Letters to the editor may be sent via email to cujed@cmp.com, or via the postal service to Letters to the Editor, C/C++ Users Journal, 1601 W. 23rd St., Ste 200, Lawrence, KS 66046-2700.
Dear CUJ,
I just read your C/C++ Tip #5, published in the January 2001 issue of CUJ. The content of the tip (doing a macro which expands into a comment) was quite familiar, since I’d seen a similar method deployed in one of Microsoft’s header files. However, the tip is very incorrect.
The writer uses token pasting to construct a comment start sequence. However, this is invalid according to the C and C++ Standards. In section 5.1.1.2 of ISO C (1999), titled "Translation phases," comment processing occurs in phase 3 where the preprocessor identifies tokens and whitespace, with comments replaced with whitespace. Macro processing is then done in phase 4, and that phase is the one in which these new comment start sequences would be introduced. There is no followup phase after #4 where the comment would be recognized, so eventually a conforming compiler would reject the program text due to an illegal token — ’//’. The 1998 C++ standard has similar language in section 2.1, "Phases of translation [lex.phases]."
Some compilers mix the order and processing of phases sufficiently to allow this macro to work, Microsoft’s Visual C++ 6.0 being notable for its popularity. Others, such as the Metrowerks CodeWarrior C/C++ compilers (upon which I worked for over two years as a compiler engineer before my current employment) follow the Standard and will reject the usage shown in the tip.
Thanks,
Ben Combee
Lead Software Architect
Veriprise Wireless
http://www.veriprise.comYou are right, and I must take all the heat for this one. Through no fault of my excellent tech reviewers, this one slipped through without getting reviewed. I made the classic mistake of putting too much trust in my compilers. (The ones I used compiled this code without complaint.) Never again! Readers: please note that Tip #5 is not a portable solution, and is probably not advisable even if you plan to stick with one brand of compiler. I apologize for any problems this may have caused. (And I ain’t coming outta my cave until spring.) — mb
Dear Chuck Allison,
I enjoyed your article ("The Simplest Automated Unit Test Framework that Could Possibly Work," September 2000) in the C/C++ Users Journal. In particular I liked your concise criticism of the "If it ain’t broke don’t fix it" mantra. I have emailed that paragraph off to a number of people.
I started my career in the telecommunications industry, where outages are considered gravely bad (rather than a nuisance), consequently real money is spent on tools to aid and automate conformance and regression testing. I am now working on more commercially oriented systems, and cannot get used to "Let’s get it out the door, and let version 2 worry about itself" type thinking.
In the telecommunications industry, it is commonly accepted that 80% to 90% of development costs go into maintenance and upgrades; this seems astonishing and difficult to believe for the managers that I am currently dealing with.
Thanks.
Regards,
Evan Keats
P.S. We are about to go into daylight savings here. This presents an interesting boundary condition. New Zealand is 12 hours ahead of GMT, daylight savings puts us 13 hours ahead, thus causing grief for systems that assume that everybody is within the plus/minus 12 hour window.
Chuck Allison replies:
Thanks for your letter. I assume that the telecom industry has higher standards because they operate at a lower, infrastructure-like level, and mistakes can’t be hidden behind whiz-bang GUIs. Very interesting. The marketing pressures of the shrink-wrap software industry definitely affect quality, but then again, I suppose that if you miss a market opportunity, that might be worse than having buggy software. It’s puzzling. Anyway, I also am more comfortable in concentrating on quality rather than playing the marketing game, just like you.
Good luck.
Chuck Allison
Contributing Editor
C/C++ Users Journal
www.freshsources.comDear CUJ,
In December issue of CUJ Pete Becker suggests a way to test the "closeness" of two floating-point numbers. As correctly noted, this relationship is not transitive. What is bad with the code in the article is that it is not symmetric, and there is no particular reason for this.
For example, in my tests (VC++, no optimization) given
float x1 = 10; float x2 = x1 + 16*x1*std::numeric_limits<float>:: epsilon (); float x3 = 10*std::numeric_limits<float>:: epsilon ();I get close_enough (x1, x2, 16) is true, but close_enough (x2, x1, 16) is false; close_enough (x3, 0.0f, 16) is true, but close_enough (0.0f, x3, 16) is false.
A better code would be, for example, the following (add templates as necessary):
bool close_enough2 (float f1, float f2, int NROUNDS) { return f1 == f2 || (fabs(f1-f2)/(fabs(f1)+fabs(f2))) < float(NROUNDS)* std::numeric_limits<float>:: epsilon () / 2; }The first test for f1==f2 prevents division by zero when both f1 and f2 are null, and also short-cuts the function when f1 exactly matches f2. Division by 2 was added only to give NROUNDS the same meaning as in the article.
This version is symmetrical and fixes the strange behavior of the original one when f2 is exactly zero. I think this is worth adding two extra calls of abs!
