-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1Am 19.12.2009 19:25, schrieb Andre de Leiradella:

I think everyone has the right to have an opinion?

Sure, so there’s no point in arguing about programming languages.
Everyone has it’s own preferences.
The only thing i would like to know are the sizes (in SLOC) of your C
and C++ projects.

Btw. Perhaps we could talk about a “alternative library” and not a rival
library. Has anybody invited/notified the developers of SFML about this
discussion here?

Christoph Nelles

E-Mail : @Christoph_Nelles
Jabber : eazrael at evilazrael.net ICQ : 78819723

PGP-Key : ID 0x424FB55B on subkeys.pgp.net
or http://evilazrael.net/pgp.txt

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkstHGkACgkQBcR1PkJPtVsIvwCfWpwCv2A460radqUcUt9N/JM/
ui0An2wJjuqODQWBBbtiXHfcLtDybhYT
=2F3y
-----END PGP SIGNATURE-----

try
{
//stuff
goto finally;
}
catch(…)
{
finally:
//More Stuff
}

Alternatively

try
{
//stuff
throw 42;
}
catch(int finally)
{
//Hooray a finally block :V
}

(I’m just having fun being a butthead )> -----Original Message-----

From: sdl-bounces at lists.libsdl.org [mailto:sdl-
bounces at lists.libsdl.org] On Behalf Of Mason Wheeler
Sent: Saturday, December 19, 2009 5:07 AM
To: SDL Development List
Subject: Re: [SDL] rival library?

----- Original Message ----

From: Tres Walsh <@Tres_Walsh>
Subject: Re: [SDL] rival library?

Is there any way to do this
in
C++ without creating a new class and instantiating an object of it,
which
is a gross hack?

/* Terrible Idea! */
try { // stuff }
catch(…) { // more stuff }

Hope that answers your question! :V

No, unfortunately. Unless I’m badly mistaken, the catch(…) code
will only execute if an exception is thrown. The point of a finally
block is that the code will execute no matter what when the flow
of control passes out of the block, whether by an exception,
a return(), or normal program flow.

---

SDL mailing list
SDL at lists.libsdl.org
http://lists.libsdl.org/listinfo.cgi/sdl-libsdl.org

There is a famous paper about this type of issues called “Worse is
Better”. Meaning most of the best technologies end up dying against worse
ones, because people prefer pragmatic solutions and are willing to live
with worse solutions if they can get good enough results.

Yep. And that’s the principal reason why computer security problems have
reached pandemic proportions and are still getting worse more than they get
better.

Nope. The principal reason behind malware is Windows. Most servers do not run
Windows but the most hacked servers run IIS. The amount of malware targeting
Windows has nothing to do with there being more desktop Windows
installations, it’s because Windows is easy to hack.

Now having said that, it is possible to write vulnerable software for any OS,
in any language. The existence of exploitable software says more about the
skill of the programmer than the language it’s written in.

So you use whatever language you deem is best suited for a particular task,
I’ll use whichever I think is most appropriate, the guy down the street will
use what he likes best, and let’s not nag each other about it.

JeffOn Saturday 19 December 2009 07:33, Mason Wheeler wrote:

From: Paulo Pinto

Nice remark.

I do feel that SFML is a nice C++ library if you want to do some coding
without
creating your own set of objects.

If on the other hand you are writing your own framework, or scene graph,
then SDL
might be a better choice because of the leaner API.–
Paulo

On Sat, Dec 19, 2009 at 7:33 PM, Christoph Nelles wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 19.12.2009 19:25, schrieb Andre de Leiradella:

I think everyone has the right to have an opinion?

Sure, so there’s no point in arguing about programming languages.
Everyone has it’s own preferences.
The only thing i would like to know are the sizes (in SLOC) of your C
and C++ projects.

Btw. Perhaps we could talk about a “alternative library” and not a rival
library. Has anybody invited/notified the developers of SFML about this
discussion here?

---

Christoph Nelles

E-Mail : evilazrael at evilazrael.de
Jabber : eazrael at evilazrael.net ICQ : 78819723

PGP-Key : ID 0x424FB55B on subkeys.pgp.net
or http://evilazrael.net/pgp.txt

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkstHGkACgkQBcR1PkJPtVsIvwCfWpwCv2A460radqUcUt9N/JM/
ui0An2wJjuqODQWBBbtiXHfcLtDybhYT
=2F3y
-----END PGP SIGNATURE-----

---

SDL mailing list
SDL at lists.libsdl.org
http://lists.libsdl.org/listinfo.cgi/sdl-libsdl.org

Gregory Smith writes:

To paraphrase The Simpsons, can’t this list go one week without a C++
flamewar?

Hey guys! Look what I found in the mailing list server!

ls /etc/cron.weekly/

c++flamewar#

Allocating stuff on the stack is an efficient, cache-friendly,
hardware-supported way of using local variables. As long as computing
power is finite, efficiency will be an issue. Which makes the
discussion about stack allocation a little redundant.

You’re trading a very minor (dare I say “premature”?) optimization
for all sorts of safety problems. Just look at all the troubles caused
by QT using stack-allocated objects without doing a good job of
documenting what was a value type and what was a reference type.

Unlike heap allocation, using data on the stack is automatically
cache-friendly. It’s perfectly possible to allocate data from the heap
though. It’s done all the time. I’m not familiar with QT, so I can’t
comment on whether using stack-allocated objects in QT causes security
problems (how?). If it is true, it boils down to bad programming skills
or bad documentation, not bad language.

It’s just the way today’s computers do things. That’s what registers
like ESP and EBP on x86 are for.

Stack allocation is wonderful for value types. But once you get
something that owns references to other variables, it’s more trouble
than it’s worth. Then you’re better off using another x86 feature:
the built-in instructions for dereferencing pointers.

Then use data from the heap where necessary. You’re not really
suggesting C++ should dump stack allocation altogether? Or are you
suggesting the language should let the programmer decide whether to
allocate from stack or from heap? That’s exactly what C++ is doing.

C++ is just not high-level enough to ignore the machines it’s
running on.

Never said it should be. The problem is that C++ ignores the
problem domain. That’s not a matter of high-level or low-level,
it’s a matter of bad language design.

Maybe you want another language.

No “maybe” about it!

C++ is not a VHLL. C++ covers a different area of use than you seem to
want. You can perfectly use C++ for programming a 16MHz ATMega micro
with 16 Kilobytes RAM. Partly because C++ uses, by default, a string
representation that hardware can process efficiently: just a
zero-terminated list of bytes. If std::string were built into the
language, it would waste precious extra RAM. Because it’s part of the
STL, you can use it, but you don’t have to, if every byte counts.
That makes C++ flexible. If everything that people would like to have
(like garbage collection…) was built into the language, using it to
program microcontrollers, for example, would not be possible. Likewise,
you can’t afford to allocate everything from the heap on those
systems because of allocation overhead (processing time, wasted space).

C++ is just not the language you want.On Sat, 19 Dec 2009 07:55:23 -0800 (PST) Mason Wheeler wrote:

----- Original Message ----
From: Johannes Kroll <@Johannes_Kroll>
Subject: Re: [SDL] rival library?

Well actually there are quite a few higher level languages that run on such
small environments.

http://en.wikipedia.org/wiki/Sun_SPOT (Java subset)
http://www.parallax.com/propeller/ (Spin)
http://www.parallax.com/tabid/295/Default.aspx (Basic)

But this does not break the concept that we need system programing languages
that are free
from vendor lock-in, standard, portable as much as possible between several
target sytems,
high level enough to be productive but also allow to work low level when
needed.

So far no language was able to dispel C and C++ from their places exactly
because they are
not able to offer better alternatives. And when they do, the effort of
switching the complete IT is
not worth it.

Assembler is still needed nowadays, even if it is only in some niche cases.
The same will hold
true for C/C++.

Even if an OS is 98% coded in a higher level language, maybe those 2% will
be something like C
or C++.

Because the tools are good enough at their job.–
Paulo

On Sun, Dec 20, 2009 at 12:40 PM, Johannes Kroll wrote:

On Sat, 19 Dec 2009 07:55:23 -0800 (PST) Mason Wheeler wrote:

----- Original Message ----

From: Johannes Kroll
Subject: Re: [SDL] rival library?

Allocating stuff on the stack is an efficient, cache-friendly,
hardware-supported way of using local variables. As long as computing
power is finite, efficiency will be an issue. Which makes the
discussion about stack allocation a little redundant.

You’re trading a very minor (dare I say “premature”?) optimization
for all sorts of safety problems. Just look at all the troubles caused
by QT using stack-allocated objects without doing a good job of
documenting what was a value type and what was a reference type.

Unlike heap allocation, using data on the stack is automatically
cache-friendly. It’s perfectly possible to allocate data from the heap
though. It’s done all the time. I’m not familiar with QT, so I can’t
comment on whether using stack-allocated objects in QT causes security
problems (how?). If it is true, it boils down to bad programming skills
or bad documentation, not bad language.

It’s just the way today’s computers do things. That’s what registers
like ESP and EBP on x86 are for.

Stack allocation is wonderful for value types. But once you get
something that owns references to other variables, it’s more trouble
than it’s worth. Then you’re better off using another x86 feature:
the built-in instructions for dereferencing pointers.

Then use data from the heap where necessary. You’re not really
suggesting C++ should dump stack allocation altogether? Or are you
suggesting the language should let the programmer decide whether to
allocate from stack or from heap? That’s exactly what C++ is doing.

C++ is just not high-level enough to ignore the machines it’s
running on.

Never said it should be. The problem is that C++ ignores the
problem domain. That’s not a matter of high-level or low-level,
it’s a matter of bad language design.

Maybe you want another language.

No “maybe” about it!

C++ is not a VHLL. C++ covers a different area of use than you seem to
want. You can perfectly use C++ for programming a 16MHz ATMega micro
with 16 Kilobytes RAM. Partly because C++ uses, by default, a string
representation that hardware can process efficiently: just a
zero-terminated list of bytes. If std::string were built into the
language, it would waste precious extra RAM. Because it’s part of the
STL, you can use it, but you don’t have to, if every byte counts.
That makes C++ flexible. If everything that people would like to have
(like garbage collection…) was built into the language, using it to
program microcontrollers, for example, would not be possible. Likewise,
you can’t afford to allocate everything from the heap on those
systems because of allocation overhead (processing time, wasted space).

C++ is just not the language you want.

---

SDL mailing list
SDL at lists.libsdl.org
http://lists.libsdl.org/listinfo.cgi/sdl-libsdl.org

This is what I was waiting for, Tres.

try
{
//stuff
throw 42;
}
catch(int finally)
{
//Hooray a finally block :V
}

I don’t have any experience with try…finally. Mason, will this do it?

Jonny DOn Sat, Dec 19, 2009 at 2:56 PM, Tres Walsh <tres.walsh at gmail.com> wrote:

try
{
? ? ? ?//stuff
? ? ? ?goto finally;
}
catch(…)
{
? ? ? ?finally:
? ? ? ?//More Stuff
}

Alternatively

try
{
? ? ? ?//stuff
? ? ? ?throw 42;
}
catch(int finally)
{
? ? ? ?//Hooray a finally block :V
}

(I’m just having fun being a butthead )

-----Original Message-----
From: sdl-bounces at lists.libsdl.org [mailto:sdl-
bounces at lists.libsdl.org] On Behalf Of Mason Wheeler
Sent: Saturday, December 19, 2009 5:07 AM
To: SDL Development List
Subject: Re: [SDL] rival library?

----- Original Message ----

From: Tres Walsh <tres.walsh at gmail.com>
Subject: Re: [SDL] rival library?

Is there any way to do this
in
C++ without creating a new class and instantiating an object of it,
which
is a gross hack?

/* Terrible Idea! */
try { // stuff }
catch(…) { // more stuff }

Hope that answers your question! :V

No, unfortunately. ?Unless I’m badly mistaken, the catch(…) code
will only execute if an exception is thrown. ?The point of a finally
block is that the code will execute no matter what when the flow
of control passes out of the block, whether by an exception,
a return(), or normal program flow.

---

SDL mailing list
SDL at lists.libsdl.org
http://lists.libsdl.org/listinfo.cgi/sdl-libsdl.org

---

SDL mailing list
SDL at lists.libsdl.org
http://lists.libsdl.org/listinfo.cgi/sdl-libsdl.org

Unlike heap allocation, using data on the stack is automatically
cache-friendly. It’s perfectly possible to allocate data from the heap
though. It’s done all the time. I’m not familiar with QT, so I can’t
comment on whether using stack-allocated objects in QT causes security
problems (how?). If it is true, it boils down to bad programming skills
or bad documentation, not bad language.

More safety problems than security problems, though there are points
where the two overlap. By passing (copies of) stack-allocated objects
outside the library to user code, which the user code was then able to
obtain references to. Hilarity ensues once the stack gets cleaned up
and objects that the object contains a reference to are deallocated
out from under the user.

And yes, that’s partially a bad programming skills issue, and I’ve
heard that a lot of these bugs have been fixed lately, but it’s also
partially the fault of bad language design for making it possible in
the first place.

Stack allocation is wonderful for value types. But once you get
something that owns references to other variables, it’s more trouble
than it’s worth. Then you’re better off using another x86 feature:
the built-in instructions for dereferencing pointers.

Then use data from the heap where necessary. You’re not really
suggesting C++ should dump stack allocation altogether?

No, of course not. See above, “stack allocation is wonderful for
value types.” I’m suggesting that C++ should dump stack allocation
for objects altogether.

Wait, no. That would break backwards compatibility with too much
existing code. What I’m really suggesting is that programmers
should dump C++ altogether.

C++ is not a VHLL. C++ covers a different area of use than you seem to
want. You can perfectly use C++ for programming a 16MHz ATMega micro
with 16 Kilobytes RAM. Partly because C++ uses, by default, a string
representation that hardware can process efficiently: just a
zero-terminated list of bytes.

That’s probably the worst example you could have given. See
http://www.joelonsoftware.com/articles/fog0000000319.html in which
Joel Spolsky, who knows a lot more about C++ than I ever will,
explains why C strings are pretty much the worst possible way to
handle strings, from the perspective of the CPU. He specifically holds
up the Pascal string model as an improvement. It has one drawback,
that strings are very limited in size. This can be fixed, though, by
using two bytes, or four, instead of one for the length data.

Of course, since strings tend to be big, you probably don’t want to
be passing them around by value (copying all howevermany bytes
to the stack every time you make a function call) anyway, so it’s a
good idea to make them reference types. IIRC, C strings are
always reference types anyway, so that’s not much of a
problem… yet.

But due to pointer aliasing, changing a string with multiple
references to it would cause trouble. So how do you fix that?
By putting a reference count on your string, (which takes care
of memory and cleanup issues as long as you don’t do anything
stupid like casting it to a pointer), and implementing copy-on-write
semantics for strings with multiple references.

Of course, all of this has to be baked into the compiler to really
work well. But once you get it working, you have something far
more efficient for real-world use cases than C strings. No linear
scan required for obtaining the length or concatenation.
(Imagine trying to take the length of a C string representing the
text of an entire novel!) And with the length known up front, your
CPU can read from it one native word size at a time, (or more, if
you’ve got SIMD instructions and large registers available, for
example,) instead of having to go one byte at a time and then
test each individual byte to see if it’s 0, which results in huge speed
gains on modern hardware.

The additional cost for all these real-world optimizations is a few
extra bytes per string. 4-8, depending on how large you make your
size marker and your reference count, as opposed to 1 byte of
overhead for C strings. This is the Delphi string model. It’s the
sort of thing that happens when language designers actually think
about how certain language features get used in real-world use
cases, instead of applying premature optimizations. (And, of
course, if those extra bookkeeping bytes are just too much for your
scenario, the option to fall back to old-school Pascal strings is still
available.)>----- Original Message ----

From: Johannes Kroll
Subject: Re: [SDL] rival library?

This is what I was waiting for, Tres.

try
{
//stuff
throw 42;
}
catch(int finally)
{
//Hooray a finally block :V
}

I don’t have any experience with try…finally. Mason, will this do it?

Jonny D

Close. It would have to be a catch(…) block, in order to also catch
any exceptions that would be thrown from within the code. But it
still doesn’t satisfy the requirement that the finally-block code
always execute, even in the case of a return() statement. I don’t
think that’s possible without compiler support.>----- Original Message ----

From: Jonathan Dearborn
Subject: Re: [SDL] rival library?

See
http://www.joelonsoftware.com/articles/fog0000000319.html in which
Joel Spolsky, who knows a lot more about C++ than I ever will,
explains why C strings are pretty much the worst possible way to
handle strings, from the perspective of the CPU.

But C doesn’t have strings! Strings don’t fit in CPU registers

Seriously, strings come with their own set of problems that must be
solved. For example, when you concatenate two strings, where the result
should be written to? Heap is not the right answer because C runs in
systems where a heap is not available. The functions in <string.h> help
you by pretending that character arrays are strings and leave that
responsibility to the caller, which is the most sensible thing to do in
such systems.

C doesn’t force you into a high-level data type that can be implemented
in one million different ways because there isn’t a correct one for all
programmers.

Cheers,

Andre

There are quite a few languages in the Pascal family that successfully have
shown that you can
have type safety and systems programming hand in hand.

Oberon, Modula-2, Modula-3, Ada, Eiffel

But they all suffer from a big disadvantage, they belong to the Pascal
family of languages and
most programmers tend to lean to the C family of languages.

Maybe D could replace C++, but I doubt it. I don’t see many people picking
it up, and looking at
the Digital Mars site, it looks like a dead language kind of.

If Microsoft would be a more faire player, C# could take that role,
specially looking at their Singularity
project. Then again, this might never happen.

That is why I said that I currently don’t see any replacement for C++
happening any time soon.–
Paulo

On Sun, Dec 20, 2009 at 3:22 PM, Mason Wheeler wrote:

----- Original Message ----

From: Johannes Kroll
Subject: Re: [SDL] rival library?

Unlike heap allocation, using data on the stack is automatically
cache-friendly. It’s perfectly possible to allocate data from the heap
though. It’s done all the time. I’m not familiar with QT, so I can’t
comment on whether using stack-allocated objects in QT causes security
problems (how?). If it is true, it boils down to bad programming skills
or bad documentation, not bad language.

More safety problems than security problems, though there are points
where the two overlap. By passing (copies of) stack-allocated objects
outside the library to user code, which the user code was then able to
obtain references to. Hilarity ensues once the stack gets cleaned up
and objects that the object contains a reference to are deallocated
out from under the user.

And yes, that’s partially a bad programming skills issue, and I’ve
heard that a lot of these bugs have been fixed lately, but it’s also
partially the fault of bad language design for making it possible in
the first place.

Stack allocation is wonderful for value types. But once you get
something that owns references to other variables, it’s more trouble
than it’s worth. Then you’re better off using another x86 feature:
the built-in instructions for dereferencing pointers.

Then use data from the heap where necessary. You’re not really
suggesting C++ should dump stack allocation altogether?

No, of course not. See above, “stack allocation is wonderful for
value types.” I’m suggesting that C++ should dump stack allocation
for objects altogether.

Wait, no. That would break backwards compatibility with too much
existing code. What I’m really suggesting is that programmers
should dump C++ altogether.

C++ is not a VHLL. C++ covers a different area of use than you seem to
want. You can perfectly use C++ for programming a 16MHz ATMega micro
with 16 Kilobytes RAM. Partly because C++ uses, by default, a string
representation that hardware can process efficiently: just a
zero-terminated list of bytes.

That’s probably the worst example you could have given. See
http://www.joelonsoftware.com/articles/fog0000000319.html in which
Joel Spolsky, who knows a lot more about C++ than I ever will,
explains why C strings are pretty much the worst possible way to
handle strings, from the perspective of the CPU. He specifically holds
up the Pascal string model as an improvement. It has one drawback,
that strings are very limited in size. This can be fixed, though, by
using two bytes, or four, instead of one for the length data.

Of course, since strings tend to be big, you probably don’t want to
be passing them around by value (copying all howevermany bytes
to the stack every time you make a function call) anyway, so it’s a
good idea to make them reference types. IIRC, C strings are
always reference types anyway, so that’s not much of a
problem… yet.

But due to pointer aliasing, changing a string with multiple
references to it would cause trouble. So how do you fix that?
By putting a reference count on your string, (which takes care
of memory and cleanup issues as long as you don’t do anything
stupid like casting it to a pointer), and implementing copy-on-write
semantics for strings with multiple references.

Of course, all of this has to be baked into the compiler to really
work well. But once you get it working, you have something far
more efficient for real-world use cases than C strings. No linear
scan required for obtaining the length or concatenation.
(Imagine trying to take the length of a C string representing the
text of an entire novel!) And with the length known up front, your
CPU can read from it one native word size at a time, (or more, if
you’ve got SIMD instructions and large registers available, for
example,) instead of having to go one byte at a time and then
test each individual byte to see if it’s 0, which results in huge speed
gains on modern hardware.

The additional cost for all these real-world optimizations is a few
extra bytes per string. 4-8, depending on how large you make your
size marker and your reference count, as opposed to 1 byte of
overhead for C strings. This is the Delphi string model. It’s the
sort of thing that happens when language designers actually think
about how certain language features get used in real-world use
cases, instead of applying premature optimizations. (And, of
course, if those extra bookkeeping bytes are just too much for your
scenario, the option to fall back to old-school Pascal strings is still
available.)

---

SDL mailing list
SDL at lists.libsdl.org
http://lists.libsdl.org/listinfo.cgi/sdl-libsdl.org

Yeah, but C is nothing more than a high level assembler. That’s why.On Sun, Dec 20, 2009 at 4:19 PM, Andre de Leiradella < aleirade at sct.microlink.com.br> wrote:

See

http://www.joelonsoftware.com/articles/fog0000000319.html in which
Joel Spolsky, who knows a lot more about C++ than I ever will,
explains why C strings are pretty much the worst possible way to
handle strings, from the perspective of the CPU.

But C doesn’t have strings! Strings don’t fit in CPU registers

Seriously, strings come with their own set of problems that must be solved.
For example, when you concatenate two strings, where the result should be
written to? Heap is not the right answer because C runs in systems where a
heap is not available. The functions in <string.h> help you by pretending
that character arrays are strings and leave that responsibility to the
caller, which is the most sensible thing to do in such systems.

C doesn’t force you into a high-level data type that can be implemented in
one million different ways because there isn’t a correct one for all
programmers.

Cheers,

Andre

---

SDL mailing list
SDL at lists.libsdl.org
http://lists.libsdl.org/listinfo.cgi/sdl-libsdl.org

Unlike heap allocation, using data on the stack is automatically
cache-friendly. It’s perfectly possible to allocate data from the heap
though. It’s done all the time. I’m not familiar with QT, so I can’t
comment on whether using stack-allocated objects in QT causes security
problems (how?). If it is true, it boils down to bad programming skills
or bad documentation, not bad language.

More safety problems than security problems, though there are points
where the two overlap. By passing (copies of) stack-allocated objects
outside the library to user code, which the user code was then able to
obtain references to. Hilarity ensues once the stack gets cleaned up
and objects that the object contains a reference to are deallocated
out from under the user.

Errr… That’s a typical newbie error, right? Compilers issue warnings
for these types of errors.

And yes, that’s partially a bad programming skills issue, and I’ve
heard that a lot of these bugs have been fixed lately, but it’s also
partially the fault of bad language design for making it possible in
the first place.

If someone returns an address of something that was allocated on the
stack, it’s the programmer’s fault, not a fault of the language.

Stack allocation is wonderful for value types. But once you get
something that owns references to other variables, it’s more trouble
than it’s worth. Then you’re better off using another x86 feature:
the built-in instructions for dereferencing pointers.

Then use data from the heap where necessary. You’re not really
suggesting C++ should dump stack allocation altogether?

No, of course not. See above, “stack allocation is wonderful for
value types.” I’m suggesting that C++ should dump stack allocation
for objects altogether.

So where exactly do you draw the line between “objects” and “value
types”? Is a class containing only a few ints and no
pointers/references to anything an object, or a “value type”?

Still, I don’t think the dumbness of a few programmers should dumb down
the whole language.

