How is this different from tools like Valgrind and Address Sanitizer?
How is this different from tools like Valgrind and Address Sanitizer?
Posted Oct 28, 2025 20:28 UTC (Tue) by bertschingert (subscriber, #160729)In reply to: How is this different from tools like Valgrind and Address Sanitizer? by oldnpastit
Parent article: Fil-C: A memory-safe C implementation
Fil-C seems to be more similar to ASAN than Valgrind in that the compiler outputs code with the instrumentation / checking present, rather than running already compiled code in a virtual machine as Valgrind does.
But it would seem to be more robust than ASAN; from reading about how ASAN works, it seems that it puts "poisoned" bytes around an allocation, so that memory accesses shortly after the end of a buffer hit those poisoned bytes and are caught. However, ASAN wouldn't catch an invalid access to a non-poisoned address of memory via a particular a pointer, if that address was allocated in a separate allocation. [1]
I assume Fil-C's pointer capability model is able to catch "provenance" violations like that.
[1] https://blog.gistre.epita.fr/posts/benjamin.peter-2022-10...