January, 2004

  • The Old New Thing

    What's old is new again... well it's still old

    • 3 Comments
    The wonderful people who ran blogs.gotdotnet.com, as a parting gift, migrated all the old content into this blog. They're awesome, aren't they?
  • The Old New Thing

    Is there an exclusionary rule in Sweden?

    • 18 Comments
    According to Friday's Klartext (note: link valid only for one week, then it gets overwritten by the next Friday's Klartext),
    Vi ska börjar klartext med berätta att en åklagare nu ska undersöka om fler än två hundra poliser i Sverige har brutit mot lagen. Poliserna letade rätt på information om mordet på politikern Anna Lindh med hjälp av dator. Trots att det är förbjudet.

    Poliserna var nu fikna(?) och ville veta mer om den man som är erkänt att han dödade Anna Lindh. En del av poliserna ville ochså veta mer om den man som poliserna först tog fast men sedan släppte.

    Om en domstol säger att poliserna är skyldiga till att ha läst hemliga saker i sin dator kan de få betalar pengar i bötar som straff. Det kan ochså bli så att poliserna bli tvunga att sluta sina jobb.

    My bad translation (based on a bad transcription no less!):

    We will begin Klartext with the report that a prosecutor is now investigating whether more than two hundred police officers in Sweden have broken the law. The officers were trying to find information on the murder of politician Anna Lindh with the help of computers. But that is forbidden.

    The officers were now (?unknown word?) and wanted to know more about the man who is recognized as having killed Anna Lindh. A segment of the officers also wanted to know more about the man whom police first captured but later released.

    If a court determines that the police are guilty of having read private files in their computer, they can be penalized by a monetary fine. The officers may also be forced to resign.

    At first I thought I was completely misreading the story since I couldn't find confirmation of it anywhere, but it finally showed up on Dagens Nyheter.

    First question is one of possible misunderstanding: Whose computers did the police read secret files from? Their own (sin)? Why can't the police read their own files?

    Second question: If in fact the evidence was obtained illegally, does this benefit the defendant in any way? In the United States, evidence gained illegally is inadmissable in court. This is known as The Exclusionary Rule. This rule is rather controversial and exceptions have been granted in special circumstances.

  • The Old New Thing

    Why do member functions need to be "static" to be used as a callback?

    • 17 Comments
    As we learned yesterday, nonstatic member functions take a secret "this" parameter, which makes them incompatible with the function signature required by Win32 callbacks. Fortunately, nearly all callbacks provide some way of providing context. You can shove the "this" pointer into the context so you can reconstruct the source object. Here's an example:

    class SomeClass {
     ...
     static DWORD CALLBACK s_ThreadProc(LPVOID lpParameter)
     {
      return ((SomeClass*)lpParameter)->ThreadProc();
     }
     DWORD ThreadProc()
     {
      ... fun stuff ...
     }
    };
    

    Some callback function signatures place the context parameter (also known as "reference data") as the first parameter. How convenient, for the secret "this" parameter is also the first parameter. Looking at the various calling conventions available to us, it sure looks like the __stdcall calling convention for member functions matches our desired stack layout rather well. Let's take WAITORTIMERCALLBACK for example:

    __stdcall callback __stdcall method call thiscall method call
    .. rest of stack .. .. rest of stack .. .. rest of stack ..
    TimerOrWaitFired TimerOrWaitFired TimerOrWaitFired <- ESP
    lpParameter <- ESP this <- ESP

    Well, "thiscall" doesn't match, but the two "__stdcall"s do. Fortunately the compiler is smart enough to recognize this and can optimize the s_ThreadProc static method to nothing if you just give it enough of a nudge:

    class SomeClass {
     ...
     static DWORD CALLBACK s_ThreadProc(LPVOID lpParameter)
     {
      return ((SomeClass*)lpParameter)->ThreadProc();
     }
     DWORD __stdcall ThreadProc()
     {
      ... fun stuff ...
     }
    };
    

    If you look at the code generation for the s_ThreadProc function, you'll see that has been reduced to nothing but a jump instruction, since the compiler has realized that the two calling conventions coincide here so there is no actual translation to do.

