Email or username:

Password:

Forgot your password?
Hector's posts Post Back to profile
Top-level
Hector Martin

@javierg The language matters because segfaulting on invalid input only happens in memory unsafe languages. On a memory safe language you generally have to make a conscious decision about how to handle errors and unexpected situations.

19 July at 11:23 | Open on social.treehouse.systems
8 comments
Javier

@marcan and that's exactly how this kind of quality-free coffee is written: assuming nothing wrong ever happens. In "memory safe" languages it's the "reliably crash" that would stay in the code because nobody cares to check if it's replaced with actual error handling.

19 July at 11:30 | Open on mstdn.social
Hector Martin

@javierg At least with a memory-safe language someone had to make an *active decision* to reliably crash (making this something solvable by policy, e.g. ban such constructs in the linter), as opposed to no decision at all (which is impossible to protect against or have processes that forbid, once you're using a memory unsafe language).

19 July at 12:24 | Open on social.treehouse.systems
Henri

@marcan @javierg if they used Rust they would just put unsafe everywhere, c’mon you know this.

19 July at 15:06 | Open on mdon.ee
soc

@slyecho @marcan @javierg With which part of

> something solvable by policy, e.g. ban such constructs

are you struggling?

19 July at 15:49 | Open on chaos.social
Henri

@soc @marcan @javierg Yeah, I work in corporate software development, we have all kinds of rules, guidelines, code review at least by 2 persons, SonarQube and still a lot of crap gets through

19 July at 15:54 | Open on mdon.ee
Javier

@marcan
that's too hopeful. in this case it seems the bug was in the parser; evidently it's a codepath that has never been tested. thinking that any linter or development tool would "fix" that presumes a lot more discipline than what passes as "professional" in that kind of companies.

the problem is their "success" in secrecy. for anything security- or management-related that's the perfect recipe for failure.

no tool can help those who don't have to do a good job to profit.

@marcan
that's too hopeful. in this case it seems the bug was in the parser; evidently it's a codepath that has never been tested. thinking that any linter or development tool would "fix" that presumes a lot more discipline than what passes as "professional" in that kind of companies.

the problem is their "success" in secrecy. for anything security- or management-related that's the perfect recipe for failure.

19 July at 15:28 | Open on mstdn.social
Esparta :ruby:

@marcan @javierg

re:

> At least with a memory-safe language someone had to make an *active decision* to reliably crash (making this something solvable by policy, e.g. ban such constructs in the linter),

I've seen entire teams making concise active decision to break things for the sake of save their ass or the corporate reputation - if any.

I agree, it's way better if the programming language has all the controls and tries their best to avoid unconscious bad decisions.

19 July at 20:23 | Open on ruby.social
feld
@marcan @javierg

> The language matters because segfaulting on invalid input only happens in memory unsafe languages.

but the error is PAGE_FAULT_IN_NONPAGED_AREA

Code you write does not get to handle this error gracefully. This is the kernel shooting it in the head. This is not something Rust magically solves. I literally reported an issue a couple weeks ago to a Rust program that was having this type of problem on FreeBSD

pid 10464 (qdrant), jid 113, uid 0: exited on signal 11 (no core dump - bad address)
pid 14270 (qdrant), jid 113, uid 0: exited on signal 11 (no core dump - bad address)
pid 16531 (qdrant), jid 113, uid 0: exited on signal 11 (no core dump - bad address)
pid 19441 (qdrant), jid 113, uid 0: exited on signal 11 (no core dump - bad address)
@marcan @javierg

> The language matters because segfaulting on invalid input only happens in memory unsafe languages.

19 July at 13:43 | Open on bikeshed.party
Go Up