Mission-Critical systems

tsbockman thomas.bockman at gmail.com
Wed Mar 17 03:44:15 UTC 2021 

On Tuesday, 16 March 2021 at 04:22:01 UTC, Lasheen wrote:
> Is D language designed for working with [Mission-critical] 
> systems?

As others have said, *in theory* the language itself is much 
better suited for mission-critical applications than C, because 
of slices, stronger typing, @safe, etc. But...

> and what about:
>
> 1- Safety, Security and reliability to reach work in avionics 
> systems.

I would not trust any current D compiler with a human life, 
because they are all rather buggy in my experience. And, they do 
not offer stable releases with long-term support, so you will 
inevitably either miss out on critical bug fixes by sticking with 
an old version, or expose yourself to regressions by updating 
often.

If the only other option is C, I would probably still pick D, but 
I suspect there are better options out there than either, once 
stability and quality of implementation is taken into account - 
maybe Ada, Rust, or, if a garbage collected language is 
acceptable, Java/Kotlin/C#.

> 2- memory management for [mission-Critical] systems.

D's stop-the-world garbage collector is not an option for true 
real time systems, where a missed deadline means someone actually 
dies.

However, in other cases I would use the GC if the goal is maximum 
reliability:

Many of the D features that make typical D code less error-prone 
than C equivalents require the garbage collector. Moreover, most 
D code uses the garbage collector and so the non-GC alternatives 
are generally less well-tested, and thus more likely to trigger 
compiler bugs.

(I speak from personal experience: I am currently working on an 
@nogc D program, and have so far found and reported several 
serious compiler bugs in the course of the project.)

> 3- which compiler i have to use (if yes).

The DMD backend is quite buggy (and also optimizes poorly) 
compared to those used by GDC and LDC. On the other hand, the GDC 
frontend is very out of date compared to those used by DMD and 
LDC.

So, definitely use LDC if you are planning to bet human lives 
and/or millions of dollars on it working fully correctly.

More information about the Digitalmars-d mailing list