A "Safe C++" Being Explored Using The New ClangIR
An interesting "request for comments" proposal I have been meaning to write about since last month is in-development work developing "Safe C++" as an extension to the LLVM Clang compiler and making use of the new, in-development ClangIR.
This isn't the first time there has been a proposal for a "safe" C++ while at the end of November Chuanqi Xu announced this newest initiative to come up with a "Safe C++" based on the ClangIR intermediate representation that would come down to being a pure subset of ISO C++ with a few ignorable pragma and attributes. The simpler approach would allow compiling the subset by other C++ compilers not supporting this "safe" dialect.
ClangIR is the new intermediate representation (IR) that has been brewing as an MLIR dialect for C/C++ languages that is described in the documentation as being between Clang's AST and LLVM IR. ClangIR can handle C/C++ higher level semantics for better diagnostics and performance optimizations that are harder to achieve in pure Clang AST or LLVM IR. Those wanting to learn more about the in-development ClangIR can do so via the documentation for that in-progress effort.
Chuanqi Xu is looking to leverage ClangIR to produce a safer C++ and has already produced a demo implementation. Among the proposal is adding a pragma "#pragma clang SafeCXX" for defining the same C++ code that other compilers can ignore if unsupported. Similarly there would be a "#pragma clang UnsafeCXX" too for sections of unsafe C++ code.
The thinking is with the ClangIR-based Safe C++ to provide borrow checking, different handling for deprecated calls, deprecating the user of pointers / taking addresses / dereferencing, references within async functions, and other changes to make C++ code safer by better leveraging modern compiler technologies within LLVM/Clang.
The proposal is a bit premature with ClangIR itself not yet being stabilized but those interested can see the RFC proposal on the LLVM Discourse. Some of the early prototyped code can be found via this GitHub repository. It will be interesting to see what comes of this safe C++ effort and more broadly the ClangIR development in 2025.
This isn't the first time there has been a proposal for a "safe" C++ while at the end of November Chuanqi Xu announced this newest initiative to come up with a "Safe C++" based on the ClangIR intermediate representation that would come down to being a pure subset of ISO C++ with a few ignorable pragma and attributes. The simpler approach would allow compiling the subset by other C++ compilers not supporting this "safe" dialect.
ClangIR is the new intermediate representation (IR) that has been brewing as an MLIR dialect for C/C++ languages that is described in the documentation as being between Clang's AST and LLVM IR. ClangIR can handle C/C++ higher level semantics for better diagnostics and performance optimizations that are harder to achieve in pure Clang AST or LLVM IR. Those wanting to learn more about the in-development ClangIR can do so via the documentation for that in-progress effort.
Chuanqi Xu is looking to leverage ClangIR to produce a safer C++ and has already produced a demo implementation. Among the proposal is adding a pragma "#pragma clang SafeCXX" for defining the same C++ code that other compilers can ignore if unsupported. Similarly there would be a "#pragma clang UnsafeCXX" too for sections of unsafe C++ code.
The thinking is with the ClangIR-based Safe C++ to provide borrow checking, different handling for deprecated calls, deprecating the user of pointers / taking addresses / dereferencing, references within async functions, and other changes to make C++ code safer by better leveraging modern compiler technologies within LLVM/Clang.
The proposal is a bit premature with ClangIR itself not yet being stabilized but those interested can see the RFC proposal on the LLVM Discourse. Some of the early prototyped code can be found via this GitHub repository. It will be interesting to see what comes of this safe C++ effort and more broadly the ClangIR development in 2025.
77 Comments