C++ is not a VHLL. C++ covers a different area of use than you seem to
want. You can perfectly use C++ for programming a 16MHz ATMega micro
with 16 Kilobytes RAM. Partly because C++ uses, by default, a string
representation that hardware can process efficiently: just a
zero-terminated list of bytes.

That’s probably the worst example you could have given. See
http://www.joelonsoftware.com/articles/fog0000000319.html in which
Joel Spolsky, who knows a lot more about C++ than I ever will,
explains why C strings are pretty much the worst possible way to
handle strings, from the perspective of the CPU. He specifically holds
up the Pascal string model as an improvement. It has one drawback,
that strings are very limited in size. This can be fixed, though, by
using two bytes, or four, instead of one for the length data.

Let’s not discuss performance issues of C-style vs Pascal-style
strings I don’t think it makes a huge difference one way or the
other. But the memory usage might. Making the length prefix
variable-sized isn’t really feasible since then you would have to
compile all the code an app uses (including libraries) with the same
prefix-size options. So you end up using 4-byte prefixes. So each
string uses 3 bytes more memory than a C string would. This doesn’t
normally matter on desktops of course, but on microcontrollers and the
like, it does matter.

Of course, since strings tend to be big, you probably don’t want to
be passing them around by value (copying all howevermany bytes
to the stack every time you make a function call) anyway, so it’s a
good idea to make them reference types. IIRC, C strings are
always reference types anyway, so that’s not much of a
problem… yet.

But due to pointer aliasing, changing a string with multiple
references to it would cause trouble. So how do you fix that?

If you change a string, it is changed, no matter how many references to
it exist. This is just plain obvious. Everything else would be
counter-intuitive, and wrong. Nothing to fix here.

By putting a reference count on your string, (which takes care
of memory and cleanup issues as long as you don’t do anything
stupid like casting it to a pointer), and implementing copy-on-write
semantics for strings with multiple references.

Actually, no. You wouldn’t want features like automatic reference
counting and copy-on-write for strings on systems with limited
resources. These systems probably don’t count for you - but like I
said, use a different language then.

Of course, all of this has to be baked into the compiler to really
work well. But once you get it working, you have something far
more efficient for real-world use cases than C strings. No linear
scan required for obtaining the length or concatenation.
(Imagine trying to take the length of a C string representing the
text of an entire novel!) And with the length known up front, your
CPU can read from it one native word size at a time, (or more, if
you’ve got SIMD instructions and large registers available, for
example,) instead of having to go one byte at a time and then
test each individual byte to see if it’s 0, which results in huge speed
gains on modern hardware.

The additional cost for all these real-world optimizations is a few
extra bytes per string. 4-8, depending on how large you make your
size marker and your reference count, as opposed to 1 byte of
overhead for C strings. This is the Delphi string model. It’s the
sort of thing that happens when language designers actually think
about how certain language features get used in real-world use
cases, instead of applying premature optimizations. (And, of
course, if those extra bookkeeping bytes are just too much for your
scenario, the option to fall back to old-school Pascal strings is still
available.)

If you know that your program will never use strings longer than 256
bytes, yes. ;-)On Sun, 20 Dec 2009 06:22:52 -0800 (PST) Mason Wheeler wrote:

----- Original Message ----
From: Johannes Kroll <@Johannes_Kroll>
Subject: Re: [SDL] rival library?

Stack (or buffer) overrun. The following copied from
http://weblogs.asp.net/gad/archive/2004/03/23/94996.aspx

Buffer overrun attack is a very common attack utilized by hackers. This type
of attack is not new. This attack utilizes poor coding practices in C and
C++ code, with the handling of string functions. The following code is an
example of a buffer overrun.

void myMethod(char * pStr) {
char pBuff[10];
int nCount = 0;

strcpy(pBuff, pStr);

}

void foo()
{
}

Cause:

The input pStr is of an unknown size. The string copy is unsafe. If the
string (pStr) is greater then 10 characters, then the buffer (pBuff) starts
to bleed into nCount and the method foo. The buffer overrun property
exploited would allow for the execution of foo by manipulation of the
application input.On Sunday 20 December 2009 03:40, Johannes Kroll wrote:

Unlike heap allocation, using data on the stack is automatically
cache-friendly. It’s perfectly possible to allocate data from the heap
though. It’s done all the time. I’m not familiar with QT, so I can’t
comment on whether using stack-allocated objects in QT causes security
problems (how?).

