RE: SCE-MI: SceMiMessageData Enhancement Mini-Proposal

Subject: RE: SCE-MI: SceMiMessageData Enhancement Mini-Proposal
From: Bojsen, Per (bojsen@zaiqtech.com)
Date: Wed Jan 28 2004 - 14:48:25 PST

• Next message: Stickley, John: "e-mail bouncebacks from axiscorp addresses"
• Previous message: Bailey, Brian: "Agenda for tomorrow"
• Maybe in reply to: Bojsen, Per: "SCE-MI: SceMiMessageData Enhancement Mini-Proposal"
• Maybe reply: Bojsen, Per: "RE: SCE-MI: SceMiMessageData Enhancement Mini-Proposal"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi John,

> Sorry for the delay in responding to these. I had meant to
> try to send you meaningful replies but have been caught up
> with other activities until now.

Ok, I understand. Thanks for your replies.

> While the functions you propose are certainly helpful,
> they have a safety issue because it is possible to pass
> pointers to invalid or inadequate storage areas and there
> is no way for the implementation to error check for this.
> The undefined behavior you refer to can lead to very
> subtle effects such as heap corruption or SEGVs that would
> manifest themselves inside the API function itself.

Right, that is the price payed for performance. SCE-MI has
a stated goal of being a high-performance API but the
SceMiMessageData methods are somewhat in conflict with this
goal. This is not a big issue today with fairly small
messages but when we move on to the variable length messages
it becomes a much bigger issue.

> But the interface itself
> guarantees that it is possible to check for all illegal
> combinations of arguments if it is desired.

I was not aware that the ability to check errors was an
important requirement. While this is nice it comes at a
price. There are ways to detect erroneous data even for
these functions. There are free software tools that can
help detect bad pointers and going past the end of buffers.

I guess I am so used to standard C library functions and
UNIX system calls such as memcpy(), strcpy(), write(), read(),
that the idea of having the API check for bad pointers
did not occur to me as necessary :-) I assumed that most
C/C++ programmers are well aware of the fact that the location
of a SEGV is not necessarily the location of the bug.

> All of the functions you give are (as you've shown) relatively
> trivial derivations of the API functions provided so increased
> functionality can be easily layered over the functions at the
> application level - say via macros or inlined functions.

They can to a point. But by having the methods as part of
the SceMiMessageData class further optimization is possible
such as memcpy(). Layering a loop with inline functions is
not as efficient as memcpy() unless the compiler is really
good.

Thanks,
Per

• Next message: Stickley, John: "e-mail bouncebacks from axiscorp addresses"
• Previous message: Bailey, Brian: "Agenda for tomorrow"
• Maybe in reply to: Bojsen, Per: "SCE-MI: SceMiMessageData Enhancement Mini-Proposal"
• Maybe reply: Bojsen, Per: "RE: SCE-MI: SceMiMessageData Enhancement Mini-Proposal"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b28 : Wed Jan 28 2004 - 14:52:17 PST