this post was submitted on 03 Oct 2024
39 points (85.5% liked)
Programming
17424 readers
25 users here now
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities !webdev@programming.dev
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
For me you really aren't selling it.
When the answer to major draw backs with a language is use it better that's a dead end for me.
Some of the greatest programming minds have been using c for a long time and we still have a huge amount of dangerous vulnerabilities all the time.
The language is fundamentally flawed and other languages have demonstrated that you can get the same flexibility, expressiveness and performance without these flaws.
Again with the lack of many standard lib constructs. I now have to trust that every lib i use was written by a serious expert. as they'll need to implement so much themselves rather than trusting the core language team, who you hope would know it better than most.
And again with OOP. Why hack it into a language rather than use a language that supports it.
It's beginning to feel like people are just clinging to c because it's what they are used to. All I seem see are justifications of its flaws and not any reasons to actually use it.
If it came out today you'd have an incredibly hard time convincing anyone to use it over other languages.
Try browsing the list of somewhat recent #CVE rated critical, as I just did to verify. A majority of them is not related to any memory errors. Will you tell all them "just use a different programming language"?
Have you seen existing C code? For anything non-trivial, most code uses some OOP, and it comes quite natural in C, certainly no "hacking". You don't need a
class
keyword to do that.It doesn't come out today, it's been there for a long time, and it's standardized, proven and stable. Sounds like you seriously misunderstood my points, which were, in a nutshell: For applications and similar, just use whatever suits you; for operating systems do experiments in lab/research projects (as was done with Unix), because existing and established ones are relied upon by lots of software. Just to make that perfectly clear, that doesn't mean they should use C forever, it means they should wait for a potential replacement to reach a similar state of stability with independent standards and competing implementations.
I'm sorry, but this has been repeatedly refuted:
And yes, they are telling their engineers to use a different programming language. In fact, even the NSA is saying exactly that: https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/3215760/nsa-releases-guidance-on-how-to-protect-against-software-memory-safety-issues/
This seems like an extremely short-sighted red herring. C has so many gaps in its specification, because it has no problem defining things as "undefined behavior" or "implementation defined", that the standard is essentially useless for kernel-level programming. The Linux kernel is written in C and used to only build with GCC. Now it builds with GCC and LLVM, and it relies on many non-standard compiler extensions for each. The effort to add support for LLVM took them 10 years. That's 10 years for a migration from C to C. Ask yourself: how is that possible if the language is so well standardized?