|
|
|
|
|
|
by n42
4 days ago
|
|
|
you do not sacrifice memory safety. you sacrifice a compiler ensuring that code is memory safe by it enforcing one quite opinionated approach to it: RAII and lifetime analysis. you seem to think there is one path to memory safety. there is not. unsurprisingly, some programmers may need different tools when working with a different set of requirements. |
|
|
Or at least you have to add memory safety as another extra step on your road to correct by design.
I'm aware of paths to memory safety, but they boil down to: pervasive GC, annoying compiler, and praying you got it right.
If you write your proof in GC language than translate it to C, that's just a mix of pervasive GC and praying.