It could be simply to prevent forks, but if it really is 100% branch coverage, w... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

galangalalgol 22 days ago | parent | context | favorite | on: Limbo: A complete rewrite of SQLite in Rust

It could be simply to prevent forks, but if it really is 100% branch coverage, why do they still have memory safety related CVE coming out? With asan turned on, and full static analysis, that should make such errors exceedingly rare. Part of the benefit of rust is that it makes coverage both easier to get due to its type system, and less necessary because of the guarantees it makes. But if they really went all the way to 100% branch coverage that should be almost as good if all the samitizers are running.

int_19h 22 days ago [–]

They claim 100% on https://en.wikipedia.org/wiki/Modified_condition/decision_co...

However, unless you can guarantee that every branch tested has been covered for all possibly relevant application states, that does not preclude CVEs.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact