Skip to content
Boqin Qin(秦 伯钦) edited this page Dec 15, 2024 · 2 revisions

lockbud is aimed at improving the concurrency and memory safety of the Rust ecosystem.

The development plan is tracked in #58.

News

lockbud has been included in os-checker.

Challenges

  1. Updating nightly version of rustc

lockbud, like all the other static analysis tools on MIR, pins on a specific nightly version of Rust. Keeping rustc update-to-date is error-prone and tedious.

As Stable MIR becomes more mature, we could migrate lockbud to it. Charon has provided another choice: relying on charon to interface with rustc. But I personally prefer stable MIR.

  1. Lack of fundamental static analysis libraries

The lack of fundamental static analysis libraries for MIR, e.g., pointer analysis, value flow analysis, etc. is frustrating. Each static analysis tool on MIR ships with its own version of pointer analysis, leading to duplicate work and confusion.

Context sensitive pointer analysis in RUPTA is primarily designed for dyn call resolution, with high time and memory consumption, not feasible for lockbud.

  1. Complexity of Rust language and MIR

As far as I see it, Rust is one of the most complex programming languages. MIR, though much simpler than Rust source code, is still too complex for static analysis, e.g., place projection, dyn trait, closure, etc. What's worse, many parts of MIR are not well-documented.

  1. Diversity of Rust's applications

Rust has a wide range of applications, from operating systems to web apps. The bug patterns and detection goals vary from domain to domain. It is hard to summarize a general paradigm for static analysis.

Future of lockbud

  1. RAP, RUPTA and Charon have proposed their own pointer analysis tools. Make pointer analysis generic to be compatible with their pointer analysis tools.
  2. Migrate to StableMIR. According to https://github.com/rust-lang/rust-project-goals/pull/183, StableMIR may be published to crates.io in the next 6 months.
  3. Add support for channels operations and async Rust.
  4. Detect more bug patterns for atomic operations.
Clone this wiki locally