Thou shalt have no other gods before the ANSI C standard 1579

Douglas A. Gwyn

Yes. And not just "some study"; there have been multiple studies done, and they are all fairly consistent (even across multiple development philosophies and teams). Perhaps one could do significantly better if we adopted some other development process, but I have yet to see measurements backing that up.

As I wrote elsewhere, the software engineering field is littered with claims that method X can do dramatically better, but upon actual measurements, the truth is that the benefit often turned out to be measurable but much less dramatic than originally claimed. Lacking measurements, it's hard to know for sure which ideas will pan out.

I'm not familiar with the details, so I don't know. My understanding is that the effect is reasonably consistent across various development methodologies.

No, definitely not. Those studies were not about buffer overruns; they were about defects in general. But you mentioned that "correctness is not a new requirement", and these studies were definitely about correctness. Those studies show that even though correctness is not a new requirement, existing methods are not yet sufficient to ensure correctness -- existing methods have their limits.

Are buffer overruns so much easier than general correctness that it is feasible to completely solve the buffer overrun problem in C, even though we can't solve the general correctness problem? Could be, but I don't see any evidence of that.

Why don't we buttume for the purpose of discussion that there were no buffer overruns among the reported errors? It wouldn't surprise me if that were the case.

Could be. Do you have any better evidence?