Type safety could prevent nuclear war
Chris Wright via Digitalmars-d
digitalmars-d at puremagic.com
Thu Feb 4 16:03:56 PST 2016
On Thu, 04 Feb 2016 23:29:10 +0000, tsbockman wrote:
> That explains why the linker doesn't catch it. I still don't see much
> excuse for the compiler allowing it though, beyond a desire to allow
> each module to be compiled independently.
Doing this sort of validation requires build system integration (track
the command line arguments that went into producing this object file;
find which object files are combined into which targets; run the analysis
on that) and costs as much time as compiling the whole project from
scratch. Developing such a system is nontrivial, so it's not a matter of
conjuring excuses; rather, someone would have to put in considerable
effort to make it work.
I'm betting some of the commercial static analyzers for C do this, but
they're not the sort of things you install on every dev machine and run
on every build. Generally they're the sort of thing that you send off to
the security company anda they send you a report some weeks later.
More information about the Digitalmars-d
mailing list