    ?s_ThreadProc@SomeClass@@SGKPAX@Z PROC NEAR
      jmp     ?ThreadProc@SomeClass@@QAGKXZ
    ?s_ThreadProc@SomeClass@@SGKPAX@Z ENDP
    

    Now some people would take this one step further and just cast the second parameter to CreateThread to LPTHREAD_START_ROUTINE and get rid of the helper s_ThreadProc function entirely. I strongly advise against this. I have seen too many people cause trouble by miscasting function pointers; more on this in a future entry.

    Although we took advantage above of a coincidence between the two __stdcall calling conventions, we did not rely on it. If the coincidence in calling conventions fails to occur, the code is still correct. This is important when it comes time to port this code to another architecture, one where the coincidence may longer be true!

  • The Old New Thing

    Ten-year-old + Microsoft Flight Simulator = terrorist

    • 11 Comments
    Apparently a ten-year-old who put Microsoft Flight Simulator on his Christmas wish-list became the subject of a terrorism investigation. (Warning: I suspect that link will go stale in a week, so read it while you still can.) As always, The Register puts a snarky spin on the story.
  • The Old New Thing

    It's called "proofreading", give it a shot why don't you

    • 28 Comments
    Like everybody else, I was checking out the new MSN home page and I clicked over to the tour. And right there as their top headline in the sample web page, it says, "Wierd items of the future".

    Ahem. It's spelled w-e-i-r-d.

    And on all of the MSN properties, like local city guides, you can see MSN's new motto: "More Useful Everyday".

    Um, another spelling error. That should read "More Useful Every Day". When used as a single word, "everyday" is an adjective, not an adverb. Like "An everyday event".

    I'll stick with My Yahoo, thanks the same. At least they know how to spell.
  • The Old New Thing

    The history of calling conventions, part 3

    • 35 Comments
    Okay, here we go: The 32-bit x86 calling conventions.

    (By the way, in case people didn't get it: I'm only talking in the context of calling conventions you're likely to encounter when doing Windows programming or which are used by Microsoft compilers. I do not intend to cover calling conventions for other operating systems or that are specific to a particular language or compiler vendor.)

    Remember: If a calling convention is used for a C++ member function, then there is a hidden "this" parameter that is the implicit first parameter to the function.

    All

    The 32-bit x86 calling conventions all preserve the EDI, ESI, EBP, and EBX registers, using the EDX:EAX pair for return values.

    C (__cdecl)

    The same constraints apply to the 32-bit world as in the 16-bit world. The parameters are pushed from right to left (so that the first parameter is nearest to top-of-stack), and the caller cleans the parameters. Function names are decorated by a leading underscore.

    __stdcall

    This is the calling convention used for Win32, with exceptions for variadic functions (which necessarily use __cdecl) and a very few functions that use __fastcall. Parameters are pushed from right to left [corrected 10:18am] and the callee cleans the stack. Function names are decorated by a leading underscore and a trailing @-sign followed by the number of bytes of parameters taken by the function.

    __fastcall

    The first two parameters are passed in ECX and EDX, with the remainder passed on the stack as in __stdcall. Again, the callee cleans the stack. Function names are decorated by a leading @-sign and a trailing @-sign followed by the number of bytes of parameters taken by the function (including the register parameters).

    thiscall

    The first parameter (which is the "this" parameter) is passed in ECX, with the remainder passed on the stack as in __stdcall. Once again, the callee cleans the stack. Function names are decorated by the C++ compiler in an extraordinarily complicated mechanism that encodes the types of each of the parameters, among other things. This is necessary because C++ permits function overloading, so a complex decoration scheme must be used so that the various overloads have different decorated names.

    There are some nice diagrams on MSDN illustrating some of these calling conventions.

    Remember that a calling convention is a contract between the caller and the callee. For those of you crazy enough to write in assembly language, this means that your callback functions need to preserve the registers mandated by the calling convention because the caller (the operating system) is relying on it. If you corrupt, say, the EBX register across a call, don't be surprised when things fall apart on you. More on this in a future entry.

