We C Everything Old is New Again
frank freedman
Posts: 1,976
In light of the long running threads on the forums regarding C/Spin/others this seemed as good a place as any to make this observation.
Those of us who go back to the late '80s or so will remember the big push to get every one to go from COBOL to C. "Learn C and save your job". Called BS on it then because when you realized the amount of COBOL code that was tested, proven and in service for a long time by that point, it began to dawn on you that the cost of replacing all that code would never likely be approved unless very slowly over time if ever before total ossification of the bussiness it supports.
Time to throw the BS flag again. Lately there have been articles out in various media that it's time to dump C (and its variants) for some more secure language to address the issues of security. Once again, time to look at cost vs. benefit. If the COBOL code base was huge and hugely expensive, how much more so for all the C code out there in so many more applications produced in the last 40+ years?
My guess would be again the reasonable thing will be to begin looking at real risks with existing code/devices and likely continuing with mitigation of risk rather than wholesale replacement of m(b)illions of lines of in-service code. Probably progressing through rewrite or decommissioning when something becomes unworkable or too great a risk to continue in its current form and concurrently writing in the newer "more secure" languages.
Whether it's banking, medical devices or rocket science, still comes down to cost/benefit. Once again, everything old is new again..... It will be interesting to see what the perspectives are among the various forum members out there.
Comments
I never heard any such thing back then, but then I don't live in USA either. There was lots of rivalry between Pascal and C, I do remember that.
As for newer options, I'd maybe like to learn Rust. That's about it. No interest in anything with hardwired garbage collection.
That NVIDIA guy recently said you shouldn't learn any programming language and just let his artificially stupid bots code for you. What a gormless goon. Completely unrelatedly, wanna buy some shovels and pickaxes off me? I hear there's gold in them hills over there. Lot's of gold (fool's gold, that is). You can trust me, as a shovel salesman I totally don't have a conflict of interest that would lead me to recommend you drop everything to become a gold digger. Where would you get such an idea?
More seriously, I agree there's quite a lot of brainrot going on regarding the "Rewrite in Rust" (or other language equivalents) idea. The benefit of such things is really dubious, considering the bugs you'll no doubt introduce in the process. And of course "secure" and "safe" have a very particular meaning here. That is, "the program will never write to memory it is not supposed to write to". There's some cleverness in newer languages to prevent some obvious C bugs (missing break in switch/case, type promotion, etc), but fundamentally you will not write bug-free code. And in cases where there's actual safety at risk (not just dumb script kidde computer hacks), you'll need massive amounts of tests and certifications, anyways, and the program crashing instead of overwriting possibly non-critical memory is not necessarily better.
Can you post some examples or links? I'd like to read them.
Here are my initial thoughts ...
The cost would be enormous, and the security benefits small (if they exist at all). It makes as much sense to say "it's time to dump assembly language" - because that's what C is these days - a portable assembly language. It's small, fast and ... yes ... a bit dangerous. But that's necessary - and any danger associated with it is generally a result of poor coding, rather than the language itself. You can write safe programs in C, just as you can write dangerously flawed programs in any other language. There are languages that are far less accident prone than C - my favorite is Ada - but the footprint of them is huge - I doubt, for instance, that you would often see a device driver written in Ada. But they are often written in C.
This looks like an attack on open source software such as Linux. Which is now much cheaper, safer, flexible and future-proof than any commercial equivalent, such as the various monstrosities offered by Micro$oft - which is why they hate it so much. And guess what? It's written entirely in C!
Choose your language to suit your application. For an embedded micro controller, C is the right choice. For a nuclear power station or a missile control system, Ada is the right choice. For a banking system, maybe COBOL is still the right choice. For an AI chatbot, I'd recommend brainf*ck. What could possibly go wrong?
Why pigeon hole yourself with any one particular language? If you understand the fundamentals then you can code in just about any language. .. and yes I have coded in COBOL with my 4 inch thick reference book.
My current project uses multiple languages ... PIC Assemply, Perl, Python, JavaScript, C+, and perhaps a few others I am missing, but that's all for just one project.
