Static Deadlock Detection for Rust Programs
Yu Zhang, Kaiwen Zhang, Guanjun Liu
TL;DR
This work targets Rust’s concurrency safety by addressing deadlocks that persist despite ownership guarantees. It introduces RcChecker, a static analysis tool that jointly detects resource and communication deadlocks using a novel signal-lock graph built from flow- and context-sensitive pointer and lifetime information. The method leverages an Andersen-style pointer analysis adapted for Rust and constructs edges that capture dependency and alias relations between lock and condition-variable operations, enabling detection of four deadlock patterns. Empirically, RcChecker demonstrates higher precision than a prior tool, detects 17 additional deadlocks (including 7 in real-world systems), and incurs manageable overhead, highlighting practical value for Rust software reliability and security.
Abstract
Rust relies on its unique ownership mechanism to ensure thread and memory safety. However, numerous potential security vulnerabilities persist in practical applications. New language features in Rust pose new challenges for vulnerability detection. This paper proposes a static deadlock detection method tailored for Rust programs, aiming to identify various deadlock types, including double lock, conflict lock, and deadlock associated with conditional variables. With due consideration for Rust's ownership and lifetimes, we first complete the pointer analysis. Then, based on the obtained points-to information, we analyze dependencies among variables to identify potential deadlocks. We develop a tool and conduct experiments based on the proposed method. The experimental results demonstrate that our method outperforms existing deadlock detection methods in precision.