Follow

Devs and sysops peeps: looking for stories 

Got any examples or stories of code that was designed to be flexible/extensible, but is a bit of a rat's nest to untangle?

I'm looking for references or maybe a good war story.

Devs and sysops peeps: looking for stories 

@GeoffWozniak Kind of.

Software I "inherited" some years ago had all kinds of issues. You could fill a small book with them. One of the things it tried to do is be extensible with plugins.

Specifically, the software was what you'd call an application server, and came with its own embedded programming language. The plugins existed to provide more functionality for the language.

For a variety of ugly reasons, the thing didn't really have..

Devs and sysops peeps: looking for stories 

@GeoffWozniak ... a syntax tree, and the parser was consequently very weird, so importing function definitions from such plugins wasn't how the software went about it. Instead, calling plugin functions was very similar to FFI: you had to invoke a call function, and pass it the name of the function to invoke, plus references to the parameters.

So when this was originally programmed, the call interface understood a handful of parameter types.

Devs and sysops peeps: looking for stories 

@GeoffWozniak Stuff like int, float, and of course strings.

Some years later, people added some kind of object or structure definition to the embedded language, and that posed the problem of how to pass objects to plugin functions.

I should hasten to add that this was all internal software. It would have been possible for the company to update the application server and the handful of plugins being maintained. It was all under control...

Devs and sysops peeps: looking for stories 

@GeoffWozniak ... but instead of expanding the call interface to some kind of object type, what the developers did was to reuse strings.

So the embedded language objects were parsed into a C level structure containing all the element names, and their types and values of sorts.

What they did is, they took the address of this C level structure, and wrote it as a hexadecimal value into a string, and passed that into the call interface.

Devs and sysops peeps: looking for stories 

@GeoffWozniak Each plugin then had to try and parse the first couple of bytes of a string for something that looks like a hex number; if that's what they found, they had to parse that number and cast it to an address of this C structure. If there was no hex number at the start, the value was to be treated as a string.

This was hailed as flexible reuse of existing code, and backwards compatible with existing plugins. Well, the latter was...

Devs and sysops peeps: looking for stories 

@GeoffWozniak ... kind of true.

But what would happen if a developer happened to write a hex number into a string? Or this came from user input? And this was passed to a plugin function that contained this type of logic?

Hello, my name is "0x00000000"!

When people didn't see the problem, I was convinced it was not the place for me to stay.

re: Devs and sysops peeps: looking for stories 

@jens That example seems to hit on all the horrible ways you build extensible systems!

Reusing strings like that is.... oof. Recipe for disaster.

re: Devs and sysops peeps: looking for stories 

@GeoffWozniak oh, it's the tip of the iceberg for this software. I learned so much from it. All bad things, but they did teach me.

re: Devs and sysops peeps: looking for stories 

@jens TFW you get a software job at a place maintaining existing software and realize that the world is a messy, messy place.

Devs and sysops peeps: looking for stories 

@GeoffWozniak @thegibson A search term here is “inner-platform effect”. It’s a huge industry problem and so there are almost too many war stories to choose from. (And so many examples used daily by people as largely the entire output of big Enterprise companies like Oracle, SAP, Salesforce, PeopleSoft is entirely built around inner-platforms built on more inner-platforms.)

re: Devs and sysops peeps: looking for stories 

@max @thegibson Thanks! I know that outcome, but I didn't know the term.

re: Devs and sysops peeps: looking for stories 

@GeoffWozniak @thegibson Yeah, it’s good to have a term and a wikipedia page to point to when (as a developer) business users request “super configurable” things and I need to explain why what they are asking for is a mini-programming language and none of them can actually code and it would just make things worse because it would be slower to code.

Devs and sysops peeps: looking for stories 

re: Devs and sysops peeps: looking for stories 

@usul Yes. I should probably read up on that one.

Sign in to participate in the conversation
hackers.town

A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.