Fil-C Makes setjmp/longjmp and ucontext Memory Safe

Fil-C, the memory-safe C dialect, now supports setjmp/longjmp and the ucontext APIs (setcontext, getcontext, makecontext, swapcontext) without stack corruption or capability violations. The feature landed in release 0.680 and is available when building from source.
The Problem with Context APIs
These APIs are notoriously unsafe because misuse can restore a dangling stack. Common bugs include:
- Calling
setjmporgetcontextin a function, then returning — the saved context points to a stack frame that no longer exists. - Exiting the thread, then trying to restore execution on a freed stack.
- Creating a context with
makecontexton a stack, freeing that stack, thenswapcontextorsetcontextto it. - Passing the currently executing context as the second argument to
swapcontext(swapping to itself).
In standard C ("Yolo-C"), these bugs cause silent stack corruption, hard-to-debug crashes, and potential security exploits. In Fil-C, all such cases produce a panic at the point of misuse.
How Fil-C Implements Memory Safety
Fil-C's approach differs for setjmp/longjmp vs ucontext. For setjmp/longjmp, the key challenge is that setjmp returns twice — once when called, again after longjmp. The act of saving the context means the compiler needs to handle volatile-annotated variables correctly, but Fil-C ensures that restoring a context never accesses freed or invalid memory.
For ucontext, Fil-C manages stacks in a way that either makes the operation legal or panics, because dangling stack frames are simply impossible.
Example: setjmp/longjmp in Fil-C
The following program demonstrates the behavior:
#include <setjmp.h>
#include <stdio.h>
int main(int argc, char** argv) {
volatile int x = 42;
jmp_buf jb;
if (setjmp(jb)) {
printf("x = %d\n", x);
return 0;
}
x = 666;
longjmp(jb, 1);
printf("Should not get here.\n");
return 1;
}
This prints x = 666 and exits. Without volatile, the compiler may optimize and print 42 instead. Fil-C does not alter optimization semantics but prevents memory corruption regardless.
For Whom?
Developers using ucontext-based coroutines (e.g., Boost fibers) or setjmp/longjmp for exception handling in C programs that want memory safety.
📖 Read the full source: HN AI Agents
👀 See Also

Monitoring OpenClaw Commands with Python and Gemini Flash for Security
A user created a Python script that trails commands injected by OpenClaw, analyzes them with Gemini Flash, and sends notifications via Discord webhook for alarming or irregular activity, costing about $0.14 daily.

AI Security Researchers: Your 0-Day Vulnerabilities May Leak via Data Opt-In Toggle
The 'Improve the model for everyone' toggle in LLM interfaces can automatically harvest deep red-teaming research, sending your vulnerability concepts to vendor safety teams and potentially to academic papers before you publish. Disable data sharing before conducting serious security research.

Claude Code Security Plugin: Pushing AppSec into the Developer Workflow
Anthropic shipped a security-guidance plugin for Claude Code that identifies and fixes vulnerabilities during coding. Available to all users via the plugin marketplace, not just Enterprise. Discusses whether this becomes a lightweight assistant, serious AppSec layer, or bridge to Claude Security.

Claude Code Install Phishing Site Tops Google Search Results
A phishing site impersonating the official Claude Code download page appears as the first Google result for "Claude code install mac." Users are warned not to download from the fake site.