Show HN: C From Scratch – Learn safety-critical C with prove-first methodology

Posted by william1872 5 days ago

Counter72Comment12OpenOriginal

Seven modules teaching C the way safety-critical systems are actually built: MATH → STRUCT → CODE → TEST.

Each module answers one question: Does it exist? (Pulse), Is it normal? (Baseline), Is it regular? (Timing), Is it trending? (Drift), Which sensor to trust? (Consensus), How to handle overflow? (Pressure), What do we do about it? (Mode).

Every module is closed (no dependencies), total (handles all inputs), deterministic, and O(1). 83 tests passing.

Built this after 30 years in UNIX systems. Wanted something that teaches the rigour behind certified systems without requiring a decade of on-the-job learning first.

MIT licensed. Feedback welcome.

Comments

Comment by csb6 4 days ago

I like the approach; it reminds me of Towards Zero Defect Programming by Allan Stavely and Dijkstra's idea of deriving programs mechanically from their specifications.

Were LLMs used to produce some of the writing? Not sure how to describe it, but it has a certain recognizable writing style (e.g. "The Problem"/"The Solution", lots of bulleted lists with bolded first words, etc.) Readers might appreciate if AI use is disclosed.

Comment by mfro 4 days ago

It’s definitely AI generated. I suspect much of their portfolio is. See spec.md. Also, the committer’s username is “williamofai”.

Comment by glouwbug 4 days ago

Given they have 30 years of what looks to be safety critical UNIX experience, it’s probably not AI. They might come from rigorous fields like medical device engineering where writing and design are continuously audited for spec and standard conformance

Comment by commandersaki 3 days ago

Yeah the AI smelling writing style put me off. If you have 30 years of experience then you should have had ample time to build your own prose and style. I'll pass on this.

Comment by lelanthran 4 days ago

> Wanted something that teaches the rigour behind certified systems without requiring a decade of on-the-job learning first.

I've built certified systems (munitions), and the pain of certification is almost always in the process not the coding.

The process is expensive, rigorous and lengthy. It's the process that certifies something good enough to get the stamp for release, not the code design or architecture.

Comment by BiraIgnacio 4 days ago

Great content and approach, thank you!

Comment by fainpul 4 days ago

  int64_t age = now - then;  // UNDEFINED BEHAVIOUR if overflow!

  uint64_t age = now - then;  // DEFINED: wraps at 2⁶⁴
Seriously, fuck C. Since this book focuses on safe, reliable, bugfree programs, why not use Rust?

Comment by UncleEntity 4 days ago

I'm going to go out on a limb and say because rust didn't exist 30 years ago?

Anyhoo... seems interesting. I've been trying to convince Claude to produce a verified JavaCard VM implementation, just for the hell of it, and this probably has a bunch of information to help with that.

Comment by 4 days ago

Comment by salawat 4 days ago

Ya gotta start somewhere, and just about every IC starts at some point with C.

Comment by chickenimprint 3 days ago

IC?

Comment by salawat 2 days ago

Integrated Circuits.

Comment by chickenimprint 2 days ago

Integrated circuits don't "start with C". What does that even mean? C is just an interchangeable language the compiler frontend parses.

A microprocessor starts by executing the machine code at the reset vector. This machine code is generated by an assembler or a compiler backend. It has no idea what programming languages are.