MitchAlsup said:
Coders can check buffer problems themselves at a vanishingly low
costs.
But why should they? The compiler can easily insert the checks and can
even remove most redundant checks automatically.
A careful coder will also be able to insert checks only where necessary,
but once the code has gone through a few modifications, the assumptions
that allowed some checks to be eliminated may no longer be true, so you
risk safety holes unless you think carefully about the consequences of
every change. If you leave it to the compiler to figure these things
out, all you have to do is recompile.
A good coder can make safe and efficient code in C, but it takes effort
and most coders are not good enough to achieve both efficiency and
safety in C -- either they make efficient and unsafe code or they make
safe but inefficient code by coding defensively, i.e., inserting a lot
of redundant tests and assertions.
So you should leave C-coding to the 1% of programmers that actually know
what they do and are willing to use the extra effort. All the rest
should use languages/compilers with managed memory and compiler-inserted
tests, even if a few of these are redundant.
The cost is not so high as many believe. This belief stems from the
fact that most languages that use managed memory and guaranteed checks
also do a lot of other stuff that _is_ costly and hard to optimise, such
as dynamic method invocation, reflection, dynamic type checking and so
on. If you strip these away and make a C-like language with managed
memory and guaranteed checks, it will run nearly as fast as well-written
C and faster than badly written C.
Torben