|
A coworker found some code yesterday in a queue implementation that, instead of using a locking mechanism to handle concurrent access, used taskLock() to disable context switching for the entire system in critical sections. I believe the code was ported from Windows, so it was in a vxworks-friendly implementation of WaitForSingleObject()
|
#
?
Jun 5, 2010 02:34
|
|
|
|
| # ? May 14, 2024 16:44 |
|
|
sklnd posted:A coworker found some code yesterday in a queue implementation that, instead of using a locking mechanism to handle concurrent access, used taskLock() to disable context switching for the entire system in critical sections. I remember the good old days when I learned a lot of my programming fundamentals on an Amiga, the official method for accessing certain system data structures was to make a system call to disable multitasking, read the values, and then re-enable it. It sure was a shock at first to move to Windows after learning so many awful (but necessary) practices like that.
|
|
#
?
Jun 5, 2010 03:22
|
|
|
& anyone?code:Sewer Adventure fucked around with this message at 04:35 on Jun 5, 2010 |
|
#
?
Jun 5, 2010 04:33
|
|
|
Sewer Adventure posted:& anyone? At least there is a huge explanation in comments. I'd prefer that, or even the "//oh my god I am so sorry for this" comment to none in either the code or the commit to the source repository.
|
|
#
?
Jun 5, 2010 08:06
|
|
|
Sewer Adventure posted:& anyone?  What the hell are you guys getting which types are enabled for? Doesn't this just take care of it? code:
|
|
#
?
Jun 5, 2010 17:43
|
|
|
Yakattak posted:
Was looking for some examples of push notifications and I found it on google code. http://easyapns.googlecode.com/svn/trunk/src/delegate/Delegate.m Can only imagine what it's gonna look like then Apple add a few more flags.
|
|
#
?
Jun 5, 2010 17:50
|
|
|
Here's a coding horror from the '(string)key -> (string)val "list" in C# .NEMTF' thread: http://forums.somethingawful.com/newreply.php?action=newreply&postid=377808201#post377808201 code:
|
|
#
?
Jun 5, 2010 22:35
|
|
|
Flobbster posted:I remember the good old days when I learned a lot of my programming fundamentals on an Amiga, the official method for accessing certain system data structures was to make a system call to disable multitasking, read the values, and then re-enable it. I remember when I first learned programming on the Amiga, and was shocked to move to windows where I could disable multitasking without explicitly telling the operating system to do so.
|
|
#
?
Jun 7, 2010 16:59
|
|
|
shrughes posted:http://forums.somethingawful.com/newreply.php?action=newreply&postid=377808201#post377808201 Why the hell did you link to newreply.php?
|
|
#
?
Jun 7, 2010 17:13
|
|
|
Munkeymon posted:Why the hell did you link to newreply.php? The fragment identifier links (#) under posts are defined relative to the surrounding page, so if you copy and paste them on the reply screen, they will end up pointing there.
|
|
#
?
Jun 7, 2010 17:21
|
|
|
Nigglypuff posted:The fragment identifier links (#) under posts are defined relative to the surrounding page, so if you copy and paste them on the reply screen, they will end up pointing there. You mean like this except upside down?
|
|
#
?
Jun 7, 2010 18:29
|
|
|
Dijkstracula posted:The real real horror is that
|
|
#
?
Jun 7, 2010 19:05
|
|
|
Entheogen -> Hexadecimal -> RussianManiac -> LockeNessMonster -> CrazyRRRussian He's approaching teapot levels of money blown on the forums without anything like teapot levels of comedy
|
|
#
?
Jun 7, 2010 20:39
|
|
|
b0lt posted:You mean like this except upside down? Yeah, suddenly I was replying to a thread, which was not at all what I was expecting to happen, but I guess it does keep the forums from changing my pointer to the last read post in the thread, so there's that? Anyway, I just discovered something just super special here at work. There's a feature to bundle up PDFs for download as either a zip archive or one big PDF. Seems simple, right? Just find all the file names and mash then into a command to send to the appropriate binary through PHP's popen() function (this is how we do things here, which is probably also a horror). Right, except not. Instead, we've apprently decided to have the script do this in batches by redirecting back to itself via emitted JavaScript and passing the new list and state variables in a form full of hidden inputs that get POSTed back. Then, once the list is empty, the user gets a download link. Now - shock of shocks - it "isnt working" (actual content of the complaint email) and I have to debug this 
|
|
#
?
