[TUHS] : C dialects (was: I can't drive 55: "GOTO considered harmful" 55th anniversary)

G. Branden Robinson g.branden.robinson at gmail.com
Tue Mar 14 13:06:07 AEST 2023 

At 2023-03-13T22:49:23-0400, Theodore Ts'o wrote:
> As an OS engineer, I deeply despise these optimization tricks, since I
> personally I care about correctness and not corrupting user data far
> more than I care about execution speed ---- especially when the parts
> of the kernel I work on tend not to be CPU bound in the first place.

Alex has heard me say this before.

In the U.S., civilian air traffic controllers have a maxim.

Safe, orderly, efficient.[1]

You meet these criteria in order from left to right, and you satisfy one
completely, or to some accepted, documented, and well-known standard
measure, before you move on to the next.  The obvious reason for this is
that when aircraft meet each other at cruise altitudes, many people die.

I haven't yet settled on a counterpart for software engineering that I
like, but the best stab at it I've come up with is this.

Comprehensible, correct, efficient.

Incomprehensible code is useless.[2][3]  Even code that is proven
correct by formal methods is fragile if human maintainers are defeated
by its esoteric expression.[4]  (And formal verification can't save you
from incorrect specification in the first place.)  Richard Feynman once
said something along the lines of, if there is any phenomenon in physics
that he can't successfully explain to an audience of freshmen, then we
don't really understand it yet.  We use subtle, complex tools to solve
problems only when we haven't worked out ways to overcome them with
simple, straightforward ones.  Before we surrender to the excuse of
irreducible complexity we must have valid, verifiable, peer-reproducible
evidence that we've reduced the complexity as far as known methods will
allow.

But I'm junior to most of the grognards are on this list, so I'm
half-expecting the Joe Pesci opening statement from _My Cousin Vinny_...

Regards,
Branden

[1] https://www.avweb.com/features/say-again-8air-traffic-chaos/
[2] Literally useless, especially once that something that "just works"
    is ported to a new context.  "The real problem is that we didn't
    understand what was going on either."
    https://www.bell-labs.com/usr/dmr/www/odd.html
[3] Except for constructing streams of self-lauding horse puckey before
    promotion committees comprised of people who themselves attained,
    and will further advance, their status predicated on the audacity of
    their horse puckey.
[4] And once something's _that_ solid, it may be time to consider
    etching it in silicon rather than primary or secondary storage.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://www.tuhs.org/pipermail/tuhs/attachments/20230313/1ccfc66a/attachment.sig>

More information about the TUHS mailing list