Code safety continues to be a regulatory and security imperative, driving C++ organizations to adopt robust memory safety solutions. Last year, we overviewed Google's suite of static analysis and code transformation projects that aim to eliminate a variety of safety bugs from our massive C++ codebase. This year, we lay out our vision for a path to safe-by-construction C++, including null safety, spatial safety and temporal safety.
In null safety, we’ll describe our progress and challenges in upgrading millions of files towards null safety. For spatial safety, we’ll overview our forthcoming spatial safety mode, which, when enabled, will ensure developers that their code is free of spatial safety violations. We’ll discuss our progress incrementally bringing Google’s codebase into compliance with this mode, including both static transformations and compiler-injected dynamic checks. Next, we’ll cover our advances in enforcing Lifetime safety in C++, inspired by Rust’s Lifetimes design, and preview our ideas for a temporal safety mode, parallel to our spatial safety mode. Finally, we’ll tell you about our efforts to apply AI in this space, and its potential for a transformative role in hardening our legacy C++ codebases.
Yitzhak Mandelbaum is a Staff Software Engineer at Google, leading the C++ Safety team. He and his team are committed to improving memory safety and reliability in C++ through innovative static and dynamic analysis techniques. Yitzhak has been tackling challenges at the intersection of C++ security, static analysis, and large-scale change tooling since 2016, leading development of the Clang Dataflow Analysis and Clang Transformer frameworks, along the way. Prior to Google, he researched parsing, type theory and computer security at CMU's Software Engineering Institute and AT&T Labs-Research. He holds a PhD (2006) and an A.B. (1999) in Computer Science from Princeton University.