Dailydave mailing list archives
Fwd: Re[2]: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did
From: Rodney Thayer <rodney () canola-jones com>
Date: Thu, 05 Feb 2004 07:08:46 -0800
Halvar wrote...
MH> effort into. Another giveaway are people who "can't" work without pointers MH> and/or loose typing. I am not all too sure about this. Loose typing certainly has little use, but pointers are so essential to algorithmic and memory efficiency that branding them as evil is like declaring that cars which go faster than 20mph are too risky.
ooh a theological coding debate with Matt and Halvar. Sounds like... slightly more dangerous that nuclear weapons disassembly. But I'll give it a humble shot. I've done a lot of consulting gigs where I go in and get to repair busted code from long-gone programmers. I've seen several bad pointer situations. Don't get me wrong, like many things, use of pointers is something that can be perfectly reasonable, neat, readable, reliable, etc. But it's something that is unfortunately a tool for people to be slovenly dumb fucks too. The classic thing is someone has "a dynamic number of <things>" and therefore they dynamically allocate pointers to things. This looks good in Comp Sci class and probably got you an 'A' but in the real world it bites because you can't chase down data easily. Also, the "dynamic" aspect tends to be bullshit. Imagine a system that's supposed to have 1000 max SSL connections. It therefore has some swoopy cool dynamic mechanism to allocate up to 1000 SSL context objects. Trouble is, if it fails, you have a core dump with SSL contexts spread all the way from here to Mars and chasing them down to examine them is wicked painful. If, instead, you do the dumb stupid trick of allocating a fixed array of 1000 SSL contexts, and use those, then they're all in one nice easy to find fixed location and you can examine all of them with little effort. If someone goes "ewww ick you allocated all that memory statically" my answer is "hey, in the specificed scenario you had to have all that memory anyway, so how can the consumption of the memory be illegtimate?" Oops, I'm thinking like a developer who expects to be responsible for building robust, testable, maintainable code before it's delivered to Q-A or the customer, or subjected to some pornographic test cooked up by CTO (Chief Torture Officer) Aitel using Canvas. Sorry. I'll crawl back in my cave now. (And, no, I have no delusions that my code is always right or always secure, I'm just commenting on maintainability. I think maintainability and reliability and security of code are closely related subjects.) _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Fwd: Re[2]: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Rodney Thayer (Feb 05)