Jun 7, 2010 21:48
|
|
|
I just produced this horror:code:It is very very gross, but shell scripting is a guilty pleasure for me. It's so dirty.
|
|
#
?
Jun 7, 2010 21:53
|
|
|
You know what else is just as dirty and probably a lot safer? Unprotected anal sex with anonymous men in bathroom stalls.
|
|
#
?
Jun 7, 2010 21:58
|
|
|
Athas posted:It is a snippet of Bourne shell script for checking whether a tarball ($1) extracts to more than a single file/directory.
|
|
#
?
Jun 7, 2010 22:00
|
|
|
Does awful documentation count as a 'coding' horror? I'm looking at MSDN right now for some details about Excel interop, and a few links later I'm looking at the VBA reference for Excel. MSDN is always a little hit and miss, but this is the most hosed up, rear end backwards documentation I've ever seen. Take the Workbook Object as an example. For reasons I cannot possibly imagine, they decided that rather than document the properties and methods of a Workbook, they instead should enumerate the properties of other objects that return a Workbook. A grand total of three properties or methods, out of well over a hundred, are mentioned at all, and those three are bizarrely random. Seriously, what the gently caress is this poo poo?
|
|
#
?
Jun 9, 2010 20:48
|
|
|
Zhentar posted:Does awful documentation count as a 'coding' horror? I'm pretty sure everything to do with MSDN is a coding horror including the site itself.
|
|
#
?
Jun 9, 2010 21:29
|
|
|
Lorem ipsum posted:I'm pretty sure everything to do with MSDN is a coding horror including the site itself. And they change it weekly. It's never better, but it's always different. My favorite was the week where they had the function signature in different languages in this little iframe-esque tab dealer. Which was fine, except it always defaulted to the VB tab, and VB lacks a huge range of the Windows API, so it'd just say "This function is not available in Visual Basic." Great. ColdPie fucked around with this message at 23:39 on Jun 9, 2010 |
|
#
?
Jun 9, 2010 23:37
|
|
|
ColdPie posted:And they change it weekly. It's never better, but it's always different. It's doing that for every language right now, although that's probably just it being broken in Firefox.
|
|
#
?
Jun 10, 2010 00:48
|
|
|
pseudorandom name posted:It's doing that for every language right now, although that's probably just it being broken in Firefox.
|
|
#
?
Jun 10, 2010 05:03
|
|
|
Can anyone explain why PHP is like this?php:<?
if($undefined_var){ //Evaluates to false.
...
}
define('DEFINED', true);
if(DEFINED){ //Evaluates to true
...
}
if(NOT_DEFINED){ //Evaluates to true
}
?>
|
|
#
?
Jun 10, 2010 22:14
|
|
|
Implying PHP has undergone any sort of design or planning is being awfully generous
|
|
#
?
Jun 10, 2010 22:31
|
|
|
Janin posted:Implying PHP has undergone any sort of design or planning is being awfully generous code:
|
|
#
?
Jun 10, 2010 22:33
|
|
|
mysql_real_escape_string is one of the greatest coding horrors of the modern error. Is there a fake escape string?
|
|
#
?
Jun 10, 2010 22:58
|
|
|
The fake one is gpc_magic_quotes
|
|
#
?
Jun 10, 2010 23:07
|
|
|
Randomosity posted:Can anyone explain why PHP is like this? barewords On a semi-related note, this test case illustrates a fun error I tracked down earlier today: php:<?
if(in_array('', explode(' ', $nonexistant_fucking_variable)))
echo 'gently caress PHP for ever and ever - seriously';
?>
|
|
#
?
Jun 10, 2010 23:18
|
|
|
php:<?
$var = "Variables are case sensitive.";
$VAR = "So you won't see this unless you address $VAR";
function func($v, $s)
{
echo $v."\n";
echo $s."\n";
}
FUNC($var, 'Functions however are case insensitive.');
?>code:php:<?
class A
{
static $str = 'Oi! ';
static function foo() {return self::$str;}
};
class B extends A
{
static $str = 'Oh :(';
};
$php = B::foo();
$donkeyballs = ' you better not make a typo in the wrong spot.';
if( 5 > 1 )
{
foreach( array(5) as $a )
{
$sucks = ' gently caress you, scope >:O ';
}
}
echo $php . $sucks. $donkyballs;
?>code:
|
|
#
?
Jun 10, 2010 23:20
|
|
|
So, Enterprise & Agile have combined to make my life even more frustrating and slow down actual delivery of code. Business requirements: Automatically generate a URL pointing to a product on the customers website using a per-customer pattern and a product_id provided by the customer in XML. Enterprise solution. a) XML product information comes in to the system via an existing perl script, writing it to a database b) An existing database trigger will then write a row to another table c) An existing java process will detect the new row, and fire a message over the shiny new ESB. d) An application on the bus will be written to query a rails server for the product URL e) A rails server & application will be created to query the first database about which pattern should be applied, apply the pattern (sprintf 'http://customer.com/product/%s', product_id) and pass it back to the process on the bus f) The bus then writes the product information into an XML file. BDD, TDD & Agile involvement. The CI environment has to be created which supports - perl originally developed on BSD back in 98. - ruby on rails - jboss Each time the cucumber tests run, they fire up a rails server, fire up a jboss server (takes ~2 minutes), then executes the test. No code gets written before the cucumber tests are written, and it takes days to setup a project which will correctly checkout all the dependancies, configure & compile them and execute a basic "Hello World" test. Then we will write some unit tests, then some code. Ratio of setup & testing to coding 9:1 Ratio of time taken to develop an "Enterprise" solution rather than adding a DB query & sprintf to the existing perl code: 20:1 I could go on about the ESB, why we have an ESB, the manager that introduced it & the consultants he hired to implement it, the quality of code being written for it (regular expressions in java to parse XML), and why it's now a compulsary golden hammer, but, that'd compound the horror. Anyway, in a few days my pair might get to write some useful code.
|
|
#
?
Jun 11, 2010 00:05
|
|
|
Bhaal posted:
What do you expect to get here? Some error about a nonexistent variable $donkyballs?
|
|
#
?
Jun 11, 2010 00:47
|
|
|
king_kilr posted:mysql_real_escape_string is one of the greatest coding horrors of the modern error. Is there a fake escape string? PHP's 'default' mysql interface is a thin wrapper over mysql's C api. Said C api originally had the mysql_escape_string function, which was found to be buggy in that it had a shitton of vulnerabilities. The mysql devs deprecated (but didn't remove iirc) the function, and added a 'fixed' mysql_real_escape_string function. The PHP devs followed this change in the mysql C api in their interface to mysql. So there are two horrors here, in addition to the rather curious choice of any informed developer to not use prepared statements (aka parameterized queries). Incidentally, if you're stuck with PHP, you can use prepared statements via the mysqli module.
|
|
#
?
Jun 11, 2010 01:14
|
|
|
Randomosity posted:Can anyone explain why PHP is like this? If you go dig into older versions of PHP, you might see arrays using literal strings as in $users[name];. This would give you the right value until the day someone defines a constant with the name 'name', where code now magically breaks somewhere down the execution path. It's terrible on every possible point. I can't see how one could defend this. MononcQc fucked around with this message at 01:43 on Jun 11, 2010 |
|
#
?
Jun 11, 2010 01:41
|
|
|
Kilson posted:What do you expect to get here? Some error about a nonexistent variable $donkyballs? 1) Errors by default just echo out, which runs roughshod over the resulting html, so you're stuck with overloading the error handler, practically out of the box. This is more of a pain in the rear end annoyance though. 2) There is a paradigm in php of including all the possible options whether or not they're activated. This goes for string building OR math. "Hello {$salutation} {$first_name}, thank you for your purchase of a{$n} {$product}", for instance, might have $salutation and $n completely undefined due to the data that was initially handed over. You also get frameworks that build sql queries in this manner all over. But it's not just with strings, consider this simplified example: php:<?
