{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,24]],"date-time":"2025-08-24T01:19:25Z","timestamp":1755998365521,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":67,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,10,25]],"date-time":"2021-10-25T00:00:00Z","timestamp":1635120000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,10,25]]},"DOI":"10.1145\/3477113.3487272","type":"proceedings-article","created":{"date-parts":[[2021,10,11]],"date-time":"2021-10-11T10:25:01Z","timestamp":1633947901000},"page":"76-83","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Isolation in Rust"],"prefix":"10.1145","author":[{"given":"Anton","family":"Burtsev","sequence":"first","affiliation":[{"name":"University of California, Irvine, Irvine, California, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dan","family":"Appel","sequence":"additional","affiliation":[{"name":"University of California, Irvine, Irvine, California, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"David","family":"Detweiler","sequence":"additional","affiliation":[{"name":"University of California, Irvine, Irvine, California, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tianjiao","family":"Huang","sequence":"additional","affiliation":[{"name":"University of California, Irvine, Irvine, California, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhaofeng","family":"Li","sequence":"additional","affiliation":[{"name":"University of California, Irvine, Irvine, California, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Vikram","family":"Narayanan","sequence":"additional","affiliation":[{"name":"University of California, Irvine, Irvine, California, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gerd","family":"Zellweger","sequence":"additional","affiliation":[{"name":"VMware Research Palo, Alto, California, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2021,10,25]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"seL4 Performance. https:\/\/sel4.systems\/About\/Performance\/."},{"key":"e_1_3_2_2_2_1","unstructured":"WebAssembly Specification. https:\/\/webassembly.github.io\/spec\/core\/."},{"key":"e_1_3_2_2_3_1","volume-title":"June","author":"Advisory Qualys Security","year":"2017","unstructured":"Qualys Security Advisory. The Stack Clash. https:\/\/www.qualys.com\/2017\/06\/19\/stack-clash\/stack-clash.txt, June 2017. Accessed: 2021-02-03."},{"key":"e_1_3_2_2_4_1","unstructured":"Brian Anderson. [rust-dev] Abandoning segmented stacks in Rust. https:\/\/mail.mozilla.org\/pipermail\/rust-dev\/2013-November\/006314.html. Accessed: 2021-02-03."},{"key":"e_1_3_2_2_5_1","first-page":"49","volume-title":"Proceedings of the Eighth ACM\/IEEE Symposium on Architectures for Networking and Communications Systems, ANCS'12","author":"Anderson James W.","year":"2012","unstructured":"James W. Anderson, Ryan Braud, Rishi Kapoor, George Porter, and Amin Vahdat. XOMB: Extensible open middleboxes with commodity servers. In Proceedings of the Eighth ACM\/IEEE Symposium on Architectures for Networking and Communications Systems, ANCS'12, pages 49--60, New York, NY, USA, 2012."},{"key":"e_1_3_2_2_6_1","volume-title":"The KaffeOS Java Runtime System. ACM Transactions on Programming Languages and Systems (TOPLAS), 27(4):583--630","author":"Back Godmar","year":"2005","unstructured":"Godmar Back and Wilson C Hsieh. The KaffeOS Java Runtime System. ACM Transactions on Programming Languages and Systems (TOPLAS), 27(4):583--630, 2005."},{"key":"e_1_3_2_2_7_1","first-page":"156","volume-title":"Leonid Ryzhyk. System Programming in Rust: Beyond Safety. In Proceedings of the 16th Workshop on Hot Topics in Operating Systems (HotOS'17)","author":"Balasubramanian Abhiram","year":"2017","unstructured":"Abhiram Balasubramanian, Marek S. Baranowski, Anton Burtsev, Aurojit Panda, Zvonimir Rakamari\u0107, and Leonid Ryzhyk. System Programming in Rust: Beyond Safety. In Proceedings of the 16th Workshop on Hot Topics in Operating Systems (HotOS'17), pages 156--161, 2017."