  • The Old New Thing

    Budget cuts strike Swedish radio

    • 4 Comments
    Alas, budget cuts over at Sveriges Radio have reduced the staff of Klartext, the Swedish news program presented in easy Swedish, from three to two, so they won't be able to provide text summaries of the radio show. I had been using the summaries to help me fill in the gaps I had missed, but now I guess I'll just have to listen even more closely.

    I can make out perhaps a fifth of what's going on. If I really concentrate (and they speak slowly enough), it might reach half. But after the first two stories or so, my brain explodes and I have to take a rest.

    Embarrasingly, it took me weeks to figure out what they were saying to introduce each show! "Programmet som förklarar nyheterna på ett enklare sätt." I got stuck on the first word; even today it sounds like the guy is saying what seems to be the nonsense word "pörjammet".

    The two types of stories I like most on Swedish radio are (1) where they talk about the United States, since it's enlightening to learn how others see us, and (2) when they talk about slimy politicians.

    The Swedes seem all upset that their politicians are selfish money-grubbing sleazeballs. Hey, you idealistic Swedes, they're politicians. Being selfish money-grubbing sleazeballs is their job!

    Exhibit A: Politicians paid for sitting on committees, but don't actually show up for committee meetings. When confronted, one politician explained, "I didn't realize I was being paid." (Translation: "I don't do things unless I get paid to do them.") Another used the excuse, "I didn't know I was supposed to attend the meetings." (Translation: "Sure, go ahead, pay me extra money, I'll gladly take it, but if you expect me to do work, you have to tell me!")

    Exhibit B: Members of the Riksdag are permitted a free rail pass to travel between their constituency and Stockholm. Half of the MPs which avail themselves of this perk choose the most expensive railway ticket, the so-called "Årskort Guld" (Annual Gold Card), which gets you a complimentary three-course meal among other top-class amenities. All these Gold Cards cost the Swedish taxpayer over a million Kronor per year, compared to the cost of buying them all coach tickets.

    Meanwhile, here in the United States, we don't even bat an eye when one representative sneaks a US$225,000 renovation of his home town's swimming pool into the federal budget, and another secures a US$50 million grant to build an indoor rain forest in Iowa.

    That buys a lot of train tickets.
  • The Old New Thing

    The history of calling conventions, part 2

    • 15 Comments
    Foreshadowing: This information will actually be useful in a future discussion. Well, not the fine details, but you may notice something that explains... um... it's hard to describe. Just wait for it.

    Curiously, it is only the 8086 and x86 platforms that have multiple calling conventions. All the others have only one!

    Now we're going deep into trivia that absolutely nobody remembers or even cares about: The 32-bit calling conventions you don't see any more.

    All

    All of the processors listed here are RISC-style, which means there are lots of registers, none of which have any particular meaning. Well, aside from the zero register which is hard-wired to zero. (It turns out zero is a very handy number to have readily available.) Any meanings attached to the registers are those imposed by the calling convention.

    As a throwback to the processors of old, the "call" instruction stores the return address in a register instead of being pushed onto the stack. A good thing, too, since the processor doesn't officially know about a "stack", it being a construction of the calling convention.

    As always, registers or stack space used to pass parameters may be used as scratch by the called function, as can the return value register.

    You may notice that all of the RISC calling conventions are basically the same. Once again, evidence that the 8086/x86 is the weirdo. A wildly popular weirdo, mind you.

    The Alpha AXP

    The Alpha AXP ("AXP" being yet another of those faux-acronyms that officially doesn't stand for anything) has 32 integer registers, one of which is hard-wired to zero. By convention, one of the registers is the "stack pointer", one is the "return address" register; and two others have special meanings unrelated to parameter passing.

    The first six parameters are passed in registers, with the remaining parameters on the stack. If the function is variadic, the parameters can be spilled onto the stack so they can be accessed as an array.

    Seven other registers are preserved across calls, one is the return value, and the remaining thirteen are scratch. 1 zero register + 1 stack pointer + 1 return address + 2 special + 6 parameters + 7 preserved + 1 return value + 13 scratch = 32 total integer registers.

    Function names on the Alpha AXP are completely undecorated.

    The MIPS R4000

    The first four parameters are passed in a0, a1, a2 and a3; the remainder are spilled onto the stack. What's more, there are four "dead spaces" on the stack where the four register parameters "would have been" if they had been passed on the stack. These are for use by the callee to spill the register parameters back onto the stack if desired. (Particularly handy for variadic functions.)

    Function names on the MIPS are completely undecorated.

    The PowerPC

    The first eight parameters are passed in registers (r3 through r10), and the return address is managed manually.

    I forget what happens to parameters nine and up...

    Function names on the PowerPC are decorated by prepending two periods.

    Postclaimer: I haven't had personal experience with the MIPS or PPC processors, so my discussion of those processors may be a tad off, but the basic idea I think is sound.

  • The Old New Thing

    Words I'd like to ban in 2004

    • 39 Comments
    It seems to be fashionable to do a "top words" list this time of year. We have Google 2003 Zeitgeist, Top Yahoo! Searches 2003, Merriam-Webster's Words of the Year for 2003, YourDictionary.com's Top Ten Words of 2003, Lake Superior State University's Banished Words List for 2004; still waiting for the American Dialect Society's choice for Word of the Year for 2003.

    I like LSSU's approach, so here's my list of words I'd like to ban.

    Best-of-Breed

    Thank goodness this has faded, but there are still some citations out there. Please don't use it to describe my work. It makes me sound like a dog in a show. (No offense to dogs in shows!)

    Leading

    Everybody is "the leading this" or "the leading that". Here's my rule: If you say you're the leading XYZ or (even dodgier) "among the leading XYZs", then have to list at least three companies that are not leaders in the XYZ market. Because if nobody is following you, then you're not really "leading", now, are you.

    And the word I most would like to banish from the English language:

    Ask (as a noun)

    This has taken over Microsoft-speak in the past year or so and it drives me batty. "What are our key asks here?", you might hear in a meeting. Language tip: The thing you are asking for is called a "request". Plus, of course, the thing that is an "ask" is usually more of a "demand" or "requirement". But those are such unfriendly words, aren't they? Why not use a warm, fuzzy word like "ask" to take the edge off?

    Answer: Because it's not a word.

    I have yet to find any dictionary which sanctions this usage. Indeed, the only definition for "ask" as a noun is A water newt [Scot. & North of Eng.], and that was from 1913!

    Answer 2: Because it's passive-aggressive.

    These "asks" are really "demands". So don't guilt-trip me with "Oh, you didn't meet our ask. We had to cut half our features. But that's okay. We'll just suffer quietly, you go do your thing, don't mind us."

  • The Old New Thing

    Why does the copy dialog give such horrible estimates?

    • 34 Comments
    Because the copy dialog is just guessing. It can't predict the future, but it is forced to try. And at the very beginning of the copy, when there is very little history to go by, the prediction can be really bad.

    Here's an analogy: Suppose somebody tells you, "I am going to count to 100, and you need to give continuous estimates as to when I will be done." They start out, "one, two, three...". You notice they are going at about one number per second, so you estimate 100 seconds. Uh-oh, now they're slowing down. "Four... ... ... five... ... ..." Now you have to change your estimate to maybe 200 seconds. Now they speed up: "six-seven-eight-nine" You have to update your estimate again.

    Now somebody who is listening only to your estimates and not the the person counting thinks you are off your rocker. Your estimate went from 100 seconds to 200 seconds to 50 seconds; what's your problem? Why can't you give a good estimate?

    File copying is the same thing. The shell knows how many files and how many bytes are going to be copied, but it doesn't know know how fast the hard drive or network or internet is going to be, so it just has to guess. If the copy throughput changes, the estimate needs to change to take the new transfer rate into account.

Page 4 of 5 (43 items) 12345