Abstract
The Rust language was created to provide safe low-level systems programming. There is both industrial and academic interest in the problem of (semi-)automatically translating C code to Rust in order to exploit Rust's safety guarantees. We study the effectiveness and limitations of existing techniques for automatically translating unsafe raw pointers (in Rust programs translated from C) into safe Rust references via ownership and lifetime inference. Our novel evaluation methodology enables our study to extend beyond prior studies, and to discover new information contradicting the conclusions of prior studies. We find that existing translation methods are severely limited by a lack of precision in the Rust compiler's safety checker, causing many safe pointer manipulations to be labeled as potentially unsafe. Leveraging this information, we propose methods for improving translation, based on encoding the results of a more precise analysis in a manner that is understandable to an unmodified Rust compiler. We implement one of our proposed methods, increasing the number of pointers that can be translated to safe Rust references by 75% over the baseline (from 12% to 21% of all pointers).
- Alexander Aiken. 1999. Introduction to set constraint-based program analysis. Science of Computer Programming, 35, 2 (1999), Nov., 79–111. issn:0167-6423 https://doi.org/10.1016/S0167-6423(99)00007-6
Google Scholar
Digital Library
- Lars Ole Andersen. 1994. Program Analysis and Specialization for the C Programming Language. no URL
Google Scholar
- Brian Anderson, Lars Bergstrom, David Herman, Josh Matthews, Keegan McAllister, Manish Goregaokar, Jack Moffitt, and Simon Sapin. 2015. Experience Report: Developing the Servo Web Browser Engine using Rust. arXiv:1505.07383 [cs], May, arxiv:1505.07383 arXiv: 1505.07383
Google Scholar
- F. J. Anscombe. 1973. Graphs in Statistical Analysis. The American Statistician, 27, 1 (1973), Feb., 17–21. issn:0003-1305 https://doi.org/10.1080/00031305.1973.10478966
Google Scholar
Cross Ref
- Chandrasekhar Boyapati, Robert Lee, and Martin Rinard. 2002. Ownership Types for Safe Programming: Preventing Data Races and Deadlocks. In Proceedings of the 17th ACM SIGPLAN Conference on Object-oriented Programming, Systems, Languages, and Applications (OOPSLA ’02). ACM, New York, NY, USA. 211–230. isbn:978-1-58113-471-1 https://doi.org/10.1145/582419.582440
Google Scholar
Digital Library
- Chandrasekhar Boyapati, Alexandru Salcianu, William Beebee, Jr., and Martin Rinard. 2003. Ownership Types for Safe Region-based Memory Management in Real-time Java. In Proceedings of the ACM SIGPLAN 2003 Conference on Programming Language Design and Implementation (PLDI ’03). ACM, New York, NY, USA. 324–337. isbn:978-1-58113-662-3 https://doi.org/10.1145/781131.781168
Google Scholar
Digital Library
- David Bryant. 2016. A Quantum Leap for the Web. https://medium.com/mozilla-tech/a-quantum-leap-for-the-web-a3b7174b3c12
Google Scholar
- Jonathan Corbet. 2021. Rust support hits linux-next. https://lwn.net/Articles/849849/
Google Scholar
- Nelson Elhage. 2020. Supporting Linux kernel development in Rust. https://lwn.net/Articles/829858/
Google Scholar
- Archibald Samuel Elliott, Andrew Ruef, Michael Hicks, and David Tarditi. 2018. Checked C: Making C Safe by Extension. In 2018 IEEE Cybersecurity Development. IEEE, Cambridge, MA, USA. 53–60. https://doi.org/10.1109/SecDev.2018.00015
Google Scholar
Cross Ref
- Mehmet Emre, Peter Boyland, Ryan Schroeder, and Aesha Parekh. 2023. Artifact for "Aliasing Limits on Translating C to Safe Rust". https://doi.org/10.5281/zenodo.7714175
Google Scholar
Digital Library
- Mehmet Emre, Ryan Schroeder, Kyle Dewey, and Ben Hardekopf. 2021. Translating C to Safer Rust. Proc. ACM Program. Lang., 5, OOPSLA (2021), Article 121, Oct., 29 pages. https://doi.org/10.1145/3485498
