memcpy_s

May 22nd, 2009

On Friday, an article ran on Slashdot making note that Microsoft is “banning” the C function memcpy in favor of the new memcpy_s. While memcpy_s has in truth been around for a while, the notion that it would now generate compiler warnings has created quite an uproar. Some people seem curious as to why so many people are upset by what seems a pretty innocuous change. The article author asked if was going to affect anyone’s creativity. I can assure you that’s not the concern.

In a nutshell: the problem is you can’t tape a cupholder to a formula one race car and declare it street legal. It still doesn’t have any bumpers, it’s too low to be safe around other cars, and if you aren’t an expert driver you still shouldn’t be driving it. A cupholder doesn’t change that.

So what? A cupholder is still an improvement… right? Who doesn’t want a cupholder? Imagine for a moment that having the cupholder suddenly disqualified you from a number of races. You couldn’t run that race if you have a cupholder. It also slowed down your car–not a lot, but a tiny fraction of a second. Maybe it doesn’t slow it down enough to matter, but in those few races won by hundredths… well, maybe it does. Suddenly that cupholder doesn’t seem so nice.

To be clear, I’m not suggesting giving up on attempts to improve memory management and prevent buffer overruns. I just question if this exact approach was the best one.

Memcpy_s is basically a race car with a cupholder. While memcpy_s will certainly prevent some bugs, the same people who got one parameter wrong are just as likely to get two parameters wrong… and cause all new bugs in the process. Garbage In = Garbage Out. It doesn’t matter what the calling convention is.

On two occasions I have been asked,—”Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?” … I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question.”

— Charles Babbage, 1864
discussing the first mechanical computer

The change also comes with a price: it breaks cross-compatibility with other compilers, including older compilers on the same operating system as well as other platforms. This means the same code can’t cross-compile anymore if you use memcpy_s. Someone with Microsoft suggested that GCC should pick up the change as well. Perhaps, but that assumes that GCC is the only other compiler that matters. Certainly, it’s the most popular other compiler that matters, but it’s far from the only one especially if you do embedded systems work or anything running on “exotic” hardware. And let’s be honest–if you’re not writing something that’s fast or exotic, you’re probably not writing it in C. The exception, of course, being legacy code… but surely that’s even less likely to be changed. The whole point of legacy code is that you don’t have the time\budget to update it, otherwise you wouldn’t be running it at all. These are the guys who will wrap memcpy_s in a macro named memcpy, defeating it entirely. Sigh.

As for that speed difference I mentioned? We’re obviously only talking about an extra comparison operator and perhaps a branch or two here. I know an extra comparison operator seems trivial, but if an extra comparison operator didn’t matter ASSERT macros wouldn’t exist. The speed difference is nominal, but it’s very, very real. On a lark I timed it. Copying 32 bytes 100,000 times with memcpy took on average 3952 counts, or about 0.001104 seconds, measured to nanosecond accuracy with QueryPerformanceCounter. Performing the identical operation with memcpy_s took on average 9706 counts, or about 0.002712 seconds. This was in “release mode” using Visual Studio 2008. (For the curious, in debug mode the difference averaged 8028 counts to 11340 counts, but you shouldn’t be shipping your code in debug mode anyway!)

Now hopefully you’ve done everything you can to avoid memcpy in your inner loop in the first place, but we all know there are rare occasions where it’s unavoidable. This all brings me back to my earlier point: if you’re not writing something that’s fast or exotic, you’re probably not writing it in C. Yes, you can write your own memcpy that’s probably faster than the system memcpy if you’re really worried about speed, but now we’re back to the portability issue. In short, I’m certain that to the people where the choice of language matters, those few clock cycles matter too. We’re talking folks writing device drivers here, not business applications.

Nobody is twisting anyone’s arm to use memcpy_s. You can easily disable the compiler warnings and continue to use memcpy all you like. But hopefully you see where I’m going with this: A lot of the reason that people continue to use C for certain projects has to do with performance and portability. This change sacrifices both for dubious return. If the change is not going to have tangible benefits that outweigh the problems, why do it at all?

Sooner or later, you need to trust that the programmer knows what they are doing. If the programmer can’t manage memory responsibly, you’ve got a bigger problem than an extra parameter is going to fix. To be honest, while a lot of people don’t like to admit it programmers sometimes leak or botch memory even in managed languages. There’s certainly a thesis paper or two in “possible alternatives” to the approach taken–perhaps checking the block size by querying the allocator instead of asking the programmer which would be even slower but more reliable, borrowing ideas from double entry accounting, etc, etc.–although the “real” fix surely involves more intelligent ways of thinking about memory, which realistically means a fundamental change in constructs, not a patched function.

As always, XKCD sums it up best (panel #2):

XKCD

Ah, I wait for the day… 🙂

Share and Enjoy

Sculpted Prim Wine Glass

April 2nd, 2009

A wine glass is one of the first things most people make when they learn to use a 3D program. It’s fun and it’s easy.