},{"key":"e_1_3_2_2_8_1","series-title":"Concurrent Systems Engineering Series","first-page":"182","volume-title":"Communicating Process Architectures","author":"Barnes Fred","year":"2003","unstructured":"Fred Barnes, Christian Jacobsen, and Brian Vinter. RMoX: A Raw-Metal occam Experiment. In Communicating Process Architectures 2003, volume 61 of Concurrent Systems Engineering Series, pages 182--196, September 2003."},{"key":"e_1_3_2_2_9_1","volume-title":"MITRE CORP BEDFORD MA","author":"Elliott Bell D","year":"1976","unstructured":"D Elliott Bell and Leonard J La Padula. Secure computer system: Unified exposition and multics interpretation. Technical report, MITRE CORP BEDFORD MA, 1976."},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/224056.224077"},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1238844.1238855"},{"key":"e_1_3_2_2_12_1","first-page":"1","volume-title":"14th USENIX Symposium on Operating Systems Design and Implementation (OSDI'20)","author":"Boos Kevin","year":"2020","unstructured":"Kevin Boos, Namitha Liyanage, Ramla Ijaz, and Lin Zhong. Theseus: an experiment in operating system structure and state management. In 14th USENIX Symposium on Operating Systems Design and Implementation (OSDI'20), pages 1--19, 2020."},{"volume-title":"Bromium micro-virtualization","year":"2010","key":"e_1_3_2_2_13_1","unstructured":"Bromium. Bromium micro-virtualization, 2010. http:\/\/www.bromium.com\/misc\/BromiumMicrovirtualization.pdf."},{"key":"e_1_3_2_2_14_1","volume-title":"LISP Lore: A Guide to Programming the Lisp Machine","author":"Bromley Hank","year":"2012","unstructured":"Hank Bromley and Richard Lamson. LISP Lore: A Guide to Programming the Lisp Machine. Springer Science & Business Media, 2012."},{"key":"e_1_3_2_2_15_1","first-page":"25","volume-title":"Proceedings of the 2009 conference on USENIX Annual technical conference","author":"Burtsev Anton","year":"2009","unstructured":"Anton Burtsev, Kiran Srinivasan, Prashanth Radhakrishnan, Lakshmi N Bairavasundaram, Kaladhar Voruganti, and Garth R Goodson. Fido: Fast inter-virtual-machine communication for enterprise appliances. In Proceedings of the 2009 conference on USENIX Annual technical conference, pages 25--25, 2009."},{"key":"e_1_3_2_2_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629581"},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/35037.42270"},{"key":"e_1_3_2_2_18_1","unstructured":"Intel Corporation. DPDK: Data Plane Development Kit. http:\/\/dpdk.org\/."},{"key":"e_1_3_2_2_19_1","volume-title":"Serde: a framework for serializing and deserializing Rust data structures efficiently and generically. https:\/\/crates.io\/crates\/serde","author":"Serde","year":"2021","unstructured":"Serde developers. Serde: a framework for serializing and deserializing Rust data structures efficiently and generically. https:\/\/crates.io\/crates\/serde, 2021. Accessed: 2021-02-03."},{"key":"e_1_3_2_2_20_1","doi-asserted-by":"publisher","DOI":"10.1002\/bltj.2028"},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/ANCS.2019.8901892"},{"key":"e_1_3_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ANCS.2019.8901892"},{"key":"e_1_3_2_2_23_1","first-page":"75","volume-title":"Proceedings of the 7th Symposium on Operating Systems Design and Implementation, OSDI'06","author":"Erlingsson \u00dalfar","year":"2006","unstructured":"\u00dalfar Erlingsson, Mart\u00edn Abadi, Michael Vrable, Mihai Budiu, and George C. Necula. XFI: Software guards for system address spaces. In Proceedings of the 7th Symposium on Operating Systems Design and Implementation, OSDI'06, pages 75--88, 2006."},{"key":"e_1_3_2_2_24_1","volume-title":"Design of the Bastei OS architecture","author":"Helmuth N.","year":"2007","unstructured":"Feske, N. and Helmuth, C. Design of the Bastei OS architecture. 