MIRAI VS rustig

Compare MIRAI vs rustig and see what are their differences.

MIRAI

Rust mid-level IR Abstract Interpreter (by facebookexperimental)

rustig

A tool to detect code paths leading to Rust's panic handler (by Technolution)
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
MIRAI rustig
9 9
949 215
1.1% 0.0%
0.0 0.0
3 months ago over 2 years ago
Rust Rust
MIT License Apache License 2.0
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

MIRAI

Posts with mentions or reviews of MIRAI. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-03-25.
  • Is there something like "super-safe" rust?
    8 projects | /r/rust | 25 Mar 2023
    MIRAI
  • Adding “invariant” clauses to C++ via GCC plugin to enable Design-by-Contract
    5 projects | news.ycombinator.com | 1 Jan 2023
    Do you use the Cargo "contracts" for Design-by-Contract style invariants that plugs into Facebook's MIRAI prover thing?

    I always thought it this was super neat:

    https://crates.io/crates/contracts

    https://github.com/facebookexperimental/MIRAI/blob/main/exam...

      [dependencies]
  • Prusti: Static Analyzer for Rust
    8 projects | news.ycombinator.com | 13 Oct 2022
    Here's a 2020 overview of Rust verification tools https://alastairreid.github.io/rust-verification-tools/ - it says

    > Auto-active verification tools

    > While automatic tools focus on things not going wrong, auto-active verification tools help you verify some key properties of your code: data structure invariants, the results of functions, etc. The price that you pay for this extra power is that you may have to assist the tool by adding function contracts (pre/post-conditions for functions), loop invariants, type invariants, etc. to your code.

    > The only auto-active verification tool that I am aware of is Prusti. Prusti is a really interesting tool because it exploits Rust’s unusual type system to help it verify code. Also Prusti has the slickest user interface: a VSCode extension that checks your code as you type it!

    > https://marketplace.visualstudio.com/items?itemName=viper-ad...

    Now, on that list, there is also https://github.com/facebookexperimental/MIRAI that, alongside the crate https://crates.io/crates/contracts (with the mirai_assertion feature enabled) enables writing code like this

        #[ensures(person_name.is_some() -> ret.contains(person_name.unwrap()))]
  • Ten Years of TypeScript
    8 projects | news.ycombinator.com | 1 Oct 2022
    Traditional design by contract checks the contracts at runtime. They can be understood as a form of dynamic typing with quite complicated types, which may be equivalent to refinement types

    But you can check contracts at compile time too. It's quite the same thing as static typing with something like refinement types. That's because, while with contracts we can add preconditions like "the size of this array passed as parameter must be a prime number", with refinement types we can define the type of arrays whose size is a prime number, and then have this type as the function argument. (likewise, postconditions can be modeled by the return type of the function)

    See for example this Rust library: https://docs.rs/contracts/latest/contracts/

    It will by default check the contracts at runtime, but has an option to check them at compile time with https://github.com/facebookexperimental/MIRAI

    Now, this Rust library isn't generally understood as creating another type system on top of Rust, but we could do the legwork to develop a type theory that models how it works, and show the equivalence.

    Or, another example, Liquid Haskell: https://ucsd-progsys.github.io/liquidhaskell/ it implements a variant of refinement types called liquid types, which is essentially design by contract checked at compile type. In this case, the type theory is already developed. I expect Liquid Haskell to be roughly comparable to Rust's contracts checked by MIRAI.

    Now, what we could perhaps say is that refinement types are so powerful that they don't feel like regular types! And, while that's true, there are type systems even more powerful: dependent types used in languages like Coq, Lean and F* to prove mathematical theorems (your type is a theorem, and your code, if it typechecks, is a proof of that theorem).

