cargo-mutants
cargo-mutants copied to clipboard
sourcefrog
Skip unsafe blocks
Today we skip unsafe fns, but not unsafe blocks (which are arguably less feasible to test.)
It might still be good to have an option to test unsafe blocks.
I have just run into this on a recent project of mine—one of the generated mutant modifies some pointer-offset-math in an unsafe block and gets treated as MISSED since the modification causes UB but doesn't trigger a crash.
An option to exclude unsafe blocks would be quite useful.
It's plausible that there is also code not within an unsafe block which is still important for soundness (if the code follows the principle of keeping unsafe blocks narrowly scoped around unsafe operations). On this premise, another option would be to neither mutate nor skip an unsafe block, but error if an unsafe block is met, that is not within #[mutants::skip]. This way, the user is prompted to choose an appropriate scope for the skip, rather than possibly getting indirect UB.
On the other hand perhaps this is a signal that you could try to cover that code with Miri or some similar technique. (I've never tried it; maybe it's not practical.)
On the other hand perhaps this is a signal that you could try to cover that code with Miri or some similar technique. (I've never tried it; maybe it's not practical.)
That would probably work if we could specify an additional "verifier" to run after cargo test!