C++ Logo

std-proposals

Advanced search

Re: [std-proposals] Memory Safety in C++ via Safe Subset and Static Analysis - Master’s Thesis Summary

From: Thomas Krogh Lohse <tlohse20_at_[hidden]>
Date: Wed, 4 Jun 2025 10:47:47 +0000
> C++ always tries to be backwards compatible and old (currently correct) code might not compile with your feature on

I'd love for C++ to deprecate and move on from a lot of the old things and have this "Safe-by-default". But I recognize that, that will remain a dream of mine.

> Your work should nicely fit into these profiles or add a new profile. Some of it is quite closely related, though profiles don’t discuss a borrower checker, yet

Do you see the use of a 'Borrow-checker Profile'?

> “Safe-by-default” could, however, be a compiler flag that turns on certain profiles by default. This might be the safest you can get without running against some of the core C++ philosophies.

Couldn't the inverse also "fix" it? If you try to compile some old code that does not conform with the safe subset, just add a compiler flag to tell the compiler that it's old code?
________________________________
From: Std-Proposals <std-proposals-bounces_at_lists.isocpp.org> on behalf of Simon Schröder via Std-Proposals <std-proposals_at_[hidden]>
Sent: Tuesday, June 3, 2025 8:28 PM
To: std-proposals_at_[hidden] <std-proposals_at_[hidden]>
Cc: Simon Schröder <dr.simon.schroeder_at_[hidden]>
Subject: Re: [std-proposals] Memory Safety in C++ via Safe Subset and Static Analysis - Master’s Thesis Summary


On Jun 1, 2025, at 10:32 AM, Thomas Krogh Lohse via Std-Proposals <std-proposals_at_[hidden]> wrote:

I’d love to hear your thoughts:
    * Do you see value in defining a "safe-by-default" C++ subset with opt-in unsafe features?

“Safe-by-default” will not work. C++ always tries to be backwards compatible and old (currently correct) code might not compile with your feature on. Currently, there are several proposals for so-called profiles (https://www.open-std.org/jtc1/sc22/wg21/docs/papers/2025/p3589r0.pdf can give a good start into this topic with additional references at the bottom of this proposal).

Your work should nicely fit into these profiles or add a new profile. Some of it is quite closely related, though profiles don’t discuss a borrower checker, yet. “Safe-by-default” could, however, be a compiler flag that turns on certain profiles by default. This might be the safest you can get without running against some of the core C++ philosophies.

(The goto discussion could also be solved by profiles.)

Received on 2025-06-04 10:47:55