From nobody Fri Sep 6 23:22:26 2024 X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4X0shV0D0xz5WCqf for ; Fri, 06 Sep 2024 23:22:34 +0000 (UTC) (envelope-from fvalasiad@proton.me) Received: from mail-40138.protonmail.ch (mail-40138.protonmail.ch [185.70.40.138]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "protonmail.com", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4X0shT4sKxz4TmW for ; Fri, 6 Sep 2024 23:22:33 +0000 (UTC) (envelope-from fvalasiad@proton.me) Authentication-Results: mx1.freebsd.org; none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proton.me; s=protonmail; t=1725664950; x=1725924150; bh=jqQ0qUyOY/UmyqydYVg2qaLdOZOKwcyaI/3YGB7B20Y=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=XZBhn9BI/rqX6bQeo7wtkN4QeNkOGFs+GMZnTbDcFtahplUg8lw5WIqo+5rYHQ0K9 j+9ogtUpAFXau0OWCbPZnxhjsT08PW9miJYEewU3icXRtePUknJzLrWNyUpmu1iGIE pkb5lUfFgaVXGd74fsWd9Tn9oBJVa12iS8RK0UCQvl0FFLlRocg1KXeq7MIBHX32Fl 1nVTEd0F6QTYJNGKPVDPimyaWwJrYqnJDFSOPNXQaOdWzAs7ofVpFCBFE+dIYLBf0y x0R14sJ6HdLXblJ31bsRTmX0lqxqD0v7uzA4FY4SVy67Z/bhidXUkHWX1CCF8rj5Y3 COq54pARjSCtA== Date: Fri, 06 Sep 2024 23:22:26 +0000 To: "theraven@freebsd.org" , "asomers@freebsd.org" From: fvalasiad Cc: "dsl@freebsd.org" , "jan@digitaldaemon.com" , "freebsd-hackers@freebsd.org" Subject: Re: The Case for Rust (in any system) Message-ID: In-Reply-To: <6FEF9D06-01DC-48DC-93D2-178F9726C1D3@freebsd.org> References: <6FEF9D06-01DC-48DC-93D2-178F9726C1D3@freebsd.org> Feedback-ID: 78761413:user:proton X-Pm-Message-ID: 4461d5b71164f55439b502e2177de906af3d70b7 List-Id: Technical discussions relating to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-hackers List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-hackers@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:62371, ipnet:185.70.40.0/24, country:CH] X-Rspamd-Queue-Id: 4X0shT4sKxz4TmW Personally I've started enabling Wall Wextra Wpedantic and fanalyzer in my = C projects' repositories. Facing the exact same issue with fanalyzer, known= as false positives, I've chosen to refactor perfectly functioning code to = eliminate said false positives and avoid having legit bugs that could have = been found by static analysis hidden by a backlog of magnitudes more false = positives. Would that increase development time? Yes, but does it cost more than switc= hing to rust? Fotis -------- Original Message -------- On 9/6/24 10:02, David Chisnall wrote: > On 5 Sep 2024, at 22:13, Alan Somers wrote: > > > > I used to check it, years ago. But I gave up. The UI is too hard to > > use and false alarms are both too frequent and too hard to suppress. > > Plus, it's a real drag that I can't run the tool myself. Instead, I > > need to wait for the next scheduled run. > =20 > In general, it=E2=80=99s very hard to add static analysis to existing pr= ojects. The property that you want is that there are no *new* static analys= er errors in a new commit, but that=E2=80=99s requires tracking all of the = existing ones. In CHERIoT RTOS, we run the clang analyser in CI as one of t= he checks that must pass before a PR can be merged. This is possible becaus= e we started doing it very early on. It may be possible for some individual= parts of FreeBSD, but when we started with Coverity I looked at the report= s and the first ten I looked at were all false positives. There are probabl= y some serious issues in there but the effort to find them is high. For a n= ew project, that cost is a small incremental cost in each commit and code r= eview (if the analyser finds something, reviewer has to agree that it= =E2=80=99s a false positive). > =20 > David > =20 > =20 >