mercredi 27 novembre 2019

Why is it so rare to see a C program crash?

Background

Hello!

I'm a professional C++/Python programmer and lately I've been writing up a small project in C. I have a great interest in Mathematics and Computer Science despite my lack of formal education, in particular I read a lot about testing, formal proofs of correctness of programs and different coding methodologies, like Agile or TTD.

Question

Considering the amount of programs written in pure C we use everyday, especially on Linux (the kernel itself is almost completely written in C), why aren't fatal errors a common occurrence when using a computer?

Explanation

I know that for some people this question might seem weird, so here is an explanation why I would expect to see code written in C to fail more often than it does.

  • Assertion 1 no matter how good the tests are, testing can only prove presence of bugs, not their absence.
  • Assertion 2 every project has a constant rate of bugs per line of code, including the code in automated tests as well as specification.
  • Assertion 3 unlike in many (not all) modern languages, C specification allows for a code to be incorrect but compileable and requires in any non-trivial application to operate directly on memory addresses, introducing a class of errors that are inconsistent in their behavior, hard to trace back, often caused not by bad logic but by bad values supplied to the program/function and (most important for this question) often causing termination of a program by the system, for example in case of memory access violation.
  • Conclusion 1 all programs written in C, no matter how well maintained, will still have undetected errors in them, either not yet detected or introduced with an update.
  • Conclusion 2 if it is true, that 1) programs written in C almost always will have hidden bugs in them and 2) bugs that could potentially cause an unexpected termination of a C program are the hardest to find, thus follows that, in theory, unexpected termination of a C program should be as common of an occurrence as encountering any other error.
Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)