Security, compilers, Rust

Emanuele Vannacci

I am a software engineer in Amsterdam working on Rust, memory safety, compiler behavior, and security tooling. This site is a research log for experiments and notes that connect source code, optimizers, and real execution behavior.

Latest Writing

Writing Constant-Time Rust Is Not Enough

How Rust aliasing facts can let LLVM change fixed-load constant-time code into selected-address-load code.

Dec 14, 2025 Rust

Rust MIR Instrumentation

How to inject calls inside MIR

Jan 20, 2025 Rust

(Rust) Pointers provenance is real

Provenance and Rust

Published Papers

All publications

USENIX Security

Speculation at Fault: Modeling and Testing Microarchitectural Leakage of CPU Exceptions

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, and 2 more authors

In USENIX Security, Aug 2023

Bib PDF Code

@inproceedings{hofmann_speculation_2023,
  title = {Speculation at {Fault}: {Modeling} and {Testing} {Microarchitectural} {Leakage} of {CPU} {Exceptions}},
  booktitle = {{USENIX} {Security}},
  author = {Hofmann, Jana and Vannacci, Emanuele and Fournet, Cedric and Köpf, Boris and Oleksenko, Oleksii},
  month = aug,
  year = {2023},
  keywords = {artifacts:available, artifacts:functional, artifacts:reproduced, class\_sidechannels, proj\_intersect, type\_ae, type\_conf, type\_paper, type\_tier1, type\_top},
}

USENIX Security

SMASH: Synchronized Many-sided Rowhammer Attacks From JavaScript

Finn Ridder, Pietro Frigo, Emanuele Vannacci, and 3 more authors

In USENIX Security, Aug 2021

Pwnie Award Nomination for Most Under-Hyped Research, Best Faculty of Science Master Thesis Award

Bib PDF Code

@inproceedings{de_ridder_smash_2021,
  title = {{SMASH}: {Synchronized} {Many}-sided {Rowhammer} {Attacks} {From} {JavaScript}},
  booktitle = {{USENIX} {Security}},
  author = {de Ridder, Finn and Frigo, Pietro and Vannacci, Emanuele and Bos, Herbert and Giuffrida, Cristiano and Razavi, Kaveh},
  month = aug,
  year = {2021},
  note = {Pwnie Award Nomination for Most Under-Hyped Research, Best Faculty of Science Master Thesis Award},
  keywords = {class\_rowhammer, proj\_offcore, proj\_panta, proj\_react, proj\_unicore, type\_award, type\_conf, type\_csec, type\_mscthesis, type\_paper, type\_tier1, type\_top},
}

IEEE S&P

TRRespass: Exploiting the Many Sides of Target Row Refresh

Pietro Frigo, Emanuele Vannacci, Hasan Hassan, and 5 more authors

In S&P, May 2020

Best Paper Award, Pwnie Award for Most Innovative Research, IEEE Micro Top Picks Honorable Mention, DCSR Paper Award

Bib PDF Supp Code

@inproceedings{frigo_trrespass_2020,
  title = {{TRRespass}: {Exploiting} the {Many} {Sides} of {Target} {Row} {Refresh}},
  booktitle = {S\&{P}},
  author = {Frigo, Pietro and Vannacci, Emanuele and Hassan, Hasan and van der Veen, Victor and Mutlu, Onur and Giuffrida, Cristiano and Bos, Herbert and Razavi, Kaveh},
  month = may,
  year = {2020},
  note = {Best Paper Award, Pwnie Award for Most Innovative Research, IEEE Micro Top Picks Honorable Mention, DCSR Paper Award},
  keywords = {class\_rowhammer, proj\_offcore, proj\_panta, proj\_react, proj\_unicore, proj\_vici, type\_award, type\_conf, type\_cve\_assigned, type\_paper, type\_press, type\_tier1, type\_top},
}

Talks

A journey into the secret flaws of in-DRAM RowHammer mitigations

HITB Singapore talk with Pietro Frigo on RowHammer mitigations and the security assumptions behind them.

I use this site for technical notes, work-in-progress ideas, and writeups that are useful enough to publish but not necessarily polished into papers.

The focus is usually Rust, unsafe code, memory models, compilers, and security tooling. Treat the posts as engineering notes: useful for learning and discussion, but not as drop-in advice without checking the details in your own setting.