{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,30]],"date-time":"2025-07-30T13:11:28Z","timestamp":1753881088878,"version":"3.41.2"},"reference-count":38,"publisher":"Association for Computing Machinery (ACM)","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Embed. Comput. Syst."],"abstract":"<jats:p>Memory safety issues in C are the origin of various vulnerabilities that can compromise a program\u2019s correctness or safety from attacks. We propose an approach to tackle memory safety by replicating Rust\u2019s Mid-level Intermediate Representation (MIR) Borrow Checker. Our solution uses static analysis and successive source-to-source code transformations to be composed upstream of the compiler, ensuring maximal compatibility with existing build systems. This allows us to apply the memory safety guarantees of the rustc compiler to C code with fewer changes than a rewrite in Rust. In this work, we present a comprehensive study of Rust\u2019s efforts towards ensuring memory safety, and describe the theoretical basis for a C borrow checker, alongside a proof-of-concept that was developed to demonstrate its potential. We have evaluated the prototype on the CHStone and bzip2 benchmarks. This prototype correctly identified violations of the ownership and aliasing rules, and exposed incompatibilities between such rules and common C patterns, which can be addressed in future work.<\/jats:p>","DOI":"10.1145\/3702229","type":"journal-article","created":{"date-parts":[[2024,10,29]],"date-time":"2024-10-29T10:11:33Z","timestamp":1730196693000},"update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Towards a Rust-Like Borrow Checker for C"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-1289-6766","authenticated-orcid":false,"given":"Tiago","family":"Silva","sequence":"first","affiliation":[{"name":"DEI, FEUP, Porto, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-1728-0670","authenticated-orcid":false,"given":"Pedro Gon\u00e7alo","family":"Correia","sequence":"additional","affiliation":[{"name":"DEI, FEUP, Porto, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1925-8939","authenticated-orcid":false,"given":"Lu\u00eds","family":"Sousa","sequence":"additional","affiliation":[{"name":"DEEC, FEUP, Porto, Portugal"},{"name":"INESC TEC,  Porto, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3017-9449","authenticated-orcid":false,"given":"Jo\u00e3o","family":"Bispo","sequence":"additional","affiliation":[{"name":"DEI, FEUP, Porto, Portugal"},{"name":"INESC TEC,  Porto, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5826-7643","authenticated-orcid":false,"given":"Tiago","family":"Carvalho","sequence":"additional","affiliation":[{"name":"ISEP,  Porto, Portugal"},{"name":"INESC TEC,  Porto, Portugal"}]}],"member":"320","published-online":{"date-parts":[[2024,10,29]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.30"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1646353.1646374"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.softx.2020.100565"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/286936.286947"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/378795.378811"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346295"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/SecDev.2018.00015"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/231379.231389"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/193173.195297"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1093\/bioinformatics"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/512529.512563"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.5555\/151155"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCAS.2008.4541637"},{"key":"e_1_2_1_14_1","volume-title":"Proceedings of the","author":"Hastings Reed","year":"1992","unstructured":"Reed Hastings and Bob Joyce. 1992. Purify: Fast Detection of Memory Leaks and Access Errors. Proceedings of the Winter 1992 USENIX Conference (1992), 125\u2013138."},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/781131.781150"},{"key":"e_1_2_1_16_1","unstructured":"Ralf Jung. 2023. From Stacks to Trees: A New Aliasing Model for Rust."},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3371109"},{"key":"e_1_2_1_18_1","unstructured":"Steve Klabnik and Carol Nichols. 2018. The Rust Programming Language. No Starch Press."},{"key":"e_1_2_1_19_1","unstructured":"Felix Klock\u00a0II. 2014. RFC 0320: Nonzeroing-Dynamic-Drop. https:\/\/github.com\/rust-lang\/rfcs\/blob\/abc967a2c5ddd0af2d3506897be7ecfbc0e78e97\/text\/0320-nonzeroing-dynamic-drop.md"},{"key":"e_1_2_1_20_1","unstructured":"Chris Lattner. 