李弘宇-Rust-for-Linux开发经验浅谈-公开版.pdf

1、在在RustRust-forfor-LinuxLinux中的开发经验浅谈中的开发经验浅谈李弘宇李弘宇 北京邮电大学北京邮电大学 博士生二年级博士生二年级An Empirical Study of RustAn Empirical Study of Rust-forfor-Linux:The Success,Linux:The Success,Dissatisfaction,and CompromiseDissatisfaction,and Compromise (*)Hongyu Li1,(*)Liwei Guo2,Yexuan Yang1,Shangguang Wang1,Mengwei X

2、u1(*)=co-primary1Beijing University of Posts and Telecommunications2University of Electronic Science and Technology of ChinaSoftware based on LinuxLinux suffers from bugsLinux suffers from bugs2Static analysis1Gcc Wanalyze*ClangcppcheckCodecheckerRuntime detection2Kernel Memory Sanitizer(KMSAN)Kerne

3、l Concurrency Sanitizer(KCSAN)Undefined Behavior Sanitizer(UBSAN)Kernel testing2KUnit/Kselftest/LTP/Kernel CI/FuzzMemory/Thread BugsTake that!Linux Community1 https:/events.linuxfoundation.org/wp-content/uploads/2021/01/Static-Analysis-JSMoeller-LF-Live-Mentor-Series.pdf2 https:/www.kernel.org/doc/h

4、tml/next/dev-tools/index.htmlBring it on!Efforts to counter Memory/Thread bugsEfforts to counter Memory/Thread bugs34Memory/Thread Bugs1 https:/ still here!But Memory/Thread bugs But Memory/Thread bugs still existstill exist 1 15Before meeting Rust:“I have yet to see a language that comes even close

5、 to C.”After meeting Rust:“While I wont make any promises,Id like to see Rust merging into the Linux kernel with the next release.”Rust-for-LinuxI have Rust!Rust can helpRust can helpRust-for-Linux(RFL)wants to write drivers with Rust1.Rusts safety rules cause limited expressiveness(Double linked li

6、st)2.Code in the Unsafe block can break the safety rules Calling function from foreign function interface(FFI)needs unsafe blocks3.Its proven possible to wrap unsafe blocks under safe APIsBackgroundBackground67Memory/Thread BugsWhile we know about Rust,RFL is rarely studiedRust-for-LinuxRQ1:what is