A C showstopper

[Nick Keighley]

Nick Keighley wrote:

Exactly. If the person using snprintf() is also the one writing that
function then nothing stops him from adding a buffer size parameter to it.

So, again, can anyone provide an example where the programmer doesn't
know the size of the string that he must pass to snprintf()?

leave more context. Jacob quoted the example of an error logger

void LogError(char *ErrorMessage,int errorcode, char
*callingFunction);

I've written such things and trust me it *is* a PITA if you arbitarily
limit the size of the string.

I suppose you could have (to simplify the example slightly)
void LogError(char *ErrorMessage, int errorcode, size_t msg_size);

then call it

LogError ("too many choclate frogs!", 31, strlen(("too many choclate
frogs!"));

a bit of macro magic could clean this up but it is hardly nice.
And this

void LogError (char *format, ...);

LogErr ("%s %d %s", "too many things", thing_count, more_stuff());

puts us straight back in the cacky. Its possible some of these
things come from an arbitary source

LogErr ("station %s has failed", db_read_station_name(station_id));

 

[Nick Keighley]

Now that you mention it, I don't recall an instance, though I
rather fancy that it has happened.  

quite hard to prove if it just made someone think and then post
less than they otherwise would.

 

[spinoza1111]

spinoza1111said:

"Does C have call by reference?"
In teaching, there is a simple approach, and that simple approach
is to teach this:
1. In C, all function arguments are passed "by value." [K&R2, pg
27] 2. Understanding of pointers.
"Call by reference" is extraneous at best.  Keep it simple.

You mean, keep your students in the dark about broader issues of
computer science so they become narrow little technicians,

No. When teaching on broader issues of computer science, one should
teach on broader issues of computer science. When teaching C, one
should teach C (assuming one knows it, and if one doesn't know C then
one should not presume to teach C). When teaching someone about, say,
C's while-loops, I don't digress onto the various loop flavours in
Java or Basic or Fortran - not because I don't want them to know
about such things, but because they are irrelevant to the discussion
at hand.

I will give you a call when I need a trainer for dweebs, then.

You keep claiming that. I have yet to see any evidence thereof.

That's because you have too little experience...or too much experience
of the wrong kind.

Again, this is not obvious from your articles.

Not to to you.

Programming used to be a humanistic activity, but this gave the
programmers too much control over their work, and both capitalism and
"state capitalism" (Communism) can't abide this.

Therefore, programming and training was "rationalized", eg., it became
as above OK for you to dumb things down, pretending that "C" was a
thing separate.

The result? Crap code and wrong answers, delivered fast by scurrying
dweebs like the techie in Terry Gilliam's film Brazil, who breaks the
hero's computer in a nightmare Britain while saying, "computers are my
fortay". The real work takes place in Asia. Most of my mates in
Shenzen could program rings around you.

They're curious about "call by reference", and they understand how it
is available in C in an "explicit" way. Likewise for my mates in Fiji,
despite the fact that they didn't make enough money to buy computer
books.

The "rationalization" of programming, including the way in which
structured walkthroughs were destroyed and the absurdity of
headhunters talking about "knowing C" on others' say-so when they
themselves didn't know jack about general programming, caused the
destruction of programming as a profession in the G-8 countries.

 

[spinoza1111]

spinoza1111said:

On Aug 26, 12:31 am, Keith Thompson <[email protected]> wrote:

As I have said, your use of "troll" is isomorphic to racism and
anti- Semitism. [Threat elided]

For the record, Keith's use of "troll" is neither racist nor
anti-Semitic, but *your* posting record shows a long history of
racism (and other isms). Furthermore, nobody is obliged to answer
your emails, and to attempt to threaten them in order to bully them
into replying is just pathetic.

The oldest trick in the playbook is to accuse the person who objects
to real victimization of fantasy "fascism" or "racism". It's a
favorite ploy of Hollow Men who have no ideas to call their own.

For the further record, Keith Thompson killfiled you a long time ago,
so he doesn't see your Usenet articles at all. He will of course see
this reply, but I've elided the threat because it's just pathetic. If
you want him to read your stuff, you're going to have to stick to C,
and you're going to have to be civil. Since you are incapable of
either, you are not about to escape his killfile.

It's pretty dishonest to killfile a person and then to continue to
discuss him, and it is actually what Thompson means by "trolling". He
gets his fucking rocks off by seeing a person hounded while not, he
fantasizes, dirtying his hands. He's a coward.

 

[spinoza1111]

spinoza1111said:







I don't know how much programming experience Rui Maciel has, but I
have read enough of his articles to know that it is considerable and
not to be dismissed lightly.