Thanks,
Michael Entin
Pete Becker replies:
I was troubled by the assymetry in my version. This looks like a better solution. Thanks. — Pete
Dear Andrei Alexandrescu,
I really liked your article ("Generic<Programming>: Simplify Your Exception-Safe Code," CUJ Experts Forum, http://www.cuj.com/experts/1812/alexandr.html) and plan on making your classes a regular part of my personal toolkit. I had one question, though. I wondered why you didn’t use the Standard C++ runtime library function, uncaught_exception (15.5.3) in the destructor instead of using the Dismiss method/bool data member (unless your environment’s compiler doesn’t have it). This function returns true/false to indicate stack unwinding due to exception/normal processing, respectively.
Mike Cox
Andrei Alexandrescu replies:
I will guess the approximate sequence of events here:
1. My co-author Petru Marginean knew uncaught_exception doesn’t work on MSVC;
2. He built a solution that doesn’t rely on uncaught_exception;
3. He (and I) discovered that the solution with Dismiss is flexible beyond exceptions (premature returns, complex ownership transfers, etc.) so we were just happy with it.
Indeed, it’s quite an interesting point that the Boolean flag and Dismiss can be replaced by uncaught_exception. I think it’s worthwhile building a class using it, perhaps... ExceptionGuard :o). — Andrei
Dear CUJ,
I was quite stoned reading Mike Scanlon’s article ("Secure Web-Based Licensing") in the November 2000 issue. Sure, I can’t blame someone for failing to solve a problem that has no real solutions, but I have to flame the false claims. The so called security schemes never worked on the personal computers, and all they did was punish the legal users. While anyone willing to bypass security did so, by just downloading the crack from the net. (Yes, a crack is always there, if not, the progam is likely so bad not worth even a try.)
Back to the point, in the first part, some failed attempts are listed. An important point is missing there, all solutions use the PC’s system clock, under the assumption it is set correctly. The backclocking of the evil pirates is just one thing that could happen. It’s also quite possible a legal user’s clock gets set forward intentionally or by mistake. Someone might just look what happens if the date is set forward (I did that dozen times a day during the last year) or someone uses the date/time applet as a calendar then hits OK by accident, and so on. Then finding all his licenses expired is something rude. If one wants to alienate the users who are willing to pay, just go that way. Pirates will not pay whatever you do; maybe they will chose some other product, but that will not make you rich either.
The other part is more interesting. The solution is supposed to come from secret key cryptography. Yeah, good buzzword. Unfortunately in the schema introduced cryptography is just used as a method of obfuscation. The proposed system fails on the premise "user should not be able to manufacture licenses even vith knowledge of the protocols and algorithms involved" stated at the front. With that knowledge adding obfuscation leads nowhere, the attacker knows what the obfuscation is, and can simply ignore it. In secret key cryptography security lies in the secret key. So the main point is where that key lies, how it can be accessed. That aspect is completely missing from the article. The listing suggests it is just stored in the program. Wow, full half minute work to the attacker, to set a breakpoint on the crypto api entries, and catch it. The article’s first reference lists Schneier’s excellent book, which explains just why such schemes the article discusses will not work out. (Also there is plenty of other material on Bruce’s web site at www.counterpane.com). Another can of snake oil goes on the shelf.
Dr. Paul Balog
Security schemes such as presented in the article rely upon the time, or rather the lack of it, that most users are willing to expend being dishonest. Such schemes are by no means foolproof, as you so colorfully point out, so if you opt for such a solution you are playing a numbers game. That may or may not be a reasonable strategy, depending on what you’re trying to sell — we run articles like this because we think they might be useful. I agree that we should have made the limitations of the scheme more explicit. — mb
Dear CUJ,
This is really a letter to the editor! A line on the cover of the December 2000 Journal ("They Cleanup after Themselves") has pushed a button I have resisted reacting to since the first time the editor of a computer mag put a ’d’ in "kluge." Now it seems a new form of English abuse is occurring; once again it’s originating in computer and programming print media. This is the misuse of compound words such as "backup," "logon," and "shutdown" (as well as "Cleanup" in the headline; someone else can gripe about the uncapitalized ’A’ in "after"). These words work just fine as adjectives or nouns, as in "Do a backup today," or "Is my logon procedure correct?"
The trouble comes when they are used as verbs, such as "I will backup my system now," or "They cleanup after themselves." Such usage is like fingernails on a blackboard to anyone used to correct English, which becomes obvious when you change the tense or mode: "She logonned to her system" or "I’m cleanupping my files."
These horrors need to be broken up into two words when used as verb phrases. You "back up your files," "log on in the morning," and "clean up your act." Editors — please be mindful of this.
The media don’t just reflect our behavior — they shape it. What is done in print publications will be reflected in the common usage; look what happened to "kluge" (because it’s now spelled "kludge," I’ve heard people pronounce it to rhyme with "fudge" instead of with "huge"). You have the power, editors; use it wisely.
Thanks in advance!
Robert Weaver
Colorado Springs, ColoradoP.S. For a history of the word "kluge," check out Steven Levy’s Hackers.
Boy, we are sure getting the new millennium off to a great start. Well sir, you have caught us fair and square. In the future we’ll try to be more socially responsible. — mb