Journal Articles
Browse in : |
All
> Journals
> CVu
> 126
(17)
|
Note: when you create a new publication type, the articles module will automatically use the templates user-display-[publicationtype].xt and user-summary-[publicationtype].xt. If those templates do not exist when you try to preview or display a new article, you'll get this warning :-) Please place your own templates in themes/yourtheme/modules/articles . The templates will get the extension .xt there.
Title: Thinking Aloud
Author: Administrator
Date: 03 December 2000 13:15:42 +00:00 or Sun, 03 December 2000 13:15:42 +00:00
Summary:
Body:
I have to confess that I have a number of weaknesses where C++ is concerned:
-
I use C style char arrays instead of C strings. This is probably because I did not like the original string library.
-
I do not use the iostreams library. I am currently reading Angelika Langer's book on IOStreams and Locales (not for the faint of heart) to see if that will change my dislike of it. More about this in a future column, when I have finished reading the book.
-
I rarely use exceptions. I am not opposed to them in principle, but I think they should be reserved for exceptional situations and not used as a routine method of catching errors. I understand that people were happy to have an alternative to the woefully inadequate setjump()/longjump() of the C library. I think though that a lot of people went overboard on this issue.
Recently, though, I have re-evaluated my position on item one - C++ strings v. C char arrays.
The cause of this was a look through the email correspondence file relating to bugs in my new game, Age of Adventure. I did a quick analysis of the underlying causes of the bugs and came to the conclusion that somewhere between a third and a half of all the bugs that got through into the production version were related to buffer overflows. Not only that, the bugs were mostly related to assembling text for transmission to the players.
This was pretty shocking. I had no idea the problem was so prevalent. I even went back and counted again, because I thought I must have counted some bugs twice. So I picked up Bjarne's 'C++ Programming Language' and worked through the chapter on strings. The lesson was underlined by a bunch of security related bug reports from the open source movement that came out at about the same time. Virtually every single one of the bugs was a buffer overflow bug - usually related to user input.
The upshot of this was that I was finally convinced that I should start using C++ strings, which, of course, do their own memory management, instead of C char arrays. Unfortunately, the current stuff is too far gone to change it at this stage, but all new projects will use strings from now on. And in the meantime I will continue wresting with a stubborn bug that I strongly suspect is a buffer overflow deep in the bowels of the program...
I mentioned earlier that there were a series of bugs discovered in open source software. It was unfortunate that this happened just after two of the larger Linux distributors (Red Hat and SuSE) had launched new versions. However, I had a graphical example of the difference in proprietary software treatment of reported bugs and that of open source software.
Without exception fixes for the open source bugs were available within days, if not hours, of the bug reports being filed. Very impressive.
While this was going on we were tracking down a bug in Borland's C++ Builder™ 5 library. Now I have to say, this was not an easy process. I wrote the original code, and was sure it was a mistake on my part. I looked at the code on and off for nearly a month, but could not see what I was doing wrong. At this stage I decided that I needed someone else to look at it - I was probably reading what I meant to code, rather than what I had actually coded.
I sent the code off to another programmer to look at and he worked on it for nearly three weeks before he finally isolated the bug and was able to prove that it was a bug in the library code. OK, so there was probably some delay because I was convinced that it was my error and insisted he keep investigating my code for longer than he would have done if left alone. Even so this was a substantial use of our resources. Once I was convinced it was a library bug it took nearly a week to construct a sample program that displayed the problem. Even for that you had to run the program under the debugger to see the incorrect memory access in the destructor.
So we spent all this time finding a bug in Borland's software, more time constructing a program that would enable them to identify the bug, and then we sent a report off to them. A couple of days later we got a note accepting that it was a bug in their library. And then...
Nothing! No patch, not even a work around, and as I write this it is now nearly two months since we reported the bug.
Fortunately this is an internal tool, and the bug only affects a destructor that is called immediately before the program terminates. If it ran under Linux or another Unix variant it would not be too much of a problem because the operating system would clean up the undeallocated memory. Unfortunately Windows leaves the memory allocated, so people using the program have to reboot periodically to reclaim the lost memory.
Why was I so convinced the error was mine? Well that's a bit difficult to explain. I guess it is to do with the fact that I am very wary of blaming problems on any software other than my own. It is my experience that when a bug rears its ugly head given even a slim fraction of a chance most programmers will blame any other software that is around other than their own.
I have had to virtually prove it could not be other software so often in order to force people to do serious debugging on their programs that I suspect I am probably leaning in the opposite direction.
It is desperately important that people should be able to trust their tools. Software development is built on trust - the trust that the tools you are using to build your applications are not flawed. The problem is that once a problem is found with the tools the trust breaks down and when anything goes wrong the natural reaction is to blame something that has already been found to be at fault.
It matters not that the application programmer's work has had many more bugs than the tools have shown, it is easy and natural to blame the tools for any further faults found. Fortunately, I wrote this program and I am aware of the problem, so I can be stern with myself about such backsliding.
The fact remains, though, that if this had been a program for sale it would have been a disaster - months of delay in putting the product on the market, possibly having to completely rewrite it. Not good.
I do not know about other people, but every few weeks an e-mail appears in my mail box from one or other of our customers - usually the younger ones asking either 'How do I become a programmer' or 'How do I become a game designer'.
The first question is not as easy as it sounds, because the people asking it come from a wide variety of different countries. Most are American, some are from the UK, but I have been asked by customers from countries as far apart as Australia, Brazil, Hong Kong, Malaya, Russia and Turkey.
Eventually I got round to pulling some of the answers to 'How do I become a programmer' together on my website. If you regularly get asked, please feel free to 'borrow' material from my answers for your own use. The URL to access it is at http://www.ibgames.net/alan/society/programmer.html.
Finally, if you have not yet read my Secretary's report in this issue, I would urge you to do so, not merely because it is a scintillating example of journalistic excellence that will delight and entertain you, but because it deals with the subject of software patents. What happens to the rules governing software patents in the next few years is going to have a major effect on the way in which we work in the future. Do not miss out on the opportunity to have your say.
Have fun programming, may all your bugs be small ones.
Editorial Note
A couple of days ago, I read a news report on the subject of patents. That report stated that the decisions on changing the European Patent position would be taken before the closure date for public comment. I hope I am mistaken because this issue is far too serious to take lightly.
I am seeing increasing evidence that US patent law and its interpretation is a major disaster in the making. The problem as I see it is that a mechanism for rewarding inventors for revealing trade secrets concerned with physical devices and processes for production has been subverted to handle other kinds of intellectual property.
Let me give you an example.
Currently speech recognition software is not quite up to the standard where I feel comfortable with using it for dictation. However, it is very good for command-based work such as accessing a menu, highlighting text etc. In fact almost everything that I previously did with a mouse can now be done with spoken commands leaving my hands in place on my keyboard. Should I be allowed to patent that process? How is it different from Amazon.com's 'one click shopping'?
Francis
Notes:
More fields may be available via dynamicdata ..