Safer Linux Kernel Modules Using the D Programming Language
Siarhei Siamashka
siarhei.siamashka at gmail.com
Wed Jan 11 06:49:36 UTC 2023
On Monday, 9 January 2023 at 07:15:43 UTC, Walter Bright wrote:
> On 1/8/2023 8:31 PM, Siarhei Siamashka wrote:
>> Yes, they are not baked into the ISO language standard.
>
> They can't be because the C semantics make it impossible.
It's impractical to have this in the ISO standard, but surely not
impossible. Various C compilers from different vendors implement
bounds checking. See:
* https://bellard.org/tcc/tcc-doc.html#Bounds
*
https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html
* https://clang.llvm.org/docs/AddressSanitizer.html
*
https://learn.microsoft.com/en-us/visualstudio/debugger/how-to-use-native-run-time-checks?view=vs-2022
So your statement that "C has no mechanism to prevent them" just
ignores reality and the existing C compilers. If you are
comparing the lowest common denominator ISO C spec with the
vendor specific DigitalMars D implementation, then this is not a
honest apples-to-apples comparison.
The Linux kernel is using GNU C compiler and recently switched
from `-std=gnu89` to `-std=gnu11`.
Bounds checking in the Linux kernel is done by
https://docs.kernel.org/dev-tools/kfence.html or
https://docs.kernel.org/dev-tools/kasan.html
>> But D has no ISO language standard at all.
>
> Neither does Rust.
Too bad for Rust. Though they do have language editions and
there's the Ferrocene project too.
More information about the Digitalmars-d-announce
mailing list