hngopher.com

       [HN Gopher] C but Safe
       ___________________________________________________________________
        
       C but Safe
        
       Author : synergy20
       Score  : 14 points
       Date   : 2024-04-04 21:58 UTC (1 hours ago)
        
 (HTM) web link (xr0.dev)
 (TXT) w3m dump (xr0.dev)
        
       | FrankWilhoit wrote:
       | This is one way to go; but the only "problem" with C is
       | management's expectation that production software can be written
       | by people who have only half learned the language, and that is a
       | problem irrespective of which language we are talking about.
        
         | stephencanon wrote:
         | There's also engineers' belief that they have learned the
         | language despite only half-knowing it at best.
        
         | asveikau wrote:
         | I think one of the problems with C today, which you're touching
         | on but I think not quite capturing, is that it's not taught and
         | used nearly as much anymore. So when people are found in the
         | position of writing, or more likely altering existing C, they
         | usually don't know popular styles, conventions, coping
         | mechanisms; eg. you can use coding style to make memory leaks
         | less likely [one example: a rule forbidding early return out of
         | a function, designating cleanup blocks], but few people are
         | learning or teaching it.
        
         | rcxdude wrote:
         | I don't think knowledge of the language is the issue with C,
         | it's the fact that it requires a huge amount of diligence to
         | not have security issues. Knowing the nooks and crannies of the
         | language doesn't really help with that.
        
           | asveikau wrote:
           | Made worse by the fact that most people don't work with it or
           | get taught it as much as 25 years ago. A dev who has come up
           | in the last decade or more, the typical C experience they
           | have is writing it poorly for college. They're not typically
           | battle-hardened on it, few people learn the best practices
           | anymore. But when existing code doesn't suit a need they
           | still might be tasked with maintaining something or fixing
           | bugs.
        
       | Animats wrote:
       | Nice.
       | 
       | Are any of the many "safe versions of C" getting any traction?
       | There have been so many. It's not a technical problem. It's a
       | mindshare problem.
       | 
       | The future in this area may be something that takes in existing C
       | code and uses a LLM to recognize idioms and annotate. Without
       | some automated way to convert legacy code, this isn't going to
       | happen.
       | 
       | (One big problem with converting to Rust is that Rust's data
       | model is so far from C/C++ that you can't really convert much
       | existing code. You have to rethink the design to fit the affine
       | type model. That's hard.)
        
       | jnwatson wrote:
       | The problem with the safe C subsets is that it means you have to
       | write new code. But if you have to write new code, why would you
       | do it in C?
        
       ___________________________________________________________________
       (page generated 2024-04-04 23:00 UTC)