SafeDrop: Detecting Memory Deallocation Bugs of Rust Programs via Static Data-Flow Analysis-Reference-Cited by-同舟云学术

SafeDrop: Detecting Memory Deallocation Bugs of Rust Programs via Static Data-Flow Analysis

Published:2022-06-21 Issue: Volume: Page:
ISSN:1049-331X
Container-title:ACM Transactions on Software Engineering and Methodology
language:en
Short-container-title:ACM Trans. Softw. Eng. Methodol.

Author:

Cui Mohan¹^ORCID,Chen Chengjun¹^ORCID,Xu Hui¹^ORCID,Zhou Yangfan²^ORCID

Affiliation:

1. School of Computer Science, Fudan University, China

2. School of Computer Science, Fudan University, China and Shanghai Key Laboratory of Intelligent Information Processing, China

Abstract

Rust is an emerging programming language that aims to prevent memory-safety bugs. However, the current design of Rust also brings side effects, which may increase the risk of memory-safety issues. In particular, it employs OBRM (ownership-based resource management) and enforces automatic deallocation of unused resources without using the garbage collector. It may therefore falsely deallocate reclaimed memory and lead to use-after-free or double-free issues. In this paper, we study the problem of invalid memory deallocation and propose SafeDrop , a static path-sensitive data-flow analysis approach to detect such bugs. Our approach analyzes each function of a Rust crate iteratively in a flow-sensitive and field-sensitive way. It leverages a modified Tarjan algorithm to achieve scalable path-sensitive analysis and a cache-based strategy for efficient inter-procedural analysis. We have implemented our approach and integrated it into the Rust compiler. Experiment results show that the approach can successfully detect all such bugs in our experiments with a limited number of false positives and incurs a very small overhead compared to the original compilation time.

Publisher

Association for Computing Machinery (ACM)

Subject

Software

Link

https://dl.acm.org/doi/pdf/10.1145/3542948

Reference43 articles.

1. Alfred V Aho Monica S Lam Ravi Sethi and Jeffrey D Ullman. 2007. Compilers: principles techniques & tools. Pearson Education India. Alfred V Aho Monica S Lam Ravi Sethi and Jeffrey D Ullman. 2007. Compilers: principles techniques & tools. Pearson Education India.

2. Improving data-flow analysis with path profiles

3. Engineering the servo web browser engine using Rust

4. Vytautas Astrauskas Christoph Matheja Federico Poli Peter Müller and Alexander J Summers. 2020. How do programmers use unsafe rust?Proceedings of the ACM on Programming Languages 4 OOPSLA(2020) 1–27. Vytautas Astrauskas Christoph Matheja Federico Poli Peter Müller and Alexander J Summers. 2020. How do programmers use unsafe rust?Proceedings of the ACM on Programming Languages 4 OOPSLA(2020) 1–27.

5. Leveraging rust types for modular specification and verification

Cited by 13 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. UnsafeCop: Towards Memory Safety for Real-World Unsafe Rust Code with Practical Bounded Model Checking;Lecture Notes in Computer Science;2024-09-13

2. Effectiveness of ChatGPT for Static Analysis: How Far Are We?;Proceedings of the 1st ACM International Conference on AI-Powered Software;2024-07-10

3. Don’t Write, but Return: Replacing Output Parameters with Algebraic Data Types in C-to-Rust Translation;Proceedings of the ACM on Programming Languages;2024-06-20

4. Understanding and Detecting Real-World Safety Issues in Rust;IEEE Transactions on Software Engineering;2024-06

5. ERASan: Efficient Rust Address Sanitizer;2024 IEEE Symposium on Security and Privacy (SP);2024-05-19