Email or username:

Password:

Forgot your password?
Top-level
Javier

@marcan and that's exactly how this kind of quality-free coffee is written: assuming nothing wrong ever happens. In "memory safe" languages it's the "reliably crash" that would stay in the code because nobody cares to check if it's replaced with actual error handling.

6 comments
Hector Martin

@javierg At least with a memory-safe language someone had to make an *active decision* to reliably crash (making this something solvable by policy, e.g. ban such constructs in the linter), as opposed to no decision at all (which is impossible to protect against or have processes that forbid, once you're using a memory unsafe language).

Henri

@marcan @javierg if they used Rust they would just put unsafe everywhere, c’mon you know this.

soc

@slyecho @marcan @javierg With which part of

> something solvable by policy, e.g. ban such constructs

are you struggling?

Henri

@soc @marcan @javierg Yeah, I work in corporate software development, we have all kinds of rules, guidelines, code review at least by 2 persons, SonarQube and still a lot of crap gets through

Javier

@marcan
that's too hopeful. in this case it seems the bug was in the parser; evidently it's a codepath that has never been tested. thinking that any linter or development tool would "fix" that presumes a lot more discipline than what passes as "professional" in that kind of companies.

the problem is their "success" in secrecy. for anything security- or management-related that's the perfect recipe for failure.

no tool can help those who don't have to do a good job to profit.

@marcan
that's too hopeful. in this case it seems the bug was in the parser; evidently it's a codepath that has never been tested. thinking that any linter or development tool would "fix" that presumes a lot more discipline than what passes as "professional" in that kind of companies.

the problem is their "success" in secrecy. for anything security- or management-related that's the perfect recipe for failure.

Esparta :ruby:

@marcan @javierg

re:

> At least with a memory-safe language someone had to make an *active decision* to reliably crash (making this something solvable by policy, e.g. ban such constructs in the linter),

I've seen entire teams making concise active decision to break things for the sake of save their ass or the corporate reputation - if any.

I agree, it's way better if the programming language has all the controls and tries their best to avoid unconscious bad decisions.

Go Up