Rainer Deyke wrote:
Andrei Alexandrescu wrote:
First off: _all_ languages except C, C++, and assembler are or at least
claim to be safe. All. I mean ALL. Did I mention all? If that was some
ideology that is not realistic, is extremely difficult to achieve, and
ends up too painful to use, then such theories would be difficult to
corroborate with "ALL". Walter and I are in agreement that safety is not
difficult to achieve in D and that it would allow a great many good
programs to be written.
You're forgetting about all other system programming languages.
[citation needed]
Also,
many of these claims to safety are demonstrably false.
Which?
The text is very approachable and informative, and I suggest anyone
interested to read through page 5 at least. I think it's a must for
anyone participating in this to read the whole thing. Cardelli
distinguishes between programs with "trapped errors" versus programs
with "untrapped errors". Yesterday Walter and I have had a long
discussion, followed by an email communication between Cardelli and
myself, which confirmed that these three notions are equivalent:
a) "memory safety" (notion we used so far)
b) "no undefined behavior" (C++ definition, suggested by Walter)
c) "no untrapped errors" (suggested by Cardelli)
They are clearly not equivalent. ++x + ++x has nothing to do with
memory safety. Conversely, machine language has no concept of undefined
behavior but is clearly not memory safe. Also, you haven't formally
defined any of these concepts, so you're basically just hand-waving.
Memory safety is defined formally in Pierce's book. Undefined behavior
is defined by the C++ standard. Cardelli defines trapped and untrapped
errors.
Andrei
