research-article

Open access

Translating C to safer Rust

Authors:

Ryan Schroeder,

Ben HardekopfAuthors Info & Claims

Proceedings of the ACM on Programming Languages, Volume 5, Issue OOPSLA

Article No.: 121, Pages 1 - 29

https://doi.org/10.1145/3485498

Published: 15 October 2021 Publication History

Abstract

Rust is a relatively new programming language that targets efficient and safe systems-level applications. It includes a sophisticated type system that allows for provable memory- and thread-safety, and is explicitly designed to take the place of unsafe languages such as C and C++ in the coding ecosystem. There is a large existing C and C++ codebase (many of which have been affected by bugs and security vulnerabilities due to unsafety) that would benefit from being rewritten in Rust to remove an entire class of potential bugs. However, porting these applications to Rust manually is a daunting task.

In this paper we investigate the problem of automatically translating C programs into safer Rust programs--that is, Rust programs that improve on the safety guarantees of the original C programs. We conduct an in-depth study into the underlying causes of unsafety in translated programs and the relative impact of fixing each cause. We also describe a novel technique for automatically removing a particular cause of unsafety and evaluate its effectiveness and impact. This paper presents the first empirical study of unsafety in translated Rust programs (as opposed to programs originally written in Rust) and also the first technique for automatically removing causes of unsafety in translated Rust programs.

Supplementary Material

Auxiliary Archive (oopsla21main-p101-p-archive.zip)

The supplementary material including the detailed rewrite rules, expanded examples referred in the paper, and a brief introduction to Rust's ownership system; and extended tech report version of the paper.

Download
1.35 MB

Auxiliary Presentation Video (oopsla21main-p101-p-video.mp4)

Pre-recorded presentation video for the hybrid conference.

Download
123.17 MB

References

[1]

[n.d.]. Rust Compiler Error Index. https://doc.rust-lang.org/error-index.html

[2]

[n.d.]. Rust support hits linux-next. https://lwn.net/Articles/849849/

[3]

[n.d.]. Supporting Linux kernel development in Rust. https://lwn.net/Articles/829858/

[4]

2021. NVD - CVE-2021-21148. https://nvd.nist.gov/vuln/detail/CVE-2021-21148

[5]

2021. NVD - CVE-2021-3156. https://nvd.nist.gov/vuln/detail/CVE-2021-3156

[6]

Lars Ole Andersen. 1994. Program Analysis and Specialization for the C Programming Language.

[7]

Brian Anderson, Lars Bergstrom, David Herman, Josh Matthews, Keegan McAllister, Manish Goregaokar, Jack Moffitt, and Simon Sapin. 2015. Experience Report: Developing the Servo Web Browser Engine using Rust. arXiv:1505.07383 [cs], May, arxiv:1505.07383 arXiv: 1505.07383.

[8]

Vytautas Astrauskas, Christoph Matheja, Federico Poli, Peter Müller, and Alexander J. Summers. 2020. How Do Programmers Use Unsafe Rust? Proc. ACM Program. Lang., 4, OOPSLA (2020), Article 136, Nov., 27 pages. https://doi.org/10.1145/3428204

Digital Library

[9]

Marek Baranowski, Shaobo He, and Zvonimir Rakamarić. 2018. Verifying Rust programs with SMACK. In International Symposium on Automated Technology for Verification and Analysis. 528–535.

[10]

Sergio Benitez. 2016. Short Paper: Rusty Types for Solid Safety. In Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security (PLAS ’16). Association for Computing Machinery, New York, NY, USA. 69–75. isbn:978-1-4503-4574-3 https://doi.org/10.1145/2993600.2993604

Digital Library

[11]

Chandrasekhar Boyapati, Robert Lee, and Martin Rinard. 2002. Ownership Types for Safe Programming: Preventing Data Races and Deadlocks. In Proceedings of the 17th ACM SIGPLAN Conference on Object-oriented Programming, Systems, Languages, and Applications (OOPSLA ’02). ACM, New York, NY, USA. 211–230. isbn:978-1-58113-471-1 https://doi.org/10.1145/582419.582440

Digital Library

[12]

Chandrasekhar Boyapati, Alexandru Salcianu, William Beebee, Jr., and Martin Rinard. 2003. Ownership Types for Safe Region-based Memory Management in Real-time Java. In Proceedings of the ACM SIGPLAN 2003 Conference on Programming Language Design and Implementation (PLDI ’03). ACM, New York, NY, USA. 324–337. isbn:978-1-58113-662-3 https://doi.org/10.1145/781131.781168

Digital Library

[13]

David Bryant. 2016. A Quantum Leap for the Web. https://medium.com/mozilla-tech/a-quantum-leap-for-the-web-a3b7174b3c12

[14]

Maciej Cielecki, Jȩdrzej Fulara, Krzysztof Jakubczyk, and Ł ukasz Jancewicz. 2006. Propagation of JML non-null annotations in Java programs. In Proceedings of the 4th international symposium on Principles and practice of programming in Java (PPPJ ’06). Association for Computing Machinery, New York, NY, USA. 135–140. isbn:978-3-939352-05-1 https://doi.org/10.1145/1168054.1168073

Digital Library

[15]

Citrus Developers. [n.d.]. Citrus / Citrus. https://gitlab.com/citrus-rs/citrus

[16]

Zakir Durumeric, Frank Li, James Kasten, Johanna Amann, Jethro Beekman, Mathias Payer, Nicolas Weaver, David Adrian, Vern Paxson, Michael Bailey, and J. Alex Halderman. 2014. The Matter of Heartbleed. In Proceedings of the 2014 Conference on Internet Measurement Conference (IMC ’14). Association for Computing Machinery, New York, NY, USA. 475–488. isbn:978-1-4503-3213-2 https://doi.org/10.1145/2663716.2663755

Digital Library

[17]

Mehmet Emre and Ryan Schroeder. 2021. Artifact for "Translating C to Safer Rust". https://doi.org/10.5281/zenodo.5442253

Digital Library

[18]

Mehmet Emre, Ryan Schroeder, Kyle Dewey, and Ben Hardekopf. 2021. Supplementary Material on “Translating C to Safer Rust”. https://cs.ucsb.edu/~benh/research/papers/oopsla21-supplementary.pdf

[19]

Mehmet Emre, Ryan Schroeder, Kyle Dewey, and Ben Hardekopf. 2021. Translating C to Safer Rust – Extended Version. https://cs.ucsb.edu/~benh/research/papers/oopsla21-extended.pdf

[20]

Ana Nora Evans, Bradford Campbell, and Mary Lou Soffa. 2020. Is Rust Used Safely by Software Developers? In 2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE). 246–257.

Digital Library

[21]

Cormac Flanagan, Rajeev Joshi, and K. Rustan M. Leino. 2001. Annotation inference for modular checkers. Inform. Process. Lett., 77, 2 (2001), 97–108. issn:0020-0190 https://doi.org/10.1016/S0020-0190(00)00196-4

Digital Library

[22]

Cormac Flanagan and K. Rustan M. Leino. 2001. Houdini, an Annotation Assistant for ESC/Java. In FME 2001: Formal Methods for Increasing Software Productivity, Gerhard Goos, Juris Hartmanis, Jan van Leeuwen, José Nuno Oliveira, and Pamela Zave (Eds.). 2021, Springer Berlin Heidelberg, Berlin, Heidelberg. 500–517. isbn:978-3-540-41791-0 978-3-540-45251-5 https://doi.org/10.1007/3-540-45251-6_29 Series Title: Lecture Notes in Computer Science.

[23]

Cormac Flanagan, K. Rustan M. Leino, Mark Lillibridge, Greg Nelson, James B. Saxe, and Raymie Stata. 2002. Extended static checking for Java. In Proceedings of the ACM SIGPLAN 2002 conference on Programming language design and implementation (PLDI ’02). Association for Computing Machinery, New York, NY, USA. 234–245. isbn:978-1-58113-463-6 https://doi.org/10.1145/512529.512558

Digital Library

[24]

Tim Hutt. 2021. Would Rust secure cURL? https://timmmm.github.io/curl-vulnerabilities-rust/

[25]

Immunant inc. 2020. c2rust Manual Examples. https://c2rust.com/manual/examples/index.html

[26]

Immunant inc. 2020. immunant/c2rust. https://github.com/immunant/c2rust original-date: 2018-04-20T00:05:50Z.

[27]

Ralf Jung, Jacques-Henri Jourdan, Robbert Krebbers, and Derek Dreyer. 2017. RustBelt: Securing the Foundations of the Rust Programming Language. Proc. ACM Program. Lang., 2, POPL (2017), Article 66, Dec., 34 pages. https://doi.org/10.1145/3158154

Digital Library

[28]

S. Klabnik and C. Nichols. 2018. The Rust Programming Language. No Starch Press. isbn:978-1-59327-851-9 lccn:2018019844 https://doc.rust-lang.org/book/

[29]

N.G. Leveson and C.S. Turner. 1993. An investigation of the Therac-25 accidents. Computer, 26, 7 (1993), 18–41. https://doi.org/10.1109/MC.1993.274940

Digital Library

[30]

Amit Levy, Michael P. Andersen, Bradford Campbell, David Culler, Prabal Dutta, Branden Ghena, Philip Levis, and Pat Pannuto. 2015. Ownership is theft: experiences building an embedded OS in rust. In Proceedings of the 8th Workshop on Programming Languages and Operating Systems (PLOS ’15). Association for Computing Machinery, New York, NY, USA. 21–26. isbn:978-1-4503-3942-1 https://doi.org/10.1145/2818302.2818306

Digital Library

[31]

Yi Lin, Stephen M. Blackburn, Antony L. Hosking, and Michael Norrish. 2016. Rust as a language for high performance GC implementation. In Proceedings of the 2016 ACM SIGPLAN International Symposium on Memory Management - ISMM 2016. ACM Press, Santa Barbara, CA, USA. 89–98. isbn:978-1-4503-4317-6 https://doi.org/10.1145/2926697.2926707

Digital Library

[32]

Boqin Qin, Yilun Chen, Zeming Yu, Linhai Song, and Yiying Zhang. 2020. Understanding Memory and Thread Safety Practices and Issues in Real-World Rust Programs. 763–779. isbn:9781450376136 https://doi.org/10.1145/3385412.3386036

Digital Library

[33]

Eric Reed. 2015. Patina: A formalization of the Rust programming language. Master’s thesis. University of Washington Department of Computer Science and Engineering.

[34]

Jamey Sharp. 2020. jameysharp/corrode. https://github.com/jameysharp/corrode original-date: 2016-05-05T21:12:52Z.

[35]

Bjarne Steensgaard. 1996. Points-to Analysis in Almost Linear Time. In Proceedings of the 23rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL ’96). ACM, New York, NY, USA. 32–41. isbn:978-0-89791-769-8 https://doi.org/10.1145/237721.237727

Digital Library

[36]

Jeff Vander Stoep and Stephen Hines. 2021. Rust in the Android platform. https://security.googleblog.com/2021/04/rust-in-android-platform.html

[37]

The Rust developers. [n.d.]. The Rust Reference. https://doc.rust-lang.org/stable/reference/

[38]

Mohsen Vakilian, Amarin Phaosawasdi, Michael D. Ernst, and Ralph E. Johnson. 2015. Cascade: A Universal Programmer-Assisted Type Qualifier Inference Tool. In 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering. IEEE, Florence, Italy. 234–245. isbn:978-1-4799-1934-5 https://doi.org/10.1109/ICSE.2015.44

[39]

F. Wang, F. Song, M. Zhang, X. Zhu, and J. Zhang. 2018. KRust: A Formal Executable Semantics of Rust. In 2018 International Symposium on Theoretical Aspects of Software Engineering (TASE). 44–51. https://doi.org/10.1109/TASE.2018.00014

[40]

Aaron Weiss, Daniel Patterson, Nicholas D Matsakis, and Amal Ahmed. [n.d.]. Oxide: The Essence of Rust. 27.

Cited By

Hong JRyu S(2025)Type-migrating C-to-Rust translation using a large language modelEmpirical Software Engineering10.1007/s10664-024-10573-230:1Online publication date: 1-Feb-2025
https://dl.acm.org/doi/10.1007/s10664-024-10573-2
Yin XHuang ZKan SShen G(2024)SafeMD: Ownership-Based Safe Memory Deallocation for C ProgramsElectronics10.3390/electronics1321430713:21(4307)Online publication date: 1-Nov-2024
https://doi.org/10.3390/electronics13214307
Hong JRyu SFilkov VRay BZhou M(2024)To Tag, or Not to Tag: Translating C's Unions to Rust's Tagged UnionsProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3694985(40-52)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3694985
Show More Cited By

Index Terms

Translating C to safer Rust
1. Software and its engineering
  1. Software creation and management
    1. Software post-development issues
      1. Maintaining software
      2. Software evolution
  2. Software notations and tools
    1. Compilers
      1. Source code generation
    2. Software maintenance tools

