Tootfinder

#Rust in #Android: move fast and fix things
https://security.googleblog.com/2025/1

Introducing MSVC AddressSanitizer for ARM64 targets #visualstudio
https://devblogs.microsoft.com/cppblog/introducing-msvc-addresssanitizer-for-arm6…

A Trace-based Approach for Code Safety Analysis
Hui Xu
https://arxiv.org/abs/2510.10410 https://arxiv.org/pdf/2510.10410

A Trace-based Approach for Code Safety Analysis
Rust is a memory-safe programming language that disallows undefined behavior. Its safety guarantees have been extensively examined by the community through empirical studies, which has led to its remarkable success. However, unsafe code remains a critical concern in Rust. By reviewing the safety design of Rust and analyzing real-world Rust projects, this paper establishes a systematic framework for understanding unsafe code and undefined behavior, and summarizes the soundness criteria for Rust …

from my link log —
ARM Memory Tagging: how it improves C/C memory safety.
https://llvm.org/devmtg/2018-10/slides/Serebryany-Stepanov-Tsyrklevich-Memory-Tagging-Slides-LLVM-2018.pdf
saved 2019-01-07

RustAssure: Differential Symbolic Testing for LLM-Transpiled C-to-Rust Code
Yubo Bai, Tapti Palit
https://arxiv.org/abs/2510.07604 https://arxiv.org/pdf/25…

RustAssure: Differential Symbolic Testing for LLM-Transpiled C-to-Rust Code
Rust is a memory-safe programming language that significantly improves software security. Existing codebases written in unsafe memory languages, such as C, must first be transpiled to Rust to take advantage of Rust's improved safety guarantees. RustAssure presents a system that uses Large Language Models (LLMs) to automatically transpile existing C codebases to Rust. RustAssure uses prompt engineering techniques to maximize the chances of the LLM generating idiomatic and safe Rust code. Moreove…

NanoTag: Systems Support for Efficient Byte-Granular Overflow Detection on ARM MTE
Mingkai Li, Hang Ye, Joseph Devietti, Suman Jana, Tanvir Ahmed Khan
https://arxiv.org/abs/2509.22027

NanoTag: Systems Support for Efficient Byte-Granular Overflow Detection on ARM MTE
Memory safety bugs, such as buffer overflows and use-after-frees, are the leading causes of software safety issues in production. Software-based approaches, e.g., Address Sanitizer (ASAN), can detect such bugs with high precision, but with prohibitively high overhead. ARM's Memory Tagging Extension (MTE) offers a promising alternative to detect these bugs in hardware with a much lower overhead. However, in this paper, we perform a thorough investigation of Google Pixel 8, the first production i…

Primal-Dual Direct Preference Optimization for Constrained LLM Alignment
Yihan Du, Seo Taek Kong, R. Srikant
https://arxiv.org/abs/2510.05703 https://arxiv…

Primal-Dual Direct Preference Optimization for Constrained LLM Alignment
The widespread application of Large Language Models (LLMs) imposes increasing demands on safety, such as reducing harmful content and fake information, and avoiding certain forbidden tokens due to rules and laws. While there have been several recent works studying safe alignment of LLMs, these works either require the training of reward and cost models and incur high memory and computational costs, or need prior knowledge about the optimal solution. Motivated by this fact, we study the problem …

Inspection Planning Primitives with Implicit Models
Jingyang You, Hanna Kurniawati, Lashika Medagoda
https://arxiv.org/abs/2510.07611 https://arxiv.org/pdf…

Inspection Planning Primitives with Implicit Models
The aging and increasing complexity of infrastructures make efficient inspection planning more critical in ensuring safety. Thanks to sampling-based motion planning, many inspection planners are fast. However, they often require huge memory. This is particularly true when the structure under inspection is large and complex, consisting of many struts and pillars of various geometry and sizes. Such structures can be represented efficiently using implicit models, such as neural Signed Distance Fun…

Project-Level C-to-Rust Translation via Synergistic Integration of Knowledge Graphs and Large Language Models
Zhiqiang Yuan, Wenjun Mao, Zhuo Chen, Xiyue Shang, Chong Wang, Yiling Lou, Xin Peng
https://arxiv.org/abs/2510.10956

Project-Level C-to-Rust Translation via Synergistic Integration of Knowledge Graphs and Large Language Models
Translating C code into safe Rust is an effective way to ensure its memory safety. Compared to rule-based translation which produces Rust code that remains largely unsafe, LLM-based methods can generate more idiomatic and safer Rust code because LLMs have been trained on vast amount of human-written idiomatic code. Although promising, existing LLM-based methods still struggle with project-level C-to-Rust translation. They typically partition a C project into smaller units (\eg{} functions) base…

from my link log —
Memory safety in Apple Firebloom / iBoot.
https://saaramar.github.io/iBoot_firebloom/
saved 2025-10-28 https://do…

Replaced article(s) found for cs.CR. https://arxiv.org/list/cs.CR/new
[1/2]:
- Friend or Foe Inside? Exploring In-Process Isolation to Maintain Memory Safety for Unsafe Rust
Merve G\"ulmez, Thomas Nyman, Christoph Baumann, Jan Tobias M\"uhlberg

SandCell: Sandboxing Rust Beyond Unsafe Code
Jialun Zhang, Merve G\"ulmez, Thomas Nyman, Gang Tan
https://arxiv.org/abs/2509.24032 https://arxiv.org/p…

SandCell: Sandboxing Rust Beyond Unsafe Code
Rust is a modern systems programming language that ensures memory safety by enforcing ownership and borrowing rules at compile time. While the unsafe keyword allows programmers to bypass these restrictions, it introduces significant risks. Various approaches for isolating unsafe code to protect safe Rust from vulnerabilities have been proposed, yet these methods provide only fixed isolation boundaries and do not accommodate expressive policies that require sandboxing both safe and unsafe code. …