top | item 13808916

(no title)

It's an absurd point.

ZCash was built upon the Bitcoin codebase. This inherits a lot of bad decisions. Moral purity, demanding they start over again from scratch, just isn't practical.

The bug in question could have been solved had the simply compiled with minimal static analysis -- by which I mean -Wall.

C/C++ is memory safe if you turn on dynamic checking. Sure, it's twice as slow as C/C++, but still tons faster than nonsense languages like Ocaml or Haskell.

discuss

kzrdude|9 years ago

No, there is no dynamic checking that guards against iterator invalidation in general. You can't make it memory safe with gcc or clang.

daira|9 years ago

This bug had nothing to do with Zcash. Please correct your comment to say Zcoin, if that's what you meant.

In any case, Zcash is also derived from Bitcoin and builds with `-Werror` (edit: not `-Wall`, but we're working on that). That kind of minimal static analysis is certainly not sufficient to catch the majority of bugs, though.

C++ is not memory safe in any meaningful sense. There have been efforts to define a memory-safe subset, but typical large codebases, including Bitcoin, do not come close to falling within that subset.

aij|9 years ago

> C/C++ is memory safe if you turn on dynamic checking.

What's the option to turn that on? Which compilers is it in?

I know there were several fat-pointer patches to GCC back in the day, but I didn't think anything remotely similar had ever gone mainstream. There's just too much existing code that relies on undefined behavior last I checked.

im3w1l|9 years ago

> C/C++ is memory safe if you turn on dynamic checking.

Is anyone here doing this? Would be interesting to hear your experience.

jhasse|9 years ago

If valgrind counts, then yes.