[cap-talk] David Wagner's Google techtalk is now up!
Sandro Magi
smagi at higherlogics.com
Wed Dec 12 22:52:49 EST 2007
James A. Donald wrote:
> But to make a C that was safe against such operations,
> one would have to give up pointers - which is radically
> incompatible with all existing C code, requiring a total
> rewrite of an enormous body of fine code. Existing
> languages that are safe against such operations run
> slowly, and tend to suck up a lot of computing power -
> compare Java programs with their C equivalents.
Not necessarily. People are using LLVM to do a lot of fine work in this
area, in particular creating a making unmodified C "memory-safe" via a
compilation; you can use dangling pointers without violating safety
properties and the overhead less than 15%; typically less overhead than
converting to a safe C dialect:
http://lists.cs.uiuc.edu/pipermail/llvmdev/attachments/20070602/cd89eaf5/attachment-0001.ppt
> If a safe desktop were rewritten in something like Java,
> the resulting desktop would likely be unappealing to
> consumers.
Incidentally, Sun already created a Java desktop.
> Instead of the compiler automatically constructing a run
> time check on each reference to x to make sure x is
> inside array bounds, as in C safe arrays, the compiler
> could demand the programmer can only reference x inside
> code that the compiler can know is inside array bounds.
Statically checking that array accesses are always in bounds is a tough,
but solved problem, even for "simple" languages like SML/OCaml [1].
Sandro
[1] http://okmij.org/ftp/Haskell/types.html#branding
More information about the cap-talk
mailing list