Here's the even shorter version: highlighting gender is advanced and should not be done lightly.
A module was recently uploaded to CPAN whose aim was to provide a big list of female CPAN authors. I believe the author had good intentions, or at least nothing more than "I was curious", and has been quite puzzled at the reaction that it's creepy and the requests for it to be deleted. Fortunately, he voluntarily removed the module when asked. Unfortunately, because the community is not well versed in gender politics, this sort of thing is likely to happen again. Here's an opportunity to talk about it so it doesn't.
]]> Yes, I am deliberately not mentioning the module so as not to highlight the data nor embarrass the author further. No, don't link to it in the comments. The module itself is not the point and it would be best if it just quietly disappeared. There is a far larger issue to be discussed here. And please, commenters, if your comment is going to be about "censorship" or "freedom of speech", just move on. Honor the The Other Perl Motto ("try it") and let other people try something without being drowned out by the usual noise this sort of post attracts. If you must, talk about it on your own blog and link to it in the comments. Thank you for your restraint.While CPAN gender information may be publicly available, its only available in a form which requires each individual human who wants to use that data to laboriously go through each author name and guess their gender. This introduces a barrier to entry to doing things with that data. That barrier cuts both ways. It prevents people from doing good things on a whim, but it also prevents people from doing awful things on a whim.
Putting gender data together in an easily digestible form eliminates that barrier. Unfortunately, in a community which is extremely male dominated, folks are going to assume the primary application is to stalk female CPAN authors, particularly in the wake of the Facebook/Foursquare stalker app. Whether or not it actually happens that is the perception and emotion and real danger for women. There's no amount of good intention that changes that. A bit of demographic data is not worth the damage.
If the intention was to help raise awareness of female CPAN authors and encourage more women to join, it will have the opposite effect. Some will look at it and shrug, but more will see "creeper app". A lot will see it as an involuntary highlighting of their gender, whether or not the actual process is voluntary. Done incorrectly, this causes women more problems in the community as people see them less as Perl people and more as women to either be barraged with "women in open source" issues, or taken advantage of. See also The Unicorn Law where every woman in an Open Source community is expected to represent women and can't just be left to code.
This is one of those situations where the more out of whack gender balance is, the more sensitive we have to be to gender. The less power and representation women have, the more they have to watch out for being taken advantage of. The first thought is protection, and anonymity is protection. Conversely, in a more balanced situation, this might have been acceptable, or at least not immediately called for deletion, or just laughed off. Fix the gender power imbalance, and we can all relax.
There are ways to highlight women correctly, This Is What A Computer Scientist Looks Like is one example: voluntary, empowering, and not useful to creepers (don't take this as a challenge). This is about crafting a message which is welcoming, empowering and safe. Doing this requires a viewpoint that most of us do not have and cannot imagine but we can learn how to be sensitive to it. It is advanced and should not be taken lightly, but it should be taken on... but not by uploading a module to CPAN.
If you're a guy, and you're considering something like this, don't just do the usual thing and hack it together alone on a weekend. Get some people together and talk about it beforehand. Get some public commentary. Get some women to look at it, not just one woman ("my girlfriend said it was ok" does not work), particularly those outside the mainstream community. Most importantly, get women involved and empowered in the project. Maybe give them the reigns to make the big decisions and you handle the grunt work. If you want to do a project to empower women, it helps if you're empowering women within the project.
]]>The former is complicated, but suffice it to say TB2 cannot rely on Mouse or Moose or Moo. It's being solved by writing an OO compiler, something which will generate accessor methods and roles at build time rather than relying on a runtime compiler. This should also solve TB2's less than ideal startup time. It might be Mite or it might be Moo, but the problem is being taken care of.
The second is harder and is what I call "Test::Builder2 vs CPAN". Because Test::Builder has been around or so long, and so much depends on it indirectly, there's a lot of not entirely documented behavior being relied on. We've been using CPAN modules as a broad test suite right along for this reason. TB2 has the potential to seriously break a lot of module's test suites, so it's best to get it as right as possible before stable release.
]]> Andreas, using the incredible analysis.cpantesters.org has provided a list of the top 100 modules which are failing because of TB2. A lot more than I thought at this point honestly. Worse, I was hoping they were mostly failing for a handful of reasons. Unfortunately it seems they're unique.I'm asking for two ways people can help.
