If you needed any more evidence that memory safety is the future...
XavierAP via Digitalmars-d
digitalmars-d at puremagic.com
Tue Mar 7 14:07:51 PST 2017
On Tuesday, 7 March 2017 at 21:24:43 UTC, Moritz Maxeiner wrote:
> Then we need to define "memory safe language" a lot stricter
> than it's currently being used, and both D and Rust won't
> qualify as memory safe (since you can write unsafe code in
> them).
D does not claim to be memory-safe always. It does afaik do so
within @safe environments (barring internal runtime or compiler
bugs of course). Even C# has the same approach of allowing
"unsafe" environments.
>>> A formal, mathematical proof is impossible, yes, but if you
>>> have a large enough sample size of programs in a memory
>>> safe(r) language, *and* can verify that they are indeed
>>> memory correct (and thus not open to all the usual attack
>>> vectors), then that falls what I'd categorize under "hard to
>>> refute". But you're right, I should've been more specific, my
>>> bad.
>>
>> Does anybody try to refute it? Safe languages are not rejected
>> for their safety.
>
> Right now, of course not, since the burden of proof is on the
> side advocating memory safety (i.e. us).
I don't agree on the burden of proof. It is a safe assumption
that if you increase safety checks, safety will be improved. It
cannot or needn't be proven. If someone proposes installing
railing in a stairway, or a fence along a railway, to decrease
accidents, who would demand this to be proven? How, in a sandbox
parallel universe that we control as gods and can rewind in time?
Because there is no other way.
Plus statistics can prove nothing -- this logical truth cannot be
overstated. Even if you invested for the sake of an experiment in
setting up a race between huge teams of equally qualified
programmers given the same exact tasks, nothing could be truly
proven. But we're even talking about simply having more
experience from completely different projects and developers
among the evaluated languages or families. Actually we have quite
a lot of experience already, by now Java and later .NET have been
around for most of the time C++ has so far, just as an for
example.
More information about the Digitalmars-d
mailing list