On 12/25/2017 9:03 AM, Johan Engelen wrote:
I've been writing this article since August, and finally found some time to
finish it:
http://johanengelen.github.io/ldc/2017/12/25/LDC-and-AddressSanitizer.html
"LDC comes with improved support for Address Sanitizer since the 1.4.0 release.
Address Sanitizer (ASan) is a runtime memory write/read checker that helps
discover and locate memory access bugs. ASan is part of the official LDC release
binaries; to use it you must build with -fsanitize=address. In this article,
I’ll explain how to use ASan, what kind of bugs it can find, and what bugs it
will be able to find in the (hopefully near) future."
Thanks for the great article! Some suggestions:
1. The gray-on-white text is not very legible.
2. "Although D tries to be a more safe language, the safety measures still
require developer effort and discipline. And so D code suffers from similar
memory bugs that plague people in C++."
This comes across as unduly negative. D is a *lot* better than C++ in this
regard. It doesn't just try to be more safe, it *is* more safe.
3. "A simple example"
This is a contrived example, and implies that normal D code is written like C++
code. It isn't, the parameter to foo() would be int[], not int*. The code would
also be rejected by the compiler when annotated with @safe.
If you want to keep the example, a note of explanation about this would work.
Because of D's array and ref types, very very little D code needs to manipulate
pointers.
It would be nice to add a paragraph mentioning things about D that make it a
more memory safe language.
4. "Future work: detecting stack use after return"
This code should be rejected by the compiler if using -dip1000. It is not, so I
filed a bug report:
https://issues.dlang.org/show_bug.cgi?id=18128
I don't know if the fault lies with the compiler or with std.algorithm.move, but
I'd rather use examples that didn't rely on compiler/library bugs.
