If You Need Lifeboats, That Means Your Ship is Sinking

Published

Tags: , and

It’s 1912 and Captain Edward Smith is boarding the RMS Titanic. He sees the lifeboats on deck and shakes his head with a heavy sigh before turning to the crew. “In my experience, I’ve never needed lifeboats. They’re not best practices — if you need lifeboats, that means your ship is sinking!” The crew members are enlightened and eagerly throw all lifeboats overboard. The Titanic begins its voyage to New York.

Update

Published

Tags: , and

Just a quick update because I’ve been too busy to write much recently.

I’m giving a talk at DConf 2017 in Berlin! D’s been growing strongly in the past five years, and DConf’s been growing dramatically since the first one in 2013, so it’s pretty exciting to get involved. No, really. I often give tech talks at no-name events here in Sydney, but I’m half scared I’ll wet my pants on stage with a lineup like this — in my university days, I used to read all the C++ books by Andrei Alexandrescu and Scott Meyer that I could get my hands on.

If you have a DConf ticket, I look foward to seeing you there. If not, then you can look forward to watching the videos :)

Instead of writing a real blog post, I’m dropping a link to this classic about backwards compatibility nightmares, which you might like if you thought the mess that’s x86 BIOS booting was interesting. It’s a chapter from The Old New Thing, a book by Raymond Chen from Microsoft, based on his blog. Raymond Chen has spent a lot of his career making sure new versions of Windows can still run old software, no matter how badly the old software abused APIs and deserved to crash. Most of the technical details belong to the 90s, but there are plenty of morals for software development in the real world today. If you can read that chapter without ever wanting to weep for the industry, you’re stronger than I am.

D for Bare Metal Programming

Published

Tags: and

Previously I talked about booting a PC directly to bare metal D and said that Hello World is never a strong test of a programming environment. To get a better feel for what D is really like on bare metal, I wrote Xanthe, a simple, classic-style vertical scrolling shooter game with no dependencies on either the D or C runtime.

Friends Don't Let Friends Use PyCrypto

Published

Tags: and

For all practical purposes, PyCrypto, the Python Cryptography Toolkit, is dead. The package has several issues (many of them with security implications) that will almost certainly never get fixed because the project hasn’t been updated in multiple years. Despite that, I still see PyCrypto recommendations around every now and then — I just got it removed from the Awesome Cryptography list.

BIOS Boot to D

Published , Updated

Tags: and

After my previous post on using D for C-like programming, I wondered about going deeper. What’s the minimum it would take to run C-like D code on a PC? Could it run straight from a BIOS bootloader?

If you seriously want to make an OS, you’re much better off using an existing bootloader like U-Boot or GRUB, or at least using UEFI. But doing it this way is interesting because the x86 PC has an insane level of backwards compatibility, and booting from the BIOS to a modern high-level language is like doing an archealogical dig through the past 40 years of computing history.

Completely Ripping the Runtime out of D

Published

Tags: and

Most high level languages are built as a layer on top of C. That includes out-of-the-box D, but it doesn’t have to be that way: D is a plausible candidate for a “better C”. I think this is a pretty cool idea, so I’ve been experimenting with it to see what’s possible. The dmd compiler (and very soon the ldc2 compiler) has a -betterC command line flag that’s intended to remove dependencies on the D runtime. Unfortunately, it’s still extremely rudimentary — the docs only promise it “omit[s] generating some runtime information and helper functions” — so in practice it’s hard to write non-trivial D code without getting runtime dependencies, even if you don’t need them in theory.

With a little linker hacking, it’s possible to rip these unnecessary dependencies out of compiled D code. As an example, I’ll completely remove all references to the D runtime out of some compiled D code so that it can link directly to some C, as if it were C code to begin with.

On Not Optimising for Last Century's Hardware

Published

Tags: , , and

Once upon a time I wrote a super-optimised algorithm for rotating data in an array. At least, it was meant to be super-optimised, but its real-world performance turned out to be terrible. That’s because my intuition about performance was stuck in the 20th century:

  1. Break a program down into basic operations like multiplication and assignment
  2. Give each operation a cost (or just slap on an O(1) if you’re lazy)
  3. Add up all the numbers
  4. Try to make the total in step #3 small

A lot of textbooks still teach this “classic” thinking, but except for some highly constrained embedded systems, it just doesn’t work that well on modern hardware.

Switching from StartSSL to Let's Encrypt

Published

Tags: and

When I first set up this blog I got an SSL certificate from StartCom’s StartSSL authority, simply because it was the easy way to just get a site on HTTPS.

However, StartCom has recently fallen out of favour with browser vendors, starting with Mozilla and now Chrome. If you haven’t been following the world of certificate authority politics, the story starts with a CA called WoSign. A university sysadmin created a big tech news story earlier this year after revealing that WoSign gave him a certificate for github.com. This is a pretty big deal, and Mozilla’s investigations into WoSign have raised even more concerns about WoSign’s mistakes and handling of mistakes. One of those concerns is this:

[In November 2015] WoSign purchased the CA “StartCom” and did not disclose the transaction as a change of ownership, which we believe violates section 5 of the Mozilla CA Certificate Maintenance Policy. Furthermore, when this clause was brought to their attention, they denied that any changes fell under it, and they attempted to suppress further information about the ownership transfer when it was brought to the community’s attention.

A couple of weeks ago Mozilla announced that Firefox will be phasing out support for both WoSign and StartCom certificates. Chrome made a similar announcement a week later.

Reading Code (and Writing Readable Code)

Published

Tags:

Like most engineers who do a lot of contract work, I’ve had plenty of job interviews. I’ve had chats across desks, and over the phone. I’ve written programs on whiteboards and on laptops, and answered technical questions and non-technical questions, and solved puzzles. One thing I’ve never had, though, is an interviewer give me some code and ask me to talk about it, which is strange because my first real job at any site is always figuring out the existing codebase.

Function Attributes and the D ABI

Published

Tags: , and

The D programming language has a bunch of built-in attributes like pure and nothrow. I was wondering how things like libraries might break if function attributes changed between versions, so I gave it a try.