At the Splash’24 conference, Philip Pizlo presented the Fil-C open-source compiler, designed to provide protection against memory-related errors when working with C and C++ code. The project focuses on ensuring compatibility with existing code while guaranteeing safe memory operations without the need for extensive code modifications. Built on components from LLVM, the compiler is distributed under the Apache 2.0 license, with the runtime supplied under the BSD license. Unlike the TRAPC project still in design, Fil-C is already capable of assembling existing code.
Fil-C extends its memory safety features to C standard libraries (LIBC) and C++ standard libraries (Libc++), utilizing MUSL and LLVM Libc++ libraries. The compiler supports various functionalities including multitasking, signal processing, memory-mapped files (MMAP), Longjmp/SetJMP, and exception handling in C++. Notably, projects like BZIP2, ZIP, PCRE, and NCURSES can be compiled without modifications using Fil-C. With minor adjustments, other projects like Opensh, Opensl, Cpython, SQLite, Lua, Curl, Lynx, JPEG6B, ZSH, XZUTILS, and SIMDUTF can also be assembled.
To ensure memory safety, Fil-C employs 128-bit monocaps for type checking and buffer boundary tracking, along with the Fugc garbage collector that supervises memory allocation and deallocation operations. In case of memory-related errors, the application terminates immediately to prevent potential vulnerabilities. The combination of monocaps and Fugc aims to detect and prevent buffer overflows, dangling pointer issues, race conditions, type confusion, dynamic layout problems, improper use of VA_LISTS, and incorrect buffer handling in system calls.