D not considered memory safe

Steven Schveighoffer schveiguy at gmail.com
Thu Jul 4 01:52:23 UTC 2024


On Wednesday, 3 July 2024 at 18:03:52 UTC, Walter Bright wrote:
> On 7/2/2024 9:30 PM, Steven Schveighoffer wrote:
>> Well, the article is wrong that having a GC prevents all 
>> memory safety problems.
>> 
>> What causes all the problems (mostly) is the "built-in memory 
>> management" of the stack, and critically, returning references 
>> to stack data that will outlive the stack frame.
>
> The compiler protects against that. Give it a try!

Not sure if you know this, but I've used D before.

>> Having a GC isn't enough, every single memory allocation 
>> scheme must also be safe to have a safe language.
>
> To be memory safe, you'd have to use the GC instead of 
> malloc/free. Using the stack is ok.

```d
ref int bar(ref int x) => x;

ref int foo()
{
    int i = 0;
    return bar(i);
}
```

Compiles, even with dip1000.

>
>
>> What I would say with D is that it is *much easier* to be 
>> memory safe, and the compiler provides tools to help with this.
>
> D does much better than that if one sticks with @safe code and 
> the GC.

Yes, it should be the default IMO. If nothing, this should help 
get it off these lists of "unsafe languages", which I agree is 
important.

-Steve


More information about the Digitalmars-d mailing list