ERASan: Efficient Rust Address Sanitizer

Rust is a rapidly growing system programming language that ensures a speed comparable to traditional C/C++ system programming languages, along with the additional benefit of guaranteed memory safety. However, Rust’s strict security rules make implementing and executing some features challenging. To address this, Rust has introduced unsafe Rust, which is less constrained by these strict rules. Nevertheless, these unsafe Rust, where strict Rust security rules are not fully applied, can cause temporal and spatial memory bugs that account for 22% of the Rust bugs reported between 2016 and 2023.In this paper, we propose an efficient address sanitizer design customized for Rust, called ERASan, to detect memory bugs in Rust programs more efficiently than prior work. Based on our thorough analysis of safe and unsafe Rust programming language standards as well as memory bugs found in real-world Rust programs over the past years, we design and implement ERASan to only instrument memory accesses in both safe and unsafe code areas where Rust cannot guarantee safety. We evaluate ERASan with several real-world applications. ERASan removes an average of 90.03% of ASan’s memory access checks. Due to this, ERASan significantly reduces ASan’s performance overhead by an average of 239.05% without harming its bug-finding ability.