Crust: A Bounded Verifier for Rust (N)

J. Toman, Stuart Pernsteiner, E. Torlak
{"title":"Crust: A Bounded Verifier for Rust (N)","authors":"J. Toman, Stuart Pernsteiner, E. Torlak","doi":"10.1109/ASE.2015.77","DOIUrl":null,"url":null,"abstract":"Rust is a modern systems language that provides guaranteed memory safety through static analysis. However, Rust includes an escape hatch in the form of \"unsafe code,\" which the compiler assumes to be memory safe and to preserve crucial pointer aliasing invariants. Unsafe code appears in many data structure implementations and other essential libraries, and bugs in this code can lead to memory safety violations in parts of the program that the compiler otherwise proved safe. We present CRUST, a tool combining exhaustive test generation and bounded model checking to detect memory safety errors, as well as violations of Rust's pointer aliasing invariants within unsafe library code. CRUST requires no programmer annotations, only an indication of the modules to check. We evaluate CRUSTon data structures from the Rust standard library. It detects memory safety bugs that arose during the library's development and remained undetected for several months.","PeriodicalId":6586,"journal":{"name":"2015 30th IEEE/ACM International Conference on Automated Software Engineering (ASE)","volume":"10 1","pages":"75-80"},"PeriodicalIF":0.0000,"publicationDate":"2015-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"24","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 30th IEEE/ACM International Conference on Automated Software Engineering (ASE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ASE.2015.77","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 24

Abstract

Rust is a modern systems language that provides guaranteed memory safety through static analysis. However, Rust includes an escape hatch in the form of "unsafe code," which the compiler assumes to be memory safe and to preserve crucial pointer aliasing invariants. Unsafe code appears in many data structure implementations and other essential libraries, and bugs in this code can lead to memory safety violations in parts of the program that the compiler otherwise proved safe. We present CRUST, a tool combining exhaustive test generation and bounded model checking to detect memory safety errors, as well as violations of Rust's pointer aliasing invariants within unsafe library code. CRUST requires no programmer annotations, only an indication of the modules to check. We evaluate CRUSTon data structures from the Rust standard library. It detects memory safety bugs that arose during the library's development and remained undetected for several months.
Crust: Rust (N)的有界验证器
Rust是一种现代系统语言,它通过静态分析提供有保证的内存安全。然而,Rust以“不安全代码”的形式包含了一个转义口,编译器认为它是内存安全的,并保留了关键的指针混搭不变量。不安全代码出现在许多数据结构实现和其他基本库中,这些代码中的错误可能导致程序中编译器证明安全的部分违反内存安全。我们介绍了CRUST,这是一个结合了详尽测试生成和有界模型检查的工具,用于检测内存安全错误,以及不安全库代码中违反Rust指针混联不变量的情况。CRUST不需要程序员注释,只需要指示要检查的模块。我们从Rust标准库中评估CRUSTon数据结构。它可以检测在库开发过程中出现的内存安全错误,并且几个月都没有被发现。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信