03-06-2024, 12:09 AM
(03-05-2024, 10:52 PM)madscijr Wrote:On the `qbs_data_size` thing, I'd clarify that it's just a runtime bug, all languages have runtime bugs and some of them can cause memory safety issues, that's not specific to QB64PE. There's also definitely plenty more of them, some documented in GitHub and others undiscovered. QB64PE has more bugs in that category than most languages though, I'd say But it's ultimately not a language problem, the runtime could be fixed and then your program is memory-safe again (as opposed to a language like C, where the language allows things that the compiler or runtime could simply never check for correctness).(03-05-2024, 10:15 PM)DSMan195276 Wrote: The MinGW usage of QB64PE is largely an implementation detail, the important questions are about the language itself and what it can or cannot do.That all makes sense and thanks for taking the time to explain - I just figured it should be addressed and wanted to open a conversation about it and the devs can decide what, if anything, needs addressing, or else provide advice. It sounds like QB64PE is not a big risk unless you get crazy with _mem or your program uses large strings in a way that triggers that qbs_data_size issue. I'll leave it to the folks who know about that stuff to clarify or work out. Thanks again!
...
Many languages on the list do allow you to break bounds checking intentionally, so that's not strictly a deal breaker, but it does make the situation a bit unclear.
...
there's plenty of things in QB64PE that are buggy and will cause memory safety issues even if they shouldn't. Ex. This is a memory safety bug in the runtime that could be triggered by QB64PE code.
I think, in a general sense, the QB64PE language itself is memory-safe if there is no `_Mem` usage in your program. If there is `_Mem` usage, then it depends what exactly you do with it, the typical usages are bounds-checked and memory-safe.