[Python-Dev] Re: [Python-checkins]python/dist/src/Objectsunicodeobject.c,2.139,2.140 (original) (raw)

M.-A. Lemburg mal@lemburg.com
Mon, 22 Apr 2002 00:04:41 +0200

Tim Peters wrote:

[Tim] >> ... behavior, I viewed the version Martin replaced as unacceptable. [M.-A. Lemburg] > Are you sure, you're talking about the latest version I checked in ? Calling the version Martin checked in N, I'm talking about versions N-3, N-2, and N-1. N-3 and N-2 were unacceptable because they wrote out of bounds. N-1 ("the version Martin replaced") was unacceptable because it still didn't assert that it wasn't writing out of bounds. I asked repeatedly in the bug reports opened against N-3 and N-2 that asserts be added. If that had been done in version N-2, at least Barry, Martin, you and I wouldn't have spent additional hours chasing down what turned out to be more out-of-bounds writes (a debug-build run would have triggered an assert directly in the flawed code).

Tim, I don't get it... why all the fuzz about some missing asserts ?

> I spent hours on this too and I'm pretty sure to have fixed the > buffer overruns now.

You were pretty sure about N-2 too <wink/sigh>, and the more hours it takes to make tricky code correct, the more suspect that code is. As I most recently implored, in a comment on Barry's bug report against N-2: What I do care about is that there weren't (and still aren't) asserts verifying that this delicate code isn't spilling over the allocated bounds. About timing, last time we went around on this, the "measure once, cut once" version of the code was significantly slower in my timing tests too. I don't care so much if the code is tricky, but the trickier the code the more asserts are required. You checked in N-1 (and N-2) without responding to comments like that, and we're all paying for it. You realize asserts go away in the release build, right? They don't cost anything in production mode, they save our ass in debug mode.

I must have missed Barry post, sorry. I didn't leave out the asserts for any reason -- just didn't think about using them.

> ... > So, why not just add the assert to my original version ?

I don't know why you didn't . Martin backed out version N, so we're back to N-1, except I see Martin added a crucial assert for you. I added some more since then.

Thanks.

-- Marc-Andre Lemburg CEO eGenix.com Software GmbH

Company & Consulting: http://www.egenix.com/ Python Software: http://www.egenix.com/files/python/