[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
|
|
Subscribe / Log in / New account

Layout randomization

Layout randomization

Posted Oct 10, 2024 12:06 UTC (Thu) by Wol (subscriber, #4433)
In reply to: Layout randomization by taladar
Parent article: Kernel developers at Cauldron

> And if you guarantee absolutely everything your code will become very brittle in the face of changes the world forces on others

As always, I think the wrong language is being used ...

What developers used to do - maybe still should - is stick a bunch of "assert"s just after your function is called (to document your pre-requisites), and a similar bunch of asserts just before a return to document your post-requisites (call those guarantees if you like).

Effectively you're saying "this is what I need to function correctly, this is what I guarantee if everything works as designed". To what extent that's massively comprehensive is down to you, but if somebody then comes and says "your function left this data structure in a mess", you can then go back and say "where's the assert that checks what you want?". If it's not in your code, "not your problem". If it is in your code, where the **** did it get corrupted?

Cheers,
Wol

to post comments

Layout randomization

Posted Oct 10, 2024 18:55 UTC (Thu) by segher (subscriber, #109337) [Link] (1 responses)

Yup. But here we specifically are talking about a language guarantee, which any developer will trust to be implemented correctly by the compiler (or the rest of the system) (except in the very exceptional cases where there is a bug of course, and finding it then can be interesting!)

This is *the* core thing a compiler does. Not trusting compiler developers to do their job is very offensive.

Layout randomization

Posted Oct 11, 2024 7:56 UTC (Fri) by taladar (subscriber, #68407) [Link]

Not trusting them with things where they might make a mistake would be fine but you can't exactly check everything with asserts every time it comes up. Do you always check booleans to see if they are either True or False? Do you check every value for correct alignment? Do you check the order of fields in every struct to see if it is the expected order? That just doesn't make sense.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds