AAU Student Projects - visit Aalborg University's student projects portal
A master's thesis from Aalborg University
Book cover


Enforcing Memory Safety in Modern C++ Through a Safe Subset and Static Analysis

Author

Term

4. term

Education

Software, Master

Publication year

2025

Pages

21

Abstract

C++ driver meget af nutidens software, men sproget tillader stadig klassiske hukommelsesfejl, fx at bruge data efter det er frigivet, eller at flere dele af programmet ændrer de samme data samtidig. Dette speciale undersøger, hvordan man kan forebygge sådanne fejl ved at definere en forsigtig, sikker delmængde af C++ og ved at tjekke koden automatisk, før den køres (statisk analyse). For at gøre dette introducerer projektet en statisk analyse, der opdager levetidsfejl og håndhæver eksklusiv adgang til data, der kan ændres. Levetidsfejl betyder, at en reference eller pointer lever længere end det objekt, den henviser til. Eksklusiv adgang betyder, at når data må ændres, har kun én del af programmet lov at skrive ad gangen. Analysen læner sig op ad ideer fra Rusts "borrow checker" og levetidsmodel, men virker for moderne C++. Analysen er realiseret i et proof-of-concept kaldet CPlusPlusty, implementeret som en Clang-plugin. Tilgangen begrænser som udgangspunkt konstruktioner, der vides at være usikre, og bruger en over-approksimerende analyse, der bevidst er forsigtig: den kan markere kode, der i praksis er sikker, men formålet er ikke at overse reelle problemer. Resultaterne viser, at hukommelsessikkerhed kan eftermonteres i moderne C++-kode uden store sprogudvidelser eller alternative frontends, ved at bruge statisk analyse og håndhæve sikrere brugsmønstre inden for standard C++.

C++ powers much of today’s software, yet the language still permits common memory errors, such as using data after it has been freed or letting multiple parts of a program change the same data at once. This thesis explores how to prevent such bugs by defining a cautious, memory-safe subset of C++ and by checking code automatically before it runs (static analysis). To do this, the project introduces a static analysis that detects lifetime violations and enforces exclusive access to mutable data. Lifetime violations include cases where a reference or pointer outlives the object it refers to. Exclusive access means that when data can change, only one part of the program is allowed to write at a time. The analysis is inspired by Rust’s "borrow checker" and lifetime model, but targets modern C++. The analysis is implemented as a proof of concept called CPlusPlusty, delivered as a Clang plugin. By default, the approach disallows constructs known to be unsafe and uses an over-approximating analysis that errs on the side of caution: it may flag code that is actually safe, but aims not to miss real problems. The results show that memory safety guarantees can be retrofitted onto modern C++ code without major language extensions or alternative frontends, by applying static analysis and enforcing safer usage patterns within standard C++.

[This summary has been rewritten with the help of AI based on the project's original abstract]

Keywords

C++ ; static analysis ; safety ; memory safety ; Rust ; pointer analysis

Documents

Download
View record in AAU Student Projects