[kevin_thibedeau]

Poettering used alloca() as a poor man's garbage collector. Proper manual memory management is just "too hard". Other lingering code quality issues surely remain when the primary author is taking these sort of shortcuts and not considering how to write robust C.

[slrz]

As long as the allocation size is bounded (due to alloca/VLAs lacking any mechanism to signal allocation failure), what's the problem with that?

[kevin_thibedeau]

The problem is that 1) you can't assume what the available stack space is and 2) you don't let tainted user input determine allocation sizes which is what Systemd did in the CVE disclosed earlier this year.

[bitwize]

Nobody can write robust C. The correct answer is Poettering should've switched to Rust. With few exceptions, any code base that has not yet done so should be considered brittle and bug-prone.

[kevin_thibedeau]

The problem is the Java generaton that never learned how to do it.

[bitwize]

Somehow members of the JavaScript and Ruby generations pick up Rust rather easily, while those who pride themselves on having learned to write robust C (or C++) are flummoxed by it.

Hypothesis: C is so pathologically bad that it breaks brains.

[geggam]

I think C requires more of people. Granted I am no C expert but having worked in the industry a couple decades I have made conclusions based on observations.

As a sysadmin I wrote a small kernel module to trigger a panic on a certain condition hoping to capture some info in a dump several years ago.

Today I cant find sysadmins who can use a CLI properly.

The goalposts have moved inwards IMO

Not sure its bad thing either but it makes for interesting comparisons

[bitwize]

It's kind of like back in the day Emacs was considered a programmer's tool. Yet secretaries not only used it, they learned how to configure it to their liking in Lisp! (If you tell a normie they are "customizing" the editor rather than "programming" it, they won't even realize it's hard!)

These days, people calling themselves professional developers with years of experience won't even touch Emacs.

[NotATroll]

Plenty of people still use Emacs.

I picked it up several months ago after using Jetbrains IDE's for quite a long time, and honestly haven't felt the need for any of what Jetbrains brought to the table.

Mostly thanks to LSP.

If you're not a Java developer, Emacs is perfectly fine as a configurable extensible editor. With the additional caveat that its lack of multithreading can get in the way sometimes.

[fredsanford]

Hypothesis: Rust is a religion. The only times I've seen this amount of proselytization have been Rust and church.

[The_rationalist]

Java or any other garbage collected language is memory safe by design.