At 2020-01-03T13:21:47-0500, Mike Bianchi wrote: > On Fri, Jan 03, 2020 at 12:45:22PM -0500, Doug McIlroy wrote: > > > C is one of the worst possible foundation languages conceivable for > > > automated formal verification > > > > Yet the Mars rovers run on a wholly checked code base written > > in C, ... > > I sometimes think that C would be greatly improved if it just added: > Strings as first-class objects > (instead of a collection of array side effects)
Well, as I understand "first-class"[1], we (can) already have this.
Just use structs and functions instead of array operators. Of course
people want other things too, which is why there are many competing
implementations.
Paul Hsieh has a partisan but reasonably thoughtful and comprehensive
overview[2] of the state of affairs.
The null-terminated string type with no guarantee of null termination
was a true devil's bargain--Howard Chu has a great article on this[3].
The willful introduction of unbounded behavior, which people then took
as a design pattern to be emulated, has caused us much misery and
expense. If I could travel back in time to the 1970s and harangue
Dennis Ritchie about just one thing, this would be it.
Sure, he might crush me with his superior intellect, but I'm accustomed
to quixotic challenges. :P
> Hardened memory management
> Hardened pointer management
I'm not sure you can have one of these without the other (or, if you
can, whether there would be any point), but yes--a desire to achieve
this drove the development of Cyclone[4] which in turn influenced Rust.
Regards,
Branden
[1] I won't lie: Stack Overflow has a better definition that I could
come up with off the cuff; mainly I was thinking of function returns
and possibly-anonymous inline literals.
"A first class object is an entity that can be dynamically created,
destroyed, passed to a function, returned as a value, and have all
the rights as other variables in the programming language have.
Depending on the language, this can imply: being expressible as an
anonymous literal value."
https://stackoverflow.com/questions/245192/what-are-first-class-objects
[2] https://mike.steinert.ca/bstring/doc/md_comparisons.html
[3] https://symas.com/the-sad-state-of-c-strings/
[4] https://en.wikipedia.org/wiki/Cyclone_(programming_language)
signature.asc
Description: PGP signature
