[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Tinycc-devel] enforced immutability - proposed research project
|
From: |
Christian Jullien |
|
Subject: |
Re: [Tinycc-devel] enforced immutability - proposed research project |
|
Date: |
Mon, 18 Jan 2021 10:34:30 +0100 |
Hello Bruno,
Happy to have news from you.
If I spend time with tcc doing a kind of QA and helping to port it on more
platforms, I'm not a maintainer and I can't decide of its evolution.
My personal option for a language is to allow whatever "enforces" something.
If accepted, it should have no impact on compilation speed which is one of
the most important aspect of tcc (after correctness of course and execution
speed which comes second). Changes must also apply to all current supported
platforms.
Silly question, putting immutable objects in a read only section is not
enough?
Christian
-----Original Message-----
From: Bruno Haible [mailto:bruno@clisp.org]
Sent: Monday, January 18, 2021 10:17
To: tinycc-devel@nongnu.org
Cc: Christian Jullien
Subject: enforced immutability - proposed research project
Hi TinyCC hackers, hi Christian,
Here is a proposal to use TinyCC for a research project in programming
language design.
Immutable objects are a well-known feature, used to protect some data
from accidental/undesired modifications by other parts of the program.
So far, in C, immutable objects are "implemented" through the 'const'
attribute, but is not enforced at runtime (except for 'static const'
objects, which may reside in a read-only data section if they don't
contain relocatable pointers). Namely, any piece of the program can
cast away the 'const' and perform on a write access through a non-const
pointer.
The project would be about enforcing immutability of immutable objects
at runtime.
Some people like the idea [1][2].
Such a thing had been implemented for Common Lisp in GNU clisp in the
past [3], but did not have a big success because the Common Lisp language
specification makes most objects read-write; there is no 'const' in
this language.
But in C, 'const' is firmly rooted, and people hate to use a debugger
and set hardware watchpoints, to detect undesired write accesses.
The implementation would consist of two parts:
1) The runtime code. This code already exists in Gnulib [4][5].
It works on all Unix and Windows platforms (except Minix, which
lacks mmap() and mprotect()).
2) Compiler support. This could be tied to the 'const' attribute,
or a new attribute could be introduced, as proposed in [6].
I would estimate that this part can more easily be done in TinyCC
than in GCC or LLVM; which is why I am writing to you.
I believe this would be a world's first for C: Wikipedia [7] says that
"Immutability does not imply that the object as stored in the computer's
memory is unwriteable. Rather, immutability is a compile-time construct"
This statement would be obsolete!
If you like it: Have fun!
Bruno
[1] https://lists.gnu.org/archive/html/bug-gnulib/2019-12/msg00234.html
[2] https://lists.gnu.org/archive/html/bug-gnulib/2019-12/msg00232.html
[3]
https://gitlab.com/gnu-clisp/clisp/-/commit/4b7ed0f7346eac7190fb5b39ccca3883
f03ab8bb
[4]
https://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/immutable.h
[5]
https://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/immutable.c
[6] https://lists.gnu.org/archive/html/bug-gnulib/2019-12/msg00242.html
[7] https://en.wikipedia.org/wiki/Immutable_object#Violating_immutability