Future protections in managed languages and due dates
Will managed runtimes provide additional protection against subtle data corruption issues in the future?
Managed Runtime Environments such as Java and the .NET CLR mitigate or eliminate the possibility of many of the memory corruption errors common in native languages such as C #. However, they are surprisingly vulnerable to all memory corruption issues. One intuitively expects that the method that validates its input has no errors and handles exceptions reliably, will always convert its object from one valid state to another, but this is not the case. (More accurately, this is not the case where prevailing programming conventions are used - object developers must avoid their own problems to avoid the problems I describe.)
Consider the following scenarios:
-
Threading. The caller can share the object with other threads and make concurrent calls. If the object does not implement locking, the fields may become corrupted. (Possibly, unless the object is specified as thread safe, the runtime should use a lock on every method call to throw an exception if any method on the same object is executing concurrently with another thread. This will be a guard function, and just like the others well-received safety features of controlled battery life, it comes at some cost.)
-
Re-entrancy. The method calls out an arbitrary function (such as an event handler) that ultimately calls methods on the object that are not intended to be called at that point. This is even more complex than thread safety and many class libraries don't get it right. (Even worse, class libraries are notoriously poor at documenting that such reconnection is allowed.)
In all these cases, it can be argued that careful documentation is the solution. However, the documentation may also indicate how to allocate and free memory in unmanaged languages. We know from experience (like with memory allocation) that the difference between documentation and language / runtime execution is night and day.
What can we expect from languages and runtime in the future to protect us from these problems and other subtle problems like them?
source to share
I think languages and battery life will continue to move forward, draw attention away from developers, and continue to make our lives easier and more productive.
Let's take your example - threads. There are some great new features on the horizon in the .NET world to simplify the multithreaded model we are using. STM.NET may end up making shared state much safer, such as handling. concurrent extensions in .NET 4 make life very easy to stream when compared to current technologies.
source to share
I think transactional memory promises to solve some of these problems. I'm not sure if this somehow answers your question, but it's an interesting topic anyway:
http://en.wikipedia.org/wiki/Software_transactional_memory
There was a Software Engineering Radio episode on the topic in a year or so, maybe.
source to share
First of all, "managed" is a bit of a misnomer: languages like OCaml, Haskell, and SML provide this kind of protection and safety when fully compiled. All relevant "control" occurs at compile time through static analysis, which contributes to optimization and speed.
Anyway, to answer your question: if you're looking at languages like Erlang and Haskell, the default state is isolated and immutable. With the look of the system, threads and relocation are safe by default, and because you have to get out of the way to break these rules, it is obvious that unsafe code can arise.
Based on secure by default, but leaving room for extended insecure use, you get the best of both worlds. It seems reasonable that future systems that are secure by your definition may follow some of these techniques as well.
source to share
What can we expect in the future?
Nothing. Thread-state and re-entrancy are not the problems I see in the tools / runtime solution. Instead, I think people in the future will move towards styles that avoid stateful programming in order to get around these problems. Languages and libraries can help make these programming styles more attractive, but tools are not the solution - changing the way you write code is the solution.
source to share