My other post listed several thousand use after free bugs in hundreds of commercial programs, so your "zero times W is zero" claim is not accurate in practice.
The point is that the bug appears in many programs, particularly C and C-like whatever, and, apparently, Google programs.
You could try to claim they are in all programs, but your selection-bias slip is showing. Programs they are not in (e.g. mine) are nowhere in your list. You can have no idea about the number of such programs. To pretend you do, as Google has done, is not honest.
If you even looked at the research, they sample all programs for which there is code to be viewed, and find such bugs.
Of course you could show that sampling is an invalid way to gather estimates of frequency, and rewrite all of statistics, but I suspect your high level C++ perfection is more time useful to you.
Me, on the other hand, trusts the aggregation of researchers over an internet commenter, even if they do have half of all comments in a topic.
Of course your mystery programs no one else can see provides you a way to claim such sampling is not representative. But since you made the claim, it is up to you to provide evidence.
I get that you have none except your anecdotal self-claims, which is certainly selection bias.
For example:
>Programs they are not in (e.g. mine) are nowhere in your list
I could point out you do mot have proof they are not in it; you just have not found one. Current tech on whole program correctness provers don't yet scale to codebases of this size, and absent that, you do not know your few programs do not have them, no matter how much you claim otherwise or try to code otherwise.
ncmncm|3 years ago
You could try to claim they are in all programs, but your selection-bias slip is showing. Programs they are not in (e.g. mine) are nowhere in your list. You can have no idea about the number of such programs. To pretend you do, as Google has done, is not honest.
ChrisLomont|3 years ago
Of course you could show that sampling is an invalid way to gather estimates of frequency, and rewrite all of statistics, but I suspect your high level C++ perfection is more time useful to you.
Me, on the other hand, trusts the aggregation of researchers over an internet commenter, even if they do have half of all comments in a topic.
Of course your mystery programs no one else can see provides you a way to claim such sampling is not representative. But since you made the claim, it is up to you to provide evidence.
I get that you have none except your anecdotal self-claims, which is certainly selection bias.
For example:
>Programs they are not in (e.g. mine) are nowhere in your list
I could point out you do mot have proof they are not in it; you just have not found one. Current tech on whole program correctness provers don't yet scale to codebases of this size, and absent that, you do not know your few programs do not have them, no matter how much you claim otherwise or try to code otherwise.
"To pretend as you do ... is not honest."