On Sunday, 14 May 2017 at 01:30:47 UTC, Jack Stouffer wrote:
On Sunday, 14 May 2017 at 00:05:56 UTC, Dibyendu Majumdar wrote:
(a) Trust the programmer.
That's the first and most deadly mistake. Buffer overflows and
null pointers alone have caused hundreds of millions of dollars
of damages. I think we can say that this trust is misplaced.
I should have added that the C11 charter also says:
<quote>
12. Trust the programmer, as a goal, is outdated in respect to
the security and safety programming communities. While it should
not be totally disregarded as a facet of the spirit of C, the C11
version of the C Standard should take into account that
programmers need the ability to check their work.
<endquote>
In real terms though tools like ASAN and Valgrind if used from
the start usually allow you to catch most of the issues. Most
likely even better tools for C will come about in time.
But I don't see how languages like D or Rust can replace C for
certain types of use cases.
Maybe you can argue for the use of C in embedded systems and in
OS's, although I see no reason why Rust can't eventually
overtake C there.
I think Rust is a promising language but I don't know enough
about it to comment. My impression about Rust is that:
a) Rust has a steep learning curve as a language.
b) If you want to do things that C allows you to do, then Rust is
no more safer than C.
Regards
