Please check the build logs for more information.
See Builds for ideas on how to fix a failed build, or Metadata for how to configure docs.rs builds.
If you believe this is docs.rs' fault, open an issue.
RAPx is a static Rust analysis platform developed by researchers at Artisan-Lab, Fudan University. The project aims to provide a foundation for Rust programmers to develop or use advanced static analysis features beyond those offered by the rustc compiler. For further details, please refer to the RAPx-Book.
The project is still under heavy development.
Quick Start
Install nightly-2024-10-12 on which rapx is compiled with. This just needs to do once on your machine. If the toolchain exists,
this will do nothing.
rustup toolchain install nightly-2024-10-12 --profile minimal --component rustc-dev,rust-src,llvm-tools-preview
cargo +nightly-2024-10-12 install rapx --git https://github.com/Artisan-Lab/RAPx.git
Usage
Navigate to your Rust project folder containing a Cargo.toml file. Then run cargo-rapx with toolchain override shorthand syntax.
cargo rapx [rapx options] -- [cargo check options]
where `-- [cargo check options]` is optional, and if specified, they are passed to cargo check.
Alternatively, you can switch to the pinned toolchain ahead of time:
# set up rapx's toolchain as default
rustup default nightly-2024-10-12
# run cargo rapx without +toolchain syntax any more
cargo rapx --
Check out supported options with -help:
cargo +nightly-2024-10-12 rapx -help
Environment variables (Values are case insensitive):
| var | default when absent | one of these values | description |
|---|---|---|---|
RAP_LOG |
info | debug, info, warn | verbosity of logging |
RAP_CLEAN |
true | true, false | run cargo clean before check |
RAP_RECURSIVE |
none | none, shallow, deep | scope of packages to check |
For RAP_RECURSIVE:
- none: check for current folder
- shallow: check for current workpace members
- deep: check for all workspaces from current folder
NOTE: for shallow or deep, rapx will enter each member folder to do the check.
Use-After-Free Detection
Detect bugs such as use-after-free and double free in Rust crates caused by unsafe code.
cargo +nightly-2024-10-12 rapx -uaf
If RAPx gets stuck after executing cargo clean, try manually downloading metadata dependencies by running cargo metadata.
The feature is based on our SafeDrop paper, which was published in TOSEM.
@article{cui2023safedrop,
title={SafeDrop: Detecting memory deallocation bugs of rust programs via static data-flow analysis},
author={Mohan Cui, Chengjun Chen, Hui Xu, and Yangfan Zhou},
journal={ACM Transactions on Software Engineering and Methodology},
volume={32},
number={4},
pages={1--21},
year={2023},
publisher={ACM New York, NY, USA}
}
Memory Leakage Detection
Detect memory leakage bugs caused by apis like ManuallyDrop and into_raw().
cargo +nightly-2024-10-12 rapx -mleak
The feature is based on our rCanary work, which was published in TSE
@article{cui2024rcanary,
title={rCanary: rCanary: Detecting memory leaks across semi-automated memory management boundary in Rust},
author={Mohan Cui, Hongliang Tian, Hui Xu, and Yangfan Zhou},
journal={IEEE Transactions on Software Engineering},
year={2024},