Safety in Rust for Concurrency and Memory Safety in Software Development

e81 cse 542s n.w
1 / 47
Embed
Share

Explore the importance of safety in Rust for detecting unsafe usage and ensuring memory safety in software development. Learn how Rust's features help prevent concurrency hazards and restrict programming to ensure safety and synchronization.

  • Rust programming
  • Software development
  • Concurrency safety
  • Memory safety
  • Safe programming
rayaanacharya
lych153 Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. E81 CSE 542S: Concurrency and Memory Safe System Software Development Exam 1 Review Department of Computer Science & Engineering Chris Gill cdgill@wustl.edu 1

  2. Exam Time and Location 10-11:20AM Tuesday, October 15 in Whitaker 218 (not Urbauer 216) 2 CSE 542S Concurrency and Memory Safe System Software Development

  3. Studios Reminder: Studios 1-11 are due by Monday, October 14, at 11:59PM and completing them is a good way to study! One submission per team in Canvas, please If you have a studio marked Incomplete please address the comment and resubmit! Let me know by email ASAP if you need an extension, and the reason for that request 3 CSE 542S Concurrency and Memory Safe System Software Development

  4. Exam Format Mostly short answer Some single-or-multiple-choice questions Some matching of terms to definitions Largely intended to test your understanding of concepts and language and library features What does this do? When would you use this? Why is it important? 4 CSE 542S Concurrency and Memory Safe System Software Development

  5. Materials Allowed for the Exams Open book, open notes What is allowed: Any handwritten or printed notes Any textbooks What is not allowed: Laptops, tablets, phones, etc. Any other electronics Help from or communication with any other people I will bring one extra copy of each textbook Recommendation: write a 1-2 sided notes page! Writing it will help you study Easier to access during exam than printing all notes! 5 CSE 542S Concurrency and Memory Safe System Software Development

  6. Safety in Rust Rust detects and flags many kinds of unsafe usage E.g., dangling aliases, double freeing memory, and dereferencing null aliases are all caught at compile time E.g., array and buffer bounds checking at run-time Concurrency hazards like data races are also caught Concurrency safety leans heavily on memory safety features Libraries richly support safe concurrency and synchronization This restricts how (and to a lesser extent what) you can program successfully in Rust Throughout the semester you ll gain experience with that Unsafe code can be declared as such and wrapped with safe code, but only if absolutely necessary and as a last resort 6 CSE 542S Concurrency and Memory Safe System Software Development

  7. Command Line Arguments A much more modern interface than in C A std::env module provides an iterator over the passed command line arguments Facilitates type conversions, containers E.g., converting argument strings into numbers, storing them in a generic vector Makes it easier to do safer programming E.g., once stored in a vector, indexing is checked at compile time and run-time 7 CSE 542S Concurrency and Memory Safe System Software Development

  8. Other Helpful Features Unit tests E.g., use #[test] attribute and functions that check assert! + assert_eq! macros Many library packages on crates.io E.g., use actix-web, serde for a web server Concurrency Multithreading with safe sharing/ownership File I/O E.g., using functions from std::fs module 8 CSE 542S Concurrency and Memory Safe System Software Development

  9. Fixed Width Numeric Types Names: letter for the type, then size in bits Integer types E.g., u8, u16, u32, u64, u128 E.g., usize has the size of a machine address E.g., i8, i16, i32, i64, i128 E.g., isize has the size of a machine address Floating point types E.g., f32 (single precision), or f64 (double) Numeric literals (type is inferred if unspecified) E.g., 2 (i32 by default), 3.1f64, -7i8, 0xbead_u32 9 CSE 542S Concurrency and Memory Safe System Software Development

  10. Numeric Operations Rust panics if arithmetic operation overflows Can specify overflow handling explicitly Checked operations return an Option that contains either a value or None Overflowing ones return a tuple with the value the wrapped version would have produced, and a bool indicating whether overflow occurred Wrapped ones produce a value modulo a range Saturating ones return value near min or max 10 CSE 542S Concurrency and Memory Safe System Software Development

