C also makes memory access and device driver code very easy. The mechanical issues are a side effect of that.

As for design errors, they are hard to prevent anywhere.

"C also makes memory access and device driver code very easy. The mechanical issues are a side effect of that."

I have two problems with this reasoning. First, C is being used for more than writing device drivers; most programs written in C are not device drivers. Second, and more important, is that low-level memory access and the sort of bit-twiddling you are talking about can be done in Common Lisp, and I doubt that you would be shocked to know that the operating systems written in Lisp for Lisp Machines had device drivers. It is possible for any high-level language to expose a low-level pointer type, and doing so will not force programmers to use such low-level constructs in higher-level code.

"As for design errors, they are hard to prevent anywhere."

While true, they are much harder to prevent in C because of the complicated semantics, the enormous amount of undefined behavior, and the plethora of edge cases one must account for. When something as simple as incrementing a counter forces you to deal with edge cases and potentially undefined behavior, it is pretty hard to verify that a C program actually implements a design, even when that design was formally specified and checked. The lack of high-level features and constructs worsens this situation by inflating the number of lines of code in an implementation.

> C also makes memory access and device driver code very easy.

Like any systems programming language, nothing special about C.