-
-
the entire class of bugs is the overflow, the verification bypass from optimization and pointer arithmetic. I don’t get why you think you’re being clever trying to trick me. I’m going back to bed. When I wake up give me an actual problem I didn’t solve 10 years ago. -
The verification bypass from optimization is something that many, many people are not aware of. That's my point. And it's not easily avoidable, you need to tread very carefully. And then there's alot more UB in C that could bite you.
-
Stop talking to me as if you can teach me C when you can’t even see the variants of the LZO/LZ4 bugs in kernel land are UB relevant, yet you call them “standard” after checking for 5 minutes. Christ. Get over yourself

-
Your undefined behavior tricks may wow infosec pros with no coding experience but anyone that writes C professionally should grok this stuff better than both you and I can. Hell, Linus gets this stuff quite well

-
This is not my experience with the vast majority of people writing C professionally. They do tend to assume signed ints have two's complement behaviour. Not everybody is Linus.
-
Tend to agree here with
@andreasdotorg. So, the prereq is being a “C pro”/Linus Torvalds? That doesn’t scale for an engineering team. Teams are composed of diverse people,not all 15 year C pros. The risks are too many and the learning curve to high for what most build today -
We naturally evolve toward higher and higher abstractions. There is always still use for the lower layers (someone is designing the fabrication processes for chips and the microcode that runs). But, it is relegated to a smaller and smaller group that eventually rounds to zero
-
And..if you are in that group, cool..we will always need those folks. But it doesn’t mean we need to encourage the “next generation” that chip fabbing, microcode, and assembly are is easier than they used to be...come on over and join us.
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
. Besides, having bugs isn’t the issue. Resolving, reducing, and remaining well architected is the point.