First, if you're the author of a module which is failing because of TB2 I ask you to please report it to TB2 even if the problem turns out to be your own (like if you violated encapsulation) and even if you can fix it on your own. We want to know how Test::Builder is being used.
More importantly, if your CPAN module is failing then probably other software we don't know about will fail. We want to know about these problems and be able to decide what to do about them. So please, report any trouble you have with TB2. Also report any successes you have with TB2. Really just talk to us about how TB2 is effecting you.
Second, I'd like to crowd source some bug analysis. Each failure in the list needs to be examined to see what is failing and then why it is failing before anything can be done about it. It would be a great help if this could be tackled by people taking a handful of them.
For each failing release...
If all you do is that, that would be a great help! I can't stress this enough.
If you'd like to go further...
This provides a list of pre-digested issues for people to examine and determine how to fix. If you'd like to go even further you can do some of that analysis yourself.
If you really want to be a champ...
And if you're bucking for my job...
There's 100 releases to go through, a lot for me, but not much for a few dozen people who read this blog and do a few. Here's a good example of what the resulting issue looks like.
Thanks crowd!
]]>Last year while on contract, the company in question was passing around their coding problem they used to test new hires. It was pretty typical stuff: give the data going in, the data they want out, and write a little program to do the transform. They even supplied most of the program, including a test; the prospective hire just needed to write one sort subroutine which could deal with "Low", "Medium" and "High" as well as numbers.
Predictably, this halted all coding in the office for a solid half day while everyone figured out the most clever way to sort the data. My opus was to observe that the input data was already sorted, so I redefined the shuffle() routine. The best one was from a co-worker who observed that "Low", "Medium" and "High" sort correctly by their last letter in reverse order. It was fun for us, but it wasn't very useful.
This is a pretty typical coding problem used to judge potential hires, and it sucks. All it tells you is the candidate is not completely incompetent. Why do we keep using them? They're easy. They're easy to think up, easy to judge and easy to administer. They're also the sort of clean, algorithmic problems a stereotypical programmer loves to solve. Do they have anything to do with detecting a good developer? No. Can we fix it? Yes!
]]> Before this can be fixed, first we have to work out what a project wants in a developer. What do developers do all day? We can work this out by reversing every contrived element of our typical programming contest: clean, well defined inputs; clean, well defined expected output; a clear description of the algorithm; pre-existing template code; pre-existing acceptance tests. When's the last time you were handed a problem like that in the real world?Instead, we get poorly defined inputs, sample input that has anything to do with reality being a luxury, inputs riddled with mistakes. Expected behavior and output are vaguely defined. As a developer we're presented with a clean sheet, no template, no tests, just a blinking cursor and a blank page.
How does one solve the contrived example? First the specification, inputs and outputs are carefully examined. If there's any ambiguity it's discussed up front with the person who probably wrote the problem and understands it perfectly. Then the candidate goes off and writes some code until it passes the tests. There is little or no interaction with people, everything is handed on a silver platter in unambiguous terms.
How does one solve the real example? First you have to find somebody who understands the problem, usually not a programmer, and discuss the problem. Then you drag some samples out of them, converting them into a format you can actually use. The user probably doesn't know what they really want, so the behavior/output will be ill defined. Pressed, the user will make up something that you know will be wrong as soon as you show it to them. Armed with this "information" you hammer it into some sort of algorithm and now need to write some code.
But you don't just hammer out a script. You need to do it in a way that matches the team's coding style. You'll probably want to make the meat of it reusable, so you need to write it as a library not just a one-off script. It'll have to deal with the inevitable bad input, which means good error handling and recovery. Other people will have to use it, which means good documentation. It needs tests written in a way which works with whatever integration server the team is using. And, of course, it should all be checked into version control with well defined and logged commits.
And then, when you've written all that and got it working, you take it back to the user and they tell you it's not what they wanted. Or they show you some new input that doesn't match what they originally said. If you're good... and lucky, your code is robust enough to handle it. If you're not... back to coding with you! Repeat until dead.
In that light, a good developer is one who works well with others, but also can make a multitude of small, detailed decisions about a problem they know very little about. They need to take vague requirements and work with a user to turn them into something a computer can do repeatedly. A good developer looks beyond the immediate requirements and thinks ahead ensuring the code is flexible enough to withstand future change. A good developer writes code not for themselves, but for everyone else on the team.
