Description
MIRAI is an abstract interpreter for the Rust compiler's mid-level intermediate representation (MIR). It is intended to become a widely used static analysis tool for Rust.
MIRAI alternatives and similar packages
Based on the "Development tools" category.
Alternatively, view MIRAI alternatives based on common mentions on social networks and blogs.
-
-
rust-analyzer
A Rust compiler front-end for IDEs [Moved to: https://github.com/rust-lang/rust-analyzer] -
Clippy
A bunch of lints to catch common mistakes and improve your Rust code. Book: https://doc.rust-lang.org/clippy/ -
gdbgui
Browser-based frontend to gdb (gnu debugger). Add breakpoints, view the stack, visualize data structures, and more in C, C++, Go, Rust, and Fortran. Run gdbgui from the terminal and a new tab will open in your browser. -
-
-
-
-
-
-
Rust Language Server
Repository for the Rust Language Server (aka RLS) -
-
-
-
rust-cross
Everything you need to know about cross compiling Rust programs! -
-
-
-
-
-
trust
Travis CI and AppVeyor template to test your Rust crate on 5 architectures and publish binary releases of it for Linux, macOS and Windows -
-
cargo-release
Cargo subcommand `release`: everything about releasing a rust crate. -
-
Rust for Visual Studio Code
Rust for Visual Studio Code -
sublime-rust
The official Sublime Text 3 package for the Rust Programming Language -
cargo-update
A cargo subcommand for checking and applying updates to installed executables -
-
-
milksnake
A setuptools/wheel/cffi extension to embed a binary data in wheels -
cargo-deb
A cargo subcommand that generates Debian packages from information in Cargo.toml -
-
rst
The open source design documentation tool for everybody [Moved to: https://github.com/vitiral/artifact] -
cargo-modules
Render your crate's module/item structure as a tree or graph -
rust-musl-cross
Docker images for compiling static Rust binaries using musl-cross -
Access the most powerful time series database as a service
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of MIRAI or a related project?
|
Clean code begins in your IDE with SonarLint
sponsored
www.sonarlint.org
|
Popular Comparisons
|
ONLYOFFICE Docs โ document collaboration in your environment
sponsored
www.onlyoffice.com
|
README
MIRAI 
MIRAI is an abstract interpreter for the Rust compiler's mid-level intermediate representation (MIR). It is intended to become a widely used static analysis tool for Rust.
Who should use MIRAI
MIRAI can be used as a linter that finds panics that may be unintentional or are not the best way to terminate a program. This use case generally requires no annotations and is best realized by integrating MIRAI into a CI pipeline.
MIRAI can also be used to verify correctness properties. Such properties need to be encoded into annotations of the source program.
A related use is to better document an API via explicit precondition annotations and then use MIRAI to check that the annotations match the code.
Finally, MIRAI can be used to look for security bugs via taint analysis (information leaks, code injection bugs, etc.) and constant time analysis (information leaks via side channels). Unintentional (or ill-considered) panics can also become security problems (denial of service, undefined behavior).
How to use MIRAI
You'll need to install MIRAI as described here.
Then use cargo mirai to run MIRAI over your current package. This works much like cargo check but uses MIRAI rather
than rustc to analyze the targets of your current package.
This will likely produce some warnings. Some of these will be real issues (true positives) that you'll fix by changing the offending code. Other warnings will be due to limitations of MIRAI and you can silence them by adding annotations declared in this crate.
Once MIRAI gives your code a clean bill of health, your code will be better documented and more readable. Perhaps you'll also have found and fixed a few bugs.
You can use the environment variable MIRAI_FLAGS to get cargo to provide command line options to MIRAI. The value is a
string which can contain any of the following flags:
--diag=default|verify|library|paranoid: configures level of diagnostics. WithdefaultMIRAI will not report errors which are potential 'false positives'. Withverifyit will point out functions that may contain such errors. Withlibraryit will require explicit preconditions. Withparanoidit will flag any issue that may be an error.--single_func <name>: the name of a specific function you want to analyze.--body_analysis_timeout <seconds>: the maximum number of seconds to spend analyzing a function body.--call_graph_config <path_to_config>: path to configuration file for call graph generator (see [Call Graph Generator documentation](documentation/CallGraph.md)). No call graph will be generated if this is not specified.--print_function_names: just print the source location and fully qualified function signature of every function.--: any arguments after this marker are passed on to rustc.
You can get some insight into the inner workings of MIRAI by setting the verbosity level of log output to one of
warn, info, debug, or trace, via the environment variable MIRAI_LOG.
Developing MIRAI
See the developer guide for instructions on how to build, run and debug MIRAI.
Full documentation
Join the MIRAI community
<!-- * Website:
- Facebook page:
- Mailing list
- irc: --> See the CONTRIBUTING file for how to help out.
License
MIRAI is MIT licensed, as found in the LICENSE file.
*Note that all licence references and agreements mentioned in the MIRAI README section above
are relevant to that project's source code only.