{"id":18445590,"url":"https://github.com/cbeuw/rustlantis","last_synced_at":"2025-04-09T20:08:25.966Z","repository":{"id":176861004,"uuid":"655414489","full_name":"cbeuw/rustlantis","owner":"cbeuw","description":"UB-free and deterministic rustc fuzzer","archived":false,"fork":false,"pushed_at":"2025-01-17T00:03:44.000Z","size":489,"stargazers_count":75,"open_issues_count":2,"forks_count":4,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-04-09T20:08:20.751Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cbeuw.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE-APACHE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-06-18T20:23:03.000Z","updated_at":"2025-04-08T09:30:18.000Z","dependencies_parsed_at":"2024-01-14T21:58:33.802Z","dependency_job_id":"695f57d0-b9d3-47e8-a53d-5abdc6d67866","html_url":"https://github.com/cbeuw/rustlantis","commit_stats":null,"previous_names":["cbeuw/rustlantis"],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cbeuw%2Frustlantis","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cbeuw%2Frustlantis/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cbeuw%2Frustlantis/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cbeuw%2Frustlantis/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cbeuw","download_url":"https://codeload.github.com/cbeuw/rustlantis/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248103873,"owners_count":21048245,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-06T07:06:29.620Z","updated_at":"2025-04-09T20:08:25.929Z","avatar_url":"https://github.com/cbeuw.png","language":"Rust","funding_links":[],"categories":["Dynamic Checkers"],"sub_categories":[],"readme":"# Rustlantis\nA Rust Mid-level Intermediate Representation fuzzer\n\nIt can generate [custom MIR](https://doc.rust-lang.org/std/intrinsics/mir/index.html) programs containing:\n- All primitive integer and floating point types, `bool`, `char`, arrays,\ntuples, references, raw pointers, structs, and enums.\n- Functions containing multiple basic blocks\n- Terminators: `Goto`, `Return`, `SwitchInt` (`match`), `Call`.\n- Intrinsic functions: `arith_offset` (for pointer arithmetics), `transmute`,\n`bswap`, `fmaf64`.\n- Operators: all arithmetic, logical and bitwise operations on integers\nand floating points, and checked arithmetic (Add, Sub, Mul) on integers\n- All primitive literal expressions, as well as tuple, array, and struct\naggregate expressions\n- Creating references and raw pointers, and dereferencing them\n- Casts between integers, floating points, `char`, and `bool`\n\nGenerated programs are terminating, UB-free, and deterministic. A discrepancy between testing backends\nalways indicate a bug in them (or a bug in Rustlantis).\n\n## Requirements\n- Rust nightly\n- rustup\n\n## Config\nInstall Miri and Cranelift with Rustup `rustup component add miri rustc-codegen-cranelift-preview`, then copy `config.toml.example` to `config.toml`\n\n## Usage\n\nTo generate and difftest one seed, run\n\n```bash\n./fuzz-one.sh \u003cseed\u003e\n```\n\nA program will be generated to `$TMPDIR` and tested. If difftest passes (no bug), it will exit with 0. If difftest spots a difference between testing backends, it will exit with 1 and save the reproduction file to `./repros/`.\n\nTo generate a program only, run `generate`\n```\nUsage: generate [OPTIONS] \u003cseed\u003e\n\nArguments:\n  \u003cseed\u003e  generation seed\n\nOptions:\n  -d, --debug                      generate a program where values are printed instead of hashed (slow)\n      --call-syntax \u003ccall-syntax\u003e  switch between different versions of Call syntaxes [default: v4] [possible values: v1, v2, v3, v4]\n  -h, --help                       Print help\n  -V, --version                    Print version\n```\n\nTo difftest an existing program, run `difftest`\n```\nUsage: difftest \u003cfile\u003e\n\nArguments:\n  \u003cfile\u003e  \n\nOptions:\n  -h, --help  Print