Recommendations

Rudra: Finding Memory Safety Bugs in Rust at the Ecosystem Scale
SOSP '21: Proceedings of the ACM SIGOPS 28th Symposium on Operating Systems Principles

Rust is a promising system programming language that guarantees memory safety at compile time. To support diverse requirements for system software such as accessing low-level hardware, Rust allows programmers to perform operations that are not protected ...
Understanding memory and thread safety practices and issues in real-world Rust programs
PLDI 2020: Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation

Rust is a young programming language designed for systems software development. It aims to provide safety guarantees like high-level languages and performance efficiency like low-level languages. The core design of Rust is a set of strict safety rules ...
Aliasing Limits on Translating C to Safe Rust

The Rust language was created to provide safe low-level systems programming. There is both industrial and academic interest in the problem of (semi-)automatically translating C code to Rust in order to exploit Rust's safety guarantees. We study the ...

Comments

Information & Contributors

Information

Published In

cover image Proceedings of the ACM on Programming Languages

Proceedings of the ACM on Programming Languages Volume 5, Issue OOPSLA

October 2021

2001 pages

EISSN:2475-1421

DOI:10.1145/3492349

Issue’s Table of Contents

Copyright © 2021 Owner/Author.

This work is licensed under a Creative Commons Attribution International 4.0 License.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 October 2021

Published in PACMPL Volume 5, Issue OOPSLA

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

19
Total Citations
View Citations
8,294
Total Downloads

Downloads (Last 12 months)2,089
Downloads (Last 6 weeks)354

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hong JRyu S(2025)Type-migrating C-to-Rust translation using a large language modelEmpirical Software Engineering10.1007/s10664-024-10573-230:1Online publication date: 1-Feb-2025
https://dl.acm.org/doi/10.1007/s10664-024-10573-2
Yin XHuang ZKan SShen G(2024)SafeMD: Ownership-Based Safe Memory Deallocation for C ProgramsElectronics10.3390/electronics1321430713:21(4307)Online publication date: 1-Nov-2024
https://doi.org/10.3390/electronics13214307
Hong JRyu SFilkov VRay BZhou M(2024)To Tag, or Not to Tag: Translating C's Unions to Rust's Tagged UnionsProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3694985(40-52)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3694985
Hong JRyu S(2024)Don’t Write, but Return: Replacing Output Parameters with Algebraic Data Types in C-to-Rust TranslationProceedings of the ACM on Programming Languages10.1145/36564068:PLDI(716-740)Online publication date: 20-Jun-2024
https://dl.acm.org/doi/10.1145/3656406
Sagramoni RLettieri GProcissi G(2024)On the Impact of Memory Safety on Fast Network I/O2024 IEEE 25th International Conference on High Performance Switching and Routing (HPSR)10.1109/HPSR62440.2024.10635971(161-166)Online publication date: 22-Jul-2024
https://doi.org/10.1109/HPSR62440.2024.10635971
Zhang KLiu G(2024)TRustPN: Transforming Rust Source Code to Petri Nets for Checking Deadlocks2024 10th International Conference on Control, Decision and Information Technologies (CoDIT)10.1109/CoDIT62066.2024.10708563(254-259)Online publication date: 1-Jul-2024
https://doi.org/10.1109/CoDIT62066.2024.10708563
Tronge JPritchard H(2023)Embedding Rust within Open MPIProceedings of the SC '23 Workshops of The International Conference on High Performance Computing, Network, Storage, and Analysis10.1145/3624062.3624112(438-447)Online publication date: 12-Nov-2023
https://dl.acm.org/doi/10.1145/3624062.3624112
Thy SCostea AGopinathan KSergey I(2023)Adventure of a Lifetime: Extract Method Refactoring for RustProceedings of the ACM on Programming Languages10.1145/36228217:OOPSLA2(658-685)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3622821
Emre MBoyland PParekh ASchroeder RDewey KHardekopf B(2023)Aliasing Limits on Translating C to Safe RustProceedings of the ACM on Programming Languages10.1145/35860467:OOPSLA1(551-579)Online publication date: 6-Apr-2023
https://dl.acm.org/doi/10.1145/3586046
Rooney MRao NLiebers NLeger AMatthews S(2023)A Comparative Study of Programming Languages for a Real-Time Smart Grid Application2023 IEEE Green Energy and Smart Systems Conference (IGESSC)10.1109/IGESSC59090.2023.10321761(1-6)Online publication date: 13-Nov-2023
https://doi.org/10.1109/IGESSC59090.2023.10321761
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents