abstract ;;Quote: Cyclone is a safe dialect of C; avoids buffer overflows, format string attacks, and memory management errors; static analysis plus run-time checks and annotations

275 ;;Quote: NUL-terminated strings important for efficiency; allows fixed-length buffer that holds variable-length strings; problem of overrun

275 ;;Quote: C allows pointer beyond end of array; leads to buffer overflow

277 ;;Quote: Cyclone has never-NULL pointers (@...) and fat pointers (?...) with run-time checking (e.g., varargs)

277+;;Quote: Cyclone has growable memory region, tagged union, polymorphism, and exceptions

279 ;;Quote: use static, region analysis to prevent dereference of a non-live region; e.g., a block's local variables

279+;;Quote: use annotations to track memory regions across function calls

280 ;;Quote: uses growable regions for safe, explicit memory allocation without relying on a garbage collector

283 ;;Quote: convert C to Cyclone by changing less than 10% of lines; 20-50% of these are fat pointers (?...)

283 ;;Quote: Cyclone is up to 3x slower than C for compute-bound applications; up to 6x slower in microbenchmarks

283 ;;Quote: Cyclone identified array bound violations in three benchmarks

286 ;;Quote: a C enumeration is really treated as 'int'; not useful for tagged unions

286 ;;Quote: a pointer to a zero-terminated array is safe as long as the pointer only moves inside the array and the terminator is safe