So... how do you test all that? And in less than an hour? Turns out it's pretty easy with some simple modifications to the classic example. You keep the same basic algorithmic problem, but you give it to the candidate the way a user would. It can be as simple as this:
Could you sort this data please? [Excel document attached]
You can be a bit more clever, feeding the candidate what seems like enough information to do the work but is full of subtle ambiguities, tempting them to take the easy route and just get to coding, weeding out those with the undesirable tendency to program without questioning what they're doing and why, but that's the crux of it.
Now sit back and see what the candidate does with that. Respond to their questions, but remain in the persona of a user. What you're looking for here is how they push back. What sort of questions to do they ask to gather and clarify the requirements? What sort of assumptions do they make? How well do they bridge the communications gap between customer and programmer?
Given a blank page to code on, what do they do with that? Do they write tests and documentation? Do they write a quick script or a library? Do they use version control? Do they ask about your code standards? Do they use pre-existing libraries? Do they write to the letter of the requirements or leave some flexibility? And again, what are their communications like through this process?
Once they've submitted their first solution, change the requirements on them subtly by offering a second set of inputs. These will be the same but subtly different. Maybe throw in some Unicode or deliberately malformatted lines. Maybe change the sort criteria. Does their code fail gracefully? Messily? Silently? Do they notice the changes? What shape does the discussion over the change take? Are they indignant about the changing requirements, do they take them in stride? How much work does it take them to adapt their code to the new requirements?
This test will take more time than a traditional puzzle test, but it can be administered easily enough over email and doesn't involve more than a few minutes attention at any given time. A dud developer can sink your team and cause far more damage than good, so it's worth the little bit of extra effort to find out if they can actually do what developers do, and not just solve clever puzzles.
]]>do_something if boolean_function() == 1;
This is not only redundant, but it's also brittle and redundant. In Perl, it's very easy for a boolean function to return something other than one.
sub has_stuff {
...
return scalar @stuff;
}
This code I found today in Module::Build::Base takes the cake.
if ( $self->check_prereq + $self->check_autofeatures != 2) {
UPDATE: Whoops, I broke it! As rsimões pointed out in the comments, the original does not short circuit and my change does. That was not a bug, both check routines should always run (a consequence of the checks having side effects). I had to think about it a bit, and the simplest thing I came up with is:
if( grep { !$_ } $self->check_prereq, $self->check_autofeatures ) {
Which goes to show, and I should have known this myself, don't assume the author is an idiot. There's usually a reason why they did what they did. Find it before touching the code.
]]>If you'd like to help, I'd love the help. There's plenty to do for everybody. Our preferred workflow is laid out and pretty easy to follow. There's a design document to give you an overview of what's going on, though it is out of date in places.
]]> When the Google Code In starts, these tasks will be made available for GCI students.About Test::Builder2
As you may or may not know, a major rewrite of Test::Builder (the thing which coordinates and does the heavy lifting for the Test modules) has been in the works for some time. Called Test::Builder2, it has a grant from The Perl Foundation. The grant's final deadline is at the end of the month and I'm frantically coding to get a feature complete alpha out in time.
This release is being referred to as Test::Builder 1.5. It contains all the internal reworkings of Test::Builder2, but in order to save time the new class to replace Test::Builder itself (which is also called Test::Builder2) is not done.
But users still get to use and benefit from the new internals!
]]>Test::More might nudge its requirement a little higher depending on just how difficult it is to work around threading bugs in the earlier 5.8 releases.
At this point I don't imagine this will cause too much disruption. There aren't many serious 5.6 users left and whomever is left has to have already come up with some sort of 5.6PAN solution.
Dropping 5.6 will ease maintenance and testing of these modules and make a greater baseline of core modules available. However, if a company or organization would like to see 5.6 compatibility retained, they can contact me about sponsoring the extra work for continued maintenance.
Thanks to Sarathy and rgs for some great and long lived releases! It's been a good eight years.
Schwern
]]>Slayer of Pseudo-Hashes
Defender of Lexical Encapsulation
Destroyer of Perl Versions
require makes it all but impossible to use in a secure and correct fashion. To fix this, Perl needs two new ops: one which will only load files, and one which will only load modules. Both would only load from @INC.