2007."},{"key":"e_1_3_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346303"},{"key":"e_1_3_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945464"},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/566726.566751"},{"key":"e_1_3_2_2_28_1","volume-title":"Smalltalk-80: The Language and its Implementation","author":"Goldberg Adele","year":"1983","unstructured":"Adele Goldberg and David Robson. Smalltalk-80: The Language and its Implementation. Addison-Wesley Longman Publishing Co., Inc., 1983."},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/858336.858337"},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1278901.1278904"},{"key":"e_1_3_2_2_31_1","volume-title":"Minix 3: A highly reliable, self-repairing operating system. ACM SIGOPS Operating Systems Review, 40(3):80--89","author":"Herder Jorrit N","year":"2006","unstructured":"Jorrit N Herder, Herbert Bos, Ben Gras, Philip Homburg, and Andrew S Tanenbaum. Minix 3: A highly reliable, self-repairing operating system. ACM SIGOPS Operating Systems Review, 40(3):80--89, 2006."},{"key":"e_1_3_2_2_32_1","first-page":"22","volume-title":"Proceedings of the 11th ACM SIGOPS European Workshop","author":"Peter M.","unstructured":"Hohmuth, M. and Peter, M. and H\u00e4rtig, H. and Shapiro, J.S. Reducing TCB size by using untrusted components: small kernels versus virtual-machine monitors. In Proceedings of the 11th ACM SIGOPS European Workshop, page 22. ACM, 2004."},{"key":"e_1_3_2_2_33_1","volume-title":"Proceedings of the 1st ACM SIGCOMM Symposium on Software Defined Networking Research, SOSR'15","author":"Honda Michio","year":"2015","unstructured":"Michio Honda, Felipe Huici, Giuseppe Lettieri, and Luigi Rizzo. MSwitch: A Highly-Scalable, Modular Software Switch. In Proceedings of the 1st ACM SIGCOMM Symposium on Software Defined Networking Research, SOSR'15, New York, NY, USA, 2015."},{"key":"e_1_3_2_2_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3445814.3446710"},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/1243418.1243424"},{"key":"e_1_3_2_2_36_1","first-page":"445","volume-title":"Timothy Wood. NetVM: High Performance and Flexible Networking Using Virtualization on Commodity Platforms. In 11th USENIX Symposium on Networked Systems Design and Implementation (NSDI'14)","author":"Hwang Jinho","year":"2014","unstructured":"Jinho Hwang, K. K. Ramakrishnan, and Timothy Wood. NetVM: High Performance and Flexible Networking Using Virtualization on Commodity Platforms. In 11th USENIX Symposium on Networked Systems Design and Implementation (NSDI'14), pages 445--458, Seattle, WA, April 2014."},{"key":"e_1_3_2_2_37_1","unstructured":"Intel Corporation. Storage Performance Development Kit (SPDK). https:\/\/spdk.io."},{"key":"e_1_3_2_2_38_1","volume-title":"No Starch Press","author":"Klabnik Steve","year":"2019","unstructured":"Steve Klabnik and Carol Nichols. The Rust Programming Language. No Starch Press, 2019."},{"key":"e_1_3_2_2_39_1","first-page":"627","volume-title":"13th USENIX Symposium on Operating Systems Design and Implementation (OSDI'18)","author":"Kulkarni Chinmay","year":"2018","unstructured":"Chinmay Kulkarni, Sara Moore, Mazhar Naqvi, Tian Zhang, Robert Ricci, and Ryan Stutsman. Splinter: Bare-metal extensions for multi-tenant low-latency storage. In 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI'18), pages 627--643, Carlsbad, CA, October 2018."},{"key":"e_1_3_2_2_40_1","first-page":"98","volume-title":"Proceedings of the 7th ACM Symposium on Operating Systems Principles (SOSP'79)","author":"Butler","year":"1979","unstructured":"Butler W. Lampson and Robert F. Sproull. An Open Operating System for a Single-User Machine. In Proceedings of the 7th ACM Symposium on Operating Systems Principles (SOSP'79), pages 98--105. 1979."