Index: doc/theses/mike_brooks_MMath/uw-ethesis-frontpgs.tex =================================================================== --- doc/theses/mike_brooks_MMath/uw-ethesis-frontpgs.tex (revision a783c74ba6b959c19144a6c39d4fb911d22b5eb2) +++ doc/theses/mike_brooks_MMath/uw-ethesis-frontpgs.tex (revision 43b65162ba86dd37539662ef821c6bcdc049f924) @@ -66,5 +66,5 @@ Internal-External Member: \= \kill % using longest text to define tab length External Examiner: \> Bruce Bruce \\ -\> Professor, Dept. of Philosophy of Zoology, University of Wallamaloo \\ +\> Professor, Dept. of Philosophy of Zoology, University of Waterloo \\ \end{tabbing} \bigskip @@ -134,20 +134,21 @@ These features are implemented across the \CFA compiler and runtime libraries. The results maintain another \CFA goal of offering strong backwards compatibility with C. -This work leverages preexisting \CFA contributiongs of prior students working on the \CFA project, particularly through novel applications of the compiler's type system. +To achieve these goals, this work leverages preexisting \CFA contributions by prior students, particularly novel applications of the compiler's type system. All modern programming languages provide at least these three high-level containers (collections): array, linked-list, and string. Often, the array is part of the programming language, while linked lists are built from (recursive) pointer types, and strings from arrays and/or linked lists. For all three types, languages and/or their libraries supply varying degrees of high-level mechanisms for manipulating these objects at the bulk and component levels, such as copying, slicing, extracting, and iterating among elements. -Unfortunately, typical solutions for the these key types in C cause 60\%--70\% of the reported software vulnerabilities involving memory errors; 70\%--80\% of hacker attack-vectors target these types. -Therefore, hardening these three C types goes a long way to make the majority of C programs safer. +Unfortunately, typical implementations for the these key types in C cause 60\%--70\% of the reported software vulnerabilities involving memory errors, where 70\%--80\% of hacker attack-vectors target these types. +Therefore, hardening these three C types and suggesting programers use them as their default types goes a long way to increase memory safety in the majority of C programs. Specifically, an array utility is provided that tracks length internally, relieving the user of managing explicit length parameters and stopping buffer-overrun errors. This feature requires augmenting the \CFA type system, making array length available at compile and runtime. -A linked-list utility is provided, which obviates many user-managed recursive pointers by catering directly to system-programming uses (intrusive linking, ad-hoc listing) for which a library solution is often dismissed. -Finally, a string utility is provided with implicit memory management of text in a specialized heap, relieving error-prone buffer management, including overrun, and providing a copy-on-write speed boost. -For all three utilities, performance is argued to be on-par with, and occasionally surpassing relevant comparators. +A linked-list utility is provided, which obviates many user-managed recursive pointers while catering directly to system-programming using intrusive linking. +Finally, a string utility is provided with implicit memory management of text in a specialized heap, removing error-prone buffer management, including overrun, and providing a copy-on-write speed boost. +For all three utilities, performance is argued to be on-par with, and occasionally surpassing, relevant comparators. With the array, this case is made by showing complete erasure down to a naked C array, modulo runtime bound checks, which are removable more often than with Java-style length management. -With the linked list and string, empirical measures are compared with relevant libraries. -These utilities offer a system programmer workable alternatives to hand-rolling several common causes of system vulnerabilities, thereby improving \CFA's position as a safety-forward system-programming alternative. +With the linked list and string, empirical measures are compared with C and \CC comparable libraries. +These utilities offer programmers workable alternatives to hand-rolling specialized libraries, which is a huge safety benefit, eliminating many system vulnerabilities. +The results establish \CFA's position as a safety-forward programming alternative. \cleardoublepage