On 20/08/2011 16:40, Walter Bright wrote:
http://llvm.org/pubs/2006-05-24-SAFECode-BoundsCheck.pdf
What it does is rewrites the program to install runtime checks on
pointers to ensure no array bounds overflows.
It indicates to me the effort being poured into C to try to make it
memory safe, and how memory safety has become a huge issue in
programming. We are on the right track with D with our focus on making D
proveably memory safe.
<pushingTheBoatOut>
Given that a large part of D should be writable using @safe, perhaps we
should look into making @safe default and having to explicitly write
@system or @trusted for a function? This is obviously a no-go in D's
current state (most of phobos/druntime aren't appropriately annotated
and I believe there are a good few things that @safe forbids but
could/should permit), but it would be cool to say "D is memory safe by
default, the programmer has to explicitly state if it's not". Perhaps
this could be done with a compiler switch for now to see how well it
works in the real world/evaluate whether it's actually doable/what needs
doing to make it doable.
</pushingTheBoatOut>
--
Robert
http://octarineparrot.com/