},{"key":"e_1_3_2_2_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3132747.3132786"},{"key":"e_1_3_2_2_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/3477113.3487275"},{"key":"e_1_3_2_2_43_1","volume-title":"Sun Microsystems","author":"Madany Peter W","year":"1996","unstructured":"Peter W Madany, Susan Keohan, Douglas Kramer, and Tom Saulpaugh. JavaOS: A Standalone Java Environment. White Paper, Sun Microsystems, Mountain View, CA, 1996."},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2043556.2043568"},{"key":"e_1_3_2_2_45_1","first-page":"459","volume-title":"11th USENIX Symposium on Networked Systems Design and Implementation (NSDI'14)","author":"Martins Joao","year":"2014","unstructured":"Joao Martins, Mohamed Ahmed, Costin Raiciu, Vladimir Olteanu, Michio Honda, Roberto Bifulco, and Felipe Huici. Clickos and the art of network function virtualization. In 11th USENIX Symposium on Networked Systems Design and Implementation (NSDI'14), pages 459--473, Seattle, WA, April 2014."},{"key":"e_1_3_2_2_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/319301.319345"},{"key":"e_1_3_2_2_48_1","first-page":"21","volume-title":"14th USENIX Symposium on Operating Systems Design and Implementation (OSDI'20)","author":"Narayanan Vikram","year":"2020","unstructured":"Vikram Narayanan, Tianjiao Huang, David Detweiler, Dan Appel, Zhaofeng Li, Gerd Zellweger, and Anton Burtsev. Redleaf: Isolation and communication in a safe operating system. In 14th USENIX Symposium on Operating Systems Design and Implementation (OSDI'20), pages 21--39, November 2020."},{"key":"e_1_3_2_2_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/263699.263712"},{"volume-title":"nue: A collection of tools for working with binary data and POD structs in Rust. https:\/\/crates.io\/crates\/nue","year":"2021","key":"e_1_3_2_2_50_1","unstructured":"nue developers. nue: A collection of tools for working with binary data and POD structs in Rust. https:\/\/crates.io\/crates\/nue, 2021. Accessed: 2021-02-03."},{"key":"e_1_3_2_2_51_1","first-page":"203","volume-title":"12th USENIX Symposium on Operating Systems Design and Implementation (OSDI'16)","author":"Panda Aurojit","year":"2016","unstructured":"Aurojit Panda, Sangjin Han, Keon Jang, Melvin Walls, Sylvia Ratnasamy, and Scott Shenker. NetBricks: Taking the V out of NFV. In 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI'16), pages 203--216, Savannah, GA, November 2016."},{"key":"e_1_3_2_2_52_1","doi-asserted-by":"crossref","unstructured":"LLVM Project. Segmented Stacks in LLVM \u00e2\u0102T LLVM 12 documentation. https:\/\/llvm.org\/docs\/SegmentedStacks.html. Accessed: 2021-02-03.","DOI":"10.1109\/LLVMHPC54804.2021.00007"},{"key":"e_1_3_2_2_53_1","first-page":"13","volume-title":"Scott Rixner. Hyper-Switch: A Scalable Software Virtual Switching Architecture. In 2013 USENIX Annual Technical Conference (USENIX ATC'13)","author":"Ram Kaushik Kumar","year":"2013","unstructured":"Kaushik Kumar Ram, Alan L. Cox, Mehul Chadha, and Scott Rixner. Hyper-Switch: A Scalable Software Virtual Switching Architecture. In 2013 USENIX Annual Technical Conference (USENIX ATC'13), pages 13--24, San Jose, CA, June 2013."},{"key":"e_1_3_2_2_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/358818.358822"},{"key":"e_1_3_2_2_55_1","first-page":"1","volume-title":"19th USENIX Security Symposium","author":"Sehr David","year":"2010","unstructured":"David Sehr, Robert Muth, Cliff L. Biffle, Victor Khimenko, Egor Pasko, Bennet Yee, Karl Schimpf, and Brad Chen. Adapting Software Fault Isolation to Contemporary CPU Architectures. In 19th USENIX Security Symposium, pages 1--11, 2010."},{"key":"e_1_3_2_2_56_1","first-page":"323","volume-title":"9th USENIX Symposium on Networked Systems Design and Implementation (NSDI'12)","author":"Sekar Vyas","year":"2012","unstructured":"Vyas Sekar, Norbert Egi, Sylvia Ratnasamy, Michael K. Reiter, and Guangyu Shi. Design and Implementation of a Consolidated Middlebox Architecture. In 9th USENIX Symposium on Networked Systems Design and Implementation (NSDI'12), pages 323--336, San Jose, CA, April 2012."