Perhaps, instead of being objectionable, you could simply provide an
example of a case where the programmer neither knows nor can find out
how big a buffer he needs before calling a string-building routine
such as sprintf or snprintf?

Have you ever programmed except under detailed supervision in a bank,
dear chap? Any time your code is ported to a different environment you
lose control over the length of strings. I don't have to produce an
example, since if you had any real experience, you'd know what I'm
talking about.

It's a known issue. That's why GNU and C99 addressed it, chump.

 

[Walter Banks]

The oldest trick in the playbook is to accuse the person who objects
to real victimization of fantasy "fascism" or "racism". It's a
favorite ploy of Hollow Men who have no ideas to call their own.

Read your own posts.

 

[Rui Maciel]

It's called self-defense. Do your homework. People have the right to
post here without their competence being challenged on matters of
interpretation.

You are being childish.


Rui Maciel

 

[Rui Maciel]

You have little programming experience if you think the programmer
"knows" this in all cases.

If that's the case could you please contribute to the development of my programming experience by providing a
concrete case where the programmer doesn't know the size of a string he intends to pass to snprintf()?


Rui Maciel

 

[Kenny McCormack]

It's pretty dishonest to killfile a person and then to continue to
discuss him, and it is actually what Thompson means by "trolling". He
gets his fucking rocks off by seeing a person hounded while not, he
fantasizes, dirtying his hands. He's a coward.

Kiki is well-insane. That's beyond any doubt.

It has also been proven conclusively that he is lying when he claims to
have killfiled anyone. At best, the only claim that he (and others like
him) can sustain is that they have a "mental" (or "virtual") killfile.

 

[spinoza1111]

spinoza1111said:



It's a trick you play a lot.




No, it isn't. Keith is under no obligation to read your articles.
Neither is he under any obligation not to discuss you.

No, he's not. But he does. He's obsessed by me. But he's too cowardly
to talk to me. Instead, he talks with other people about me. This is
cowardly and ill-mannered.

He needs to learn maturity and self-restraint. As it is, he repeatedly
asks others why they are replying to the "troll", using "troll"
isomorphically to "Jew" or "n*r". He's filled with hate.

 

[spinoza1111]

spinoza1111said:



Context restoration:

FG: "snprintf does not have that problem and can even be used to find
out the size of the buffer you do need."

EGN: "(Sigh). How do you know the size of the "buffer" you do need?"

RM: "Please provide an example where the programmer doesn't know the
size of the string that he must pass to snprintf()."

So this isn't about having control over the length of strings. It's
about knowing how big to make a buffer.


Presumably because you can't.

 since if you had any real experience,



Yet another insult, and yet again it's poorly targeted. The issue is
finding the buffer size for an snprintf call, which - as you appear
to have learned rather belatedly - can be discovered by calling
snprintf.

This changes sprintf's semantics, as I've pointed out to Mr. Dik
Winter, because if you use snprintf to determine the size needed (or
use sprintf for that matter) you look at parameters more than once.
This isn't usually a problem since in a sense "all" parameters in C
are passed by value (which doesn't mean that there isn't an explicit
call by reference, although you can't seem to get this). Copies of all
values passed are immutable on the stack, immutable that is outside
the program doing the sprintf.

However, in a multithread environment where strings are passed by
reference (that is, their address is passed by value), whenever you
evaluate snprintf to do your own sprintf, the target strings could
change unless you call them inside a lock. This lock will pin these
strings down for an unpredictable length of time, and this may create
problems in multithread applications that depend on locks using a
constant time.

If a function is passed as a parameter, things will be worse. The
function may return different values and have different state
depending on how many times you call snprintf or printf while you're
figuring out how to do the sprintf you want. This will be twice if you
call snprintf.

You're the C expert. If the function is passed in the call it is
evaluated, its value is stacked, and there's no problem. But isn't it
also possible to pass the address of the function, and "dereference"
this inside mySprintf?

The solution is to ignore snprintf and instead call sprintf for each
parameter of yourSprintf() function, using varargs and testing strings
to see if they'll blow your stack. This preserves the semantics of
basic sprintf since each parameter is evaluated once.

In "banks and insurance companies" you can always, I suppose, assume
all sorts of preconditions, then blame or screw your customers when
things get screwed up, much as Northern Rock's insiders screwed the
British public. But real programmers minimize assertions, and don't so
dramatically change the runtime semantics of sprintf from one pass to
two pass...or n pass.

 

[spinoza1111]

...


Gee.  Ya think?

