Microsoft’s lib0xc codifies decades of safer C patterns into a drop-in, macro-heavy, bounds-safe library targeting clang and gcc on macOS/Linux.
Key Takeaways
Covers std/ and sys/ modules replacing or extending string.h, stdio.h, stdint.h, syslog.h, and BSD queue.h with bounds-checked variants.
Leans on C preprocessor macros and compile-time size assertions to avoid dynamic allocations; pairs with clang -fbounds-safety extensions.
Safe integer conversion (__cast_signed_unsigned), bounds-tracked cursors (CURSOR/cprintf), and typed context pointers (__context_export/__context_import) are core primitives.
Requires C11 with GNU extensions (-std=gnu11), GNUMake >= 3.81; MSVC support is absent by design.
Porting to new platforms requires implementing panic handlers, __waiting_for_memory, platform log streams, and a 0xc/platform.h header.
Hacker News Comment Review
The author (EPWN3D) framed lib0xc as codifying oral-tradition C safety patterns; commenters see value but debate whether standards bodies (C, C++, POSIX) should absorb these rather than leaving them to libraries.
GCC’s access attributes and FORTIFY_SOURCE were raised as partial overlaps, and the prior Microsoft-backed Annex K was cited as a cautionary tale of a failed standardization attempt.
Skepticism exists around production adoption: lib0xc requires GNU extensions, ruling out MSVC, and it is unclear whether Microsoft is using it internally or if it is a side project.
Notable Comments
@nxobject: Questions whether MSVC could even compile the GNU extensions required, casting doubt on Microsoft-internal adoption.
