A simplified model of Fil-C
5 hours ago
- #C/C++ Programming
- #Memory Safety
- #Fil-C Model
- Fil-C is a memory-safe implementation of C/C++, using a simplified model that transforms unsafe code into safe code via automated source code rewriting.
- Each pointer variable in a function is paired with an AllocationRecord* variable to track memory bounds, with AllocationRecord containing visible_bytes, invisible_bytes, and length.
- Pointer operations are rewritten to include the accompanying AllocationRecord*, and memory allocations are handled by filc_malloc, which allocates three blocks: an AllocationRecord, visible bytes, and invisible bytes for pointer metadata.
- Dereferencing pointers uses the AllocationRecord for bounds checking, and heap-stored pointers have their AllocationRecord stored in invisible_bytes at corresponding offsets.
- Memory deallocation via filc_free frees the visible and invisible bytes but not the AllocationRecord itself, relying on a garbage collector to free unreachable AllocationRecord objects and manage memory leaks.
- The garbage collector also handles local variables whose addresses escape by promoting them to heap allocations, and Fil-C's memmove implementation includes heuristics for safely moving pointers within aligned memory.
- Production-quality Fil-C introduces complexities like concurrency support, atomic operations, function pointer type safety, memory usage optimizations, and performance improvements.
- Potential use cases for Fil-C include securing existing C/C++ code with memory safety at a performance cost, detecting memory bugs, safe compile-time evaluation in languages like Zig, and studying pointer provenance.