SyRust: automatic testing of Rust libraries with semantic-aware program synthesis
- 18 June 2021
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM) in Proceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation
Abstract
Rust’s type system ensures the safety of Rust programs; however, programmers can side-step some of the strict typing rules by using the unsafe keyword. A common use of unsafe Rust is by libraries. Bugs in these libraries undermine the safety of the entire Rust program. Therefore, it is crucial to thoroughly test library APIs to rule out bugs. Unfortunately, such testing relies on programmers to manually construct test cases, which is an inefficient and ineffective process. The goal of this paper is to develop a methodology for automatically generating Rust programs to effectively test Rust library APIs. The main challenge is to synthesize well-typed Rust programs to account for proper chaining of API calls and Rust’s ownership type system and polymorphic types. We develop a program synthesis technique for Rust library API testing, which relies on a novel logical encoding of typing constraints from Rust’s ownership type system. We implement SyRust, a testing framework for Rust libraries that automatically synthesizes semantically valid test cases. Our experiments on 30 popular open-source Rust libraries found 4 new bugs.Keywords
Funding Information
- National Science Foundation (1901136)
This publication has 16 references indexed in Scilit:
- CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript EnginesPublished by Internet Society ,2019
- Synthesis of Asynchronous Reactive Programs from Temporal SpecificationsPublished by Springer Science and Business Media LLC ,2018
- RustBelt: securing the foundations of the Rust programming languageProceedings of the ACM on Programming Languages, 2017
- Fuzzing the Rust Typechecker Using CLP (T)Published by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- Crust: A Bounded Verifier for Rust (N)Published by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- Incremental SAT-Based Method with Native Boolean Cardinality Handling for the Hamiltonian Cycle ProblemPublished by Springer Science and Business Media LLC ,2014
- Scheduling black-box mutational fuzzingPublished by Association for Computing Machinery (ACM) ,2013
- Finding and understanding bugs in C compilersPublished by Association for Computing Machinery (ACM) ,2011
- Oracle-guided component-based program synthesisPublished by Association for Computing Machinery (ACM) ,2010
- JCrasher: an automatic robustness tester for JavaSoftware: Practice and Experience, 2004