P3874R1 — Should C++ be a memory-safe language?
(2 items)
EWG
This paper proposes a definition of 'memory-safe language' as one containing a syntactically explicit, compiler-enforced subset that is systematically free of all undefined behavior, and argues that heuristic reduction of UB through profiles, hardening, or contracts alone is insufficient to meet this definition. It contends that C++ should pursue a subset-of-superset strategy analogous to Rust and Circle, whereby new language features enable a useful, UB-free subset while existing unsafe code remains accessible outside it. The paper seeks EWG consensus on whether C++ should commit to becoming a memory-safe language by this definition, with lifetime safety identified as the primary technical challenge requiring significant new language features.
- Page 1, footnote 1 — The comma-separated citation list attributes both the CISA paper and Google's "Secure by Design: Google's Perspective on Memory Safety" to CISA; the latter is a Google publication and needs its own attribution. [1]
- Page 12, footnote 36 — Doubled article: "the The Rustonomicon" — the leading "the" must be dropped since "The" is part of the proper title. [2]
References — Anthropic Citations API
[1]
"CISA: "The Urgent Need for Memory Safety in Software Products", "Secure by Design: Google's Perspective on Memory Safety", Microsoft: "We need a safer systems programming language", and ACM: "It..."
"CISA: "The Urgent Need for Memory Safety in Software Products", "Secure by Design: Google's Perspective on Memory Safety", Microsoft: "We need a safer systems programming language", and ACM: "It..."
[2]
"36 See "Working with Unsafe" from the The Rustonomicon 35 One effort underway to improve the ergonomics of implementing sound interfaces is unsafe fields"
"36 See "Working with Unsafe" from the The Rustonomicon 35 One effort underway to improve the ergonomics of implementing sound interfaces is unsafe fields"
Summary: P3874R1 argues that WG21 should commit to making C++ a memory-safe language and proposes a phased strategy — starting with profiles and progressing toward a Safe C++ superset — to achieve that goal incrementally. Two items were found.
Pipeline: Discovery (Anthropic Opus + Citations API) → Verification Gate (OpenRouter Opus) → Report Writer (OpenRouter Opus)
Provenance: All references are machine-verified character positions from the Anthropic Citations API — deterministic, exact substrings, not model-generated quotes.
Provenance: All references are machine-verified character positions from the Anthropic Citations API — deterministic, exact substrings, not model-generated quotes.