HackerTrans
TopNewTrendsCommentsPastAskShowJobs

btrask

no profile record

Submissions

Tower of Babel

en.wikipedia.org
1 points·by btrask·5 лет назад·0 comments

Metacrap: Putting the torch to seven straw-men of the meta-utopia (2001)

people.well.com
2 points·by btrask·6 лет назад·0 comments

Venture Capital’s Biggest Fear (2011)

red-sweater.com
3 points·by btrask·6 лет назад·0 comments

WebKit Shutting Down (April Fools 2007)

webkit.org
13 points·by btrask·6 лет назад·1 comments

comments

btrask
·5 лет назад·discuss
I might be the last person to realize this, but did Microsoft name it .NET because they already had COM?
btrask
·5 лет назад·discuss
This article does not undermine its own point. In fact, very, very few articles ever undermine their own point. In order to undermine your own point it means you've failed to construct a logical chain of thought. But that is what people do all the time in their daily lives. Maybe children would undermine their own points, or someone posting their first ill-thought comment on Facebook. But I think most people will learn how to construct an argument by their second time publishing one.

In this case, the article is not about 'the joys of being too dumb to breathe'. It's about how 1. looking stupid is not the same as being stupid, and 2. looking stupid can be beneficial in the long run. The author does not need to actually be stupid once in order to support this idea.

And I have to worry if you think he's "bragging" about merely looking stupid, as if that weren't bad enough. Maybe if you identify as stupid I could understand the offense.

To the author, Dan Luu: I like your article and I think you're on the right track!
btrask
·5 лет назад·discuss
I didn't like Regehr's proposal because I don't want a friendly dialect of C. I mostly just want C the way it worked up until, say, GCC 4.x.

I don't know specifically how to fix the standard, although I've been thinking about it. A simple idea would be like the Linux mandate "don't break userspace." The language-lawyering has to stop, and more rules are unlikely to help.
btrask
·5 лет назад·discuss
Or... the standard just has bugs which could be fixed. Bugs meaning: being out of line with the history of C and large amounts of C code in the wild.

The more people beat the standard drum, the worse things will get until the standard itself is fixed.

Other languages that don't have a standard don't have this problem (but they do have other problems).
btrask
·6 лет назад·discuss
Yeah, in C you need to use assertions (or simple checks) for things that might be null.

That said the compiler isn't infinitely smart (thank god) and complex null derefs will "safely" make it to runtime. (What a sad world we're in.)
btrask
·6 лет назад·discuss
If you are transferring ownership, you would do

    p2 = p1; p1 = NULL;
However if you are intentionally doing multiple ownership, then yes you can still have problems.
btrask
·6 лет назад·discuss
Green threads.
btrask
·6 лет назад·discuss
I see now, I misunderstood your original post. You were saying async/await is necessary because futures work badly, not because all the alternatives (i.e. locks) work badly.

Sorry, my mistake!

Edit to add: futures work badly in every language, so there's no shame in the borrow checker not working with them.

Edit 2: But in that case we're back to "why would Rust want async/await over (potentially green) threads with its first-class support for locks?"
btrask
·6 лет назад·discuss
Whether it's kernel threads or green threads, the same patterns (locks, etc) are possible. Locks are supposed to be the borrow checker's bread and butter, because it can guarantee they are held before accessing shared state. But now you're saying "the borrow checker makes writing code without [async/await] difficult, inefficient, and unergonomic."

I'm not saying locks are better than async/await (although they are[1]). You're saying the borrow checker itself can't handle them in real world use?

[1] https://journal.stuffwithstuff.com/2015/02/01/what-color-is-...
btrask
·6 лет назад·discuss
Wait, what? What happened to "fearless concurrency"? I thought this was supposed to be one of the borrow checker's selling points!

https://blog.rust-lang.org/2015/04/10/Fearless-Concurrency.h...
btrask
·6 лет назад·discuss
So over the last thousand years salt has been a hyper-inflationary asset, and you're trying to tell me I'm rich for owning some?
btrask
·6 лет назад·discuss
This article is such a great opportunity for introspection ("what do we need in order to do better?"). It's too bad that the top comment has turned it into an opportunity for egotism ("they need us!").
btrask
·6 лет назад·discuss
Very reasonable! Thank you for the discussion :)
btrask
·6 лет назад·discuss
Taking a pointer-to-pointer is intentional to make it clear that the pointer will be modified. That's actually the most important difference from nn3's version IMHO.
btrask
·6 лет назад·discuss
Good points, thank you for explaining!

I can see an argument for wrapping it in a macro so you can turn off nulling in debug builds (ASan might even have hooks so you can automate this, I know Valgrind does). But use-after-free is worse than just double-frees, and if you read a dangling pointer in production there's no real way to catch it AFAIK. Last I heard (admittedly been a few years since I checked), you're not supposed to deploy ASan builds because they actually increase the attack surface.

So, your program's memory is full of these dangling pointers, and at some point you will have a bug you didn't catch and use one. And you can't even write an assertion to check that it's valid. What do you propose?

And again to clarify, I'm not trying to advocate for hiding bugs. I want to catch them early (e.g. with assertions), but I also want to avoid reading garbage at runtime at all costs, because that's how programs get pwn'd.
btrask
·6 лет назад·discuss
I tried making it a plain function at one point but ran into some weirdness around using void * * with certain arguments (const buffers?). You don't want to accept plain void * because it's too easy to pass a pointer instead of a pointer to a pointer. Using a macro is (ironically) more type safe.

Maybe someone else could figure out how to do it properly, since I'd definitely prefer a function.
btrask
·6 лет назад·discuss
do {} while(0) is a common idiom for macros in C, because it consumes the trailing semicolon, which a bare {} block doesn't do.

    if(x) MACRO();
    else something();
expands to

    if(x) { ... }; // Error!
    else something();
btrask
·6 лет назад·discuss
I appreciate you defending me, but I don't think he was trying to be dishonest.
btrask
·6 лет назад·discuss
I don't think that's fair in this case because nulling out pointers isn't the first line of defense. If you forget to do it once, it's not going to cause a bug in and of itself. You can easily grep the code periodically to find any cases you missed.
btrask
·6 лет назад·discuss
Help me out here, because I'm really trying to understand. Are you saying that dangling pointers that blow up if you double-free them is an "automatic check"? If not, what kind of automatic check are you talking about?

If the extra code is really that bothersome, just use a macro or wrapper function.