Blog
Posts about memory safety, the Rust programming language, and software supply chain security, among other things.
- C++ Must Become Safer Posted on July 16, 2024
Not everything will be rewritten in Rust, so C++ must become safer, and we should all care about C++ becoming safer.
Continue Reading → - Softlocking APIs Posted on April 4, 2024
“Softlocking” is a term in the world of video games where a game is playable, but can’t make forward progress. Usually this means the game has a bug, or that the designers and quality assurance testers missed some combination of steps that leads to an inability to complete the game. It’s basically a video game version of “livelock” failures in concurrent programs, but “softlock” is (to me) the more fun term, so let’s use it.
Continue Reading → - The “xz” Backdoor Posted on March 29, 2024
Another big security event happened.
This time, it’s that the “xz” project was backdoored. The full details and impact of the attack are still being understood, with Linux distros and other systems that have integrated the malicious code now raising their antibodies and responding. This will continue as we figure out the scope, and secondary impacts and recommended next steps like rotating SSH keys and detecting if individual systems have been compromised will no doubt come as well.
Continue Reading → - Renegotiating C Posted on February 19, 2024
I am tying myself in a knot.
It all started when I read “You (Probably) Don’t Need to Learn C,” a good article which raises good points about the poor arguments people tend to make when defending the choice of learning C in this day and age. First and foremost: “you should learn C so you know how a computer really works.” The article itself refers then to David Chisnall’s “C is Not a Low-Level Language,” so I’ll do the same because it makes the case better than I can. C is not the computer. C is (maybe) the only interface to syscalls exposed by the operating system, depending on the system. C is (definitely) an important part of computing history and computing today.
Continue Reading → - “Implementation Selection” in Rust Posted on January 23, 2024
A common problem in programming is when you want the path of options for “what happens next” to split. In structured programming this would generally come in the form of a series of
Continue Reading →if/else if/else(or whatever the syntax is in your preferred language), or aswitchif your language supports it. Maybe you have a ternary operator for a more compactif/else. Maybe you go whole-hog and have some array of function pointers to embed the selection into data. Whatever way you slice it, you have paths of control flow, and you want to choose between them in a structured fashion. - Technostructuralism Posted on April 3, 2019
So Steve Klabnik posted a really thoughtful piece on open source and free software (read it if you haven’t), and the responses on places like Hacker News made an error that seems common in these circles: believing working harder will solve a problem.
Continue Reading → - Monomorphization Bloat Posted on December 3, 2016
In this post I will discuss monomorphization: what it is, why it’s useful, and what problems can potentially arise from it, with a particular focus on the problem of monomorphization bloat. I will also look at options for dealing with monomorphization bloat in your codebase.
Continue Reading → - String Types in Rust Posted on March 27, 2016
This seems to be a common issue, so let’s talk about the different string types in the Rust programming language. In this post I’m going to explain the organization of Rust’s string types with
Continue Reading →Stringandstras examples, then get into the lesser-used string types—CString,CStr,OsString,OsStr,PathBuf, andPath—and how theCowcontainer can make working with Rust strings easier.
Elsewhere