  11. Pointers and References References (* operator to dereference) Immutable (read-only) reference type &T Mutable reference type &mut T Boxes (act like C++ scoped pointers) Box::new allocates object on the heap, which is deallocated when scope is exited Raw pointers (*mut T and *const T) Only can be dereferenced in usafe blocks 11 CSE 542S Concurrency and Memory Safe System Software Development

  12. Arrays, Vectors, and Slices Array lengths: fixed, part of their type Use square brackets to declare/index them Can resize a vector, query its length Declare using Vec::new or vec! macro A slice grabs a region of data from an array or vector (including Strings) E.g., print(&v[1..]) prints out all of the elements of vector v after the first (0th) one 12 CSE 542S Concurrency and Memory Safe System Software Development

  13. String Types Double-quote delimited string literals E.g., Now is the winter of our Byte strings: u8 rather than Unicode E.g., b hello, world! Strings: vectors of Unicode characters E.g., discontent made .to_string() Can use comparison operators (<= etc.) The format! macro works like println! 13 CSE 542S Concurrency and Memory Safe System Software Development

  14. Type Aliases & User Defined Types The type keyword is like C++ typedef E.g., type Bytevec = Vec<u8> // ASCII E.g., useful for working with external code We ll cover user-defined types in subsequent lectures and studios E.g., structs are covered in BOT Chapter 9 E.g., enumerations are in BOT Chapter 10 E.g., traits are in BOT Chapter 11 14 CSE 542S Concurrency and Memory Safe System Software Development

  15. Ownership I Rust enforces single-ownership semantics E.g., a variable owns its value E.g., when the owner is dropped, the value is too Strings, vectors, etc. point to memory buffers for which they are the sole owner E.g., they determine when it is allocated or freed A stack variable may have a heap value E.g., the buffer a String or vector points too Other metadata (length, capacity) may be on stack 15 CSE 542S Concurrency and Memory Safe System Software Development

  16. Ownership II Simple numeric and character variables retain ownership of their values over their lifetimes Ownership of a more complex value may move from a variable to another, safely at run-time Similarly to how r-value references work in C++ Reference-counted pointer types provide shared ownership among multiple variables Other references are non-owning pointers, with limited lifetimes: borrow a value reference 16 CSE 542S Concurrency and Memory Safe System Software Development

  17. Moves Variables values often move to another owner E.g., at assignment or being passed into a function Ownership transferred, rather than value copied When transfer occurs, new owner is initialized and original owner becomes uninitialized E.g., Rust flags error if original owner is then used Some operations such as assignment drop a variable s value if it already has one E.g., a string is initialized then assigned another one 17 CSE 542S Concurrency and Memory Safe System Software Development

  18. References in Rust Owning pointers scope lifetime of what they point to, to theirs (unless it moves) E.g., Box<T> heap pointers E.g., internal pointers within strings and vectors, to their implementations References are non-owning pointers They must never outlive what they alias Borrow access from its owner, temporarily Rust checks and enforces all of that 18 CSE 542S Concurrency and Memory Safe System Software Development

  19. Shared vs. Mutable Access Shared access is read-only access Once a shared reference (&T) has access, throughout the reference s lifetime what it aliases must be read-only from all accesses Mutable access is exclusive access Once a mutable reference (&mut T) has access, only it may be used to access what it aliases (unless it is mutable, and another mutable reference then borrows from it!) 19 CSE 542S Concurrency and Memory Safe System Software Development

  20. Expressions in Rust Rust is an expression language So, most things in Rust have values E.g., ending a function with Ok(()) (and no semicolon) generates its return value Expressions have execution semantics E.g., operator precedence as well as associativity, implicitly as well as explicitly 20 CSE 542S Concurrency and Memory Safe System Software Development

  21. Blocks and Semicolons A block encapsulates a sequence of expressions and produces a value E.g., None => {println!( all good ); Ok(())} A semicolon drops an expression s value Useful if default expression type isn t what you want (e.g., if without else returns ()) 21 CSE 542S Concurrency and Memory Safe System Software Development

  22. Declarations Some declarations introduce functions, structs, and other items Variable declarations give a name and optionally a type and initializer The compiler often can figure out the type and default initialization if they re omitted The initialization value may come from a function result, block, or other expression 22 CSE 542S Concurrency and Memory Safe System Software Development

