Static analysis tools/quality assurance tools

Hi all, just musing - what tools do you use during dev/CI for static analysis and ensuring quality/consistency?

I'll start with the obvious ones:

  • clippy
  • fmt
  • test
  • bench

Shout out to arbitrary and arbtest for generating sample data in tests

What other "necessary" tools/libs do you use to improve quality in Rust?

Miri can (and probably should) be used for raising the confidence in unsafe code. (I am intentionally not writing "ensure correctness", because nothing but a formal proof by a human can achieve that.)

1 Like

If we include benchmarking here, Criterion seems to be a de-facto standard way to do this better then the default.

1 Like

In Tokio, we use the following tools:

3 Likes

+1 for criterion. I've been meaning to look at Divan ยท Nikolai Vazquez as well.

I've managed to avoid unsafe and plan to continue doing so :-). I know my limits :wink:

excellent - thanks. I love the idea of idea of running it with the latest rustup update and cargo update too.

cargo fuzz makes it easy to write fuzz tests. The popular understanding of fuzzing is that it is for finding memory safety bugs in parsers, but it is also capable of finding other kinds of edge-case situations โ€” I use it to check that my algorithms do not panic, hang, OOM, or produce obvious nonsense when given arbitrary numbers as input.

Run fuzzing in CI as a scheduled or non-required job so you're not personally waiting for it all the time.

1 Like

This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.