GitHub - model-checking/kani at 37bcc093fcf5f48af7f8ed8df8d967f3fa5183a5

This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Name	Name	Last commit message	Last commit date
Latest commit celinval Remove clion hack Sep 24, 2024 37bcc09 · Sep 24, 2024 History 1,687 Commits
.cargo	.cargo	Fix build-dev cache (#2280 )	Mar 8, 2023
.github	.github	Fix cmake configuration for perf job (#3499 )	Sep 6, 2024
cprover_bindings	cprover_bindings	Bump Kani version to 0.55.0 (#3486 )	Sep 4, 2024
docs	docs	Analyze unsafe code reachability	Sep 24, 2024
firecracker @ cd36c69	firecracker @ cd36c69	Regression test for codegen'ing Firecracker (#264 )	Aug 4, 2021
kani-compiler	kani-compiler	Upgrade toolchain to 2024-09-07 (#3504 )	Sep 8, 2024
kani-driver	kani-driver	Bump Kani version to 0.55.0 (#3486 )	Sep 4, 2024
kani_metadata	kani_metadata	Bump Kani version to 0.55.0 (#3486 )	Sep 4, 2024
library	library	Fix iss3495 (#3501 )	Sep 7, 2024
papers/vstte2024	papers/vstte2024	vstte paper (#3473 )	Sep 4, 2024
rfc	rfc	List RFC revisions (#3490 )	Sep 6, 2024
scripts	scripts	Analyze unsafe code reachability	Sep 24, 2024
src	src	Bump CBMC Viewer to 3.9 (#3373 )	Jul 23, 2024
tests	tests	Analyze unsafe code reachability	Sep 24, 2024
tools	tools	Remove clion hack	Sep 24, 2024
.clang-format	.clang-format	Add clang-format tool, and a script to use it (#516 )	Sep 27, 2021
.dockerignore	.dockerignore	Rejoin kani-verifer into the overall workspace (#1058 )	Apr 18, 2022
.editorconfig	.editorconfig	Truncated history.	Apr 27, 2022
.gitattributes	.gitattributes	Cleanup code that we no longer use (#768 )	Jan 21, 2022
.gitignore	.gitignore	Upgrade toolchain to 2024-04-18 and improve toolchain workflow (#3149 )	Apr 18, 2024
.gitmodules	.gitmodules	Remove bookrunner (#3123 )	Apr 5, 2024
CHANGELOG.md	CHANGELOG.md	Bump Kani version to 0.55.0 (#3486 )	Sep 4, 2024
CODE_OF_CONDUCT.md	CODE_OF_CONDUCT.md	Use Rust code of conduct (#1078 )	Apr 20, 2022
CONTRIBUTING.md	CONTRIBUTING.md	Update CONTRIBUTING.md to point at the correct licence file (#1803 )	Oct 28, 2022
Cargo.lock	Cargo.lock	Remove clion hack	Sep 24, 2024
Cargo.toml	Cargo.toml	Bump Kani version to 0.55.0 (#3486 )	Sep 4, 2024
LICENSE-APACHE	LICENSE-APACHE	Truncated history.	Apr 27, 2022
LICENSE-MIT	LICENSE-MIT	Truncated history.	Apr 27, 2022
README.md	README.md	Update README.md - fix link locations for badge images in markdown (#…	Jun 16, 2023
build.rs	build.rs	Update copyright blob (#1144 )	May 2, 2022
deny.toml	deny.toml	Update deny action (#3461 )	Aug 26, 2024
favicon.ico	favicon.ico	Add kani logo (#1157 )	May 4, 2022
kani-dependencies	kani-dependencies	Update to CBMC version 6.1.1 (#2995 )	Jul 31, 2024
kani-logo.png	kani-logo.png	Add kani logo (#1157 )	May 4, 2022
kani-verifier-security.public.key	kani-verifier-security.public.key	Update security policy (#1133 )	Apr 29, 2022
rust-toolchain.toml	rust-toolchain.toml	Automatic toolchain upgrade to nightly-2024-09-08 (#3505 )	Sep 9, 2024
rustfmt.toml	rustfmt.toml	Remove bookrunner (#3123 )	Apr 5, 2024

Repository files navigation

The Kani Rust Verifier is a bit-precise model checker for Rust.

Kani is particularly useful for verifying unsafe code blocks in Rust, where the "unsafe superpowers" are unchecked by the compiler.

Kani verifies:

Memory safety (e.g., null pointer dereferences)
User-specified assertions (i.e., assert!(...))
The absence of panics (e.g., unwrap() on None values)
The absence of some types of unexpected behavior (e.g., arithmetic overflows)

Installation

To install the latest version of Kani (Rust 1.58+; Linux or Mac), run:

cargo install --locked kani-verifier
cargo kani setup

See the installation guide for more details.

How to use Kani

Similar to testing, you write a harness, but with Kani you can check all possible values using kani::any():

use my_crate::{function_under_test, meets_specification, precondition};

#[kani::proof]
fn check_my_property() {
   // Create a nondeterministic input
   let input = kani::any();

   // Constrain it according to the function's precondition
   kani::assume(precondition(input));

   // Call the function under verification
   let output = function_under_test(input);

   // Check that it meets the specification
   assert!(meets_specification(input, output));
}

Kani will then try to prove that all valid inputs produce acceptable outputs, without panicking or executing unexpected behavior. Otherwise Kani will generate a trace that points to the failure. We recommend following the tutorial to learn more about how to use Kani.

GitHub Action

Use Kani in your CI with model-checking/kani-github-action@VERSION. See the GitHub Action section in the Kani book for details.

Security

See SECURITY for more information.

Contributing

If you are interested in contributing to Kani, please take a look at the developer documentation.

License

Kani

Kani is distributed under the terms of both the MIT license and the Apache License (Version 2.0).

See LICENSE-APACHE and LICENSE-MIT for details.

Rust

Kani contains code from the Rust project. Rust is primarily distributed under the terms of both the MIT license and the Apache License (Version 2.0), with portions covered by various BSD-like licenses.

See the Rust repository for details.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Licenses found

Repository files navigation

Installation

How to use Kani

GitHub Action

Security

Contributing

License

Kani

Rust

About

Licenses found

Releases 61

Packages

Contributors 57

Languages

License

model-checking/kani

Folders and files

Latest commit

History

Repository files navigation

Installation

How to use Kani

GitHub Action

Security

Contributing

License

Kani

Rust

About

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases 61

Packages 0

Contributors 57

Languages

Packages