rustig
prusti-dev
Our great sponsors
rustig | prusti-dev | |
---|---|---|
9 | 23 | |
215 | 1,446 | |
0.0% | 2.5% | |
0.0 | 8.8 | |
over 2 years ago | 22 days ago | |
Rust | Rust | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
rustig
-
Is there something like "super-safe" rust?
There is also rustig though it seems quite dead.
-
Is Rust really safe? How to identify functions that can potentially cause panic
There’s the rustig tool (https://github.com/Technolution/rustig) that looks for code paths leading to the panic handler. Not sure if it still works though.
-
My thoughts on Rust and C++
That's fair. I think I may just be a bit sore that Rustig was allowed to bit-rot and findpanics hasn't seen a commit since 2020.
- What improvements would you like to see in Rust or what design choices do you wish were reconsidered?
-
Things I hate about Rust, redux
There's Rustig which does it for panics, though it seems unmaintained and uses inspection of the final binary rather than source code/AST inspection.
You might be interested in this: https://github.com/Technolution/rustig
-
Three Things Go Needs More Than Generics
> Doesnt Rust have implicit panics on indexing out of bounds?
It does yes. A fair number of other constructs can panic as well.
> I wonder if any codebases lint those away.
Clippy has a lint for indexing so probably.
For the general case, it's almost impossible unless you're working on very low-level software (embedded, probably kernel-rust eventually) e.g. `std` assumes allocations can't fail, so any allocation will show up as a panic path.
https://github.com/Technolution/rustig can actually uncover panic paths, but because of the above the results are quite noisy, and while it's possible to uncover bugs thanks to rustig it requires pretty ridiculous amounts of filtering.
-
Linus Torvalds on Rust support in kernel
This comment is strongly confused.
> [1] https://github.com/Technolution/rustig
That's a binary analysis tool. It is only approximate, and does not claim to be an accurate analysis like unsafe-checking and typechecking are:
https://github.com/Technolution/rustig#limitations
> All paths leading to panic! from one of those functions (whether actually used or not) will be reported.
It also only works on x86_64 binaries.
Panics are an ugly leftover from the bad old days before Rust had nice monad-like syntax for Result error-handling (the "?" syntax). It's time for panic to sunset.
This comment is strongly missinformed:
1- panicking allocations are here to stay, because in lots of case, it's the most convenient behavior. BUT Rust is adding fallible allocations methods (prefixed with try_) which return a result instead of panicking in allocation failure.
2- panics are catch-able as long as you don't compile your binary with panic=abort setting (and as long as you don't panic in your panic handler itself)
3- panics can only occur in specific places (array indexing, allocations, utf-8 validation, unwrap, etc.) which are by definition known at compile-time, and there's tooling to catch these up [1].
In practice, a might_panic annotation would add a lot of noise for pretty much everybody, because most of us mortals use panicking function all days and it's not a big deal. Obviously it is critical for Linux, but because it's relevant only to the minority of rust users, it doesn't make sense to include it in rustc itself: it's exactly the kind of situation where external tooling is the good option.
prusti-dev
-
Using_Prolog_as_the_AST
> The overall goal would be to figure out classical error conditions like nill pointers deference.
> If I can figure out if a pointer will be nil in some execution branch, there is no reason why a computer cannot do the same.
Note, this is called flow-sensitive typing (also called type narrowing) and I think that typescript does it.
https://en.wikipedia.org/wiki/Flow-sensitive_typing
> I personally would see this as an human race level upgrades. Imagine feeding your code to a CI that spit back something like: "you will have a panic at line 156 when your input is > 4"
A model checker can do that!
See this
https://model-checking.github.io/kani/tutorial-kinds-of-fail...
Other techniques are also possible
https://github.com/viperproject/prusti-dev#quick-example
(Here I could link a lot of things, I just selected two Rust projects to illustrate)
This works better if you are able to provide contracts in your API that says which guarantees you provide. Alternatively, asserts are useful too.
-
Programming Languages Going Above and Beyond
You might be interested in the Prusti project, which statically checks for absence of reachable panics, overflows etc. It also allows user-defined specifications such as pre and post-conditions, loop body invariants, termination checking and so on.
-
Trying to find a crate that allows you to constrain the value of arguments in various ways via a proc macro
This is called refinement types and prusti might be the project you saw.
-
rustc-plugin: A framework for writing plugins that integrate with the Rust compiler
But there's also a lot of exciting work around formal verification like Prusti.
-
Is there something like "super-safe" rust?
prusti
-
A plan for cybersecurity and grid safety
Efforts: seL4, Project Everest, the Prossimo project of the ISRG, Let's Encrypt, and Prusti for the Rust language
-
Prop v0.42 released! Don't panic! The answer is... support for dependent types :)
Wow that sounds really cool! I'm not an expert but does that mean that one day you could implement dependend types or refinement types in Rust as a crate ? I currently only know of tools like: Flux Creusot Kani Prusti
-
Prusti: Static Analyzer for Rust
And have it checked at compile time that the assertion holds! Which is a bit like Liquid Haskell in capability: https://ucsd-progsys.github.io/liquidhaskell/
... and now I just noticed that prusti has a crate prusti_contracts that can do the same thing!! https://github.com/viperproject/prusti-dev/blob/master/prust...
Now I'm wondering which tool is more capable (as I understand, they leverage a SMT solver like Z3 to discharge the proof obligations, right?)
-
Six programming languages I’d like to see
For contract-based programming, I'm personally planning on experimenting with https://github.com/viperproject/prusti-dev
The withdraw example would look something like
impl Account {
What are some alternatives?
Rust-for-Linux - Adding support for the Rust language to the Linux kernel.
MIRAI - Rust mid-level IR Abstract Interpreter
kani - Kani Rust Verifier
go101 - An up-to-date (unofficial) knowledge base for Go programming self learning
Rudra - Rust Memory Safety & Undefined Behavior Detection
bastion - Highly-available Distributed Fault-tolerant Runtime
pwninit - pwninit - automate starting binary exploit challenges
tectonic - A modernized, complete, self-contained TeX/LaTeX engine, powered by XeTeX and TeXLive.
automem - C++-style automatic memory management smart pointers for D
gdbstub - An ergonomic, featureful, and easy-to-integrate implementation of the GDB Remote Serial Protocol in Rust (with no-compromises #![no_std] support)
go - The Go programming language