Re: The Case for Rust (in any system)

From: Poul-Henning Kamp <phk_at_phk.freebsd.dk>
Date: Fri, 06 Sep 2024 07:25:03 UTC
--------
David Chisnall writes:
> On 5 Sep 2024, at 22:13, Alan Somers <asomers@freebsd.org> wrote:
> > 
> > I used to check it, years ago.  But I gave up.  The UI is too hard to
> > use and false alarms are both too frequent and too hard to suppress.
> > Plus, it's a real drag that I can't run the tool myself.  Instead, I
> > need to wait for the next scheduled run.
>
> In general, it's very hard to add static analysis to existing projects.

Only in the sense that if you want it to provide value, you have
to clean up both the code and the list of findings.

I did spend some time on Coverity+FreeBSD back when we initially
got access and I was sufficiently underwhelmed that I stopped.

Coverity has gotten better since then, and it has found a few serious
issues in Varnish Cache, but not much.  We generally keep the
Coverity list clean.

One thing about all static analysis tools that you will soon discover
if you use them seriously, is that they are all "opinionated" and
if you disagree with their opinions, they become as tiresome as
a drunk uncle.  Coverity is not sober IMO.

<rant>
I will also note that almost all the blame for C's current status
lies with the standardization efforts, which almost seem hell-bent
on destroying the language rather than improving it.

More and more stuff becomes "undefined" instead of taking a stand and
laying down a sensible rule.

Obvious improvements do not happen:  After a quarter century of
standardization, C still does not have a way to explicitly lay out
a datastructure and specify it's endianess.  I guess because C never
interacts with hardware and protocols or something ?

Why havn't C gotten a set of rudimentary classes ?  Are they afraid
Bjarne will stop sending them X-mas cards if they adopt a good idea ?

How about type-safe enums ?

Integer-ranges, a'la PASCAL and ADA would be a great way to tell the
compilers what to look for, even if they are used for nothing else.

But nope, can't have any of that.
</rant>

Poul-Henning


PS: Recently I have not been able to use the Coverity U/I because of some
disagreement between my Firefox and their webcode:

	ERROR TypeError: getColumnCssRules(...).left is undefined
	    applyColumnWidths https://scan5.scan.coverity.com/main.55109ab457b762b4.js:11
	    updateCanvasWidth https://scan5.scan.coverity.com/main.55109ab457b762b4.js:11
	    updateRowCount https://scan5.scan.coverity.com/main.55109ab457b762b4.js:11
	    resizeCanvas https://scan5.scan.coverity.com/main.55109ab457b762b4.js:11
	    finishInitialization https://scan5.scan.coverity.com/main.55109ab457b762b4.js:11
	    initialization https://scan5.scan.coverity.com/main.55109ab457b762b4.js:1

Has anybody seen this ?

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.