rapx
| Crates.io | rapx |
| lib.rs | rapx |
| version | |
| source | src |
| created_at | 2025-01-06 15:34:19.758682+00 |
| updated_at | 2025-03-16 13:19:28.849987+00 |
| description | A static analysis platform for use-after-free, memory leakage detection, etc |
| homepage | https://github.com/Artisan-Lab/RAPx |
| repository | |
| max_upload_size | |
| id | 1505743 |
| Cargo.toml error: | TOML parse error at line 18, column 1 | 18 | autolib = false | ^^^^^^^ unknown field `autolib`, expected one of `name`, `version`, `edition`, `authors`, `description`, `readme`, `license`, `repository`, `homepage`, `documentation`, `build`, `resolver`, `links`, `default-run`, `default_dash_run`, `rust-version`, `rust_dash_version`, `rust_version`, `license-file`, `license_dash_file`, `license_file`, `licenseFile`, `license_capital_file`, `forced-target`, `forced_dash_target`, `autobins`, `autotests`, `autoexamples`, `autobenches`, `publish`, `metadata`, `keywords`, `categories`, `exclude`, `include` |
| size | 0 |
XU, Hui (hxuhack)
documentation
README
RAPx is a static Rust analysis platform developed by researchers at Artisan-Lab, Fudan University. The project aims to provide a foundation for Rust programmers to develop or use advanced static analysis features beyond those offered by the rustc compiler. For further details, please refer to the RAPx-Book.
The project is still under heavy development.
Quick Start
Install nightly-2024-10-12 on which rapx is compiled with. This just needs to do once on your machine. If the toolchain exists,
this will do nothing.
rustup toolchain install nightly-2024-10-12 --profile minimal --component rustc-dev,rust-src,llvm-tools-preview
cargo +nightly-2024-10-12 install rapx --git https://github.com/Artisan-Lab/RAPx.git
Usage
Navigate to your Rust project folder containing a Cargo.toml file. Then run rapx by manually specifying the toolchain version according to the toolchain override shorthand syntax.
cargo +nightly-2024-10-12 rapx [rapx options] -- [cargo check options]
or by setting up default toolchain to the required version.
rustup default nightly-2024-10-12
Check out supported options with -help:
cargo rapx -help
Usage:
cargo rapx [rapx options] -- [cargo check options]
RAPx Options:
Application:
-F or -uaf use-after-free/double free detection.
-M or -mleak memory leakage detection.
-O or -opt automatically detect code optimization chances.
-I or -infer (under development) infer the safety properties required by unsafe APIs.
-V or -verify (under development) verify if the safety requirements of unsafe API are satisfied.
Analysis:
-alias perform alias analysis (meet-over-paths)
-adg generate API dependency graphs
-callgraph generate callgraphs
-dataflow (not supported yet) generate dataflow graphs
-heap analyze if the type holds a piece of memory on heap
-audit (under development) generate unsafe code audit units
If RAPx gets stuck after executing cargo clean, try manually downloading metadata dependencies by running cargo metadata.
RAPx supports the following environment variables (values are case insensitive):
| var | default when absent | one of these values | description |
|---|---|---|---|
RAP_LOG |
info | debug, info, warn | verbosity of logging |
RAP_CLEAN |
true | true, false | run cargo clean before check |
RAP_RECURSIVE |
none | none, shallow, deep | scope of packages to check |
For RAP_RECURSIVE:
- none: check for current folder
- shallow: check for current workpace members
- deep: check for all workspaces from current folder
NOTE: rapx will enter each member folder to do the check.