Proceedings Article10.1145/2889160.2889229
Engineering the servo web browser engine using Rust
Brian Anderson,Lars Bergstrom,Manish Goregaokar,Josh Matthews,Keegan McAllister,Jack Moffitt,Simon Sapin +6 more
- 14 May 2016
- pp 81-89
56
TL;DR: It is shown how a language with an advanced type system can address many of the most common security issues and software engineering challenges in other browser engines, while still producing code that has the same performance and memory profile.
read more
Abstract: All modern web browsers --- Internet Explorer, Firefox, Chrome, Opera, and Safari --- have a core rendering engine written in C++. This language choice was made because it affords the systems programmer complete control of the underlying hardware features and memory in use, and it provides a transparent compilation model. Unfortunately, this language is complex (especially to new contributors!), challenging to write correct parallel code in, and highly susceptible to memory safety issues that potentially lead to security holes. Servo is a project started at Mozilla Research to build a new web browser engine that preserves the capabilities of these other browser engines but also both takes advantage of the recent trends in parallel hardware and is more memory-safe. We use a new language, Rust, that provides us a similar level of control of the underlying system to C++ but which statically prevents many memory safety issues and provides direct support for parallelism and concurrency. In this paper, we show how a language with an advanced type system can address many of the most common security issues and software engineering challenges in other browser engines, while still producing code that has the same performance and memory profile. This language is also quite accessible to new open source contributors and employees, even those without a background in C++ or systems programming. We also outline several pitfalls encountered along the way and describe some potential areas for future improvement.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Is rust used safely by software developers
Ana Nora Evans,Bradford Campbell,Mary Lou Soffa +2 more
- 27 Jun 2020
TL;DR: A large-scale empirical study to explore how software developers are using Unsafe Rust in real-world Rust libraries and applications concludes that although the use of the keyword unsafe is limited, the propagation of unsafeness offers a challenge to the claim of Rust as a memory-safe language.
MirChecker: Detecting Bugs in Rust Programs via Static Analysis
Zhuohua Li,Jincheng Wang,Mingshen Sun,John C. S. Lui +3 more
- 12 Nov 2021
TL;DR: MirChecker as mentioned in this paper detects potential runtime crashes and memory-safety errors by using constraint solving techniques, and outputs informative diagnostics to users based on the observation of existing bugs found in Rust codebases.
52
•Posted Content
Memory-Safety Challenge Considered Solved? An In-Depth Study with All Rust CVEs
TL;DR: This article surveys 186 real-world bug reports collected from several origins, which contain all existing Rust common vulnerability and exposures of memory-safety issues by 2020-12-31 and proposes two promising directions toward improving the security of Rust development.
38
SafeDrop: Detecting Memory Deallocation Bugs of Rust Programs via Static Data-Flow Analysis
TL;DR: SafeDrop as mentioned in this paper analyzes each function of a Rust crate iteratively in a flow-sensitive and field-sensitive way and leverages a modified Tarjan algorithm to achieve scalable path-sensitive analysis and a cache-based strategy for efficient interprocedural analysis.
26
What-If Analysis of Page Load Time in Web Browsers Using Causal Profiling
Behnam Pourghassemi,Ardalan Amiri Sani,Aparna Chandramowlishwaran +2 more
- 19 Jun 2019
TL;DR: A comprehensive and quantitative what-if analysis on the web browser's page loading process is applied, which shows that optimizing JavaScript by 40% is expected to improve the Chromium page loading performance by more than 8.5% under typical network conditions.
22
References
•Book
The Definition of Standard ML
Robin Milner,Mads Tofte,Robert Harper +2 more
- 01 Jan 1990
TL;DR: This book provides a formal definition of Standard ML for the benefit of all concerned with the language, including users and implementers, and the authors have defined their semantic objects in mathematical notation that is completely independent of StandardML.
2.7K
Thread Scheduling for Multiprogrammed Multiprocessors
TL;DR: This work presents a user-level thread scheduler for shared-memory multiprocessors, and it achieves linear speedup whenever P is small relative to the parallelism T1/T∈fty .
513
The rust language
TL;DR: Rust is a new programming language for developing reliable and efficient systems that provides strong guarantees about isolation, concurrency, and memory safety, and offers a clear performance model, making it easier to predict and reason about program efficiency.
463
A case for parallelizing web pages
Haohui Mai,Shuo Tang,Samuel T. King,Calin Cascaval,Pablo Montesinos +4 more
- 07 Jun 2012
TL;DR: It is found that Adrenaline is a perfect fit for modern browser's plug-in architecture, requiring only minimal changes to implement in commodity browsers, and the performance of Adrenaline on a quadcore ARM system for 170 popular web sites is evaluated.
35
Efficient Data Representation in Polymorphic Languages
Xavier Leroy
- 20 Aug 1990
TL;DR: This paper shows how to take advantage of the static polymorphic typing to mix correctly two styles of data representation in the implementation of a polymorphic language: specialized, efficient representations are used when types are fully known at compile-time; uniform, Lisp-like representation are used otherwise.
Related Papers (5)
Kyle Dewey,Jared Roesch,Ben Hardekopf +2 more
- 09 Nov 2015
Drew Dean,Edward W. Felten,Dan S. Wallach +2 more
- 06 May 1996