A Note on Fil-C
16 days ago
- #memory-safety
- #compiler
- #performance
- Fil-C is a project by Filip Pizlo that adds memory-safety instrumentation to clang, including spatial safety (out-of-bounds accesses) and a concurrent GC for temporal safety (use after free).
- It is highly compatible with existing code, potentially enabling a full Linux distro userspace with modest patching effort.
- Performance overheads are estimated at 1-4x cycles, deemed tolerable for many workloads, especially IO-bound ones.
- Fil-C builds on academic and industrial work, including Pizlo's iterations at Apple, some of which are already in production.
- The tool's bounds checking can make pointer-twiddling C code safer than unsafe Rust, raising questions about integrating similar checks into Rust's unsafe blocks.
- Caveats include dynamic (not static) error prevention, performance and space overheads, no solution for data races, and the temptation to disable safety for performance gains.
- The project reflects a shift in developer priorities towards safety, even at the cost of performance, contrasting with the historical preference for C/C++'s speed and memory efficiency.
- The author expresses hope that Fil-C will meet the needs of those with legacy C/C++ codebases or those averse to safer programming languages.