Reverse Engineering a Docker Image

Published 18 March 2021

This started with a consulting snafu: Government organisation A got government organisation B to develop a web application. Government organisation B subcontracted part of the work to somebody. Hosting and maintenance of the project was later contracted out to a private-sector company C. Company C discovered that the subcontracted somebody (who was long gone) had built a custom Docker image and made it a dependency of the build system, but without committing the original Dockerfile. That left company C with a contractual obligation to manage a Docker image they had no source code for. Company C calls me in once in a while to do various things, so doing something about this mystery meat Docker image became my job.

Fortunately, the Docker image format is a lot more transparent than it could be. A little detective work is needed, but a lot can be figured out just by pulling apart an image file. As an example, here’s a quick walkthrough of an image for the Prettier code formatter. (In fact, it’s so easy, there’s a tool for it. Thanks Ezequiel Gonzalez Rial.)

Debugging Software Deployments with strace

Published 14 November 2019

Tags: Ops , Tools , Reliability , Servers and Low Level

Translations:русский

Most of my paid work involves deploying software systems, which means I spend a lot of time trying to answer the following questions:

This software works on the original developer’s machine, so why doesn’t it work on mine?
This software worked on my machine yesterday, so why doesn’t it work today?

That’s a kind of debugging, but it’s a different kind of debugging from normal software debugging. Normal debugging is usually about the logic of the code, but deployment debugging is usually about the interaction between the code and its environment. Even when the root cause is a logic bug, the fact that the software apparently worked on another machine means that the environment is usually involved somehow.

So, instead of using normal debugging tools like gdb, I have another toolset for debugging deployments. My favourite tool for “Why isn’t this software working on this machine?” is strace.

Why const Doesn't Make C Code Faster

Published 12 August 2019, Updated 24 August 2019

Tags: Performance , C , C++ , Low Level and Programming Languages

Translations:中文, русский

In a post a few months back I said it’s a popular myth that const is helpful for enabling compiler optimisations in C and C++. I figured I should explain that one, especially because I used to believe it was obviously true, myself. I’ll start off with some theory and artificial examples, then I’ll do some experiments and benchmarks on a real codebase: Sqlite.

Profiling D's Garbage Collection with Bpftrace

Published 26 April 2019

Tags: dlang , Performance , Tools and Low Level

Recently I’ve been playing around with using bpftrace to trace and profile D’s garbage collector. Here are some examples of the cool stuff that’s possible.

Understanding a *nix Shell by Writing One

Published 07 November 2018

Tags: Shell , Low Level , Tools , Ops and dlang

A typical *nix shell has a lot of programming-like features, but works quite differently from languages like Python or C++. This can make a lot of shell features — like process management, argument quoting and the export keyword — seem like mysterious voodoo.

But a shell is just a program, so a good way to learn how a shell works is to write one. I’ve written a simple shell that fits in a few hundred lines of commented D source. Here’s a post that walks through how it works and how you could write one yourself.

Using D Features to Reimplement Inheritance and Polymorphism

Published 13 August 2018

Tags: Low Level , Software Engineering and dlang

Some months ago I showed how inheritance and polymorphism work in compiled languages by reimplementing them with basic structs and function pointers. I wrote that code in D, but it could be translated directly to plain old C. In this post I’ll show how to take advantage of D’s features to make DIY inheritance a bit more ergonomic to use.

Although I have used these tricks in real code, I’m honestly just writing this because I think it’s neat what D can do, and because it helps explain how high-level features of D can be implemented — using the language itself.

Hacking extern(C++) Classes to Work in betterC

Published 27 May 2018

Tags: dlang and Low Level

First up, here’s a big disclaimer if the title didn’t warn you enough: this is a hack. It’s just a proof-of-concept for getting extern(C++) classes working with betterC D. Also, DMD keeps getting better quickly, so if you’re reading this post when something more recent than version 2.080 is out, this hack is probably obsolete. Hopefully you’ll find this post interesting anyway if you’re either

Interested in all things -betterC, or
Curious about how stuff like classes work in D.

If you haven’t read my earlier post about how polymorphism and inheritance work yet, I recommend doing that first.

Xanthe Doesn't Need Linker Hacking Now

Published 13 April 2018

Tags: dlang and Low Level

I finally got around to dusting off the code for Xanthe to test if it can work without linker hacking, now, too. Short answer: yes. I had to add an implementation of memcmp for the freestanding build, but other than that, all I had to do was throw away the linker hacking steps in the Makefile. Apart from the linker scripts for building the disk images, Xanthe now just compiles normally with -betterC.

Also, the old build was about twice as big as it needed to be because the media files were being packed into the binary twice for no good reason. That doesn’t seem to be a problem any more with the latest dmd.

How Inheritance and Polymorphism Work

Published 02 April 2018

Tags: Low Level , Software Engineering , Programming Languages and dlang

I’ve promised to write a blog post about the DIY polymorphic classes implementation in Xanthe, the experimental game I once wrote for bare-metal X86. But first, I decided to write a precursor post that explains how polymorphism and inheritance work in the first place.

Look, Ma! betterC Without Linker Hacking!

Published 06 March 2018

Tags: dlang and Low Level

Version 2.079 of the DMD compiler has just been released with improvements to the -betterC flag. I just gave it a try, and the D code I linked into a C executable with some horrible linker hacking in 2016 now works without any linker hacking at all. There’s still some more stuff to test out when I get around to it, but, hey, here’s some progress: