|
NFX posted:Is it really UB if the pointer isn't dereferenced? In a program with several instances of undefined behavior, there's no exact requirement of just how it will fail and which part of the program will appear to be responsible. It's just beyond the scope of the standard.
|
#
¿
Feb 5, 2014 08:30
|
|
|
|
| # ¿ May 16, 2024 06:59 |
|
|
That Turkey Story posted:It's not petty and these are valid criticisms/bugs. Sorry you like encouraging poor code.
|
|
#
¿
Feb 16, 2014 09:35
|
|
|
It's an open sores project on GitHub. If the guy has that level of technical knowledge to know what reserved IDs are, he can submit a patch to remove them. Since he's submitting it to tracking for someone else to work on, he should have made a case for it being worth the effort.
|
|
#
¿
Feb 16, 2014 22:08
|
|
|
pseudorandom name posted:BOOL functions returning TRUE, FALSE or -1
|
|
#
¿
Feb 18, 2014 18:49
|
|
|
They don't mean those things. They mean BOOL, in all its subtlety.
|
|
#
¿
Feb 18, 2014 19:00
|
|
|
Just found this test case in my project, recently added by a dev who had given notice and is gone now. Java code:Gazpacho fucked around with this message at 22:19 on Mar 3, 2014 |
|
#
¿
Mar 3, 2014 22:06
|
|
|
"Thingy" isn't something I substituted, that's from the actual test case name. As to whether it tests the thingy, whatever it may be, your guess is as good as mine.
|
|
#
¿
Mar 4, 2014 01:21
|
|
|
necrotic posted:I would've thought 'use strict' would have something to say about it, but it does not. Can't say I'm surprised about that as default behavior with scoping of JS.
|
|
#
¿
Mar 6, 2014 00:35
|
|
|
KARMA! posted:Crockford is such a penis, jesus. (He's a penis just the same.)
|
|
#
¿
Mar 23, 2014 22:12
|
|
|
C++ code:
|
|
#
¿
Mar 27, 2014 00:05
|
|
|
feedmegin posted:For that to compile presumably there's a using namespace std; in there somewhere. Which is also horrible NtotheTC posted:thanks for these. one underlying theme im spotting is that hardware developers seem to hate software. and not in an ironic "haha software sucks, coding horrors amirite?" way- but a proper "everything should be hardware" way. is that actually a thing? What SD described is a benefit of working in any company that produces a general-purpose OS stack.
|
|
#
¿
Mar 27, 2014 20:17
|
|
|
Objective-C code:
|
|
#
¿
Apr 8, 2014 21:26
|
|
|
If the guy who wrote the feature you're fixing is on standby, I'd consider that an invitation to start delegating small, routine parts of the work to him.
|
|
#
¿
Apr 9, 2014 19:48
|
|
|
feedmegin posted:That's not a language thing, that's a 'my compiler is poo poo at reporting errors' thing. The language in no way mandates bad error reporting.
|
|
#
¿
Apr 10, 2014 21:30
|
|
|
Said company will continue putting in ball pits as long as it remains an effective PR gimmick to attract talented introverts.
|
|
#
¿
Apr 11, 2014 09:13
|
|
|
Suspicious Dish posted:I found a bug in GNU bash, so I went to go check out the source code. Huh...  e: If you were a real hacker you would have spent all of 30 minutes rigging up emacs to import the patches and tarballs into quilt Gazpacho fucked around with this message at 06:56 on Apr 16, 2014 |
|
#
¿
Apr 16, 2014 06:49
|
|
|
Suspicious Dish posted:Hey guys, today I realized that JavaScript is not good, but is in fact bad! We need to replace it with
|
|
#
¿
May 16, 2014 05:08
|
|
|
e: I don't want to be part of the problem here
|
|
#
¿
Jul 5, 2014 00:46
|
|
|
Vanadium posted:I think I get how people end up injecting environment variables, but who thought it would be a good idea to interpret random strings found at arbitrary places in the environment as functions at startup? I've been using the first two options because I didn't know about the function export mechanism, but if I had I'd be pretty heavily invested in it by now. This feature of Bash is in the oldest available source code released in August 1996, and probably a few years older than that. That's back when people entrusted their passwords to telnet. The real horror is that the vulnerability of this plainly documented feature is only now being "discovered". Gazpacho fucked around with this message at 09:57 on Sep 27, 2014 |
|
#
¿
Sep 27, 2014 09:45
|
|
|
"Hmm, so you're using CRC32 as a digest." *reviews obvious JavaScript port of the public domain CRC32, notices weird poo poo* "Did you test this CRC implementation?" "No, but I don't see that it matters." Gazpacho fucked around with this message at 00:55 on Oct 5, 2014 |
|
#
¿
Oct 5, 2014 00:51
|
|
|
If your administrator makes you lock files while editing them, you may complain only about your administrator. nb: I'm just going off what I've heard in yospos, that apparently there are idiot Perforce administrators who set it up in some kind of RCS-like mode where you always have to lock files. Never seen it firsthand, fortunately. Gazpacho fucked around with this message at 02:13 on Oct 24, 2014 |
|
#
¿
Oct 24, 2014 02:10
|
|
|
https://ef.gy/fastcgi-is-pointless FastCGI vs. HTTP "We already have a vendor-neutral protocol for accessing potentially generated resources from a web server that is supported by all major web servers and doesn't require spawning a new process for each requested resource: it's called HTTP! All decent web servers can proxy incoming requests to other web servers via HTTP. This has been a feature of virtually all web servers since long before FastCGI came around. In fact, the best web server currently alive and kicking - nginx - is famous for this capability. You'll stumble over a lot of guides and howtos describing how to use nginx as a load balancer for "heavy duty" web servers like Apache, by intercepting HTTP requests and proxying them to one of several backend servers. So why would you use FastCGI for your next web application's backend? ... It'll be a lot easier to just use or implement your own HTTP server and run that on a Unix socket instead of implementing FastCGI for the same purpose. You'll probably be prone to fewer bugs in other people's code and you'll get the exact request you're trying to respond to, and considering HTTP is a lot easier to read, you'll also be making fewer bugs parsing it yourself. It's quite easy, really, I came up with a 400-ish line C++ header that implements an HTTP server with Boost::ASIO." Oh those "other people" and their buggy code. :iamafag: I don't want to deny anyone the fun of writing their own HTTP implementation, but before they run to production with it and tell the world how easy it is, perhaps they could - implement chunked transfers - accept abnormally cased header names - enforce some mandatory request validations ... and those other little things that httpd takes more than 400 lines to do. Gazpacho fucked around with this message at 04:32 on Apr 24, 2015 |
|
#
¿
Apr 24, 2015 03:01
|
|
|
How would you duplicate the functionality of JavaScript's escape function in Objective-C? If your answer involves finding out what the escape function does, and writing the ~10 lines to do that in Objective-C, then you're a fool. The correct answer is: transform the string to a JS string literal, then create a webview and use it to run a script that calls the escape function on that literal.
|
|
#
¿
May 21, 2015 23:07
|
|
|
Well if you don't mind going through the whole JavaScript parse/compile/execute cycle for each little string that you have to escape ...
|
|
#
¿
May 22, 2015 01:17
|
|
|
I swear, the worst code in this industry is written by people reimplementing core library functions. Someone tried to do something new and complicated and got it wrong? It's ok; to err is human. They got it in their head that parsing/formatting integers falls into the "new and complicated" category? I don't want them anywhere around me.
|
|
#
¿
May 22, 2015 21:04
|
|
|
While that is a serious mistake, I suspect that it's not a case of reimplementing the library in vain, but rather reimplementing functions that aren't available in a freestanding environment.
|
|
#
¿
May 22, 2015 22:34
|
|
|
oh, CS academic horrors now? When I did undergrad (in EE), the university's CS department was in the liberal arts division, having been cobbled together from bits of the math department and the business school. The department head was a hardcore "formal methods" / waterfall model geek who believed that if something didn't run on IBM mainframes it didn't exist. Like many CS departments, this one had a compilers course. Were the students in this course instructed to build a compiler? Ha, no. They built an RFC 822 message parser. That was the final project for the course. The department head personally taught the SE course, which I took. The content of that course was: Read and recite verbatim from this book about the only software dev method that can ever possibly work, even though nobody uses it. The final project was to design a system on paper according to the method in the book. (It's waterfall-based, remember. Coding is just an afterthought.) After that department head retired, the EE department took over and started pushing the CS program toward ABET accreditation, which it finally received. Gazpacho fucked around with this message at 22:18 on May 28, 2015 |
|
#
¿
May 28, 2015 22:10
|
|
|
How does one extract the octets from a .NET IPAddress object? Very carefully.C# code:
Gazpacho fucked around with this message at 22:26 on Jun 5, 2015 |
|
#
¿
Jun 5, 2015 19:05
|
|
|
LeftistMuslimObama posted:Some of the teams at my company do Agile or scrums or whatever, and it all seems so loving dumb to me. What's so hard about going to work, and doing the poo poo you need to do at a pace that enables you to meet your deadline? Why do we need special names and paradigms for everything? Just do as much work as you can at a reasonable pace every day. Don't stop until the work is done. The end. I have never organized myself further than "Monday I am doing a code review, Tuesday I'm going to focus on getting a rough version of Module Y knocked out... etc", and I am easily 3x more productive than any of the Agile devotees I've met at work, and I turn out a lot fewer bugs than them too. Half the Agile disciple teams aren't even allowed to do big enhancements right now because they have too many bugs to fix.
|
|
#
¿
Aug 2, 2015 09:27
|
|
|
I'm all for unit testing, and TDD as a means of ensuring that tests get written, but I also agree with the critiques of Robert Martin, who promotes his methods as a substitute for expertise — as if two fools with the proper testing discipline could reconstruct computer science and design patterns from scratch.
|
|
#
¿
Aug 2, 2015 20:58
|
|
|
LeftistMuslimObama posted:I really don't like the whole artificial deadline that is a sprint. Even if the "ideal" implementation of agile doesn't do this, I feel that in the real world it just encourages developers to rush to get something "done" within this arbitrary deadline, and as a result they never slow down to test things piece by piece, or make fixes to their in-progress code beyond bandaids to "make it work". Gazpacho fucked around with this message at 19:01 on Aug 3, 2015 |
|
#
¿
Aug 3, 2015 18:58
|
|
|
Part of Agile as it's interpreted at my company (and presented in the external training class) is that at the end of the sprint you demonstrate your features to the product team. Complete features, without any scaffolding. This continues to be a source of pain for the reasons I described, but what's the alternative? We can't use the planning meetings to argue about details of implementation and what completion "really" means. There's a tension between the way managers and developers think of development work that I believe Agile aggressively sweeps under the rug.
Gazpacho fucked around with this message at 21:58 on Aug 3, 2015 |
|
#
¿
Aug 3, 2015 21:50
|
|
|
smackfu posted:Within the last year, I ran into a commercial encryption API that used a fixed length buffer when you encrypted a file. So if the path you passed was longer than 160 chars, it crashed. The official workaround was to "move it to a directory with a shorter path." Terrifying.
|
|
#
¿
Feb 28, 2017 17:13
|
|
|
Powaqoatse posted:But do they claim to handle them at the same time???
|
|
#
¿
Mar 3, 2017 20:49
|
|
|
Munkeymon posted:Oh and AFAIK Microsoft still doesn't dogfood it which is always a good sign.
|
|
#
¿
Mar 7, 2017 22:34
|
|
|
Loezi posted:I believe that at least in medical the field of surgery "leave a gauze in the patient's chest" in reality is a surprisingly big problem, up to a point where in a modern surgical theatre you have a dude who's only job is to ensure that that literal scenario does not happen by constantly counting stuff and writing the process down in excruciating detail. I wonder what exactly would be programming equivalent of that, statistical code analysis? Running a site with no JavaScript is fine as long as no one's trying to grow their business with it. If they are, they're going to get annoyed at hearing "no" all the time.
|
|
#
¿
Apr 23, 2017 22:09
|
|
|
SupSuper posted:I think human nature instinctively get the consequences of physical damage (and even then they still gently caress up). By comparison, the worse a shoddily built program will do 99% of the time is make someone's life miserable, usually the programmers, possibly the users too, and since jobs are dreary as it is, making your job harder is not immediately apparent. Unless your idea is to force everyone to shape up by working on life-threatening software, I don't think you can really compare the two. Putting that aside, I've been in the industry long enough to know that DoD-style "process" isn't going to make incompetent devs competent, but will make good devs miserable enough to find another line of work. Gazpacho fucked around with this message at 06:11 on Apr 24, 2017 |
|
#
¿
Apr 24, 2017 05:59
|
|
|
My employer's product reads and reports (among other things) local time zone offsets from mobile devices. Implementations are available in JavaScript (the original), Objective-C and Android Java. In JavaScript, a "time zone offset" is rear end-backwards from most written representations of time zone offsets. It is the number of minutes that must be added to a local time to convert it to UTC. This duplicates the behavior of a legacy Java method with the same name. Fair enough, as long as the semantics are understood. Long ago, when the Objective-C and Android implementations were created, each one ended up calculating the local offset differently from the JavaScript one (ObjC by necessity, and Android by choice/accident/malice). And the signs came out wrong! So naturally, those implementations report the absolute value of the offset.  We do sell into the eastern hemisphere, in case you were wondering.The product does lots of other dumb things with time, and the downstream team that develops on top of it never says anything to us about this, but regularly tries to stop us from fixing anything. Gazpacho fucked around with this message at 05:59 on Apr 27, 2017 |
|
#
¿
Apr 27, 2017 03:39
|
|
|
Kilson posted:I don't know why they don't just preserve that behavior in the shell, but remove the stupid restriction from the filesystem, or preserve the current semantics only for filenames without an extension. People gotta get over the idea that it's every operating system's duty to copy the behavior of unix. Gazpacho fucked around with this message at 16:57 on May 2, 2017 |
|
#
¿
May 2, 2017 16:40
|
|
|
|
| # ¿ May 16, 2024 06:59 |
|
|
Raymond Chen has explained this at length and repeatedly. There is no point when it is OK to wantonly break compatibility for customers of a successful product that is marketed for business automation. People will sue you. Apple can do it to the extent that they target individuals over businesses.
|
|
#
¿
May 2, 2017 17:24
|
|