RAP is a static Rust analysis platform developed by researchers at Artisan-Lab, Fudan University. The project aims to provide a foundation for Rust programmers to develop or use advanced static analysis features beyond those offered by the rustc compiler. For further details, please refer to the RAP-Book.
The project is still under heavy development.
git clone https://github.com/Artisan-Lab/RAP.git
cd RAP
./install.sh
Install nightly-2024-10-12
on which rap is compiled with. This just needs to do once on your machine. If the toolchain exists,
this will do nothing.
rustup toolchain install nightly-2024-10-12 --profile minimal --component rustc-dev,rust-src,llvm-tools-preview
Navigate to your Rust project folder containing a Cargo.toml
file. Then run cargo-rap
with toolchain override shorthand syntax.
cargo rap [rap options] -- [cargo check options]
where `-- [cargo check options]` is optional, and if specified, they are passed to cargo check.
Alternatively, you can switch to the pinned toolchain ahead of time:
# set up rap's toolchain as default
rustup default nightly-2024-10-12
# run cargo rap without +toolchain syntax any more
cargo rap [rap options] -- [cargo check options]
Check out supported options with -help
:
cargo +nightly-2024-10-12 rap -help
Environment variables (Values are case insensitive):
var | default when absent | one of these values | description |
---|---|---|---|
RAP_LOG |
info | debug, info, warn | verbosity of logging |
RAP_CLEAN |
true | true, false | run cargo clean before check |
RAP_RECURSIVE |
none | none, shallow, deep | scope of packages to check |
For RAP_RECURSIVE
:
- none: check for current folder
- shallow: check for current workpace members
- deep: check for all workspaces from current folder
NOTE: for shallow or deep, rap will enter each member folder to do the check.
Detect bugs such as use-after-free and double free in Rust crates caused by unsafe code.
cargo +nightly-2024-10-12 rap -uaf
If RAP gets stuck after executing cargo clean
, try manually downloading metadata dependencies by running cargo metadata
.
The feature is based on our SafeDrop paper, which was published in TOSEM.
@article{cui2023safedrop,
title={SafeDrop: Detecting memory deallocation bugs of rust programs via static data-flow analysis},
author={Mohan Cui, Chengjun Chen, Hui Xu, and Yangfan Zhou},
journal={ACM Transactions on Software Engineering and Methodology},
volume={32},
number={4},
pages={1--21},
year={2023},
publisher={ACM New York, NY, USA}
}
Detect memory leakage bugs caused by apis like ManuallyDrop and into_raw().
cargo +nightly-2024-10-12 rap -mleak
The feature is based on our rCanary work, which was published in TSE
@article{cui2024rcanary,
title={rCanary: rCanary: Detecting memory leaks across semi-automated memory management boundary in Rust},
author={Mohan Cui, Hongliang Tian, Hui Xu, and Yangfan Zhou},
journal={IEEE Transactions on Software Engineering},
year={2024},