←back to thread

Ask HN: What open source projects need help?

203 points aaronbrethorst | 5 comments | 16 Nov 24 17:22 UTC | HN request time: 1.142s | source

Let's match open source projects that need help with developers looking to contribute. Think of this as "Who's Hiring" but for open source - a monthly thread to surface interesting projects that could use more hands.

Please include: Project name and description (if not widely known); Tech stack; Areas needing help (DOCS, CODE, DESIGN, etc.); Level (BEGINNER-FRIENDLY if applicable); Email address or other means of contacting you.

Ground rules:

Post only if you maintain/run the project

One post per project/suite

No commercial recruitment

No thread complaints

Developers: Only reach out if you actually want to contribute.

1. pizlonator ◴[16 Nov 24 18:53 UTC] No.42158296[source]
Fil-C - a memory safe implementation of C and C++.

Written in C and C++.

Need most help just porting C programs to Fil-C. Often porting is as easy as recompiling, but sometimes there are compatibility issues to resolve similar to if you were porting C code to a new CPU or OS. Could also use help with compiler hacking (llvm expertise required) and runtime hacking (experience with high level language runtimes required).

https://github.com/pizlonator/llvm-project-deluge

replies(1): >>42159665 #
2. ranger_danger ◴[16 Nov 24 21:51 UTC] No.42159665[source]
Are use-after-free and such bugs detected at compile time? There are still some cases that scan-build, cppcheck and other static analysis tools do not find.
replies(1): >>42161429 #
3. pizlonator ◴[17 Nov 24 02:13 UTC] No.42161429[source]
They’re deterministically detected at runtime. Any use of a pointer to an object that got freed will trap with a filc safety error, which terminates program execution and prints a backtrace.

I don’t think it’s possible to catch all use after frees at compile time precisely. Like, you could have a checker that catches all errors but also rejects valid programs or you can have a checker that accepts all valid programs but doesn’t find all the bugs. To be precise it has to be at runtime, and that’s what Fil-C does.

replies(1): >>42180361 #
4. fithisux ◴[19 Nov 24 05:39 UTC] No.42180361{3}[source]
can you imagine a program termination in the middle of a surgical operation?

It is harmless for less critical jobs though, like image viewing.

replies(1): >>42198643 #
5. pizlonator ◴[20 Nov 24 22:11 UTC] No.42198643{4}[source]
Memory safe languages aren’t about proving everything at compile time. Some version of a panic is going to be there, at a minimum for array bounds checking.

In Fil-C, if you don’t like the use after free panic, then just don’t call free and let the GC free your objects.

And if you’re doing safety critical stuff (I’m assuming that’s what you’re getting at) then the game is to prove that the system will be safe in the sense of not hurting people, not in the sense of memory safety. And that proof burden is much higher than the proof burden for memory safety.