Fixing C's Biggest Mistake
monkyyy
crazymonkyyy at gmail.com
Sat Dec 31 18:33:25 UTC 2022
On Friday, 30 December 2022 at 20:38:52 UTC, Walter Bright wrote:
> On 12/29/2022 7:04 PM, monkyyy wrote:
>> I dont understand why its such a rare opinion to think about
>> software as fail safe or fail dangerous depending on context;
>> most software that exists should be fail safe, where every
>> attempt is made to make it to keep going.
>>
>> Airplanes, nasa and maybe even hard drive drivers; write
>> triple check every line of code, turn on every safety check
>> and have meetings about each and every type; fine.
>
> Sorry, but again, that is attempting to write perfect software.
> It is *impossible* to do. Humans aren't capable of doing it,
I am discussing failure modes; "how should doors fail"
a Walmart sliding door should be "failsafe" and attempt to open
if it's confused about the situation like if someone pulls a fire
alarm
a nuclear launch code safe should be "fail dangerous", and
attempt to explode if someone is picking it
So it's nonsense to answer "how should door fail" without picking
a context. It's all well and good you made airplane software the
way you did therefore you want floats to init to nan and nullable
to be strict or etc. etc. etc.
Airplane software can be fail dangerous so the backup kicks in.
When adr is making a video game on stream and defines a vec2 with
default initialized floats; it's a video game it should be
fail-safe and init to 0 rather than have him take 10 minutes on
stage debugging it. Different situations can call for different
solutions, why is safety within computer science universally
without context?
More information about the Digitalmars-d
mailing list