The more I look into the problem, the more I'm convinced that there is no good way to load a module from a variable in Perl. None of the existing techniques or modules fully solve the problem. They all have security holes or limitations. This is kind of embarrassing, it's an easy thing and it should be easy. My investigation into how many ways the simple act of loading a module can go wrong has lead me to believe that the solution is a new op which just loads modules.
For those of you wondering, near as I can tell this is how you correctly and securely load a module from a variable...
sub require_module {
my $module = shift;
# Is it defined?
die unless defined $module;
# Is the caller using utf8?
require utf8;
my $with_utf8 = (caller(0))[8] & $utf8::hint_bits;
# Are Unicode package names ok?
my $check = $with_utf8 ? qr{\A [[:alpha:]_] [[:word:]]* (?: :: [[:word:]]+ )* \z}x
: qr{\A [A-Z_a-z] [0-9A-Z_a-z]* (?: :: [0-9A-Z_a-z]+ )* \z}x;
# Is it a syntactically valid module name?
die unless $module =~ $check;
# Transform to a pm file path
my $file = $module;
$file .= ".pm";
$file =~ s{::}{/}g;
# What were we doing again?
return require $file;
}
Isn't that EASY?! Nothing I've looked at gets this all correct. And please don't cut and paste that into your code, fix one of the module loading modules instead.
This all started when I mentioned on StackOverflow that having your compiler and your exception handler share the same function is a security hole by way of a bad interface. It encourages people to use them interchangeably without really thinking about the consequences. The common example I came up with was eval "require $module" which happens a lot.
The real fun came when I tried to fix it.
See, I found a security hole in a major module (details withheld because I'd rather not point it out too conspicuously before it gets updated) which allows arbitrary code execution. Whoops. Yes, it did filter $module... or it tried to anyway. And yes, it was written by a very competent programmer. Loading a module from a variable is hard. It should be easy. Easy things should be easy.
My first solution was to replace it with eval { require $module }. Yeah, it's wrong. I was in a rush. My superhuman strength was needed to lift boxes, some of which were solidly packed with metal bars. It may have been a bank heist, the details are hazy. Funny enough, the module's tests did not catch the mistake (they do now).
If you know why it's wrong, skip ahead to the next tl;dr. The rest of you sit down and learn where this whole problem comes from.
require is really two functions and that's where the whole problem comes from. Are you seeing a theme? If you pass require a variable, like require $module, it will consider that to be a file path and try to load it, appending it to each entry in @INC assuming the path is not absolute (that becomes a concern later). If you pass require a bareword, like require Module::Name, it will consider that to be a module, validate it (probably the Perl compiler validates it), transform it into a .pm file path and then do what require $scalar does.
Got that? Confused? It's hard to keep straight, and that's half the problem. Let's make it clear(er):
require Bareword::Name
Bareword::Name treated as a module name.Bareword/Name.pm)@INC.require $file
@INC.require Bareword::Name is safe in that it will load a .pm in your @INC and nothing else. If the content of @INC can be trusted, you're good. (If it can't, you shouldn't be wasting time reading overly verbose security blog posts. Fix that shit now.)
require $file is not safe. It does no validation. It can be used to load any valid Perl on the filesystem. Got that? If an attacker injects a file into /tmp an unprotected require $file might let them execute it with elevated privileges. This is bad. It gets worse.
Trouble is, require Bareword lets you load from a bareword and not a variable. This is how Perl knows you're asking for a module and not a file. Rather than have two clearly defined functions we have clever syntax. Yaaay... guh.
The user is forced into two ways around this inflexibility, both unpalatable. Either you write eval "require $module" to trick Perl into thinking $module is a bareword, or you take it upon yourself to transform $module into a pm file path and use require $file. Both are security holes.
Welcome back tl;dr readers! Wipe the drool off the side of your face, we're not done.
Some of you are thinking, "I'm not stupid. I can write eval "require $module"! All I have to do is validate $module or make sure it comes from a trusted source!" Maybe.
Once upon a time my friend was showing off this new Glock. He pointed out the lack of a conventional safety, instead there's a number of very clever things to ensure the gun will not fire unless the trigger is deliberately pulled. On the other hand, a loaded Glock will always fire if the trigger is deliberately pulled. This is a great feature if you are, say, a trained police officer. If you're a civilian, this is a great way to shoot you or your house guest in the foot. My friend was so confident in the safety of his gun he bragged he could hammer nails with it.
