Ironclad C++
bearophile
bearophileHUGS at lycos.com
Sat Aug 3 16:32:15 PDT 2013
"Ironclad C++, A Library-Augmented Type-Safe Subset of C++" by
Christian DeLozier et al:
http://repository.upenn.edu/cis_reports/982/
It's a strict subset of C++ plus added some libraries and some
static verifiers. The purpose is to have a safer C++. It has some
similarities with D.
There are many small differences between C++ and Ironclad C++,
one of them is that all pointers must be smart pointers. It also
uses a precise garbage collection.
In my opinion what's most interesting is what it does for Stack
Deallocation Safety, it uses dynamic lifetime checking, with two
smart pointers, page 5-8:
>Prior work on preventing use-after-free errors has introduced
>some notion of a local pointer [10, 18], but these efforts have
>been focused on purely static enforcement through sophisticated
>program analyses. Local pointers in Ironclad C++ combine static
>enforcement and dynamic checking, providing flexibility and
>simplifying the necessary analysis.<
>Local pointers record the lower bound on addresses that they may
>point to. Through a combination of static restrictions and
>dynamic checks, these local pointers are allowed to point only
>to heap-allocated values or values at the same level or above in
>the call stack.<
The paper explains the various cases: assign from ptr<T> into
lptr<T>, assign from lptr<T> into ptr<T>, and assign from lptr<T>
into lptr<T>.
So with a mix of run-time tests and a small amount of static
analysis the code is safe and fast enough. It seems a simple
enough idea.
Bye,
bearophile
More information about the Digitalmars-d
mailing list