Yeah. I think, Kenny.

In other news, water is wet.

Bears shit in the woods and the Pope is usually a Roman Catholic.

P.S.  I will point out, once again that the regs completely misuse the
term "troll".  We (the ones they continually label "troll") are
contrarians and, in fact, truthtellers.

I agree.

You want to know who is a troll?  Bill Cunningham, for one.  He keeps
the regs dancing to his tune, with such grace and style, it brings tears
to one's eyes.

I prefer the direct attack, in Wellington's "old style".

 

[jameskuyper]

spinoza1111 said: ....

No, it isn't. Keith is under no obligation to read your articles.
Neither is he under any obligation not to discuss you.

I killfile people because (for one reason or another) I don't want to
read their messages. I sometimes talk to other people about the
reasons why I don't want to read those messages; usually for the
purpose of encouraging them to follow suit. I don't see anything
dishonest about that.

If the person I've killfiled is annoyed by that behavior, well, turn-
about is fair play. However, annoying that person was not the reason
for the killfile, nor was it the motivation for discussing the reasons
for the killfile.

 

[Charlton Wilbur]

troll> Fascists love to talk about behavior because they suck at
troll> words. What part of "freedom of speech" don't you understand?
troll> It's not only a formal freedom it is also a climate of mutual
troll> respect. You destroy that climate with your words, and your
troll> "behavior".

Oh, I understand that you have freedom of speech.

What you seem incapable of understanding is that your freedom to say
anything you want is matched by my freedom to say that what you have
written is nonsense. You could have had respect when you first posted
here, but instead you chose to tell people that you were here to show
that C was a stupid language, and then followed that by demonstrating
that you really don't understand C very well at all.

Calling your interlocutors fascist is just icing on the cake.

troll> that a person is globally ignorant, and regulars here always
troll> drift offtopic into discussions of who's competent and who's
troll> "trolling".

If you weren't trolling, and you were competent -- notice the
counterfactual conditional, used with intent -- you would likely find
this far less objectionable.

Charlton

 

[Charlton Wilbur]

>> You keep claiming that [you were a programmer for thirty
>> years]. I have yet to see any evidence thereof.

troll> That's because you have too little experience...or too much
troll> experience of the wrong kind.

Actually, I have no problem believing that our new resident troll has
been a programmer for thirty years.

Of course, I've worked in places where cronyism meant that each job was
a permanent sinecure regardless of competence or ability. Perhaps Mr
Bilges was the boss's nephew, and given a "programming" job where he was
paid a decent salary but prevented from touching anything he might
break. That could easily account both for his claim of having been a
programmer for 30 years *and* for his minimal competence at both writing
clearly and programming corectly.

troll> Therefore, programming and training was "rationalized", eg.,
troll> it became as above OK for you to dumb things down, pretending
troll> that "C" was a thing separate.

C, like all other programming languages, is both a part of the larger
computer science landscape and a thing separate from the larger computer
science landscape. You can discuss it as a thing unto itself, or you
can discuss it in the context of programming as a whole. In neither
case does it contribute to be sloppy and imprecise.

"Humanism" and "the humanities" are often used to justify sloppy and
imprecise thinking. Actual humanists are as disgusted by that as actual
engineers are.

Charlton

 

[spinoza1111]

    >> Words are not behavior, no; but the choice of words, the writing
    >> of them into a Usenet post, and the eventual posting of that post
    >> *are* behavior.

    troll> Fascists love to talk about behavior because they suck at
    troll> words. What part of "freedom of speech" don't you understand?
    troll> It's not only a formal freedom it is also a climate of mutual
    troll> respect. You destroy that climate with your words, and your
    troll> "behavior".

Oh, I understand that you have freedom of speech.

What you seem incapable of understanding is that your freedom to say
anything you want is matched by my freedom to say that what you have
written is nonsense.  You could have had respect when you first posted

That's not the case if freedom of speech exists to get at the truth,
and while I do not have monopoly on truth, I believe that my
generalizations are true. You have the responsibility to argue as
opposed to name calling. I like name calling, but only as a way of
rhetorically summing up my views.

here, but instead you chose to tell people that you were here to show
that C was a stupid language, and then followed that by demonstrating

I don't even use that phrase. I think that C is out of date and should
not be used save as a generalized assembler for critical OS code only.

that you really don't understand C very well at all.

"Expertise" (cf Chomsky) is the manufacture of consent to the
existence of a priesthood of experts who won't debate the ground rules
of their expertise with people who they claim just don't know enough
about their subject. I'm afraid, however, that while C "experts"
imitate "the best and the brightest" who form real expert cabals in
corporations and government, their subject, the decisions of two
adolescents in 1970, is of no real long term interest or value to
constitute grown up expertise in and of itself.

