English
Related papers

Related papers: Memory-Safety Challenge Considered Solved? An In-D…

200 papers

The astrophysics community uses different tools for computational tasks such as complex systems simulations, radiative transfer calculations or big data. Programming languages like Fortran, C or C++ are commonly present in these tools and,…

Instrumentation and Methods for Astrophysics · Physics 2017-06-14 Sergi Blanco-Cuaresma , Emeline Bolmont

To provide flexibility and low-level interaction capabilities, the unsafe tag in Rust is essential in many projects, but undermines memory safety and introduces Undefined Behaviors (UBs) that reduce safety. Eliminating these UBs requires a…

Software Engineering · Computer Science 2025-03-05 Renshuang Jiang , Pan Dong , Zhenling Duan , Yu Shi , Xiaoxiang Fang , Yan Ding , Jun Ma , Shuai Zhao , Zhe Jiang

Programmers learning Rust struggle to understand ownership types, Rust's core mechanism for ensuring memory safety without garbage collection. This paper describes our attempt to systematically design a pedagogy for ownership types. First,…

Programming Languages · Computer Science 2023-09-11 Will Crichton , Gavin Gray , Shriram Krishnamurthi

Fuzzing is a popular bug detection technique achieved by testing software executables with random inputs. This technique can also be extended to libraries by constructing executables that call library APIs, known as fuzz drivers. Automated…

Software Engineering · Computer Science 2023-12-20 Yehong Zhang , Jun Wu , Hui Xu

Rust is a modern programming language that guarantees memory safety and the absence of data races with a strong type system. We present RustyDL, a program logic for Rust, as a foundation for an auto-interactive, deductive verification tool…

Programming Languages · Computer Science 2026-02-26 Daniel Drodt , Reiner Hähnle

Rust is an effective system programming language that guarantees memory safety via compile-time verifications. It employs a novel ownership-based resource management model to facilitate automated deallocation. This model is anticipated to…

Software Engineering · Computer Science 2024-08-02 Mohan Cui , Hui Xu , Hongliang Tian , Yangfan Zhou

The most important security benefit of software memory safety is easy to state: for C and C++ software, attackers can exploit most bugs and vulnerabilities to gain full, unfettered control of software behavior, whereas this is not true for…

Cryptography and Security · Computer Science 2025-03-28 Úlfar Erlingsson

Memory corruption vulnerabilities are endemic to unsafe languages, such as C, and they can even be found in safe languages that themselves are implemented in unsafe languages or linked with libraries implemented in unsafe languages. Robust…

Cryptography and Security · Computer Science 2018-02-06 Ana Nora Evans

Existing automated verification techniques for safe Rust code rely on the strong type-system properties to reason about programs, especially to deduce which memory locations do not change (i.e., are framed) across function calls. However,…

Programming Languages · Computer Science 2024-05-15 Federico Poli , Xavier Denis , Peter Müller , Alexander J. Summers

Despite the recent advances in pre-production bug detection, heap-use-after-free and heap-buffer-overflow bugs remain the primary problem for security, reliability, and developer productivity for applications written in C or C++, across all…

Despite decades of efforts to resolve, memory safety violations are still persistent and problematic in modern systems. Various defense mechanisms have been proposed, but their deployment in real systems remains challenging because of…

Hardware Architecture · Computer Science 2023-08-08 Yonghae Kim , Anurag Kar , Jaewon Lee , Jaekyu Lee , Hyesoon Kim

We introduce Cargo Scan, the first interactive program analysis tool designed to help developers audit third-party Rust code. Real systems written in Rust rely on thousands of transitive dependencies. These dependencies are as dangerous in…

Programming Languages · Computer Science 2026-02-09 Lydia Zoghbi , David Thien , Ranjit Jhala , Deian Stefan , Caleb Stanford

Rust has become a popular system programming language that strikes a balance between memory safety and performance. Rust's type system ensures the safety of low-level memory controls; however, a well-typed Rust program is not guaranteed to…

Programming Languages · Computer Science 2025-02-28 Qihao Lian , Di Wang

All modern web browsers - Internet Explorer, Firefox, Chrome, Opera, and Safari - have a core rendering engine written in C++. This language choice was made because it affords the systems programmer complete control of the underlying…

Programming Languages · Computer Science 2015-05-28 Brian Anderson , Lars Bergstrom , David Herman , Josh Matthews , Keegan McAllister , Manish Goregaokar , Jack Moffitt , Simon Sapin

Despite extensive usage in high-performance, low-level systems programming applications, C is susceptible to vulnerabilities due to manual memory management and unsafe pointer operations. Rust, a modern systems programming language, offers…

Software Engineering · Computer Science 2024-12-24 Manish Shetty , Naman Jain , Adwait Godbole , Sanjit A. Seshia , Koushik Sen

Static analysis tools are essential for ensuring memory safety in Rust programs, particularly as Rust gains adoption in safety-critical domains. However, existing tools such as Rudra and MirChecker suffer from high false positive rates,…

Software Engineering · Computer Science 2026-05-07 Akilesh P , Leuson Da Silva , Foutse Khomh , Sridhar Chimalakonda

While memory corruption bugs stemming from the use of unsafe programming languages are an old and well-researched problem, the resulting vulnerabilities still dominate real-world exploitation today. Various mitigations have been proposed to…

Cryptography and Security · Computer Science 2021-08-20 Emanuel Q. Vintila , Philipp Zieris , Julian Horsch

Rust is a strong contender for a memory-safe alternative to C as a "systems" language, but porting the vast amount of existing C code to Rust remains daunting. In this paper, we evaluate the potential of large language models (LLMs) to…

Cryptography and Security · Computer Science 2026-04-24 Muhammad Farrukh , Baris Coskun , Tapti Palit , Michalis Polychronakis

C-to-Rust transpilation is essential for modernizing legacy C code while enhancing safety and interoperability with modern Rust ecosystems. However, no dataset currently exists for evaluating whether a system can transpile C into safe Rust…

Software Engineering · Computer Science 2025-10-03 Anirudh Khatry , Robert Zhang , Jia Pan , Ziteng Wang , Qiaochu Chen , Greg Durrett , Isil Dillig

Over 70% of security vulnerabilities in critical software systems today result from memory safety violations. To address this challenge, fuzzing and static analysis are widely used automated methods to discover such vulnerabilities. Fuzzing…

Cryptography and Security · Computer Science 2026-03-31 Keno Hassler , Philipp Görz , Stephan Lipp