//$sales_tax isn't defined up here because php is a slut and people are assholes
if( has_sales_tax($state) )
{
$sales_tax = compute_sales_tax($state, $subtotal);
}
$grand_total = $subtotal + $fees + $sales_tax;
?>What could go wrong? Now I'll pull a real-world example I came across recently. Take something like this: php:<? $important_value = $var1 + $var2 + $var3 + $hello_i_am_var4_slightly_mispelled + $var5; ?> So imagine a block of 8 similar lines of code, with one of the variables on one of the lines having a slight typo. Now imagine that adding in possibly undefined values is par for the course throughout the app, so error handling is set up to ignore that (and good luck lobbying to get that changed). And a subtle math error emerges that due to the nature of the calculations is difficult to manually backtrack, and doesn't always show up because it's commonplace to have some of those 40 values calculate to 0 anyway. This took a while to even be discovered, then even longer to start looking in the right area due it only being noticed first in a single instance, and you have all the OTHER areas of logic, queries and data that feed into this grand totalling section which really by itself is very straightforward, "what could possibly be wrong here, it's addition and has been working so far". Yes, better testing would've caught it but it WAS being tested, by more than one person, daily; it just had a low catch rate as the bug was intermittant and deals with a fuckload of data that isn't easy to calculate by hand. When I found the bug all I could think of is how dumb does your language have to be (and the people who adopt lovely paradigms with it) to let something as simple as a mistyped variable cause so much grief. Whereas in java or C++ or whatever, somewhere months and months into the pre-testing era a programmer would've hit compile, the compiler would've said "Hey jackass, wtf is $donkyballs?", and 5 seconds later it would've been a thing of the past. Bhaal fucked around with this message at 02:37 on Jun 11, 2010 |
|
#
?
Jun 11, 2010 02:29
|
|
|
Otto Skorzeny posted:PHP's 'default' mysql interface is a thin wrapper over mysql's C api. Said C api originally had the mysql_escape_string function, which was found to be buggy in that it had a shitton of vulnerabilities. The mysql devs deprecated (but didn't remove iirc) the function, and added a 'fixed' mysql_real_escape_string function. The PHP devs followed this change in the mysql C api in their interface to mysql. So there are two horrors here, in addition to the rather curious choice of any informed developer to not use prepared statements (aka parameterized queries). Incidentally, if you're stuck with PHP, you can use prepared statements via the mysqli module. Wait they left an API with KNOWN SECURITY VULNERABILITIES in? I've accused them of incompetence before, but that's just negligence in the extreme.
|
|
#
?
Jun 11, 2010 03:07
|
|
|
king_kilr posted:Wait they left an API with KNOWN SECURITY VULNERABILITIES in? I've accused them of incompetence before, but that's just negligence in the extreme.
|
|
#
?
Jun 11, 2010 03:09
|
|
|
Otto Skorzeny posted:PHP's 'default' mysql interface is a thin wrapper over mysql's C api. Said C api originally had the mysql_escape_string function, which was found to be buggy in that it had a shitton of vulnerabilities. The mysql devs deprecated (but didn't remove iirc) the function, and added a 'fixed' mysql_real_escape_string function. The PHP devs followed this change in the mysql C api in their interface to mysql. So there are two horrors here, in addition to the rather curious choice of any informed developer to not use prepared statements (aka parameterized queries). Incidentally, if you're stuck with PHP, you can use prepared statements via the mysqli module. Was there something to stop them just making the escape function secure and asking everyone to upgrade?
|
|
#
?
Jun 11, 2010 03:28
|
|
|
Jonnty posted:Was there something to stop them just making the escape function secure and asking everyone to upgrade? Legacy support.
|
|
#
?
Jun 11, 2010 03:31
|
|
|
HFX posted:Legacy support. Does that imply that there are programs that somehow rely on the buggy behaviour of that escape function, then?
|
|
#
?
Jun 11, 2010 03:59
|
|
|
|
| # ? May 14, 2024 16:44 |
|
|
Jonnty posted:Does that imply that there are programs that somehow rely on the buggy behaviour of that escape function, then? Yes. Rasmus Lerdorf is the leader of an elite Cayman Islands-based hacking ring that created PHP as part of their scheme to water the Internet with security flaws.
|
|
#
?
Jun 11, 2010 04:05
|
|