Calling your interlocutors fascist is just icing on the cake.

    troll> that a person is globally ignorant, and regulars here always
    troll> drift offtopic into discussions of who's competent and who's
    troll> "trolling".

If you weren't trolling, and you were competent -- notice the
counterfactual conditional, used with intent -- you would likely find
this far less objectionable.

It is indeed a strange competence that is unrecognized outside of
programming. The concerns of specialists in one programming language
are trivial and dishonest.

You're probably not so much an expert in C as a specialist in C, who
needs to learn more programming languages.

 

[spinoza1111]

    >> You keep claiming that [you were a programmer for thirty
    >> years]. I have yet to see any evidence thereof.

    troll> That's because you have too little experience...or too much
    troll> experience of the wrong kind.

Actually, I have no problem believing that our new resident troll has
been a programmer for thirty years.

Of course, I've worked in places where cronyism meant that each job was
a permanent sinecure regardless of competence or ability.  Perhaps Mr
Bilges

**** you, asshole.

was the boss's nephew, and given a "programming" job where he was

I wasn't.

paid a decent salary but prevented from touching anything he might
break.  That could easily account both for his claim of having been a
programmer for 30 years *and* for his minimal competence at both writing
clearly and programming corectly.

That should read "minimal competence at writing what I want to read".

    troll> Therefore, programming and training was "rationalized", eg..,
    troll> it became as above OK for you to dumb things down, pretending
    troll> that "C" was a thing separate.

C, like all other programming languages, is both a part of the larger
computer science landscape and a thing separate from the larger computer
science landscape.  You can discuss it as a thing unto itself, or you
can discuss it in the context of programming as a whole.  In neither
case does it contribute to be sloppy and imprecise.

Where I've been wrong, I've been precisely wrong. It's incumbent on
you to show where I've been "imprecise". Perhaps the words were over
your reading level?

"Humanism" and "the humanities" are often used to justify sloppy and
imprecise thinking.  Actual humanists are as disgusted by that as actual
engineers are.

Excuse me, false precision, even in science, is worse: Dan McCracken
wrote a book (Numerical Methods and Fortran Programming) about the
illusions of false precision in programming alone, some time ago.

C is indeed an imprecise signifier, although this is denied, since C
is what C programmers do, and what they do is butt ugly compared to
more modern language, especially OO languages. I have for some time
found it necessary to be what you call "imprecise" about actual praxis
in programming, since programmers just talk a good game about
precision and structure, but when you read their actual "working"
code, it's full of common mistakes.

For example, friend Heathfield believes he's being "precise" when he
reasons from the absence of a counterexample to his claim that it's
safe to evaluate parameters more than once in doing unbounded sprintf
to the conclusion that it's not necessary to worry about this at all.
This reasoning is "precise" in that it's a species of Comte's
positivism as filtered through a culture, such that Comte's positivism
influences slobs like Heathfield, who never heard of Comte.

Many incompetent programmers think in this way: that maximizing rather
than minimizing assertions in a Positivist spirit is "precise".

Because working people, in modern capitalism, can never feel they are
"experienced", there's little point in my repeating that I've had
thirty years of experience. Younger people are taught to question this
wisdom, as well they might, since there's lots of older programmers
who've been corrupted and moronized by overspecialisation and
"expertise".

So, I'm just right, and you're just wrong QED, and have a nice day.

 

[spinoza1111]

spinoza1111wrote:

You are being childish.

I sure am, in a society where "maturity" means becoming a person
without imagination or intelligence, that having been beat out of him,
whose reaction to the trashing here is to defend the bully because
that's what he does on the job.

 

[Flash Gordon]

It is indeed a strange competence that is unrecognized outside of
programming. The concerns of specialists in one programming language
are trivial and dishonest.

People outside of programming consider me to be an expert in C.

You're probably not so much an expert in C as a specialist in C, who
needs to learn more programming languages.

and you don't know how many or what other programming languages Charlton
knows. I certainly know and use plenty of other languages (more than you
have mentioned), and it does not stop me from knowing a lot more about C
than you.

 

[Old Wolf]

Two postings back I wrote in part "However this is not a
general solution - if the arguments are expressions with side
effects so that the output string changes each time we resize the
buffer."

You put your snprintf calls in a function.
Then the arguments are only evaluated once.
This is extremely basic C. I mentioned it
in my earlier post. I also posted sample
code elsewhere on this thread.