llvm's SAFECode bounds checking algorithm

[Robert Clipsham]

On 20/08/2011 16:40, Walter Bright wrote:
> http://llvm.org/pubs/2006-05-24-SAFECode-BoundsCheck.pdf
>
> What it does is rewrites the program to install runtime checks on
> pointers to ensure no array bounds overflows.
>
> It indicates to me the effort being poured into C to try to make it
> memory safe, and how memory safety has become a huge issue in
> programming. We are on the right track with D with our focus on making D
> proveably memory safe.

<pushingTheBoatOut>

Given that a large part of D should be writable using @safe, perhaps we 
should look into making @safe default and having to explicitly write 
@system or @trusted for a function? This is obviously a no-go in D's 
current state (most of phobos/druntime aren't appropriately annotated 
and I believe there are a good few things that @safe forbids but 
could/should permit), but it would be cool to say "D is memory safe by 
default, the programmer has to explicitly state if it's not". Perhaps 
this could be done with a compiler switch for now to see how well it 
works in the real world/evaluate whether it's actually doable/what needs 
doing to make it doable.

</pushingTheBoatOut>

-- 
Robert
http://octarineparrot.com/