CRUST: A Bounded Verifier for Rust
نویسندگان
چکیده
Rust is a modern systems language that provides guaranteed memory safety through static analysis. However, Rust includes an escape hatch in the form of “unsafe code,” which the compiler assumes to be memory safe and to preserve crucial pointer aliasing invariants. Unsafe code appears in many data structure implementations and other essential libraries, and bugs in this code can lead to memory safety violations in parts of the program that the compiler otherwise proved safe. We present CRUST, a tool combining exhaustive test generation and bounded model checking to detect memory safety errors, as well as violations of Rust’s pointer aliasing invariants within unsafe library code. CRUST requires no programmer annotations, only an indication of the modules to check. We evaluate CRUST on data structures from the Rust standard library. It detects memory safety bugs that arose during the library’s development and remained undetected for several months. Keywords—SMT-based verification, test generation, memory safety
منابع مشابه
A geological model for the structure of ridge segments in slow spreading ocean crust
First-order (transform) and second-order ridge-axis discontinuities create a fundamental segmentation of the lithosphere along mid-ocean ridges, and in slow spreading crust they commonly are associated with exposure of subvolcanic rust and upper mantle. We analyzed available morphological, gravity, and rock sample data from the Atlantic Ocean to determine whether consistent structural patems oc...
متن کاملConvertible limited (multi-) verifier signature: new constructions and applications
A convertible limited (multi-) verifier signature (CL(M)VS) provides controlled verifiability and preserves the privacy of the signer. Furthermore, limited verifier(s) can designate the signature to a third party or convert it into a publicly verifiable signature upon necessity. In this proposal, we first present a generic construction of convertible limited verifier signature (CLVS) into which...
متن کاملBounded Probabilistic Model Checking with the Murφ Verifier
In this paper we present an explicit verification algorithm for Probabilistic Systems defining discrete time/finite state Markov Chains. We restrict ourselves to verification of Bounded PCTL formulas (BPCTL), that is, PCTL formulas in which all Until operators are bounded, possibly with different bounds. This means that we consider only paths (system runs) of bounded length. Given a Markov Chai...
متن کاملLecture 2 : PCPs – definitions and inapproximability of clique
We first define a restricted (probabilistic) verifier which on input a statement x, probes a proof at a few randomly selected positions and then accepts or rejects the proof. Based on this verifier we shall then define the PCP class. Definition 2.1 (restricted verifier). Let r, q,m, t : N → N be integer valued functions and Σ an alphabet. A (r, q,m, t)Σ-restricted verifier V is a probabilistic ...
متن کاملQuantum Certificate Verification: Single versus Multiple Quantum Certificates
The class MA consists of languages that can be efficiently verified by classical probabilistic verifiers using a single classical certificate, and the class QMA consists of languages that can be efficiently verified by quantum verifiers using a single quantum certificate. Suppose that a verifier receives not only one but multiple certificates. In the classical setting, it is obvious that a clas...
متن کامل