Anyone claiming they can write memory safe / defined C code at scale either has no experience with it or has their head buried in the sand.
I don't claim I can write code at scale at all, but if you can, safety need not be significantly harder.
-
-
Most unsafety comes from doing backwards things you shouldn't even be doing in modern C.
-
Use-after-free, double-free, out-of-bounds accesses, etc. happen in every C codebase, even with extreme diligence like SQLite.
-
It's also infeasible to even deploy instrumentation taking a 2-3x performance hit to provide basic memory safety for C code.
-
It ends up catching too many real world latent bugs where code is doing things that are undefined but not breaking (noticeably).
-
Could definitely write safe C code by defining a safe dialect with annotations, and having the compiler verify memory safety.
-
I think it's plausible you could well enough without annotations, just a subset of the language excluding bad stuff.
-
Annotations meaning stuff like forcing pointers to be passed with a size marked as being associated, forcing bounds checks, etc.
-
Only allowing bounds checks to be omitted if a simple set of rules can prove safety, and forbidding most manual mem management.
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.