"Ironclad C++, A Library-Augmented Type-Safe Subset of C++" by
Christian DeLozier et al:
http://repository.upenn.edu/cis_reports/982/
It's a strict subset of C++ plus added some libraries and some
static verifiers. The purpose is to have a safer C++. It has some
similarities with D.
There are many small differences between C++ and Ironclad C++,
one of them is that all pointers must be smart pointers. It also
uses a precise garbage collection.
In my opinion what's most interesting is what it does for Stack
Deallocation Safety, it uses dynamic lifetime checking, with two
smart pointers, page 5-8:
Prior work on preventing use-after-free errors has introduced
some notion of a local pointer [10, 18], but these efforts have
been focused on purely static enforcement through sophisticated
program analyses. Local pointers in Ironclad C++ combine static
enforcement and dynamic checking, providing flexibility and
simplifying the necessary analysis.<
Local pointers record the lower bound on addresses that they may
point to. Through a combination of static restrictions and
dynamic checks, these local pointers are allowed to point only
to heap-allocated values or values at the same level or above in
the call stack.<
The paper explains the various cases: assign from ptr<T> into
lptr<T>, assign from lptr<T> into ptr<T>, and assign from lptr<T>
into lptr<T>.
So with a mix of run-time tests and a small amount of static
analysis the code is safe and fast enough. It seems a simple
enough idea.
Bye,
bearophile
