User-specified memory management is commonplace in software development (for example, C, C++). Providing safety support to such management so that programs throw exceptions upon user error as opposed to crashing inexplicably is a relatively recent development.
Memory safety in the context of C/C++ became a concern after the advent of the languages (for example, Purify). Existing approaches describe a memory access error as a dereference outside the bounds of the referent, either address-wise or time-wise. The former includes a spatial access error (fox example, array out of bounds access error), and the latter includes a temporal access error (for example, dereferencing a pointer after the object has been freed). However, such approaches ate limited by difficulty in tracing and fixing attributes of these errors.
Another existing approach includes sharing and looking up virtual page numbers via the hardware memory management unit (MMU). However, with such an approach, the object lookup cost is not guaranteed to be constant, and varies according to table size even if operating system (OS) and/or hardware supported. Also, such an approach only treats heap temporal access errors, and each object allocation, however small, blocks out a full virtual page size. Further, in such an approach, virtual space overuse (simultaneously live objects) can cause paging-mechanism-related thrashing which would affect not only the application process, but also other processes in the machine.
Another existing approach includes a table-based framework to handle temporal and spatial memory access errors. However, such an approach does not obtain constant-time operations. Also, such an approach does not include recycling of capabilities.
Other existing approaches include table-based techniques for checking spatial memory violations in C/C++ programs, using automatic pool allocation to partition the large table of objects, as well as statically analyzing application sources Additional existing approaches can include run-time type checking schemes that track extensive type information in a “mirror” of application memory to detect type-mismatched errors However, such a scheme concedes expensiveness performance-wise (due to mirror costs, not constant time ops—for example, type information generated is proportional to object size including aggregate objects) and does not comprehensively detect dangling pointer errors (fails past reallocations of compatible objects analogous to Purify).
Yet another existing approach includes shifting from splay trees to bitmaps for a domain of C programs. However, such an approach does not support indirect pointers, or bounds checking for structure members. Another approach includes a map at run-time for checking memory accesses. Other existing approaches use garbage collection for memory reuse ignoring user-specified memory reclamation. However, such approaches offers limited temporal access error protection (not safe for reallocations of deleted data) and fails for spatial access errors once a pointer jumps past a referent into another valid one
Also, an existing approach can include a type inference system for C pointers for statically and dynamically checked memory safety. Such an approach, however, ignores explicit de-allocation, relying instead on Boehm Weiser conservative garbage collection for space reclamation, as well as disallowing pointer arithmetic on structure fields.
The need for user-specification of memory management in garbage collected languages comes when faced with real-time constraints. Memory management for real-time computing in Java takes one approach that is fully-automatic using a bounded-pause-time gc. This approach, however, eliminates the opportunity for precise user control of computation behavior and is suited to coarse bound times.
Other existing approaches can include scoped (that is, limited lifetime) and immortal memory regions wherein objects can be allocated in a specific scope and their space reclaimed when all references to the scope becomes zero. Space reclamation, however, remains automatic and reference count based and de-allocation of an object by a user cannot be mandated at will.