I have been intending to write down my opinions on the nature of legacy C code, especially mine. I think that legacy C code seldom conforms to the implicit notions of safety in C. Much of that code is actually safe however. I begin this note now because this paper claims the opposite with a good deal of work behind it. I plan to add comments here about the problem.
The CHERI group at the Cambridge have many constructive things to say about how to preserve legacy C programs. My view, influenced partly by their ideas, is that there is a body of legacy C code that is predicated on a few ideas:
The CHERI people suggest a language specification that suits this class of programs. I agree. I don’t know that they would agree with my points above. There is an issue of what to call it.