  23. Conditional Expressions Blocks can be nested using if and else All branches must return the same type E.g., if i > j {i} else {j} The if let form captures the result of a function call, expression, etc. as well E.g., if let Err(err) = myfunc() {log(err);} else {process_result();} 23 CSE 542S Concurrency and Memory Safe System Software Development

  24. Multi-case Expressions A match expression is similar to a switch or case statement in other languages You must cover all cases either explicitly or via the default match pattern _ The patterns are evaluated in the order they are given (earlier has precedence) Also can destructure tuples using match E.g., match t {(x, y) => do_func(x,y);} 24 CSE 542S Concurrency and Memory Safe System Software Development

  25. Iteration Expressions The while and forexpressions don t, but loop lets you specify/return a value E.g., loop {if done() break val;} Like an if let expression, a while let expression also captures a value A for expression uses closed/open ranges, consumes non-copy types values This suggests using references to iterate over collections of variables (e.g., in vector) 25 CSE 542S Concurrency and Memory Safe System Software Development

  26. Program Level Error Handling I A program itself may check whether subsequent processing would panic E. g., checking whether an expression for the denominator of a division evaluates to 0 E. g., checking if an expression for an invariant evaluates to false The program then handles those cases E.g., returning errors instead of continuing 26 CSE 542S Concurrency and Memory Safe System Software Development

  27. Program Level Error Handling II The Result enumeration template has two different variants: Ok() and Err() Each of them can distinguish different types, or they can use the same type (e.g., u8) Useful for function return values so errors and results can use same or different types The Result type has useful methods E.g., unwrap, expect, ok, is_err, etc. 27 CSE 542S Concurrency and Memory Safe System Software Development

  28. Modules are used to organize Crates Modules collect related types, functions, etc. within specified namespaces E.g., mod theatre {...} Modules may be nested E.g., mod theatre {mod play {...}} Paths identify some or all of a module E.g., use std::fs::File; Prefix :: and self:: help resolve ambiguity 28 CSE 542S Concurrency and Memory Safe System Software Development

  29. Importing and Access The mainfunction must be at its crate s outer scope (not nested inside a module) Inner modules must import from parent using the super or crate keywords Using super can access private items too A pub declaration gives public access E.g., pub struct Play {...} E.g., pub fn usage(s: &String) {...} 29 CSE 542S Concurrency and Memory Safe System Software Development

  30. Static and Constants Public constants can be global in scope E.g., pub const SIZE: usize = 64; Static variables also have global scope but must be immutable or atomic to be used outside of an unsafe scope E.g., static SIZE: usize = 64; E.g., static SIZE: AtomicUsize = AtomicUsize::new(64); // mutable 30 CSE 542S Concurrency and Memory Safe System Software Development

  31. Structs in Rust Rust structs collect closely related data, methods, and constants into types Data layout is specified in the declaration There are three distinct kinds of structs Named-field structs whose elements have names that are used to access them Elements of tuple-like structs are indexed Unit-like structs have no elements at all 31 CSE 542S Concurrency and Memory Safe System Software Development

  32. Associated Functions and Constants An impl block is used to associate functions and constants with struct data As with struct data, are private by default Methods have one extra argument First argument of a method is self, may be an instance, reference, Box, Rc, or Arc Associated functions (e.g., new) don t have self so they are defined at the level of the struct type rather than of an instance 32 CSE 542S Concurrency and Memory Safe System Software Development

  33. Generic Structs Generic struct declarations & impl blocks can take type, lifetime, constant params Analogous to C++ template signatures Associated function calls can supply specific values for those explicitly Uses the turbofish notation: ::<> E.g., let mut v = Vec::<String>::new(); 33 CSE 542S Concurrency and Memory Safe System Software Development

  34. Deriving Traits for Structs Many useful operations are not available by default when you declare a struct If default generic behavior is ok, can ask the compiler to supply them for you A #[derive] attribute causes specified traits to be derived for the struct type E.g., Copy, Clone, Debug, PartialEq, PartialOrd, etc. (see BOT Chapter 13) 34 CSE 542S Concurrency and Memory Safe System Software Development

