From the Linux Kernel to Chromium, Rust is increasingly finding its way into security-critical C++ applications. Developers who interoperate with these languages need to use Rust’s unsafe features to bypass the restrictions of the borrow checker. However, when unsafe code is used incorrectly, it can break the compiler’s assumptions about aliasing, leading to silent, “impossible” forms of undefined behavior that can cause critical errors at run-time. Miri—Rust’s de-facto bug-finding tool—has high overhead and limited support for foreign function calls, which prevents it from finding these errors in multilanguage applications. We are creating BorrowSanitizer: a new dynamic bug-finding tool for finding violations of Rust’s newest “Tree Borrows” aliasing model in applications that interoperate with C++.
