Set up testing with miri to catch undefined behavior bugs
frol opened this issue · comments
Vlad Frolov commented
Since Borsh is heavily focused on security, we should use all the available tooling to ensure that we catch as many corner cases as possible.
Miri is an interpreter for Rust's mid-level intermediate representation.
Using Miri is as simple as cargo miri test
, but there are a few quirks:
- Miri is only available with Nightly toolchain (not a problem, just saying)
- Miri does not support workspaces, so we need to run it against the specific crates (not a problem either)
- Compilation step with miri is quite RAM hungry - I could not succeed compiling Borsh tests with 23GB of RAM (16GB RAM + 7GB swap)