hngopher.com

       [HN Gopher] Refactoring the FreeBSD Kernel with Checked C [pdf]
       ___________________________________________________________________
        
       Refactoring the FreeBSD Kernel with Checked C [pdf]
        
       Author : wglb
       Score  : 78 points
       Date   : 2021-02-01 14:48 UTC (1 days ago)
        
 (HTM) web link (cs.rochester.edu)
 (TXT) w3m dump (cs.rochester.edu)
        
       | ornxka wrote:
       | >Checked C has low performance overhead (only 8.6% on selected
       | benchmarks [25])
       | 
       | Isn't that actually kind of significant?
        
         | superjan wrote:
         | That 8.6 figure comes from the paper linked below [0]. It's an
         | average. For many benchmarks, the difference is less than one
         | percent, for others it's 20 or more. In the freebsd article,
         | they see around 1%.
         | 
         | [0] https://www.microsoft.com/en-
         | us/research/uploads/prod/2018/0...
        
         | tandr wrote:
         | The numbers on a paper itself are much lower, so I would say it
         | is a worthy idea. If not for "whole" kernel, then at least for
         | the calls that they have replaced.
        
       | dvfjsdhgfv wrote:
       | It would be interesting if someone refactored ReactOS with
       | Microsoft Checked C.
        
       | sgt wrote:
       | I've looked at some source code written in Checked C. Doesn't it
       | possibly take away some of the pleasure of writing C?
        
         | chubot wrote:
         | I don't think pleasure is really the goal. The goal is systems
         | that don't fail spectacularly on unexpected inputs ...
        
           | saagarjha wrote:
           | Clearly the pleasure of C is the feeling you get when your
           | software fails spectacularly on unexpected inputs.
        
       | AdmiralAsshat wrote:
       | Checked C appears to be a relatively recent research project from
       | Microsoft[0][1], so I'm not sure that FreeBSD would be terribly
       | keen on refactoring around it. There have also been many "safer
       | C" languages before, so the only advantage that the paper offers
       | is that Checked C seems to have a higher degree of backwards
       | compatibility. I suppose that would allow the
       | implementation/refactoring to gradually occur over time, rather
       | than requiring a herculean initial effort.
       | 
       | [0] https://www.microsoft.com/en-us/research/project/checked-c/
       | 
       | [1]https://github.com/Microsoft/checkedc
        
       ___________________________________________________________________
       (page generated 2021-02-02 23:00 UTC)