If you needed any more evidence that memory safety is the future...
Moritz Maxeiner via Digitalmars-d
digitalmars-d at puremagic.com
Wed Mar 8 04:42:37 PST 2017
On Tuesday, 7 March 2017 at 22:07:51 UTC, XavierAP wrote:
> On Tuesday, 7 March 2017 at 21:24:43 UTC, Moritz Maxeiner wrote:
>> [...]
>
> D does not claim to be memory-safe always.It does afaik do so
> within @safe environments (barring internal runtime or compiler
> bugs of course). Even C# has the same approach of allowing
> "unsafe" environments.
And as I've pointed out before, if your safe code can call
hidden, unsafe code it doesn't even know about then your
guarantees mean nothing and you're back to trusting programmers.
>
>>>> [...]
>>>
>>> Does anybody try to refute it? Safe languages are not
>>> rejected for their safety.
>>
>> Right now, of course not, since the burden of proof is on the
>> side advocating memory safety (i.e. us).
>
> I don't agree on the burden of proof. It is a safe assumption
> that if you increase safety checks, safety will be improved.
If those safety checks actually get applied to those parts that
need them (i.e. by the programmers writing programs in that
language), I'd probably agree. But there's no guarantee that that
is the case, as your friend, hidden unsafe code, is still there.
Besides that, it's a hypothesis, and like with *all* of them the
burden of proof lies with the people proposing/claiming it.
> It cannot or needn't be proven. If someone proposes installing
> railing in a stairway, or a fence along a railway, to decrease
> accidents, who would demand this to be proven?
A person with a good sense of engineering (or for that matter the
scientific method) in them ought to demand that both your
railing, as well as your fence get proven to actually deal with
the kinds of issues they are supposed to deal with before
approving their installation.
Which is what institutions like [1] are for with regards to
material engineering products.
Doing anything else is reckless endangerment since it gives you
the feeling of being safe without actually being safe. Like using
@safe in D, or Rust, and being unaware of unsafe code hidden from
you behind "safe" facades.
>
> Plus statistics can prove nothing -- this logical truth cannot
> be overstated.
It's called empirical evidence and it's one of the most important
techniques in science[2] to create foundation for a hypothesis.
[1]
https://en.wikipedia.org/wiki/Technischer_%C3%9Cberwachungsverein
[2] http://www.juliantrubin.com/bigten/millikanoildrop.html
More information about the Digitalmars-d
mailing list