[rwmj]

This is a very naive statement. Sure there are a handful of good companies that enable every single compiler warning, and fix those warnings, and then run the code through Coverity, and fix all those problems too. Almost no one else does. The amount of terrible C in the real world is enormous.

[w0utert]

>> Sure there are a handful of good companies that enable every single compiler warning.

You think so? Every company I've worked for, or that I've known people that worked there, always enabled -Wall for their C and C++ code. Most OSS software compiles with all warnings enabled.

I think the issue with undefined behavior in C/C++ is extremely overblown, aside from fun academic examples like 'what does i++++i++ evaluate to' there isn't actually all that much undefined behavior or gotchas in C/C++. I would say there are less, compared to other languages I know.

[rwmj]

Signed overflow problems are everywhere, even in carefully written code. Using 'int' instead of a more specific type is a code smell. Security code which presumes that because you wrote ptr != NULL, that the check is actually carried out. Code that does type punning. Code that doesn't know about aliasing. It goes on and on.

You need to know that the problem exists in order to know that you have a problem. There are many C programmers who learned C back in the 1980s who don't even realize these are issues.

[tarancato]

I'd say things have changed quite a bit since format string bugs...

[MaulingMonkey]

Since?

I'm still adding the compiler specific annotations to add format string checking to custom variadic logging functions in codebases I inherit, and finding multiple bugs.

[majewsky]

> always enabled -Wall for their C and C++ code

Of course you want -Wall -Wextra -Werror -pedantic. ;)

[david-given]

...but please, for the love of Mike, don't ship source code with -Werror.

There's nothing like the experience of trying to fix somebody else's code which compiled fine on gcc version 8.97 but which now fails to compile on gcc version 8.98 because the new compiler has some new warnings, which it's now treating as errors, and now fails to compile.

...and you've got stuff to do, and the program isn't even broken.

[wtbob]

> … and you've got stuff to do, and the program isn't even broken.

Well, it may be — that's one of the problems with C: you never really know for sure if a warning really matters or not. But man, there sure are a lot of them!

[mitchty]

Or if you don't have to use gcc, just -Weverything in clang.

[GFK_of_xmaspast]

I used to work with a guy who would regularly get upset about the idea letting the compiler return warnings because he knew better and didn't want to be bothered with it.

Last I checked he has a couple hundred points on the hacker news internet forums.

Also just last week I found and reported some undefined behavior in a major c++ package that's used by almost every player in as many as several industries. I don't expect it will ever make any difference in production, but it still snuck in.

[kbart]

"The amount of terrible C in the real world is enormous."

I'm sure you could say that about pretty much any programming language: "The amount of terrible X in the real world is enormous". There are also plenty of clean, nice, safe C code around (and any other language), there's no need to over-generalize ("Almost no one else does").

[netheril96]

> I'm sure you could say that about pretty much any programming language: "The amount of terrible X in the real world is enormous".

But the damage is far greater in C. In other languages you won't have arbitrary code execution or privilege escalation just because the programmer is not careful. Nor will there be, in other languages, so many nondeterministic bugs that show up once in a blue moon.

[falcolas]

> In other languages you won't have arbitrary code execution or privilege escalation just because the programmer is not careful.

Sure you do. Remember the YAML fiasco with Ruby? How about the thousand-and-one RCE issues with PHP? eval isn't evil for no reason.

[kbart]

"In other languages you won't have arbitrary code execution or privilege escalation just because the programmer is not careful"

No, it's possible to make system insecure with pretty much any language if programmer is not careful. SQL injection, cross-site scripting, cross-site request forgery and the list goes on..

[0xfeba]

Yeah, I do web development. I've worked with javascript, PHP, and, sigh, classic ASP.

There's bad code everywhere. Some languages make it a bit easier, but it's really not the languages fault.

[majewsky]

https://en.wikipedia.org/wiki/Sturgeon's_law

[cwyers]

There are very few programming languages where the total lines of code written is larger than the amount of bad C code written.

[kbart]

There are very programming languages where the total lines of code written is even comparable to C, so of course there is more of bad code too.

[krylon]

There are two kinds of languages: Those everyone hates and those nobody uses (according Bjarne Stroustrup, but I tend to agree... ;-) ).

[MaulingMonkey]

There's a kernel of truth there, but I find myself regularly using languages which I hate much less.

If your best defense of a language is "well, at least people use it", that's a bad sign.

[krylon]

I always read Stroustrup's quote as saying, roughly speaking, that if nobody uses a language, nobody will notice its shortcomings, and if lots of people use it, lots of people will notice. In other words, popularity is no excuse for sucking, but if one is not popular, no one will notice how much one sucks.