On Monday, 9 January 2023 at 07:23:48 UTC, Siarhei Siamashka
wrote:
On Monday, 9 January 2023 at 06:34:23 UTC, Paulo Pinto wrote:
On Monday, 9 January 2023 at 04:31:48 UTC, Siarhei Siamashka
ASAN, Valgrind, Clang Static Analyzer and plenty of other
tools are the practical mechanisms to prevent buffer
overflows. Yes, they are not baked into the ISO language
standard. But D has no ISO language standard at all.
The best part of memory safe systems programming languages is
that many of those tools don't even have to exist, they are
part of language semantics!
Memory safe systems programming language is an oxymoron. To be
suitable for systems programming, the language has to provide a
mechanism to opt out of safety at least for some parts of the
code. These parts of code may have memory safety bugs. The
compiler of the safe language itself may have bugs. Valgrind is
very useful for troubleshooting D issues and this usefulness
won't go away any time soon. Here's one example:
https://forum.dlang.org/post/msjrcymphcdquslfg...@forum.dlang.org
It is a big difference having to audit 100% of the source code
like in C, or just 1%.
One of the reasons why Burroughs is still available as Unisys
ClearPath MCP, is that a couple of agencies that care about
secure servers above anything else are willing to keep paying for
it, alongside the safety guarantes provided by NEWP.