Just because you can hammer nails with a gun doesn't mean you should build a house with it. Just because you think you can make eval "require $module" safe doesn't mean it is. Or that everyone else will. The best security is the security you don't have to be careful about. You always have to be careful with eval STRING, every single time.
You will get lazy and not validate. Or a clever attacker will figure a way around your validation. Or your validation will reject valid module names. Or code which previously only took safe $module is later changed to take unsafe user input. I've seen all of this. This is not the path to security.
So what about require $file? Because it's so easy to jump the @INC rails that starts out insecure by design. Here's how...
Let's say an attacker has found a way to get files onto your filesystem, doesn't matter what owner. This is already a security hole, but they don't have any way to execute the file. A cracker will now find a way to escalate their privilege stacking one minor security hole onto another to make a great big one. An unprotected require $file is all they need to execute it, because it will load any absolute path. Already require is a security risk because you have to jump through more hoops to make it stick to @INC.
Filter for absolute paths and you're good? No, also paths starting with ./. And ../ because those will jump out of @INC too. Don't forget to check for .\ and .\ on Windows! Writing that down? Good. Save space, there's more.
This is about loading a module, not any old file. Usually people will first transform the module into a file path. That doesn't seem so hard, right?
my $file = $module;
$file .= ".pm";
$file =~ s{::}{/}g;
require $file;
Done? No. It's not even totally valid, it doesn't handle the ' namespace separator, but only Klingons and hippies care about that. No, it's worse. It's a security hole and one that is all over our Perl code.
Remember how require $file can be made to jump the rails and load any file? You'd think the module transformation would prevent that, but no. Consider the "module" /tmp/LOL/PWND which the code above happily loads a /tmp/LOL/PWND.pm. Ok, maybe your code has some validation and only lets things that look like module names in. If the validation isn't well written it might allow ::tmp::LOL::PWND.
The combination of a salad of insecurities makes loading a module almost impossible to properly secure unless you are very knowledgeable and very careful.
That's fine, in situations like this the smart and safe thing is to use a module! Then lots of people who think about this stuff can get it right. Right? Surely a module dedicated to the one act of loading a module has thought this through? Right? Please?
Nope.
perl5i gets it wrong. $module->require does not validate $module and so is vulnerable to the ::tmp::LOL::PWND trick.
Module::Load will jump out of @INC just like require does.
Class::Load comes close. I haven't been able to make it do anything insecure, but it tells me things which are not valid module names, like "123", are and things which are valid module names, like "Mégå::Mödulé" are not valid. Also it has a rather long dependency chain just to safely load a module.
UNIVERSAL::require works great is vulnerable to shenanigans. By making require a class method call, it uses Perl's own idea of what a valid package name is. Unfortunately, what the Perl parser considers a package name and what the Perl runtime considers a package name is different. The runtime will accept all sorts of junk for the purposes of a class method call, like subdir/../../../../../tmp/LOL/PWND. For fuck's sake.
Even if a module is made convenient, correct and secure, people will still avoid adding a CPAN dependency for something as "trivial" as loading a module. The CPAN modules should be fixed to be sure, but they are not the long term solution.
The design of require makes it almost impossible to secure. Those modules went past a lot of eyeballs, including mine, and they still don't work right. While it is good to patch those modules, what is needed is a better require built right into Perl. More precisely, two.
The first, let's call it require_module, loads modules. It only loads modules in @INC and does nothing else. By doing this inside Perl it can perfectly validate the module name avoiding both validation mistakes and security holes.
The second, let's call it require_file, loads files. It only loads files from inside @INC. Absolute paths and those which try to updir are rejected. This allows a programmer to be sure what Perl code can be loaded is at least coming from secured locations.
require_module is easy, it can be carved out of the existing require code without much trouble (uhh... as far as writing new keywords in Perl goes). require_file is made difficult because Perl lacks the built in file path operations. Detecting an absolute path is pretty straightforward, but detecting one that's trying to updir is not. That requires a complete file path parsing library... in C.
Fortunately, only require_module is needed to solve our problem. With an in core way to securely and correctly load a module from a variable, the impulse to use any other hack fades away with older versions of Perl. A CPAN module can encapsulate the decision to use the built-in or a pure Perl work around depending on the version of Perl.
I'm writing up the tests and docs now. I'll be doing the work in a branch on Github called feature/split_require if you'd like to contribute. It especially needs someone who can write the actual C code using something better than my rusty chainsaw.
]]>I've chosen to simulate that buggaboo of OO performance in Perl, the simple accessor. The one that you're going to call millions of times and that you'll be sorely tempted to reimplement with a hash or tear all the argument checks out of for "performance". To make it a little more realistic, I'm checking both getting and setting as well as a simple argument check.
]]> Each benchmark gets or sets an integer once via an accessor (except in the case of the plain hash). The object is created outside the benchmark to avoid distortion.Each accessor validates that the argument is an integer.
I picked the following modules because they are either popular or make performance claims:
I also threw in Object::Tiny and Object::Tiny::XS, even though it's not really fair. They're read only and do no argument checks. They sacrifice everything for performance. Let's see if it's worth it.
Finally, I did a hash with no argument checks, just to get an upper bound.
I won't clog this post with the full benchmark code, but here's what the Moose class looks like for example.
package Foo::Moose;
use Moose;
has bar => (is => 'rw', isa => "Int");
__PACKAGE__->meta->make_immutable;
Results
And the results, from slowest to fastest getter with the cheaters at the bottom.
Name Get Set
-----------------------------------------
Moo -11% -4%
manual 0% 0%
Mouse, no XS 0% -33%
Moo w/quote_sub 5% -46%
Moose 8% -40%
Mouse 145% 468%
manual, no check 0% 153%
Object::Tiny 20% n/a
Object::Tiny::XS 226% n/a
hash, no check 279% 1,116%
hash 289% 147%
That's with Perl 5.12.2 on OS X using the latest versions of all those modules as of this writing (Moose 1.24, Mouse 0.91, Moo 0.009007, Object::Tiny 1.08, Object::Tiny::XS 1.01).
The percentages are the % improvement from a hand written class (manual).
You can get all the data as a CSV.
Conclusions
The go-to module is clearly Mouse with XS. The power of Moose, but faster than everything equivalent, faster than writing it by hand, faster (on setting with equivalent validation) than a raw hash, and no required dependencies. Unless you need the meta capabilities of Moose, there's little reason to use anything else.
If you want a read-only object with no argument checks, use Object::Tiny::XS, hands down.
Object::Tiny, on the other hand, is pretty poky; significantly slower than Mouse with XS. Given its extreme limitations, if you can use XS then there's no point to Object::Tiny.
Moose and pure Perl Mouse stack up about the same and fare well against a hand written class, though lose out in setting. You should be getting far more than setting, so you won't be seeing much performance gain by hand writing methods.
The big surprise is the newcomer, Moo... but not in a good way. It's "an extremely light-weight, high-performance Moose replacement" but the numbers don't stack up. Absolutely creamed by Mouse with XS, it's the slowest getter of them all with a slight edge in setting.
Another surprise is Moo's quote_sub. This is supposed "to create coderefs that are inlineable, giving us a handy, XS-free speed boost." The Moo docs suggest using them for "isa" type checks, so I did. The numbers don't pan out, it's worse than a regular sub. I'm going to assume it's a bug and I've filed a report. Curiously, using quote_sub on isa made the getter faster... which makes no sense.
The final conclusion is this: performance is no longer an excuse for not using OO. Accessors are what will be called most often and they're what tempts programmers to micro optimize and throw out their abstractions. Mouse and Object::Tiny::XS can blow the doors off what you can write by hand. The performance improvements in Mouse show that abstraction not only makes the code cleaner, but it allows radical optimizations which you can have just by upgrading to a new version.
Bias
Every benchmark has its biases. Here's the ones in this one that I can identify.
Of course the version of Perl, operating system and versions of modules all matter. One particularly large gap will be in Mouse. Its XS optimizations are a fairly recent thing, so older versions of Mouse will not perform well.
The benchmark uses a very simple type check, an integer. I chose that because it's what an awful lot of methods are going to use. Because it's so simple and common Moose, and especially Mouse, have a clear opportunity to optimize for it. A less common or more complicated type check might have impacted performance more. A string might provide different numbers.
Finally, I really like Mouse. :-)
Update
Corrected my statement about Mouse being faster than a raw hash. That only happens when setting with validation. When I originally did the benchmarks they combined setting and getting.
Added a wider conclusion about the role of performance in choosing an OO system.
]]>