Skip to content

BurtonQin/Awesome-Rust-Checker

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 

Repository files navigation

Awesome Rust checkers

Awesome

Contributions welcomed!

Table of contents

Linters

Name Description Working on Bug types Technology Last Commit Time
clippy A bunch of lints to catch common mistakes and improve your Rust code. Paper: ICSE-Companion'24 HIR Versatile Pattern matching 2025-01-17
dylint Run Rust lints from dynamic libraries HIR Versatile Pattern matching 2025-01-16

Static Checkers

Name Description Working on Bug Types Technology Maintenance
MIRAI Rust mid-level IR Abstract Interpreter MIR Panic, Security bugs, Correctness Abstract Interpretation 2025-01-11
lockbud Statically detect common memory and concurrrency bugs in Rust. Paper: Safety Issues in Rust, TSE'24 MIR Double-Lock, Conflicting-Lock-Order, Atomicity-Violation, Use-After-Free, Invalid-Free, Panic Locations Data-flow Analysis 2025-01-13
RAP (formerly SafeDrop) Rust Analysis Platform. Paper: SafeDrop, TOSEM'22 MIR Use-After-Free, Double-Free Data-flow Analysis 2025-01-17
RCanary Detecting Memory Leaks Across Semi-automated Memory Management Boundary in Rust. RCanary, TSE'24 HIR, MIR Memory Leaks Static Program Analysis, Model Checking 2023-09-11
Rudra Rust Memory Safety & Undefined Behavior Detection. Paper: Rudra, SOSP'21 HIR, MIR Memory safety when panicked, Higher Order Invariant, Send Sync Variance Data-flow Analysis 2024-02-12
Yuga Automatically Detecting Lifetime Annotation Bugs in the Rust Language. Paper: Yuga, ICSE'24 HIR, MIR Lifetime Annotation Bugs Data-flow Analysis 2024-04-01
MirChecker A Simple Static Analysis Tool for Rust. Paper: MirChecker, CCS'21 MIR Panic (including numerical), Lifetime Corruption (memory issues) Abstract Interpretation 2024-05-24
FFIChecker A Static Analysis Tool For Detecting Memory Management Bugs Between Rust and C/C++. Paper: FFIChecker, ESORICS'22 LLVM IR Memory issues across the Rust/C FFI Abstract Interpretation 2022-05-31
RUPTA Supports pointer/alias analysis for Rust, operating on Rust MIR. It currently offers callsite-based pointer analysis. Paper: RUPTA, CC'24 MIR Not bugs, for callgraph construction Callsite-based pointer analysis 2024-12-02
Charon Interface with the rustc compiler for the purpose of program verification. Paper: Charon MIR, LLBC An Analysis Framework for Rust Convert MIR to LLBC for analysis 2025-01-17
Cocoon Static Information Flow Control in Rust. Paper: Cocoon, OOPSLA'24 Rust Soure Code Secrecy Leaks Rust’s type system and procedural macros 2024-03-20
rustsp_analyzer Fearless Unsafe. A More User-friendly Document for Unsafe Rust Programming Base on Refined Safety Properties. Paper: Fearless Unsafe HIR Safety Properties Summarization 2025-01-01
AtomVChecker Statically detect memory ordering misuses for Rust. Paper: AtomVChecker, ISSRE'24 MIR Atomic concurrency bugs and performance loss due to memory ordering misuse Data-flow Analysis 2024-09-12

Academic Papers (source code not found yet)

