View mode: basic / threaded / horizontal-split · Log in · Help
March 21, 2008
Memory Safety
Reddit:

http://reddit.com/info/6cymv/comments/

Dr. Dobbs:

http://dobbscodetalk.com/index.php?option=com_myblog&show=Memory-Safety.html&Itemid=29
March 22, 2008
Re: Memory Safety
It's good to have a place like that where you are free to talk about all the interesting things you like :-)
Java seems good in that regard :-)

Walter:
>since D is a powerful programming language even without pointers, it may be practical to define a safe D subset. We are examining each feature of D to find the largest possible subset of the language that is memory safe. Then, if this subset is itself a practical language, D can be a major contribution towards eliminating malware.<

So you need a tool to see if some D code is using just that subset, I presume this isn't too much difficult to do.

So the questions are:
- Is such D subset useful/enough in practice?
- Is such subset any better than Java itself?
- Even if such subset of D is useful, and it's better than Java, are enough people going to use it (instead of Java, or instead of full D) so it can become a "major contribution" in practice too? :-)

Thank you very much for the interesting topic,
bearophile
March 22, 2008
Re: Memory Safety
== Quote from bearophile (bearophileHUGS@lycos.com)'s article
> It's good to have a place like that where you are free to talk about all the interesting things you like :-)
> Java seems good in that regard :-)
> Walter:
> >since D is a powerful programming language even without pointers, it may be practical to define a safe
D subset. We are examining each feature of D to find the largest possible subset of the language that is
memory safe. Then, if this subset is itself a practical language, D can be a major contribution towards
eliminating malware.<
> So you need a tool to see if some D code is using just that subset, I presume this isn't too much difficult
to do.

Walter has talked about this before.  Search old posts in this NG for more info.  I'd point you at a post, but
it'd take me a while to find it and I'm on my way out of the office.


Sean
March 22, 2008
Re: Memory Safety
Walter Bright wrote:
> Reddit:
> 
> http://reddit.com/info/6cymv/comments/
> 
> Dr. Dobbs:
> 
> http://dobbscodetalk.com/index.php?option=com_myblog&show=Memory-Safety.html&Itemid=29 

Good article!

Off-hand one can see applications in banking, tcp (including the WWW), 
even military stuff. Actually anything where an app is expecting 
specific input while at risk of getting arbitrary input instead. This 
may be due to malice, sloppy users, or various hiccups. While this of 
course isn't equivalent to correct-proven software, it gives us yet 
another avenue where we could beat C++ on the head.

I'm looking forward to the day when DMD has a switch to check this!
March 22, 2008
Re: Memory Safety
Here's Bartosz' article on the subject:

http://www.digitalmars.com/d/2.0/safed.html
March 22, 2008
Re: Memory Safety
在 Sat, 22 Mar 2008 09:34:28 +0800,Walter Bright  
<newshound1@digitalmars.com> 写道:

> Here's Bartosz' article on the subject:
>
> http://www.digitalmars.com/d/2.0/safed.html

So D is going towards totally anti-JIT ?
As far as I can see, JIT uses technology of constructing user data and  
executing them. I think this D subset still leaves a dirty way which need  
to be declared explicitly to allow executing JIT compiler's output.


-- 
使用 Opera 革命性的电子邮件客户程序: http://www.opera.com/mail/
March 22, 2008
Re: Memory Safety
在 Sat, 22 Mar 2008 09:34:28 +0800,Walter Bright  
<newshound1@digitalmars.com> 写道:

> Here's Bartosz' article on the subject:
>
> http://www.digitalmars.com/d/2.0/safed.html


"its front end is in the public domain" <-- this is probably a wrong  
statement ?


-- 
使用 Opera 革命性的电子邮件客户程序: http://www.opera.com/mail/
March 22, 2008
Re: Memory Safety
Walter Bright a écrit :
> Here's Bartosz' article on the subject:
> 
> http://www.digitalmars.com/d/2.0/safed.html

Very interesting, I thought that D could be left out in many situation 
by Java and C# because it's "unsafe".

I'm wondering if this 'safe' subset of D would be able to use a moving GC?

Regards,
renoX

PS:
I find quite funny that the article emphasize the 'horrible C++ syntax' 
and then talk about D: D's syntax is better sure, but in comparison to 
Scala, it's not that good..
March 22, 2008
Re: Memory Safety
davidl@126.com wrote:
> So D is going towards totally anti-JIT ?

I don't know what you mean by that.

> As far as I can see, JIT uses technology of constructing user data and 
> executing them. I think this D subset still leaves a dirty way which 
> need to be declared explicitly to allow executing JIT compiler's output.
> 
>
March 24, 2008
Re: Memory Safety
在 Sun, 23 Mar 2008 01:42:23 +0800,Walter Bright  
<newshound1@digitalmars.com> 写道:

> davidl@126.com wrote:
>> So D is going towards totally anti-JIT ?
>
> I don't know what you mean by that.
>
I thought D is going to be the cut to the subset of D. Recently I get  
informed that it will be a compiler option. There everything goes fine. :D

>> As far as I can see, JIT uses technology of constructing user data and  
>> executing them. I think this D subset still leaves a dirty way which  
>> need to be declared explicitly to allow executing JIT compiler's output.
>>



-- 
使用 Opera 革命性的电子邮件客户程序: http://www.opera.com/mail/
Top | Discussion index | About this forum | D home