help\n```\n\n## Quirks\n- Cranelift not supported on AArch64 macOS: https://github.com/bjorn3/rustc_codegen_cranelift/issues/1248\n- `rustc_codegen_gcc` can be used as a backend, but it doesn't support enough language features yet to be usable\n\n## Namesake\nThe Space Shuttle *Atlantis* docked with *Mir* space station seven times: https://en.wikipedia.org/wiki/Shuttle%E2%80%93Mir_program\n\n## Trophies\n\n🦀: Root cause in Rust\n🐉: Root cause in LLVM\n🏗️: Root cause in Cranelift\n\n### Crashes \u0026 ICEs\n- 🦀 `RenameReturnPlace` is broken: https://github.com/rust-lang/rust/issues/110902\n- 🦀 `ReferencePropagation` prevents partial initialisation: https://github.com/rust-lang/rust/issues/111426\n- 🐉 phi nodes assumed to be non-empty: https://github.com/llvm/llvm-project/issues/63013\n- 🐉 Assertion failure in `RegisterCoalescer`: https://github.com/llvm/llvm-project/issues/63033\n- 🦀 MIR inlining inserts statements at the wrong place: https://github.com/rust-lang/rust/issues/117355\n- 🏗️ Overflowing shift triggers panic in Cranelift: https://github.com/rust-lang/rustc_codegen_cranelift/issues/1455 \u0026 https://github.com/bytecodealliance/wasmtime/issues/7865\n\n### Silent Miscompilations\n- 🦀 `ConstProp` propagates over mutating borrows: https://github.com/rust-lang/rust/issues/110947\n- 🦀 `*const T` in function parameters annotated with `readonly`: https://github.com/rust-lang/rust/issues/111502\n- 🐉 Aliasing analysis merges loads from different offsets: https://github.com/rust-lang/rust/issues/112061 \u0026 https://github.com/llvm/llvm-project/issues/63019\n- 🐉 Constant folding produces invalid boolean values: https://github.com/rust-lang/rust/issues/112170 \u0026 https://github.com/llvm/llvm-project/issues/63055\n- 🐉 Aliasing analysis broken for overflowing pointer offsets: https://github.com/rust-lang/rust/issues/112526 \u0026 https://github.com/llvm/llvm-project/issues/63266\n- https://github.com/rust-lang/rust/issues/112548\n- 🐉 Copy elision corrupts stack arguments with two parts: https://github.com/rust-lang/rust/issues/112767 \u0026 https://github.com/llvm/llvm-project/issues/63430\n- 🐉 Copy elision reads stack arguments from the wrong offsets: https://github.com/llvm/llvm-project/issues/63475\n- 🦀 Subnormal f64 to f32 cast is wrong: https://github.com/rust-lang/rust/issues/113407\n- 🐉 AST size merging is wrong: https://github.com/llvm/llvm-project/issues/64897 \n- 🦀 `ConstProp` propagates over assignment of unknown values: https://github.com/rust-lang/rust/issues/118328\n- 🐉 Bad `undef`/`poison` handling in `InstCombine`: https://github.com/llvm/llvm-project/issues/74890\n- 🦀 `GVN` merges moved function arguments: https://github.com/rust-lang/rust/issues/120613\n- 🐉 `GVNPass` forgets to remove poison generating flags: https://github.com/llvm/llvm-project/issues/82884\n- 🏗️ Misoptimization of imul + ireduce: https://github.com/rust-lang/rustc_codegen_cranelift/issues/1460 \u0026 https://github.com/bytecodealliance/wasmtime/issues/7999\n- 🐉 `InstCombine` calculates wrong `insertelement` instructions: https://github.com/rust-lang/rust/issues/121996 \u0026 https://github.com/llvm/llvm-project/issues/84025\n\n### Previously known bugs\n- 🦀 Const eval gives `x % x` wrong sign when `x` is a negative float: https://github.com/rust-lang/rust/issues/109567 (first reported https://github.com/rust-lang/rust/issues/102403)\n- 🐉 Write to dangling pointer is hoisted outside of condition: https://github.com/rust-lang/rust/issues/112213 (first reported https://github.com/llvm/llvm-project/issues/51838)\n\n## License\nRustlantis is distributed under the terms of both the MIT License and the Apache License (Version 2.0), at your choice.\n\n© ETH Zurich and contributors\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcbeuw%2Frustlantis","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcbeuw%2Frustlantis","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcbeuw%2Frustlantis/lists"}