After spending an entire weekend debugging a few OOB accesses and null-pointer dereferences in a kernel driver, I for one, can't wait for more Rust in the kernel. It's not even remotely funny how difficult doing these things correctly in C is compared to Rust.
Announcement
Collapse
No announcement yet.
Rust Bindings Are Being Worked On For Linux CPUFreq Drivers
Collapse
X
-
Originally posted by Nth_man View Post
rmoog Mmm... It's not like Rust avoids errors:
Static Analyzer Rudra Found over 200 Memory Safety Issues in Rust Crates
Developed at the Georgia Institute of Technology, Rudra is a static analyzer able to report potential memory safety bugs in Rust programs. Rudra has been used to scan the entire Rust package registry and identified 264 new memory safety bugs.
CVEs (Common Vulnerabilities and Exposures) in Rust programs:
The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.
If a sound static analyzer were deployed, we could make C code with zero memory safety issues and do it without the hack of compiler added runtime checks that Rust uses to claim memory safety. The aviation and nuclear power industries have been doing this for years. It is a shame that no one is willing to follow their lead and the wider community instead pursues new languages when what it actually needs is better tooling, which at present only exists for C (and C++ if you don't insist on having a formally verified compiler). Those new languages do not have such tooling and need it to reach parity with what is possible with C when using tools like sound static analyzers and formally verified compilers. :/
-- ryao on https://www.phoronix.com/forums/foru...35#post1385835
​
The analysis of crates you shared is from 2021. Anything more recent?
- Likes 2
Comment
-
Originally posted by darkonix View PostI find it very unlikely that even with those static analyzers C could be even in parity in that regard.
- Likes 4
Comment
-
Originally posted by rmoog View PostDon't give feedback to rust users, they'll just use it to double down
- Likes 1
Comment
-
Originally posted by hamishmb View PostAt the risk of feeding the troll, what is MISRA, I've never heard of it before?
- Likes 3
Comment
-
Originally posted by cj.wijtmans View PostBad coders fleeing to rust will manage to create safety bugs even in rust. Impressive.
- Likes 1
Comment
Comment