Xref: utzoo comp.lang.c:26463 alt.flame:15978 Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!think!snorkelwacker!mit-eddie!uw-beaver!uw-june!fred.cs.washington.edu!machaffi From: machaffi@fred.cs.washington.edu (Scott MacHaffie) Newsgroups: comp.lang.c,alt.flame Subject: Re: Errors aren't that simple Message-ID: <10911@june.cs.washington.edu> Date: 2 Mar 90 02:28:55 GMT References: <39400075@m.cs.uiuc.edu% <8192@hubcap.clemson.edu> Sender: news@cs.washington.edu Reply-To: machaffi@fred.cs.washington.edu.cs.washington.edu (Scott MacHaffie) Followup-To: misc.test Organization: C Software Engineers, uninc. Lines: 77 In article <8192@hubcap.clemson.edu% billwolf%hazel.cs.clemson.edu@hubcap.clemson.edu writes: % The unsafe constructs within C are themselves sufficient evidence to % conclude that the C community, by choosing to use a language which has % many highly unsafe constructs and an almost total disregard for error % prevention, does not hold error prevention in sufficiently high regard; paraphrase: I can't write code worth a damn, so no one else can either. % the failure of a password security system because no boundary checks % were done on the length of the password (whereupon the intruder purposely % supplied a double-length password and thereby ensured that the left and % right sections of the password-validating data structure were compatible), % and similar cases demonstrate that the C language poses a serious obstacle % to the development of defect-minimal software. For the cost of simply paraphrase: Someone else fucked up (or I made it up, one of the two) so I can use that as an argument. % the recent national AT&T crash, I'd be willing to conjecture that all of % AT&T's software developers could have been trained in software engineering % concepts and the Ada language, and supplied with Ada compilers as well. paraphrase: ADA is perfect. No one has ever written a piece of ADA code with bugs in it. If AT&T had used ADA their code would have worked without being tested. % The comments found in the Unix man pages I cited have been there for % at least a decade, apparently going unchallenged by the rest of the % C community. This is despite the fact that the growth of C has been paraphrase: Unix had bugs TEN WHOLE YEARS ago! % widely attributed to the Unix operating system being given away to % so many universities -- if this attribution is correct, then Unix is % also responsible for helping to create the widespread attitude within % the C community that defects are to be treated casually. paraphrase: Hey, now I can try to flame Unix, too! Maybe I should cross-post to comp.unix -- I'm sure they would appreciate knowing that they can't do any software engineering with their systems. % It is entirely true that other language communities (BASIC, COBOL, etc.) % have problems along these lines which are arguably worse than those which % are clearly associated with the C community. On the other hand, there are paraphrase: What the fuck, I can try to flame EVERYONE. After all, I am perfect. % other language communities which are doing a considerably better job of % spreading software engineering concepts and providing linguistic support % for their application (Ada, Eiffel, etc.). The challenge for the C paraphrase: If I say it enough, maybe someone will believe me. % community is to join the language communities which are doing a good % job in these respects, as opposed to holding its existing reputation % as a community which contains an extremely high percentage of those who % regard themselves as hackers, and whose products repeatedly make national % headlines with their spectacular failures. Since C is a language which paraphrase: Look, I have made-up statistics to prove my point! And I can also ignore counter-examples! % provides little or no support for defect prevention, one would expect % that the C community would naturally compensate by being extremely % careful about always applying the very best software engineering % practices. Unfortunately, I don't think even the most dedicated % C-backers would attempt to claim that this is presently the case. paraphrase: I'm not a C programmer, but I can damn well speak for all of them.