How does D improve design practices over C++?
Brad Roberts
braddr at puremagic.com
Wed Oct 29 14:43:09 PDT 2008
On Wed, 29 Oct 2008, Walter Bright wrote:
> bearophile wrote:
> > D1 is often safer than C and C++, but regarding safety there are
> > several things that can improved still, often with no/little
> > performance penalty (unsafe casting (automatic and manual), integral
> > overflows, GC pointers Vs other pointers, nonnull types, named
> > arguments, fallthrough switch cases, multi var assigns syntax
> > missing, octal literals, bitwise operators as symbols instead English
> > words, and many other smaller things I have listed in the past). You
> > may want to tell them about the idea of SafeD too (javesque D).
>
> "Safety" in programming languages does not refer to program correctness, but
> absence of bugs that could result in memory corruption. The agenda of SafeD is
> to find the subset of D that can guarantee there is no memory corruption.
>
> Null pointer dereferencing, for example, is a program bug but is not a safety
> issue because it cannot cause memory corruption.
Actually, that's not true. Dereferencing null _can_ corrupt memory. As
you well know, ptr[index] is just ptr + index. Use a large and accurate
enough index and you're out of that first page of memory and back into
application memory space. Find the address of a key stack variable and
you've got room for all sorts of fun and mahem.
These are the sorts of bugs in popular enough applications are the things
that end up costing companies lots of money to emergency fix. One of the
few recent flash exploits were exactly this type of bug.
Later,
Brad
More information about the Digitalmars-d
mailing list