Microsoft’s lib0xc is a MIT-licensed C11 library providing bounds-safe, warning-clean replacements for standard library functions via macros and clang -fbounds-safety.
Key Takeaways
APIs cover string.h, stdio.h, stdint.h, and systems utilities like logging, hashing, and bounded buffers, all designed as drop-in or near-drop-in replacements.
Heavy use of C preprocessor macros enforces compile-time size checks, avoiding dynamic allocation in most APIs and enabling static bounds enforcement.
Supports clang -fbounds-safety extensions; annotations expand to nothing on non-clang compilers, preserving source compatibility.
Safe integer conversion (__cast_signed_unsigned) traps at runtime on overflow rather than silently truncating – targeting a known C footgun.
Portable across macOS and Linux (arm64, x86_64); porting to new targets requires implementing panic stubs, allocator hooks, and platform log streams.
Hacker News Comment Review
Early commenters see lib0xc as practically useful now, with interest in applying -fbounds-safety specifically to existing C projects.
Consensus is that spatial memory safety in C is largely solvable at the library/interface level without language redesign, and tools like this are underutilized.
