Thread overview
Memory Safety
Mar 21, 2008
Walter Bright
Mar 22, 2008
bearophile
Mar 22, 2008
Sean Kelly
Mar 22, 2008
Georg Wrede
Mar 22, 2008
Walter Bright
Mar 22, 2008
davidl
Mar 22, 2008
Walter Bright
Mar 24, 2008
davidl
Mar 22, 2008
davidl
Mar 22, 2008
renoX
March 21, 2008
Reddit:

http://reddit.com/info/6cymv/comments/

Dr. Dobbs:

http://dobbscodetalk.com/index.php?option=com_myblog&show=Memory-Safety.html&Itemid=29
March 22, 2008
It's good to have a place like that where you are free to talk about all the interesting things you like :-) Java seems good in that regard :-)

Walter:
>since D is a powerful programming language even without pointers, it may be practical to define a safe D subset. We are examining each feature of D to find the largest possible subset of the language that is memory safe. Then, if this subset is itself a practical language, D can be a major contribution towards eliminating malware.<

So you need a tool to see if some D code is using just that subset, I presume this isn't too much difficult to do.

So the questions are:
- Is such D subset useful/enough in practice?
- Is such subset any better than Java itself?
- Even if such subset of D is useful, and it's better than Java, are enough people going to use it (instead of Java, or instead of full D) so it can become a "major contribution" in practice too? :-)

Thank you very much for the interesting topic,
bearophile
March 22, 2008
== Quote from bearophile (bearophileHUGS@lycos.com)'s article
> It's good to have a place like that where you are free to talk about all the interesting things you like :-)
> Java seems good in that regard :-)
> Walter:
> >since D is a powerful programming language even without pointers, it may be practical to define a safe
D subset. We are examining each feature of D to find the largest possible subset of the language that is memory safe. Then, if this subset is itself a practical language, D can be a major contribution towards eliminating malware.<
> So you need a tool to see if some D code is using just that subset, I presume this isn't too much difficult
to do.

Walter has talked about this before.  Search old posts in this NG for more info.  I'd point you at a post, but it'd take me a while to find it and I'm on my way out of the office.


Sean
March 22, 2008
Walter Bright wrote:
> Reddit:
> 
> http://reddit.com/info/6cymv/comments/
> 
> Dr. Dobbs:
> 
> http://dobbscodetalk.com/index.php?option=com_myblog&show=Memory-Safety.html&Itemid=29 

Good article!

Off-hand one can see applications in banking, tcp (including the WWW), even military stuff. Actually anything where an app is expecting specific input while at risk of getting arbitrary input instead. This may be due to malice, sloppy users, or various hiccups. While this of course isn't equivalent to correct-proven software, it gives us yet another avenue where we could beat C++ on the head.

I'm looking forward to the day when DMD has a switch to check this!
March 22, 2008
Here's Bartosz' article on the subject:

http://www.digitalmars.com/d/2.0/safed.html
March 22, 2008
在 Sat, 22 Mar 2008 09:34:28 +0800,Walter Bright <newshound1@digitalmars.com> 写道:

> Here's Bartosz' article on the subject:
>
> http://www.digitalmars.com/d/2.0/safed.html

So D is going towards totally anti-JIT ?
As far as I can see, JIT uses technology of constructing user data and executing them. I think this D subset still leaves a dirty way which need to be declared explicitly to allow executing JIT compiler's output.


-- 
使用 Opera 革命性的电子邮件客户程序: http://www.opera.com/mail/
March 22, 2008
在 Sat, 22 Mar 2008 09:34:28 +0800,Walter Bright <newshound1@digitalmars.com> 写道:

> Here's Bartosz' article on the subject:
>
> http://www.digitalmars.com/d/2.0/safed.html


"its front end is in the public domain" <-- this is probably a wrong statement ?


-- 
使用 Opera 革命性的电子邮件客户程序: http://www.opera.com/mail/
March 22, 2008
Walter Bright a écrit :
> Here's Bartosz' article on the subject:
> 
> http://www.digitalmars.com/d/2.0/safed.html

Very interesting, I thought that D could be left out in many situation by Java and C# because it's "unsafe".

I'm wondering if this 'safe' subset of D would be able to use a moving GC?

Regards,
renoX

PS:
I find quite funny that the article emphasize the 'horrible C++ syntax' and then talk about D: D's syntax is better sure, but in comparison to Scala, it's not that good..
March 22, 2008
davidl@126.com wrote:
> So D is going towards totally anti-JIT ?

I don't know what you mean by that.

> As far as I can see, JIT uses technology of constructing user data and executing them. I think this D subset still leaves a dirty way which need to be declared explicitly to allow executing JIT compiler's output.
> 
> 
March 24, 2008
在 Sun, 23 Mar 2008 01:42:23 +0800,Walter Bright <newshound1@digitalmars.com> 写道:

> davidl@126.com wrote:
>> So D is going towards totally anti-JIT ?
>
> I don't know what you mean by that.
>
I thought D is going to be the cut to the subset of D. Recently I get informed that it will be a compiler option. There everything goes fine. :D

>> As far as I can see, JIT uses technology of constructing user data and executing them. I think this D subset still leaves a dirty way which need to be declared explicitly to allow executing JIT compiler's output.
>>



-- 
使用 Opera 革命性的电子邮件客户程序: http://www.opera.com/mail/