If you needed any more evidence that memory safety is the future...

XavierAP via Digitalmars-d digitalmars-d at puremagic.com
Tue Mar 7 14:07:51 PST 2017 

On Tuesday, 7 March 2017 at 21:24:43 UTC, Moritz Maxeiner wrote:
> Then we need to define "memory safe language" a lot stricter 
> than it's currently being used, and both D and Rust won't 
> qualify as memory safe (since you can write unsafe code in 
> them).

D does not claim to be memory-safe always. It does afaik do so 
within @safe environments (barring internal runtime or compiler 
bugs of course). Even C# has the same approach of allowing 
"unsafe" environments.

>>> A formal, mathematical proof is impossible, yes, but if you 
>>> have a large enough sample size of programs in a memory 
>>> safe(r) language, *and* can verify that they are indeed 
>>> memory correct (and thus not open to all the usual attack 
>>> vectors), then that falls what I'd categorize under "hard to 
>>> refute". But you're right, I should've been more specific, my 
>>> bad.
>>
>> Does anybody try to refute it? Safe languages are not rejected 
>> for their safety.
>
> Right now, of course not, since the burden of proof is on the 
> side advocating memory safety (i.e. us).

I don't agree on the burden of proof. It is a safe assumption 
that if you increase safety checks, safety will be improved. It 
cannot or needn't be proven. If someone proposes installing 
railing in a stairway, or a fence along a railway, to decrease 
accidents, who would demand this to be proven? How, in a sandbox 
parallel universe that we control as gods and can rewind in time? 
Because there is no other way.

Plus statistics can prove nothing -- this logical truth cannot be 
overstated. Even if you invested for the sake of an experiment in 
setting up a race between huge teams of equally qualified 
programmers given the same exact tasks, nothing could be truly 
proven. But we're even talking about simply having more 
experience from completely different projects and developers 
among the evaluated languages or families. Actually we have quite 
a lot of experience already, by now Java and later .NET have been 
around for most of the time C++ has so far, just as an for 
example.

More information about the Digitalmars-d mailing list