    Dependent types were leveraged to create a verified TLS implementation that mathematically proves the absence of large class of bugs, miTLS https://www.mitls.org/ (they discovered a number of vulnerabilities in TLS implementations and proved that their implementation isn't vulnerable), and HACL* https://github.com/hacl-star/hacl-star a verified crypto implementation used by Firefox and Wireguard. They are part of Project Everest https://project-everest.github.io/ which aims to develop provably secure communications software.

  • A pair of Linux kernel modules using Rust
    5 projects | news.ycombinator.com | 13 Sep 2022
    Because it's convenient and familiar to most programmers. Not providing bounds-checked indexing makes some kinds of code very hard to write.

    But note his problem also happens with integer division.

    In Rust, a[x] on an array or vec is really a roughly a shortand for a.get(x).unwrap() (with a different error message)

    Likewise, a / b on integers is a kind of a shortand for a.checked_div(b).unwrap()

    The thing is, if the index ever is out of bounds, or if the denominator is zero, the program has a bug, 100% of time. And if you catch a bug using an assertion there is seldom anything better than interrupting the execution (the only thing I can think of is restarting the program or the subsystem). If you continue execution past a programming error, you may sometimes corrupt data structures or introduce bizarre, hard to debug situations.

    Doing a pattern match on a.get(x) doesn't help because if it's ever None (and your program logic expects that x is in bounds) then you are kind of forced to bail.

    The downside here is that we aren't catching this bug at compile time. And it's true that sometimes we can rewrite the program to not have an indexing operation, usually using iterators (eliding the bounds check will make the program run faster, too). But in general this is not possible, at least not without bringing formal methods. But that's what tests are for, to ensure the correctness of stuff type errors can't catch.

    Now, there are some crates like https://github.com/dtolnay/no-panic or https://github.com/facebookexperimental/MIRAI that will check that your code is panic free. The first one is based on the fact that llvm optimizations can often remove dead code and thus remove the panic from a[x] or a / b - if it doesn't, then compilation fails. The second one employs formal methods to mathematically prove that there is no panic. I guess those techniques will eventually be ported to the kernel even if panics happen differently there (by hooking on the BUG mechanism or whatever)

  • Does Rust not need extra linting and sanitizing tools like C++?
    11 projects | /r/rust | 28 Aug 2022
    There's a MIR Abstract interpreter project: https://github.com/facebookexperimental/MIRAI
  • Kani Rust Verifier – a bit-precise model-checker for Rust
    7 projects | news.ycombinator.com | 23 Mar 2022
    Nice, I just would have liked to get all these different verification tools combined under the same interface, just being different backends as drafted by the rust verification tools work of project oak: have "cargo verify" as common command and use common test annotations, allowing the same test to be verified with different backends or just fuzzed/proptested.

    The model checking approach seems to be a bit limited regarding loops. There are also abstract interpreters, such as https://github.com/facebookexperimental/MIRAI, and symbolic executers, such as https://github.com/dwrensha/seer or https://github.com/GaloisInc/crucible.

    Overall I believe this space would benefit from more coordination and focus on developing something that has the theoretical foundations to cover as many needs as possible and then make a user-friendly tool out of it that is endorsed by the Rust project similar to how Rust analyzer is the one language server to come.

  • Things I hate about Rust, redux
    7 projects | /r/rust | 10 Mar 2022
    https://github.com/facebookexperimental/MIRAI which integrates with https://crates.io/crates/contracts (a crate that does runtime checking of contracts, and with mirai they are upgraded to compile-time checking) and https://crates.io/crates/mirai-annotations
  • Is Rust Used Safely by Software Developers?
    3 projects | /r/rust | 17 Jul 2021
    With the mirai_assertions feature, it can use the MIRAI static analyzer (though it requires nightly).