  35. Enumerations in Rust Like structs, there are 3 kinds of enums Unit-like enum variants are like C++ enums Tuple-like enum variants have ordered fields Struct variants have named fields Like structs, enum declarations can be made generic via parameterized types E.g., enum Option<T> {None, Some(T),} E.g., enum Result<T,E> {Ok(T), Err(E),} 35 CSE 542S Concurrency and Memory Safe System Software Development

  36. Patterns in Rust Rust complements enums with patterns Provides a test then extract coding idiom Pattern syntax is similar to expressions But, expressions produce values while patterns consume (or propagate) values There are many kinds of patterns in Rust Literal, range, wildcard, variable, ref variable, binding/subpattern, enum, tuple, array, slice, struct, referent, or, guard 36 CSE 542S Concurrency and Memory Safe System Software Development

  37. Pattern Matching I Arms of a match expression use patterns E.g., match fxn(){Ok(())=>{...}Err(e)=>{...}} The first arm that matches is used More specialized patterns should be listed earlier (and wildcard should be listed last) Any kind of pattern can be matched, and can extract fields into named variables Called destructuring the pattern, e.g. match t {(prefix, suffix) => {println!("matched ({}, {})", prefix, suffix);}} 37 CSE 542S Concurrency and Memory Safe System Software Development

  38. Pattern Matching II Additional checking in addition to matching can be specified via guards E.g., match fxn(){Ok(r) if r > 0 => {...}...} Irrefutable patterns always match Can be used in for, fn, and let expressions Refutable patterns may not match Only can be used safely in match, if let, and while let expressions, e.g., if let Ok(_) = fxn() {...} else {...} 38 CSE 542S Concurrency and Memory Safe System Software Development

  39. Traits I Rust traits establish interfaces Like abstract base classes in C++ A trait may represent a capability I.e., something a type can do A trait must be in scope to be used E.g., use std::io::Write; Rust provides four key traits Write, Iterator, Clone, and Debug 39 CSE 542S Concurrency and Memory Safe System Software Development

  40. Traits II Write is implemented by types that can write out bytes E.g. , std::fs::File or Vec<u8> A type that implements Iterator can produce a sequence of values E.g., Range<i32> produced by 2..9 Types implementing Clone or Debug can be cloned or printed out, respectively 40 CSE 542S Concurrency and Memory Safe System Software Development

  41. Traits III References to trait types (a.k.a. trait objects ) support polymorphism, e.g., let filewriter: &mut dyn Write = &mut f; Can t instantiate an object of the trait type directly but can have a reference or pointer to the trait type Similar to how in C++ aliasing is needed to pass objects around polymorphically I.e., passing an object by value may slice its type I.e., pointer or reference to a base class may alias an object of a derived class that overrides methods 41 CSE 542S Concurrency and Memory Safe System Software Development

  42. Operators and Traits I Rust operator expressions are shorthand for calls to methods from generic traits E.g., lhs * rhs for Mul::mul(lhs, rhs) Traits take, default, and/or define the types of function arguments and results, e.g., from Ch. 11 of the BOT textbook: pub trait Mul<RHS=Self> {type Output; fn mul(self, rhs: RHS) -> Self::Output; } 42 CSE 542S Concurrency and Memory Safe System Software Development

  43. Operators and Traits II So, overloading an operator in Rust is often as simple as implementing a given trait E.g., to overload * implement Mul accordingly The dereference operator * and access operator . are supported by Deref and DerefMut utility traits that we will cover in a later lecture and studio However, some operators can t be overloaded beyond types for which they re already defined E.g., the ? && || .. ..= & = operators Closures provide callable values via traits, so the function call operator is not overloaded either 43 CSE 542S Concurrency and Memory Safe System Software Development

  44. Materials Allowed for the Exams Open book, open notes What is allowed: Any handwritten or printed notes Any textbooks What is not allowed: Laptops, tablets, phones, etc. Any other electronics Help from or communication with any other people I will bring one extra copy of each textbook Recommendation: write a 1-2 sided notes page! Writing it will help you study Easier to access during exam than printing all notes! 44 CSE 542S Concurrency and Memory Safe System Software Development