I've read these statements in the news, what makes me "laugh" (not to say "cry") is that every operating system (as well as many so-called "more secure" languages) in the world is written in C at its base, discouraging new generations of "coders" to program in C means that sooner or later no one will be able to maintain an operating system. I expect that in the future we could go back to Commodore 64, ZX Spectrum or (maybe) Apple II systems (and that wouldn't be a bad idea...).
The Propeller is a case study in "rewrite it in spin (and/or pasm)." Except neither language was designed for safety and security.
C is just catching flak for the "The 30 Million Line Problem"
TL;DW Modern operating systems have very approximately 30 million lines of code and things like USB, plug and play, 3D graphics, and WiFi are responsible. My thermostat takes 2 minutes to start up. I don't get it. It's certainly possible to start an embedded Linux system in 10 seconds or less.
In college my least favorite was Cobol, mostly for an office environment, Even Fortran was better.
I can not let that sit here without a comment.
COBOL is a miracle. The only language you do not need to write comments, because the language itself is verbose enough.
And stable. The last two decades of my life I basically rewrite the same software again and again (C#/Windows) because of new Server Variations, new Client Os Variations, new Net Framework Variations and so on.
Meanwhile the Cash-Register software I wrote in 1992 in COBOL/85 just compiles fine on any current COBOL compiler and runs pretty much on any hardware or OS from Mainframe down to some MCs.
Stable source. And that is why COBOL still batch processes all those bank transactions, airline bookings, insurance claims, printing of say telephone bills, whatever.
On the P1 we had the same, Interpreter in ROM, no changes, Any P1 program written - however old - will run on the P1 interpreter.
Not so on the P2 with Spin. It changes a lot. On can say it develops and grows, but isn't that exactly the problem described above?
just saying,
Mike
I even remember the book, Introduction to computer programming structured Cobol
When I wrote a 100 page text with pictures in 1995, WordPerfect was not able to hold all the pictures together with the text in Ram, because this low number of MB of my PC. But the program 30 years ago had all the features needed to write such text in a very similar way you use Word today. My PC is in theory very very much faster now, but I have the impression that 90 percent of the speedup is lost because lower efficiency, or even more?
These days I am playing with some ARM M7 running at 400MHz. But if I compile a C++ Blink example program, this needs 59 kiloBytes of Flash memory!!!! And it can blink at 12MHz. Bloat has reached controllers. I often think, that in other industries, everything is about efficiency, but with computers and software things are still so much different.
About efficiency of development work on the other hand, I have worked in automobile industry. Due to the philosophy, that development is done in projects, knowledge is forgotten and reinvented in that industry quite often too :-) .
((( And if I think about those wars, than human thinking generally seems not to be about efficiency at all.... )))
I used DTP packages for that back then. Mostly used Pagestream. All text was typed in a text editor and then copy-pasted into the DTP. Same for the pictures, they were prep'd in a paint package before copy-pasting into the DTP. In fact I don't think I've ever used a word processor.
I think the DTP kept token images in RAM for page layout purposes. It didn't need much RAM. And then used the full images only when printing. That way resizing never reduced image quality and always produced the best print the printer could do.
The articles about "ditching"C" kinda reminded me of the early 1990s when I went to the CHUBB Institute to learn the IBM MVS/370 system programming. Course included JCL, COBOL and assembler. CHUBB as some may know is a major insurance company among other things, so I am guessing that more than a training money maker, it allowed them to cherry pick the top students for their own in-house purposes. Almost left a tech instructor position with a big OEM, but the pay cut would have been too much; the learning served me well in many other ways. And it was employer paid. And that was around the time of the learn C and... going on. @evanh, you reminded me of another couple of packages out then, Ventura publisher and Corel Draw. Also remember, the Ventura filler incantation that started with lorem ipsum amit sit? Also have an AS/400 in the garage, wonder if it will power up after 25 years in the box. It has RPG and a few other things. Use to talk to it with OS/2 running Communications Manager 2 and 5250 terminal emulation. Would need to resurect an old ISA machine to get access into it over twinax board. More fun for retirement whenever that may happen.
Ha, had to look up RPG (Report Program Generator). Only meaning it had to me was Role Playing Game.
I'm sure there'll be an RS232 port somewhere on the AS/400 you'll be able to plug straight into without needing any networking support.