[oconnor663]

> everything is a number

I don't think C consistently lives up to this principle:

- In the memory model, even simple integers can hold "poison" values.

- Pointers usually behave like integer addresses, but in the memory model they have "provenance" (edit: spelling), and they also have to follow "strict aliasing" rules.

- Signed integer overflow is UB. We could ignore integer promotion rules most of the time, if not for this restriction.

- Even simple integer assignment isn't simple when an integer is shared between threads. Atomic orderings are hilariously complicated.

I worry that a lot of people who find delight in C just...aren't aware of these rules? Or maybe aren't consistently aware? Or maybe are aware but think that some violations are benign?

[camgunz]

Oh that's what I was nodding at with my "I wouldn't call C a simple language" comment. You are 100% correct. I assume--maybe wrongly but I don't think so--that the natural progression of the C programmer is:

- whoa cool everything is a number! Make that light blink, wipe that SDRAM chip, whiz bang!

- What the fuck is a torn read (insert any C gotcha in here)?! Everything is garbage!

- I know, I'll encapsulate "The right way to do things" in a library/new language.

- Never mind, I've decided to build websites (insert popular tech job here) for a living, but be super grouchy about it

The corollary to "I think Rust's complexity makes it impossible to delight me" is "I think C's brittleness makes it impossible to delight me." It has notes of innocence lost, nostalgia, a "simpler time", etc. Are those days gone forever, as the Dan say? Dunno.

[flohofwoe]

We're very aware and try to shield ourselves somewhat with compiler options (eg. max warning level already goes a long way), sanitizers and analyzers (thankfully availability of such tools has improved dramatically with clang's ASAN, UBSAN, TSAN and the clang static analyzer).

(and actually: yes, some rules are benign if the major compilers agree on the same non-standard behaviour, so far I have never seen unions used for type punning break in C++ for instance - it's good that C++ now offers a 'proper' alternative though).

It's pretty much an illusion that any non-trivial C or C++ program can be entirely standard compliant, it always depends on the specific compilers it has been tested with - which is still a better situation than Rust, which only has a single implementation (so far).

[camgunz]

Yeah it is bonkers to me that people don't turn all the stuff on. There's a lot of help out there that is basically free. It's worth taking an hour or so to go through all the checks--if nothing else it'll probably make you wise to some new footguns.

[agalunar]

Small typo correction for anyone trying to search or learn more about the term: it's "provenance", not "providence".

[oconnor663]

Ha woops. My mind is in Rhode Island :)

[agalunar]

^_^

Although I am tickled by the idea of pointer providence – that pointers are handed to us from on high, from the C gods.

[cozzyd]

That's how it works in Python