[dnautics]

wow, what a list! all of these are statically analyzable using a slightly hacked zig compiler and a library!

https://github.com/ityonemo/clr

(Btw: you can't null pointer dereference in zig without using the navigation operator which will panic on null; you can't misalign a pointer unless you use @alignCast which will also create a panic)

[vlovich123]

Neat. Why isn’t this in the main compiler / will it be? I’m happy to retract my statement if this becomes actually how zig compiles but it’s not a serious thing as it’s more a PoC of what’s possible today and may break later

[dnautics]

It will never be in the main compiler, since it was written by Claude. I think that's ok. The general concept is sound and won't break (modulo names of instructions changing etc). In fact it will get better. With the new io, concurrency checks will be possible

But also, there is no reason why it should have to be in the main compiler. I've architected it as a dlload plugin. It's even crazier! The output is a zig program which you must compile and run to get the final result.

[pjmlp]

I can also analyse C and C++ code for such issues, while keeping using a mature languages ecosystem.

[dnautics]

If you can statically analyze c for memory safety, why did pazlo bother building fil-C?

[pjmlp]

Where did I wrote that static analysis was enough on its own?

[dnautics]

Can you phrase that as a direct answer to my question? Trying to learn something here. Appreciate it!

[pjmlp]

I the sentence "I can also analyse C and C++ code for such issues, while keeping using a mature languages ecosystem." it is implied there are many tools that perform analysis of C and C++ code.

Some of those tools are static, others are dynamic, some require a special build, others are hybrid, others exist on all modern IDEs.

So it can be a mix of lint, clang tidy, VS analysis, Clion, ASan, USBsan, hardned runtimes, contracts (Frama-C), PVS, PurifyPlus, Insure++,....