What does HackerNews think of checkedc?

Checked C is an extension to C that lets programmers write C code that is guaranteed by the compiler to be type-safe. The goal is to let people easily make their existing C code type-safe and eliminate entire classes of errors. Checked C does not address use-after-free errors. This repo has a wiki for Checked C, sample code, the specification, and test code.

Language: C

#28 in C
#7 in Python
Show HN: Xr0 – Vanilla C Made Safe with Annotations | Sep 2023
Reminds me of https://github.com/microsoft/checkedc
My bad habit of hoarding information | Jan 2023
Information hoarding was my big problem as well. To fight it, a few years ago, I stopped using any bookmark services, and I started to keep a list of links in a markdown text file with a limited number of tags. I split the links by month and often add a short description and a tag to a saved link. All IT tags are textual, but I use emojis for other link categories, such as music or books. Example content:

### 2022/12

- {musical note emoji} [Mendelssohn - Complete Piano Works](https://www.amazon.pl/Complete-Piano-Works-Prosseda/dp/B084D...)

- [Checked C](https://github.com/microsoft/checkedc) - extensions to make C safer #cpp

- [SQLite Internals: How The World's Most Used Database Works](https://www.compileralchemy.com/books/sqlite-internals/)

- {book emoji} [Ask HN: Best books read in 2022?](https://news.ycombinator.com/item?id=33849267) - some interesting pieces here

### 2022/11

- [The Linux Kernel Module Programming Guide](https://sysprog21.github.io/lkmpg/), [repo](https://github.com/sysprog21/lkmpg) #linux

...

And so on. I know it's simplistic, but it helped me a lot to keep the number of links under a reasonable limit, and it is effortless to search through.

C to Checked C by 3C | Mar 2022
"...spatial safety violations (e.g., buffer overflows) still constitute one of today’s most dangerous and prevalent security vulnerabilities. To combat these violations, Checked C extends C with bounds-enforced checked pointer types.

Checked C is essentially a gradually typed spatially safe C—checked pointers are backwards-binary compatible with legacy pointers, and the language allows them to be added piecemeal, rather than necessarily all at once, so that safety retrofitting can be incremental.

This paper presents a semi-automated process for porting a legacy C program to Checked C. The process centers on 3C, a static analysis-based annotation tool. 3C employs two novel static analysis algorithms—typ3c and boun3c—to annotate legacy pointers as checked pointers, and to infer array bounds annotations for pointers that need them...

Experiments on 11 programs totaling 319KLoC show 3C to be effective at inferring checked pointer types, and experience with previously and newly ported code finds 3C works well when combined with human-driven refactoring...."

PDF: https://arxiv.org/ftp/arxiv/papers/2203/2203.13445.pdf

Checked C Project:

https://www.microsoft.com/en-us/research/project/checked-c/

https://github.com/microsoft/checkedc

"Checked C: Making C Safe by Extension":

https://www.microsoft.com/en-us/research/uploads/prod/2018/0...

RefinedC: Automating Foundational Verification of C Code with Refined Ownership | May 2021
Expand Context ↕
> The annotations look pretty complex. It’s a whole other type language grafted on to C, and at least to me, even with the explanation in the introduction, very difficult to get an intuition of.

I salute the idea of fixing C shortcomings instead of starting over from scratch (Rust, Zig), but clearly this mix of large functional annotations on top of procedural code adds some burden and inelegance.

The automated formal code proving will appeal security researchers, but I doubt most developers will want to go through that.

As a developer, I would rather use checked-C since it's only a thin overlay requiring little syntactic sugar on top of C99. https://github.com/microsoft/checkedc

However, unlike RefinedC, it requires a new compiler and headers...
In-progress musl fork modified to use Checked C | Oct 2020
Noting that there is little explanation in the repo, you can visit 1 and 2 if you're unfamiliar with Checked C and its history.

1. https://www.microsoft.com/en-us/research/project/checked-c/

2. https://github.com/microsoft/checkedc

Supporting Linux kernel development in Rust | Aug 2020
It's not about safety, if that was the real argument we should start with obvious improvements like checked C https://github.com/microsoft/checkedc The C++ lifetime checker or Cyclone