kani
rustig
Our great sponsors
kani | rustig | |
---|---|---|
47 | 9 | |
1,885 | 215 | |
6.8% | 0.0% | |
9.5 | 0.0 | |
6 days ago | over 2 years ago | |
Rust | Rust | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kani
-
The C Bounded Model Checker: Criminally Underused
This is also the backend for Kani - Amazon's formal verification tool for Rust.
https://github.com/model-checking/kani
- Boletín AWS Open Source, Christmas Edition
-
The Wizardry Frontier
Nice read! Rust has pushed, and will continue to push, the limits of practical, bare metal, memory safe languages. And it's interesting to think about what's next, maybe eventually there will be some form of practical theorem proving "for the masses". Lean 4 looks great and has potential, but it's still mostly a language for mathematicians. There has been some research on AI constructed proofs, which could be the best of both worlds because then the type checker can verify that the AI generated code/proof is indeed correct. Tools like Kani are also a step forward in program correctness.
-
Kani 0.40.0 has been released!
Ease setup in Amazon Linux 2 by @adpaco-aws in #2833
-
Kani 0.39.0 has been released!
Limit --exclude to workspace packages by @tautschnig in #2808
-
Kani 0.38.0 has been released !
Here's a summary of what's new in version 0.38.0:
-
CVE-2023-4863: Heap buffer overflow in WebP (Chrome)
> those applications need the proof for correctness so that more dangerous code---say, what would need `unsafe` in Rust---can be safely added
There are actually already tools built for this very purpose in Rust (see Kani [1] for instance).
Formal verification has a serious scaling problem, so forming programs in such a way that there are a few performance-critical areas that use unsafe routines seems like the best route. I feel like Rust leans into this paradigm with `unsafe` blocks.
[1] - https://github.com/model-checking/kani
-
Kani 0.36.0 has been released!
Enable concrete playback for failure of UB checks by @zhassan-aws in https://github.com/model-checking/kani/pull/2727
-
Kani 0.34.0 has been released!
Change default solver to CaDiCaL by @celinval in https://github.com/model-checking/kani/pull/2557 By default, Kani will now run CBMC with CaDiCaL, since this solver has outperformed Minisat in most of our benchmarks. User's should still be able to select Minisat (or a different solver) either by using #[solver] harness attribute, or by passing --solver= command line option.
-
Kani 0.33.0 has been released!
Add support for sysconf by feliperodri in #2557
rustig
-
Is there something like "super-safe" rust?
There is also rustig though it seems quite dead.
-
Is Rust really safe? How to identify functions that can potentially cause panic
There’s the rustig tool (https://github.com/Technolution/rustig) that looks for code paths leading to the panic handler. Not sure if it still works though.
-
My thoughts on Rust and C++
That's fair. I think I may just be a bit sore that Rustig was allowed to bit-rot and findpanics hasn't seen a commit since 2020.
- What improvements would you like to see in Rust or what design choices do you wish were reconsidered?
-
Things I hate about Rust, redux
There's Rustig which does it for panics, though it seems unmaintained and uses inspection of the final binary rather than source code/AST inspection.
You might be interested in this: https://github.com/Technolution/rustig
-
Three Things Go Needs More Than Generics
> Doesnt Rust have implicit panics on indexing out of bounds?
It does yes. A fair number of other constructs can panic as well.
> I wonder if any codebases lint those away.
Clippy has a lint for indexing so probably.
For the general case, it's almost impossible unless you're working on very low-level software (embedded, probably kernel-rust eventually) e.g. `std` assumes allocations can't fail, so any allocation will show up as a panic path.
https://github.com/Technolution/rustig can actually uncover panic paths, but because of the above the results are quite noisy, and while it's possible to uncover bugs thanks to rustig it requires pretty ridiculous amounts of filtering.
-
Linus Torvalds on Rust support in kernel
This comment is strongly confused.
> [1] https://github.com/Technolution/rustig
That's a binary analysis tool. It is only approximate, and does not claim to be an accurate analysis like unsafe-checking and typechecking are:
https://github.com/Technolution/rustig#limitations
> All paths leading to panic! from one of those functions (whether actually used or not) will be reported.
It also only works on x86_64 binaries.
Panics are an ugly leftover from the bad old days before Rust had nice monad-like syntax for Result error-handling (the "?" syntax). It's time for panic to sunset.
What are some alternatives?
prusti-dev - A static verifier for Rust, based on the Viper verification infrastructure.
Rust-for-Linux - Adding support for the Rust language to the Linux kernel.
awesome-rust-formalized-reasoning - An exhaustive list of all Rust resources regarding automated or semi-automated formalization efforts in any area, constructive mathematics, formal algorithms, and program verification.
bastion - Highly-available Distributed Fault-tolerant Runtime
MIRAI - Rust mid-level IR Abstract Interpreter
go101 - An up-to-date (unofficial) knowledge base for Go programming self learning
gdbstub - An ergonomic, featureful, and easy-to-integrate implementation of the GDB Remote Serial Protocol in Rust (with no-compromises #![no_std] support)
pwninit - pwninit - automate starting binary exploit challenges
rmc - Kani Rust Verifier [Moved to: https://github.com/model-checking/kani]
watt - Runtime for executing procedural macros as WebAssembly
go - The Go programming language