Odd behaviour of ResizableWhateverArray PMC's

Geoffrey Broadwell geoff at broadwell.org
Fri Oct 9 19:49:13 UTC 2009


On Thu, 2009-10-08 at 23:50 -0700, chromatic wrote:
> On Thursday 08 October 2009 23:46:47 Christoph Otto wrote:
> 
> > I guess it kinda makes sense to initialize the complex types (STRING and
> > PMC) and leave garbage in the primitive types (Integer and Float), but it
> > strikes me a premature optimization and hardly ever DTRT.  Since it
> > involves changing the smallest amount of code, I'd vote for making RFA and
> > RIA initialize empty elements upon resizing.
> 
> I mostly agree, but remember that we may face the semi-predicate problem here.  
> How can we tell the difference between an empty element and an element 
> containing 0 or 0.0?

There is really no way to solve that for int or float using the values
themselves (you'd have to have out-of-band information), so I'm not sure
that's something to worry about.

Putting on my "security nut" hat, no sane VM should provide primitives
that implicitly allow access to uninitialized data.  That's just too
easy for people to trip over.  I don't even like the "optimization" of
providing *explicit* APIs for uninitialized data, unless they have the
moral equivalent of "ZOMG_HURT_ME_PLENTY" in the name -- and such APIs
should never even be contemplated unless you can say with a straight
face that 1) you have tried every other possible optimization path
(including pre-initializing memory with idle cycles), and 2) you are
willing to be personally responsible for the security holes.

Uninitialized memory is evil in approximately the same way as the black
cinder from Time Bandits.


-'f




More information about the parrot-dev mailing list