Thinking about how to make Go memory safe without using atomics everywhere: 1. Double bounds check slice indexing: i.e. store length of backing store on heap and check it. 2. Box interface types on heap. 3. Implement maps in Go with no unsafe. I think this works?
-
-
This is an arbitrary read/write primitive and is as bad as it sounds. So double check would fix this because the size of the underlying allocation could be found from the pointer *alone*, to prevent OOB read/write.
-
This does mean that anything sliceable needs some heap metadata. This might be too difficult in practice. So an alternate solution is to make the (ptr, len, cap) triple immutable.
- 7 more replies
New conversation -
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.