Re: [threadx-dev] New project proposal: Eclipse Canon-C

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [threadx-dev] New project proposal: Eclipse Canon-C — explicit semantic standard library for C99

From: Benjamin Cabé <contact@xxxxxxxxxxxxxxxxx>
Date: Thu, 7 May 2026 08:06:53 +0200
Arc-authentication-results: i=1; mx.google.com; arc=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature; bh=FabgZJOnApLaXT7zZU9cLYTe35qGYHt5XNvzVaPXcTw=; fh=/EvrXeqEQBxIDSY9o/xxY2Hl4DCgplBFO24UVkX/tQo=; b=cnkMuBNJ+dqCGEwuqI/x6mQaiZlutfLadu7+2638MxmQgjHRQQrPPvnFIpU6i8OmmE CEXfc9hKU+t6B9hTyODOaIKjAGPSa9rGTWIZrkRfV9MTEVQUcmBOnEwqcky0AI9qYgEW 1+u7YuZ8t6dM96JOceE1nSdqVHIWqWsAvbkFugzLbfbZsAyEuymycwvNeAi+91FZTJ5Y hekMTPekMffMY84e1wYe2XymBhdV1wso1U7OXgJBECj0bNGz1jVCvjLNEaXooEqgmbN5 OciQHdlnR7nddYzQDOT2AOzs2K6eaUTAQdrsHy8mwBNmErX+WQGZ1SRvd175VOLOx/+j T99g==; darn=eclipse.org
Arc-seal: i=1; a=rsa-sha256; t=1778134024; cv=none; d=google.com; s=arc-20240605; b=NIowfXfKxWKIXOkkSVyHmJ6qvammpPVL5Xm1IUjyEkKu5ZtKeswBXShzuZ6ubbkghO 0cPBNRWvYBOEI+ECYy7jPNpQX5YCl+ZdvPhtJfzNfIo7r8WoTU18nkJD43rjk5dh4B25 ZEQJdnuQeWBWwmp1l2f+6TflYn1hP+v2BqXfRiUD6QfqzTLGMQXE8kodxSOqVqjpCSbJ GFnIzCOpYUi3wMOQfvlflvN/EXXP8OSKuSUp/wp4pjcYMhh6lWbtwrtEnKk5d7q3Kx6m Fr1CPVbUTiDhai2T5uwUPtUSMAe2TXQ+AfVBjAwm/F2oI/J0a5YQSNg0fg/xIUbGCt2U FfgQ==
Delivered-to: threadx-dev@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/threadx-dev/>
List-help: <mailto:threadx-dev-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/threadx-dev>, <mailto:threadx-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/threadx-dev>, <mailto:threadx-dev-request@eclipse.org?subject=unsubscribe>

Hi,

This looks like an awful lot of LLM content which sure is a lot more than "scaffolding", with thousands of commits a bit all over the place in just a few weeks. I would be a bit concerned about accepting this as a new project and it probably could incubate a bit more as a standalone GitHub project and gather a small community there first. Also recommend spreading the word on Reddit and other embedded communities.

Cheers,

Benjamin.

Le mer. 6 mai 2026, 12:25, Fikret Güney Ersezer via threadx-dev <threadx-dev@xxxxxxxxxxx> a écrit :

Hi all,

I'm Fikret Güney Ersezer, and I'd like to introduce a new project proposal that has just been made public for community review: Eclipse Canon-C.

Proposal: https://projects.eclipse.org/proposals/eclipse-canon-c

Canon-C is a header-only semantic standard library for C99, designed around explicit ownership, predictable allocation, and formal verification. The goal is not to add new functionality to C, but to make program intent — ownership, lifetime, failure, and data flow — visible directly at call sites, so that safety-critical C code is easier to read, reason about, and verify.

The project is targeted at the IoT and embedded space, with particular attention to RTOS and bare-metal environments.

What may interest this list specifically:

The substrate (core/primitives/ and some parts of core/) is formally verified using Frama-C WP with ACSL contracts. CI enforces named-residual invariants on every push to master — verification status is encoded as a contract, not a soft target. Current state: 5 headers verified, ~4800 proof obligations, ~99% discharged automatically, with all unproved goals documented in a deviations record with manual proof arguments. The aim is to provide a reusable substrate that reduces the verification burden for application code targeting DO-178C, ISO 26262, IEC 62304, and similar standards.

The proposal is now in community review (minimum 2 weeks per the EDP). Feedback, questions, and concerns from the ThreadX community would be very welcome — particularly from anyone with experience integrating verification-grade libraries into RTOS-based products, or anyone who sees gaps where Canon-C's conventions wouldn't fit their workflow.

Best regards,

Fikret Güney Ersezer

_______________________________________________
threadx-dev mailing list
threadx-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://accounts.eclipse.org

References:
- [threadx-dev] New project proposal: Eclipse Canon-C — explicit semantic standard library for C99
  - From: Fikret Güney Ersezer

Prev by Date: [threadx-dev] New project proposal: Eclipse Canon-C — explicit semantic standard library for C99
Next by Date: Re: [threadx-dev] New project proposal: Eclipse Canon-C — explicit semantic standard library for C99
Previous by thread: [threadx-dev] New project proposal: Eclipse Canon-C — explicit semantic standard library for C99
Next by thread: Re: [threadx-dev] New project proposal: Eclipse Canon-C — explicit semantic standard library for C99
Index(es):
- Date
- Thread

Breadcrumbs