2011. LLVM and Clang: Advancing Compiler Technology."},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE-Companion55297.2022.9793767"},{"key":"e_1_2_1_22_1","unstructured":"Jo\u00e3o Matos. 2022. Automatic C\/C++ Source-Code Analysis and Normalization. Ph.\u00a0D. Dissertation. Universidade do Porto."},{"key":"e_1_2_1_23_1","unstructured":"Niko Matsakis. 2015. RFC 1211: Mir. https:\/\/github.com\/rust-lang\/rfcs\/blob\/debadbae2c7fc6cf2d94aef61c08f60b2e6ed297\/text\/1211-mir.md"},{"key":"e_1_2_1_24_1","volume-title":"RFC 2025: Nested-Method-Calls. https:\/\/github.com\/rust-lang\/rfcs\/blob\/188cc17ad38b201867955fb4a51c306c0704b6cf\/text\/2025-nested-method-calls.md","author":"Matsakis Niko","year":"2017","unstructured":"Niko Matsakis. 2017. RFC 2025: Nested-Method-Calls. https:\/\/github.com\/rust-lang\/rfcs\/blob\/188cc17ad38b201867955fb4a51c306c0704b6cf\/text\/2025-nested-method-calls.md"},{"key":"e_1_2_1_25_1","volume-title":"RFC 2094: Nll. https:\/\/github.com\/rust-lang\/rfcs\/blob\/abc967a2c5ddd0af2d3506897be7ecfbc0e78e97\/text\/2094-nll.md","author":"Matsakis Niko","year":"2017","unstructured":"Niko Matsakis. 2017. RFC 2094: Nll. https:\/\/github.com\/rust-lang\/rfcs\/blob\/abc967a2c5ddd0af2d3506897be7ecfbc0e78e97\/text\/2094-nll.md"},{"key":"e_1_2_1_26_1","unstructured":"Niko Matsakis. 2019. Polonius and Region Errors. https:\/\/smallcultfollowing.com\/babysteps\/blog\/2019\/01\/17\/polonius-and-region-errors\/. (accessed 2023-09-20)."},{"key":"e_1_2_1_27_1","unstructured":"Niko Matsakis. 22. Non-Lexical Lifetimes (NLL) Fully Stable. https:\/\/blog.rust-lang.org\/2022\/08\/05\/nll-by-default.html. (accessed 2023-08-11)."},{"key":"e_1_2_1_28_1","unstructured":"Steven\u00a0S. Muchnick. 1997. Advanced Compiler Design and Implementation. Morgan Kaufmann."},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/503272.503286"},{"volume-title":"ECOOP\u201998 \u2014 Object-Oriented Programming","author":"Noble James","key":"e_1_2_1_31_1","unstructured":"James Noble, Jan Vitek, and John Potter. 1998. Flexible alias protection. In ECOOP\u201998 \u2014 Object-Oriented Programming, Eric Jul (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 158\u2013185."},{"key":"e_1_2_1_32_1","unstructured":"Rust Community. 2014. The Rust Language Reference. https:\/\/github.com\/rust-lang\/reference\/tree\/effbdc1b059fde09027925e1bea90bb1860d5f27. (accessed 2023-09-05)."},{"key":"e_1_2_1_33_1","unstructured":"Rust Community. 2015. The Rustonomicon. https:\/\/github.com\/rust-lang\/nomicon\/tree\/302b995bcb24b70fd883980fd174738c3a10b705. (accessed 2023-08-03)."},{"key":"e_1_2_1_34_1","unstructured":"Rust Community. 2018. Polonius Book. https:\/\/github.com\/rust-lang\/polonius\/tree\/0a754a9e1916c0e7d9ba23668ea33249c7a7b59e. (accessed 2023-09-13)."},{"volume-title":"CORAL: a Rust-like Borrow Checker for C. Master\u2019s thesis","author":"Silva Tiago","key":"e_1_2_1_35_1","unstructured":"Tiago Silva. 2023. CORAL: a Rust-like Borrow Checker for C. Master\u2019s thesis. University of Porto, Porto, Portugal. Available at https:\/\/hdl.handle.net\/10216\/153606."},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3652032.3657579"},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.13"},{"key":"e_1_2_1_38_1","unstructured":"Gavin Thomas. 2019. A Proactive Approach to More Secure Code."},{"key":"e_1_2_1_39_1","volume-title":"Cyclone: A Safe Dialect of C. In 2002 USENIX Annual Technical Conference (USENIX ATC 02)","author":"Trevor Jim","year":"2002","unstructured":"Jim Trevor, Greg Morrisett, James Cheney, Dan Grossman, Michael Hicks, and Yanling Wang. 2002. Cyclone: A Safe Dialect of C. In 2002 USENIX Annual Technical Conference (USENIX ATC 02). USENIX Association."}],"container-title":["ACM Transactions on Embedded Computing Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3702229","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,26]],"date-time":"2024-11-26T10:06:02Z","timestamp":1732615562000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3702229"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,10,29]]},"references-count":38,"alternative-id":["10.1145\/3702229"],"URL":"https:\/\/doi.org\/10.1145\/3702229","relation":{},"ISSN":["1539-9087","1558-3465"],"issn-type":[{"type":"print","value":"1539-9087"},{"type":"electronic","value":"1558-3465"}],"subject":[],"published":{"date-parts":[[2024,10,29]]},"assertion":[{"value":"2024-06-14","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-10-21","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-10-29","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}],"article-number":"3702229"}}