Name Description Working on Bug Types Technology
Rupair Rupair: Towards Automatic Buffer Overflow Detection and Rectification for Rust. Rupair, ACSAC'21 AST, MIR Buffer Overflow Data-flow Analysis
CRUST CRUST: Towards a Unified Cross-Language Program Analysis Framework for Rust. CRUST, QRS'22 CRustIR based on MIR Security (CFI vilation, Meta Data Leaking, Format String Attack), Memory issues(Out-of-bounds, Use-after-Free, Double-Free, Stack-Overflow, Buffer-Overflow), Arithmetic (Divide-by-zero, Integer-Overflow) Program Analysis Framework
ACORN ACORN: Towards a Holistic Cross-Language Program Analysis for Rust. ACORN Wasm Security (Tainted Variable, Dangerous Function, Format String Attack), Memory issues (Out-of-bounds, Use-after-Free, Double-Free, Stack-Overflow, Buffer-Overflow), Arithmetic (Divide-by-zero, Integer-Overflow) Program Analysis Framework
Yu Zhang Static Deadlock Detection for Rust Programs. Yu Zhang MIR Deadlock Data-flow Analysis
Kaiwen Zhang Automatically Transform Rust Source to Petri Nets for Checking Deadlocks. Kaiwen Zhang MIR Deadlock Petri Nets
RustC4 Leveraging Large Language Model to Assist Detecting Rust Code Comment Inconsistency. ASE'24 AST Code Comment Inconsistency LLM
craft Automated Fault Tree Generation for Rust Programs. EDCC'24 - Fault Tree Static Program Analysis
PanicFI An Infrastructure for Fixing Panic Bugs in Real-World Rust Programs. PanicFI HIR, AST Fixing Panic Bugs Pattern Matching

Dynamic Checkers

Name Description Working on Bug Types Technology Last Commit Time
miri An interpreter for Rust's mid-level intermediate representation MIR Undefined Behavior Abstract Interpretation 2025-01-15
cargo-careful Execute Rust code carefully, with extra checking along the way - Undefined Behavior Enable Debug Assertion in std 2024-08-10
cargo-fuzz Command line helpers for fuzzing - - Fuzzing 2024-11-04
Loom Concurrency permutation testing tool for Rust. Source Code Concurrency Bugs Permutation testing 2024-12-27
ERASAN Efficient Rust Address Sanitizer. Paper: IEEES&P'24 - Memory Access Bugs Fuzzing 2024-07-10
Automated-Fuzzer Simple tool to create broken files and checking them with special apps - Panic Fuzzing 2025-01-13
RULF Fuzz Target Generator for Rust libraries. Paper: RULF, ASE'21 - Out-of-bound, Panic (including arithmetic) Fuzzing 2023-11-09
RPG1 RPG: Rust Library Fuzzing with Pool-based Fuzz Target. Paper: RPG, ICSE'24 - Out-of-bound, Panic (including arithmetic) Fuzzing 2022-10-09
SyRust Automatic Testing of Rust Libraries with Semantic-Aware Program Synthesis. Paper: SyRust, PLDI'21 - - Program Synthesis 2021-04-14
NADER Automatic Context-Aware Safety Enhancement for Rust. Paper: OOPSLA'21 MIR, Source Code Unchecked Indexing API Replacing 2021-07-13
casr2 collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity. Paper: Casr-Cluster, ISPRAS'21, Ivannikov Memorial Workshop'24 Crash Reports from ASan, UBSan, GDB - Analyze crashes 2024-11-28
FRIES Fuzzing Rust Library Interactions via Efficient Ecosystem-Guided Target Generation. Paper: FRIES, ISSTA'24 MIR Rust API interactions Fuzzing 2023-08-02
rustsmith A randomized program fuzzer for the Rust programming language. Paper: rustsmith, ISSTA'23 rustsmith, thesis AST Rust compiler bugs Differential testing 2023-07-21
rustlantis UB-free and deterministic rustc fuzzer. Paper: rustlantis, OOPSLA'24 MIR Rust compiler bugs Differential testing 2025-01-17
RuMono A fully automated Rust fuzz driver generator. Paper: RuMono, TOSEM'24 - Generic APIs Fuzzing 2023-11-09

Academic Papers (source code not found yet)

Name Description Working on Bug Types Technology
CrabSandwich CrabSandwich: Fuzzing Rust with Rust. CrabSandwich, Fuzzing'23 LLVM IR Out-of-bounds, Panic Fuzzing
Zhiyong Ren Detect Stack Overflow Bugs in Rust via Improved Fuzzing Technique. Zhiyong Ren, SEKE'21 AST, HIR, MIR, LLVM IR Stack Overflow Fuzzing
Rustcheck Safety Enhancement of Unsafe Rust via Dynamic Program Analysis. Rustcheck, QRS-C'23 MIR Memory vulnerabilities Static Program Analysis, Instrumentation
RUSTY A Fuzzing Tool for Rust. Poster@ACSAC'20 - Vulnerabilities Fuzzing, Concolic Testing, Property-based Testing
Rust-twins Automatic Rust Compiler Testing through Program Mutation and Dual Macros Generation. ASE'24 AST, HIR Rust compiler crashes and differences Differential testing, mutation, macroize components, LLM
SafeFFI Poster: Ensuring Memory Safety for the Transition from C/C++ to Rust. NDSS'24 LLVM IR Memory safety in C/C++ and Rust Mixed Code Existing sanitiers: HWASAN, SoftBound/CETS
  1. The link may be incorrect. See here.
  2. casr analyze the results of dynamic checkers instead of performing dynamic analysis itself. Thanks zjp-CN for recommending casr.

