Some of my work analyzing use of unsafe
by crates on crates.io
.
Right now the repository is set up to run a backwards dataflow analysis to see if dereferenced pointers originate in public interfaces.
To see it in action, check out examples/v1.rs
and run cargo run --bin analyze -- --sysroot ~/.multirust/toolchains/nightly-x86_64-unknown-linux-gnu examples/v1.rs
, where you will need to replace ~/.multirust/toolchains/nightly-x86_64-unknown-linux-gnu
with the location of your nightly install.
As a work on the analysis, I intend to keep my (in progress) write-up and some data online.