},{"key":"e_1_3_2_2_57_1","doi-asserted-by":"publisher","DOI":"10.5555\/645917.672163"},{"key":"e_1_3_2_2_58_1","first-page":"102","volume-title":"Susan J Eggers. Nooks: An Architecture for Reliable Device Drivers. In Proceedings of the 10th workshop on ACM SIGOPS European Workshop","author":"Swift Michael M","year":"2002","unstructured":"Michael M Swift, Steven Martin, Henry M Levy, and Susan J Eggers. Nooks: An Architecture for Reliable Device Drivers. In Proceedings of the 10th workshop on ACM SIGOPS European Workshop, pages 102--107, 2002."},{"key":"e_1_3_2_2_59_1","volume-title":"A Structural View of the Cedar Programming Environment. ACM Transactions on Programming Languages and Systems (TOPLAS), 8(4):419--490","author":"Swinehart Daniel C","year":"1986","unstructured":"Daniel C Swinehart, Polle T Zellweger, Richard J Beach, and Robert B Hagmann. A Structural View of the Cedar Programming Environment. ACM Transactions on Programming Languages and Systems (TOPLAS), 8(4):419--490, 1986."},{"key":"e_1_3_2_2_60_1","unstructured":"Rust Language Team. API documentation for the Rust 'probestack' mod in crate 'compiler_builtins'. https:\/\/docs.rs\/compiler_builtins\/0.1.39\/compiler_builtins\/probestack\/index.html. Accessed: 2021-02-03."},{"key":"e_1_3_2_2_61_1","unstructured":"Rust Language Team. A 'functionpointer' trait to represent all 'fn' types. https:\/\/github.com\/rust-lang\/lang-team\/issues\/23. Accessed: 2021-02-03."},{"key":"e_1_3_2_2_62_1","unstructured":"Rust Language Team. The Rust Reference: Procedural Macros. https:\/\/doc.rust-lang.org\/reference\/procedural-macros.html. Accessed: 2021-02-03."},{"key":"e_1_3_2_2_63_1","unstructured":"Rust Language Team. The Rust RFC Book: 1566-proc-macros. https:\/\/rust-lang.github.io\/rfcs\/1566-proc-macros.html. Accessed: 2021-02-03."},{"key":"e_1_3_2_2_64_1","unstructured":"Rust Language Team. Tracking issue for plugin stabilization ('plugin' 'plugin_registrar' features). https:\/\/github.com\/rust-lang\/rust\/issues\/29597. Accessed: 2021-02-03."},{"key":"e_1_3_2_2_65_1","unstructured":"The Go Programming Language team. Go 1.3 Release Notes. https:\/\/golang.org\/doc\/go1.3. Accessed: 2021-02-03."},{"key":"e_1_3_2_2_66_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-48749-2_17"},{"key":"e_1_3_2_2_67_1","doi-asserted-by":"publisher","DOI":"10.1145\/1806596.1806610"},{"key":"e_1_3_2_2_68_1","volume-title":"IEEE Symposium on Security and Privacy (Oakland'09)","author":"Yee Bennet","year":"2009","unstructured":"Bennet Yee, David Sehr, Greg Dardyk, Brad Chen, Robert Muth, Tavis Ormandy, Shiki Okasaka, Neha Narula, and Nicholas Fullagar. Native Client: A Sandbox for Portable, Untrusted x86 Native Code. In IEEE Symposium on Security and Privacy (Oakland'09), IEEE, 3 Park Avenue, 17th Floor, New York, NY 10016, 2009."}],"event":{"name":"SOSP '21: ACM SIGOPS 28th Symposium on Operating Systems Principles","sponsor":["SIGOPS ACM Special Interest Group on Operating Systems"],"location":"Virtual Event Germany","acronym":"SOSP '21"},"container-title":["Proceedings of the 11th Workshop on Programming Languages and Operating Systems"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3477113.3487272","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3477113.3487272","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:49:14Z","timestamp":1750193354000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3477113.3487272"}},"subtitle":["What is Missing?"],"short-title":[],"issued":{"date-parts":[[2021,10,25]]},"references-count":67,"alternative-id":["10.1145\/3477113.3487272","10.1145\/3477113"],"URL":"https:\/\/doi.org\/10.1145\/3477113.3487272","relation":{},"subject":[],"published":{"date-parts":[[2021,10,25]]},"assertion":[{"value":"2021-10-25","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}