  45. Exam Format Mostly short answer Some single-or-multiple-choice questions Some matching of terms to definitions Largely intended to test your understanding of concepts and language and library features What does this do? When would you use this? Why is it important? 45 CSE 542S Concurrency and Memory Safe System Software Development

  46. Studios Reminder: Studios 1-11 are due by Monday, October 14, at 11:59PM and completing them is a good way to study! One submission per team in Canvas, please If you have a studio marked Incomplete please address the comment and resubmit! Let me know by email ASAP if you need an extension, and the reason for that request 46 CSE 542S Concurrency and Memory Safe System Software Development

  47. Exam Time and Location 10-11:20AM Tuesday, October 15 in Whitaker 218 (not Urbauer 216) 47 CSE 542S Concurrency and Memory Safe System Software Development

Related


indian coast guard navik exam pattern

indian coast guard navik exam pattern

Manasa
INDIAN ARMY AGNIVEER EXAM LAST DATE

INDIAN ARMY AGNIVEER EXAM LAST DATE

Manasa
TIBCO TCP-TM Exam Overview & TCP BusinessEvents Exam Questions

TIBCO TCP-TM Exam Overview & TCP BusinessEvents Exam Questions

Sienna1
H3C GB0-372 Exam Preparation Study Guide

H3C GB0-372 Exam Preparation Study Guide

RUCHI95
Practical Cookery National 5 Exam Preparation Guidelines

Practical Cookery National 5 Exam Preparation Guidelines

kafka
Huawei H31-311 Exam: How to Prepare and Succeed!

Huawei H31-311 Exam: How to Prepare and Succeed!

Sienna1
New Graduate Resource

New Graduate Resource

layne
EXIN ABP Exam Questions: Tips & Tricks for Success- Must Watch!

EXIN ABP Exam Questions: Tips & Tricks for Success- Must Watch!

Sienna1
NS0-604 Exam Q&A: Your Questions Answered by Experts

NS0-604 Exam Q&A: Your Questions Answered by Experts

RUCHI95
Get Ready to Pass the Databricks Developer for Apache Spark - Scala Exam

Get Ready to Pass the Databricks Developer for Apache Spark - Scala Exam

Sienna1
Comprehensive Y11 Science Exam Support and Revision Resources

Comprehensive Y11 Science Exam Support and Revision Resources

hawthorn
HQT-4160 Exam Preparation: Exam Info & Sample Questions

HQT-4160 Exam Preparation: Exam Info & Sample Questions

RUCHI95
71201X Exam: Top Strategies for Passing the Avaya Aura Core Components Implement

71201X Exam: Top Strategies for Passing the Avaya Aura Core Components Implement

RUCHI95
Ph.D. Qualifying Exam Overview

Ph.D. Qualifying Exam Overview

foster
Spring 2015 English 110 Final Exam Information

Spring 2015 English 110 Final Exam Information

zipporah
Comprehensive Virtual Praxis Review Workshop for Core Mathematics Exam

Comprehensive Virtual Praxis Review Workshop for Core Mathematics Exam

cosima
Ph.D. Qualifying Exam Overview: Philosophy, Components, and Preparation

Ph.D. Qualifying Exam Overview: Philosophy, Components, and Preparation

viggo
International Baccalaureate British Section Language and Literature Exam Details

International Baccalaureate British Section Language and Literature Exam Details

sburi
CSC8503 Revision Lecture Overview - Exam Key Features and 2015/16 Exam Questions

CSC8503 Revision Lecture Overview - Exam Key Features and 2015/16 Exam Questions

gose_int
Multi-Paradigm Programming in C++: Exam Review and Guidelines

Multi-Paradigm Programming in C++: Exam Review and Guidelines

lelo
TOEIC Exam Preparation and Structure Overview

TOEIC Exam Preparation and Structure Overview

maer957
Entrance Exam Guide for Gloucestershire Grammar School

Entrance Exam Guide for Gloucestershire Grammar School

elleighb

More Related Content