Making a sculpted prim wine glass for Second Life is equally fun. In fact, it’s almost exactly the same except you need to UV map it before you upload it. A simple cylindrical map will do. Here’s a video to show you how using AC3D.

Wineglass Video
Click to download video

The step-by-step:

  1. Draw a polyline that will form the outer edge of your wineglass.
  2. (Optional) Use the spline tool to make your polyline into a smooth curve.
  3. Revolve the polyline around the Y axis 360 degrees. The more segments you use the smoother it will be, but the more polygons. You don’t need very many polygons, so don’t overdo it.
  4. Using the UV map tool, apply a cylindrical wrap around the Y axis.
  5. Export!


Here are the UV map settings I used.

When you import it into SL, be sure to set your mapping mode to cylindrical. If you don’t, the top and bottom of the glass will be solid instead of hollow.


Set the Stitching Type to Cylinder.

Download the model here.

Share and Enjoy

AC3D Plugin: Poser Export

March 30th, 2009

This plugin exports AC3D models to Smith Micro’s Poser PZ3 format. It also generates a WaveFront OBJ file that Poser will recognize as “grouped” surfaces. This allows you to create custom characters and props for use in your Poser scenes with AC3D, and reduces the amount of time spent in the Setup Room in Poser grouping your surfaces.

Either the PZ3 or the OBJ can be used for importing a model into Poser.

The PZ3 is “pre-rigged” using the AC3D hierarchy as the skeleton and the AC3D object centres as the joint pivots. The PZ3 allows you to see working joints right away, but obviously the joints won’t be weighted as nicely as if you did it by hand. For this reason, I’d recommend starting with the OBJ file and building your skeleton in the Poser setup room instead unless your final output is a game engine or something else where Poser’s blend weights don’t matter. Like the Milkshape plugin, the Poser plugin supports null pivots. Any mesh in AC3D named “NULL_[whatever]” is treated as a null pivot so you can do “fancy” rigs if you need to. There are additional instructions in the readme.txt included with the plugin.

Download the plugin. (Requires Windows XP, AC3D 6.2 or above, Poser 6.0 or above.)

I’ve also built a sample file in case you need a working example of how to build your model.

Download the sample model.

In the sample, I’ve taken the perfume atomizer that comes in the AC3D stock model library. (You can load the original by clicking File > Library inside of AC3D and loading it from the samples folder.) I’ve re-rigged the atomizer so it can animate, then exported it using the Poser plugin. After import into Poser, I applied my materials, set the lights and tweaked the skeleton. All of the files are included so you can see each step.

  • atomizer-rigged.ac – the rigged version of the atomizer from the AC3D library.
  • antomizer-rigged.pz3 – the unedited poser file exported by the plugin (yes, I realized belatedly I spelled it wrong, but I didn’t want to fix all the file links, doh)
  • atomizer-final.pz3 – the final file in poser, with materials applied and joint limits, etc., set

If you’re into building Poser models in AC3D, I would also recommend Dennis’s Poser Morph Target Assistant. The morph target assistant, as the name implies, will allow you to add morph targets to your Poser figures.

Enjoy!

Share and Enjoy

How to Send Me a Newsletter

March 30th, 2009

Like most people, I get waaaaaay too much e-mail. Between some crazy deadlines, out-of-town conferences and wiping out my primary desktop machine, I’ve been offline for a couple of weeks and boy-oh-boy have the messages piled up. [If you’re waiting for a reply from me on something, I promise I haven’t forgotten you. 🙂 I’m still re-installing and it’s going to take me a few more days to dig my way out.]

While I don’t subscribe to nearly as many newsletters as I used to — most of my news-ish stuff comes in the form of RSS feeds these days — I still subscribe to a few. Here are some tips if you’re writing a newsletter that will decrease the odds that I’ll delete it without reading it:

  • Don’t change your “from” address. I white-list only those newsletters I want. If you change your address without telling me first, your newsletter will be deleted as spam and I won’t even know it.
  • If you must change your e-mail address, tell me before you change it. Sending me a “we’ve changed our address” message from your new address is an instant FAIL. I’ll miss it because your new address isn’t white-listed. I can’t believe how many people don’t think about this one.
  • A unique per-user ID in the subject line helps me tell your newsletter apart from phishes that look just like it. If I get too many phishes impersonating your newsletter, I’ll probably just unsubscribe it. I know it’s not your fault, but I don’t have the time to spend sorting out the fakes. A unique per-user ID in the subject is a very fast, easy way to make it obvious which messages are probably real and which are almost certainly fake.
Share and Enjoy

Hacked By GeNErAL

March 17th, 2009

~!Hacked By GeNErAL alias Mathis!~

Hacked By GeNErAL

 

Greetz : Kuroi’SH, RxR, ~

\!/Just for Fun ~Hacked By GeNErAL\!/

Hacked By GeNErAL! !

Share and Enjoy