Verifiers

Name Description Working on Bug Types Technology Last Commit Time
kani The Kani Rust Verifier is a bit-precise model checker for Rust. Paper: kani, ICSE-SEIP'22 MIR Memory safety, User-specified assertions, Panics, Unexpected behavior (e.g., arithmetic overflows) Model Checking 2025-01-17
prusti A static verifier for Rust, based on the Viper verification infrastructure. Paper: prusti, NFM'22 Viper Panic (inluding arithmetic), User-specified assertions Symbolic Execution 2024-03-26
crux-mir A static simulator for Rust programs. Paper: crux - - Symbolic Testing 2025-01-09
verus Verified Rust for low-level systems code. Paper: verus, OOPSLA'23, SOSP'24 - - SMT-based Verification5 2025-01-17
flux flux is a refinement type checker for Rust. Paper: flux, PLDI'23 - - - 2025-01-14
Aeneas A verification toolchain for Rust programs. Paper: Aeneas, ICFP'22, ICFP'24 LLBC (for safe Rust only) - - 2025-01-17
RustBelt Formal (and machine-checked) safety proof for a language representing a realistic subset of Rust. Paper: RustBelt, POPL'18 𝜆Rust - - 2024-12-13
RustHorn A CHC-based automated verifier for Rust RustHorn, TOPLAS'21 MIR - - 2024-08-27
Creusot A deductive verifier for Rust code. Creusot, ICFEM'22 WhyML Panics, overflows, Assertion failures Deductive Verification 2025-01-17
RustHornBelt A Semantic Foundation for Functional Verification of Rust Programs with Unsafe Code. Paper: RustHornBelt, PLDI'22 𝜆Rust - - 2023-02-14
RefinedRust1 A Type System for High-Assurance Verification of Rust Programs. Paper: RefinedRust, PLDI'24 Radium - - 2025-01-03
VeriFast2 Research prototype tool for modular formal verification of C and Java programs. Paper: VeriFast, NFM'11 - - Symbolic Execution 2025-01-17
mendel-verifier Capability-based verifier for safe Rust clients of interior mutability. Paper: Poli, Thesis Viper Interior Mutability Symbolic Execution 2024-07-16
silver-sif-extension Extension of the Viper language with modular product programs and information flow specifications. Paper: Thesis Viper Differential Privacy Symbolic Execution 2023-08-21

Academic Papers (source code not found yet)

Name Description Working on Bug Types Technology
GillianRust A hybrid approach to semi-automated Rust verification. GillianRust Unsafe Code Supported - Separation Logic based Hybrid Verification5
UnsafeCop Towards Memory Safety for Real-World Unsafe Rust Code with Practical Bounded Model checking. UnsafeCop, FM'24 - Memory safety issues Bounded Model Checking
SAFE Automated Proof Generation for Rust Code via Self-Evolution. SAFE Rust Code With Docstring, Verus - Verus Verifier, LLM
PanicCheck Broadly Enabling KLEE to Effortlessly Find Unrecoverable Errors. PanicCheck, ICSE-SEIP'24 LLVM IR Panic KLEE
  1. Thanks to jedbrown for recommending RefinedRust and other Rust-related verification tools.
  2. Rust support is WIP in VeriFast. Thanks zjp-CN for recommending VeriFast.

Thanks to the following awesome works:

  1. https://github.com/analysis-tools-dev/static-analysis?tab=readme-ov-file#rust
  2. https://github.com/analysis-tools-dev/dynamic-analysis?tab=readme-ov-file#rust
  3. A Survey of Rust Language Security Research
  4. RefinedRust: A Type System for High-Assurance Verification of Rust Programs
  5. Verifying the Rust Standard Library

About

A curated list of awesome Rust checkers

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages