ownership spans multiple threads is safe at a cost of some additional atomicity overhead 8 CSE 542S Concurrency and Memory Safe System Software Development
Studio 3 Practice initializing/assigning different types Explore how moves affect ownership and when moves are or aren t allowed Understand when and why variables may become uninitialized Studios 1 through 11 are due by 11:59pm on the night before Exam 1 Submit as soon as each is done so you get feedback and can resubmit any that may be marked incomplete 9 CSE 542S Concurrency and Memory Safe System Software Development