Google Scholar
Digital Library
- Manuel Fähndrich, Jakob Rehof, and Manuvir Das. 2000. Scalable Context-Sensitive Flow Analysis Using Instantiation Constraints. In Proceedings of the ACM SIGPLAN 2000 Conference on Programming Language Design and Implementation (PLDI ’00). Association for Computing Machinery, New York, NY, USA. 253–263. isbn:1581131992 https://doi.org/10.1145/349299.349332
Google Scholar
Digital Library
- Jeffrey S. Foster, Tachio Terauchi, and Alex Aiken. 2002. Flow-Sensitive Type Qualifiers. In Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation (PLDI ’02). Association for Computing Machinery, New York, NY, USA. 1–12. isbn:1581134630 https://doi.org/10.1145/512529.512531
Google Scholar
Digital Library
- Samuel Z. Guyer and Calvin Lin. 2003. Client-Driven Pointer Analysis. In Static Analysis (Lecture Notes in Computer Science). Springer, Berlin, Heidelberg, 214–236. isbn:978-3-540-40325-8 978-3-540-44898-3 https://doi.org/10.1007/3-540-44898-5_12
Google Scholar
Cross Ref
- Nevin Heintze and Olivier Tardieu. 2001. Ultra-fast Aliasing Analysis Using CLA: A Million Lines of C Code in a Second. In Proceedings of the ACM SIGPLAN 2001 Conference on Programming Language Design and Implementation (PLDI ’01). ACM, New York, NY, USA. 254–263. isbn:978-1-58113-414-8 https://doi.org/10.1145/378795.378855
Google Scholar
Digital Library
- Immunant inc.. 2020. immunant/c2rust. https://github.com/immunant/c2rust original-date: 2018-04-20T00:05:50Z
Google Scholar
- Trevor Jim, J Gregory Morrisett, Dan Grossman, Michael W Hicks, James Cheney, and Yanling Wang. 2002. Cyclone: a safe dialect of C.. In USENIX Annual Technical Conference, General Track. 275–288.
Google Scholar
- George Kastrinis and Yannis Smaragdakis. 2013. Hybrid Context-sensitivity for Points-to Analysis. In Proceedings of the 34th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’13). ACM, New York, NY, USA. 423–434. isbn:978-1-4503-2014-6 https://doi.org/10.1145/2491956.2462191
Google Scholar
Digital Library
- Kornel Lesinski. 2018. Citrus / Citrus. https://gitlab.com/citrus-rs/citrus
Google Scholar
- Amit Levy, Michael P. Andersen, Bradford Campbell, David Culler, Prabal Dutta, Branden Ghena, Philip Levis, and Pat Pannuto. 2015. Ownership is theft: experiences building an embedded OS in rust. In Proceedings of the 8th Workshop on Programming Languages and Operating Systems (PLOS ’15). Association for Computing Machinery, New York, NY, USA. 21–26. isbn:978-1-4503-3942-1 https://doi.org/10.1145/2818302.2818306
Google Scholar
Digital Library
- Ondřej Lhoták and Laurie Hendren. 2006. Context-Sensitive Points-to Analysis: Is It Worth It? In Compiler Construction (Lecture Notes in Computer Science). Springer, Berlin, Heidelberg, 47–64. isbn:978-3-540-33050-9 978-3-540-33051-6 https://doi.org/10.1007/11688839_5
Google Scholar
Digital Library
- Yi Lin, Stephen M. Blackburn, Antony L. Hosking, and Michael Norrish. 2016. Rust as a language for high performance GC implementation. In Proceedings of the 2016 ACM SIGPLAN International Symposium on Memory Management - ISMM 2016. ACM Press, Santa Barbara, CA, USA. 89–98. isbn:978-1-4503-4317-6 https://doi.org/10.1145/2926697.2926707
Google Scholar
Digital Library
- Michael Ling, Yijun Yu, Haitao Wu, Yuan Wang, James R. Cordy, and Ahmed E. Hassan. 2022. In Rust We Trust – A Transpiler from Unsafe C to Safer Rust. In 2022 IEEE/ACM 44th International Conference on Software Engineering: Companion Proceedings. IEEE, Pittsburgh, PA, USA. 354–355. https://doi.org/10.1109/ICSE-Companion55297.2022.9793767
Google Scholar
Cross Ref
- Aravind Machiry, John Kastner, Matt McCutchen, Aaron Eline, Kyle Headley, and Michael Hicks. 2022. C to checked C by 3c. Proceedings of the ACM on Programming Languages, 6, OOPSLA1 (2022), April, 78:1–78:29. https://doi.org/10.1145/3527322
