Checked C
Checked C adds static and dynamic checking to C to detect or prevent common programming
errors such as buffer overruns and out-of-bounds memory accesses.
The goal of the project is to improve systems programming by making fundamental improvements to C.
This repo contains
sample code, the extension specification,
and test code.
- For a quick overview of Checked C, more information, and pointers to example code,
see our Wiki. - The PDF of the specification is available here.
- Compilers are available here.
We are hiring.
We have positions available for a
Principal Software Engineer and
Senior Software Engineer.
We are looking for engineers who have production compiler development experience and who value shipping software.
Papers
We presented a research paper on
Checked C at the IEEE 2018 Cybersecurity Development Conference:
"Checked C: Making C Safe by Extension". The paper describes the key ideas of Checked C in 8 pages.
Note that we have added features to Checked C for improving type safety (and reducing type confusion)
since writing the paper. The Wiki and specification provide up-to-date descriptions of Checked C.
We presented another paper
on Checked C at the 2019 Principles of Security and Trust Conference:
"Achieving Safety Incrementally With Checked C".
This paper describes a tool for converting existing C code to use Ptr types. It also proves a blame
property about checked regions that shows that checked regions are blameless for any memory corruption.
This proof is formalized for a core subset of the language extension.
Build Status, Configuration, Testing, Status, --------, ---------------, -------, Debug X86 Windows, Checked C and clang regression tests, 
, Debug X64 Windows, Checked C and clang regression tests, 
, Debug X64 Linux, Checked C and clang regression tests, 
, Release X64 Linux, Checked C, clang, and LLVM nightly tests, 
, # Participating
We're happy to have the help! You can contribute by trying out Checked C,
reporting bugs, and giving us feedback. There are other ways to contribute too.
You can join the mailing lists for
announcements about the project.
Licensing
The software in this repository is covered by the MIT license. See the file LICENSE.TXT for the license. The
Checked C specification is made available by Microsoft under the OpenWeb Foundation Final
Specification Agreement, version 1.0.
Contributions of code to the Checked LLVM/clang repos are
subject to the CLANG/LLVM licensing terms.
Code of conduct
This project has adopted the
Microsoft Open Source Code of Conduct.
For more information see the
Code of Conduct FAQ or
contact opencode@microsoft.com with any
additional questions or comments.