November 2, 2025
Bug-proof or buzzkill?
Notes by djb on using Fil-C (2025)
Crypto legend tries safer C: cheers, jeers, and slowdown fears
TLDR: DJB tested Fil-C, a “safer C” compiler that works with lots of existing code but often runs 1–4× slower. The community split fast: fans want Fil-C in core tools like APT, while skeptics roast the performance and build heft—debating if fewer memory bugs are worth the speed hit.
Daniel J. Bernstein (aka djb), a famed cryptographer, just dropped hands-on notes about Fil-C, a “memory-safe” way to compile old-school C/C++ without rewriting everything. He shows scripts that build Fil-C, glibc (the standard C library), and even a Nethack demo via Filnix, all on Debian. The catch? His graph shows Fil-C code taking 1–4× more cycles than clang (a popular compiler). Also, the build needed beefy swap space—extra disk memory—to avoid crashing, which had folks clutching their SSDs.
The crowd went full popcorn mode. One user cheered that with a “3-letter guy” onboard (djb!), this could be another sleeper hit like Rust or Go. Another called for Fil-C to be required for APT—Debian’s package manager—throwing shade at Rust’s push into system tools and restarting that old flame war with fresh kindling. The vibe split hard: safety-first fans love that Fil-C catches memory bugs and stops programs safely (thanks to garbage collection and “InvisiCaps,” djb’s term for invisible safety checks). Speed freaks snarked about the slowdown and the 36GB swap flex.
There were jokes, too: someone was tickled that a crypto legend is copy-pasting bash + curl install lines like the rest of us. Others memed “press curl to install safety,” while pragmatists shrugged, saying middle-aged Linux tools are “done” and this might finally be the training wheels they’ll accept. Whether Fil-C becomes the new default or just a niche fortress, djb’s endorsement turned a quiet project into a loud debate.
Key Points
- •Fil‑C showed high compatibility, with many libraries and applications working without changes.
- •Scripts were provided: an audit script, a filian‑install‑compiler (86m real time) to build Fil‑C+glibc+binutils on Debian 13, and a filian‑install‑packages script that builds some Debian packages (e.g., bzip2).
- •Microbenchmarks (≈9000) on Zen 4 show Fil‑C‑compiled crypto code typically needs 1x–4x the cycles compared to clang.
- •An alternative unprivileged setup via Filnix (by Mikael Brockman) lets Debian 12 users install Fil‑C and run a Fil‑C‑compiled Nethack using nix‑user‑chroot and Nix flakes.
- •Musl is an option but incompatible with several packages; building Fil‑C and glibc requires substantial memory, with successful runs using 36GB swap (~19GB used) plus 12GB RAM.