Google Scholar
Digital Library
- George C. Necula, Jeremy Condit, Matthew Harren, Scott McPeak, and Westley Weimer. 2005. CCured: Type-Safe Retrofitting of Legacy Software. ACM Trans. Program. Lang. Syst., 27, 3 (2005), May, 477–526. issn:0164-0925 https://doi.org/10.1145/1065887.1065892
Google Scholar
Digital Library
- David J. Pearce, Paul H.J. Kelly, and Chris Hankin. 2007. Efficient Field-sensitive Pointer Analysis of C. ACM Trans. Program. Lang. Syst., 30, 1 (2007), Nov., issn:0164-0925 https://doi.org/10.1145/1290520.1290524
Google Scholar
Digital Library
- Marc Shapiro and Susan Horwitz. 1997. The effects of the precision of pointer analysis. In Static Analysis (Lecture Notes in Computer Science). Springer, Berlin, Heidelberg, 16–34. isbn:978-3-540-63468-3 978-3-540-69576-9 https://doi.org/10.1007/BFb0032731
Google Scholar
Cross Ref
- Marc Shapiro and Susan Horwitz. 1997. Fast and Accurate Flow-insensitive Points-to Analysis. In Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL ’97). ACM, New York, NY, USA. 1–14. isbn:978-0-89791-853-4 https://doi.org/10.1145/263699.263703
Google Scholar
Digital Library
- Jamey Sharp. 2020. jameysharp/corrode. https://github.com/jameysharp/corrode original-date: 2016-05-05T21:12:52Z
Google Scholar
- Yannis Smaragdakis, George Kastrinis, and George Balatsouras. 2014. Introspective Analysis: Context-sensitivity, Across the Board. In Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’14). ACM, New York, NY, USA. 485–495. isbn:978-1-4503-2784-8 https://doi.org/10.1145/2594291.2594320
Google Scholar
Digital Library
- Bjarne Steensgaard. 1996. Points-to Analysis in Almost Linear Time. In Proceedings of the 23rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL ’96). ACM, New York, NY, USA. 32–41. isbn:978-0-89791-769-8 https://doi.org/10.1145/237721.237727
Google Scholar
Digital Library
- Jeff Vander Stoep and Stephen Hines. 2021. Rust in the Android platform. https://security.googleblog.com/2021/04/rust-in-android-platform.html
Google Scholar
- Yulei Sui and Jingling Xue. 2016. SVF: interprocedural static value-flow analysis in LLVM. In Proceedings of the 25th international conference on compiler construction. 265–266.
Google Scholar
Digital Library
- The Rust Project. 2021. The Rust Reference. https://doc.rust-lang.org/stable/reference/
Google Scholar
- The Rust Project. 2022. lazy-static.rs. https://github.com/rust-lang-nursery/lazy-static.rs original-date: 2014-06-24T08:25:15Z
Google Scholar
- The Rust Project. 2022. standard lazy types - Rust RFC #2788. https://github.com/rust-lang/rfcs/pull/2788
Google Scholar
- Aaron Weiss, Daniel Patterson, Nicholas D Matsakis, and Amal Ahmed. 2020. Oxide: The Essence of Rust. 27 pages. https://doi.org/10.48550/arXiv.1903.00982
Google Scholar
Index Terms
Aliasing Limits on Translating C to Safe Rust
Recommendations
Translating C to safer Rust
Rust is a relatively new programming language that targets efficient and safe systems-level applications. It includes a sophisticated type system that allows for provable memory- and thread-safety, and is explicitly designed to take the place of unsafe ...
How do programmers use unsafe rust?
Rust’s ownership type system enforces a strict discipline on how memory locations are accessed and shared. This discipline allows the compiler to statically prevent memory errors, data races, inadvertent side effects through aliasing, and other errors ...
Compiling c programs into a strongly typed assembly language
ASIAN'07: Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network securityC is one of the most popular languages in system programming, though its unsafe nature often causes security vulnerabilities. In the face of this situation, many tools are developed to ensure safety properties of C programs. However, most of them work ...






Comments