rustig

Posts with mentions or reviews of rustig. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-03-25.
  • Is there something like "super-safe" rust?
    8 projects | /r/rust | 25 Mar 2023
    There is also rustig though it seems quite dead.
  • Is Rust really safe? How to identify functions that can potentially cause panic
    6 projects | /r/rust | 12 Mar 2023
    There’s the rustig tool (https://github.com/Technolution/rustig) that looks for code paths leading to the panic handler. Not sure if it still works though.
  • My thoughts on Rust and C++
    7 projects | /r/rust | 20 Sep 2022
    That's fair. I think I may just be a bit sore that Rustig was allowed to bit-rot and findpanics hasn't seen a commit since 2020.
  • What improvements would you like to see in Rust or what design choices do you wish were reconsidered?
    5 projects | /r/rust | 1 Sep 2022
  • Things I hate about Rust, redux
    5 projects | /r/programming | 10 Mar 2022
    There's Rustig which does it for panics, though it seems unmaintained and uses inspection of the final binary rather than source code/AST inspection.
    7 projects | /r/rust | 10 Mar 2022
    You might be interested in this: https://github.com/Technolution/rustig
  • Three Things Go Needs More Than Generics
    7 projects | news.ycombinator.com | 3 Oct 2021
    > Doesnt Rust have implicit panics on indexing out of bounds?

    It does yes. A fair number of other constructs can panic as well.

    > I wonder if any codebases lint those away.

    Clippy has a lint for indexing so probably.

    For the general case, it's almost impossible unless you're working on very low-level software (embedded, probably kernel-rust eventually) e.g. `std` assumes allocations can't fail, so any allocation will show up as a panic path.

    https://github.com/Technolution/rustig can actually uncover panic paths, but because of the above the results are quite noisy, and while it's possible to uncover bugs thanks to rustig it requires pretty ridiculous amounts of filtering.

  • Linus Torvalds on Rust support in kernel
    6 projects | news.ycombinator.com | 16 Apr 2021
    This comment is strongly confused.

    > [1] https://github.com/Technolution/rustig

    That's a binary analysis tool. It is only approximate, and does not claim to be an accurate analysis like unsafe-checking and typechecking are:

    https://github.com/Technolution/rustig#limitations

    > All paths leading to panic! from one of those functions (whether actually used or not) will be reported.

    It also only works on x86_64 binaries.

    Panics are an ugly leftover from the bad old days before Rust had nice monad-like syntax for Result error-handling (the "?" syntax). It's time for panic to sunset.

    6 projects | news.ycombinator.com | 16 Apr 2021
    This comment is strongly missinformed:

    1- panicking allocations are here to stay, because in lots of case, it's the most convenient behavior. BUT Rust is adding fallible allocations methods (prefixed with try_) which return a result instead of panicking in allocation failure.

    2- panics are catch-able as long as you don't compile your binary with panic=abort setting (and as long as you don't panic in your panic handler itself)

    3- panics can only occur in specific places (array indexing, allocations, utf-8 validation, unwrap, etc.) which are by definition known at compile-time, and there's tooling to catch these up [1].

    In practice, a might_panic annotation would add a lot of noise for pretty much everybody, because most of us mortals use panicking function all days and it's not a big deal. Obviously it is critical for Linux, but because it's relevant only to the minority of rust users, it doesn't make sense to include it in rustc itself: it's exactly the kind of situation where external tooling is the good option.

    [1] https://github.com/Technolution/rustig

What are some alternatives?

When comparing MIRAI and rustig you can also consider the following projects:

rust-on-raspberry-pi

Rust-for-Linux - Adding support for the Rust language to the Linux kernel.

prusti-dev - A static verifier for Rust, based on the Viper verification infrastructure.

rust-mode - Emacs configuration for Rust

go101 - An up-to-date (unofficial) knowledge base for Go programming self learning

bastion - Highly-available Distributed Fault-tolerant Runtime

pwninit - pwninit - automate starting binary exploit challenges

kani - Kani Rust Verifier

Rustup - The Rust toolchain installer

just - 🤖 Just a command runner

Rust Language Server - Repository for the Rust Language Server (aka RLS)

Helix - Native Ruby extensions without fear