llvm's SAFECode bounds checking algorithm

[Paulo Pinto]

Am 20.08.2011 17:40, schrieb Walter Bright:
 > http://llvm.org/pubs/2006-05-24-SAFECode-BoundsCheck.pdf
 >
 > What it does is rewrites the program to install runtime checks on
 > pointers to ensure no array bounds overflows.
 >
 > It indicates to me the effort being poured into C to try to make it
 > memory safe, and how memory safety has become a huge issue in
 > programming. We are on the right track with D with our focus on making D
 > proveably memory safe.

I think that he way arrays decay into pointers and how easy pointer 
arithmetic is in C and by consequense in C++ were very usefull on its 
day. But they lead us to the current situation where they open the door 
to exploits and software malfunction.

The people that argument that good programmers avoid such errors, 
usually forget that there are lots of not so good programmers or huge
teams developing software, which leads to these types of errors.

The last decade saw a rise in safe languages, and now people start to 
understand that actually safe languages are also quite good to develop in.

I am conviced that C and C++ are the last of their kind, in what 
concerns unsafe languages. The next major system programming will be 
mostly safe with escape holes for the dirty parts. Funny enough, we 
could have got that a few decades ago had computing not gone the C way.


Still with the amount of legacy code we have, it is nice to see effort
being spent improving C and C++ safety, even though they look a bit
like patching. It only takes you so far.

--
Paulo