(Note: The above would not necessarily “bleed into” method foo. Depends on
the compiler. No C or C++ compiler I know of would allocate pBuff anywhere
but on the stack. But the end result is the same, the hacker can cause
execution of arbitrary code.)

If it is true, it boils down to bad programming skills
or bad documentation, not bad language.

Yep

Jeff

Any tool that is powerful is also dangerous. Think what you can do with a
common screwdriver. That doesn’t make it bad design. It does make it
incumbent on the programmer to learn to use the power wisely.

JeffOn Sunday 20 December 2009 06:22, Mason Wheeler wrote:

And yes, that’s partially a bad programming skills issue, and I’ve
heard that a lot of these bugs have been fixed lately, but it’s also
partially the fault of bad language design for making it possible in
the first place.

Unfortunely there are lots of average programmers out there.On Sun, Dec 20, 2009 at 4:48 PM, Jeff Post <j_post at pacbell.net> wrote:

On Sunday 20 December 2009 03:40, Johannes Kroll wrote:

---

(Note: The above would not necessarily “bleed into” method foo. Depends
on
the compiler. No C or C++ compiler I know of would allocate pBuff anywhere
but on the stack. But the end result is the same, the hacker can cause
execution of arbitrary code.)

If it is true, it boils down to bad programming skills
or bad documentation, not bad language.

Yep

Jeff

---

SDL mailing list
SDL at lists.libsdl.org
http://lists.libsdl.org/listinfo.cgi/sdl-libsdl.org

Unlike heap allocation, using data on the stack is automatically
cache-friendly. It’s perfectly possible to allocate data from the heap
though. It’s done all the time. I’m not familiar with QT, so I can’t
comment on whether using stack-allocated objects in QT causes security
problems (how?).

Stack (or buffer) overrun. The following copied from
http://weblogs.asp.net/gad/archive/2004/03/23/94996.aspx

[…]

Apparently Mason Wheeler was not talking about buffer overflows. He was
talking about returning addresses of stack-allocated data (in QT).
Besides, 1) if I understand him correctly, he would still allocate
"value types" on the stack, making stack overflows still possible, 2)
Buffer overflows on the heap can be just as dangerous, 3) … like you
said, learn to use the screwdriver, or don’t use it ;)On Sun, 20 Dec 2009 07:48:36 -0800 Jeff Post <j_post at pacbell.net> wrote:

On Sunday 20 December 2009 03:40, Johannes Kroll wrote:

Hey guys, this is a great discussion, but it’s gotten big and off
topic. Please take it off list.

Thanks!On Sun, Dec 20, 2009 at 8:17 AM, Johannes Kroll wrote:

On Sun, 20 Dec 2009 07:48:36 -0800 Jeff Post <j_post at pacbell.net> wrote:

On Sunday 20 December 2009 03:40, Johannes Kroll wrote:

Unlike heap allocation, using data on the stack is automatically
cache-friendly. It’s perfectly possible to allocate data from the heap
though. It’s done all the time. I’m not familiar with QT, so I can’t
comment on whether using stack-allocated objects in QT causes security
problems (how?).

Stack (or buffer) overrun. The following copied from
http://weblogs.asp.net/gad/archive/2004/03/23/94996.aspx

[…]

Apparently Mason Wheeler was not talking about buffer overflows. He was
talking about returning addresses of stack-allocated data (in QT).
Besides, 1) if I understand him correctly, he would still allocate
"value types" on the stack, making stack overflows still possible, 2)
Buffer overflows on the heap can be just as dangerous, 3) … like you
said, learn to use the screwdriver, or don’t use it

---

SDL mailing list
SDL at lists.libsdl.org
http://lists.libsdl.org/listinfo.cgi/sdl-libsdl.org

–
-Sam Lantinga, Founder and President, Galaxy Gameworks LLC

Hey guys, this is a great discussion, but it’s gotten big and off
topic. Please take it off list.

Thanks!

You’re right, sorry.On Sun, 20 Dec 2009 08:21:34 -0800 Sam Lantinga wrote: