The Windows development environment provided by VisualStudio has some neat tools for detecting memory leaks in code. You simply #define _CRTDBG_MAP_ALLOC before including your headers, and #include <crtdbg.h> as the last header:

#define _CRTDBG_MAP_ALLOC

// Include header files here

#include <crtdbg.h>

Then, you call _CrtDumpMemoryLeaks() before your application exits. If your program exits at many points, you can alternatively call _CrtSetDbgFlag( _CRTDBG_ALLOC_MEM_DF | _CRTDBG_LEAK_CHECK_DF ) at the beginning of you application, which will cause the leaks to also be printed when it exits. The results are printed to the Debug Window and look like the following:

Detected memory leaks!
Dumping objects ->
C:\PROGRAM FILES\VISUAL STUDIO\MyProjects\leaktest\leaktest.cpp(20) : {18}
normal block at 0×00780E80, 64 bytes long.
Data: < > CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD
Object dump complete.

Cool, Huh?! However, some libraries don’t play nice with this, as I explain below.

Read the rest…

Microsoft has started to release developer information for Windows 7 (the follow-on to Windows Vista). Of particular interest to me is the Windows 7 Developer Guide. It discusses many of the new features that will be available when this new version of Windows is released.

Of particular interest to me are the changes to DirectX 10, Media Foundation, and the new DirectX 11. Here are some highlights.

DirectX 11:

• “…resource creation and management has been optimized for multithreaded use, enabling more efficient dynamic texture management for streaming.”
• Several improvements have been made to the high-level shading language (HLSL), such as a limited form of dynamic linkage in shaders to improve specialization complexity, and object-oriented programming constructs like classes and interfaces.”

DirectX 10 improvements:

• “The pipeline also introduces the geometry shader stage, which offloads work entirely from the CPU to the GPU. This new stage enables you to create geometry, stream the data to memory, and render the geometry with no CPU interaction.”
• Predicated rendering performs occlusion culling to reduce the amount of geometry that is rendered. Instancing APIs can dramatically reduce the amount of geometry that needs to be transferred to the GPU by drawing multiple-instances of similar objects. Texture arrays enable the GPU to do texture swapping without CPU intervention.”

Media Foundation improvements:

• “…Media Foundation has been enhanced to provide better format support, including MPEG-4, as well as support for video capture devices and hardware codecs.”
• “In Windows 7, Media Foundation provides extensive format support that includes codecs for H.264 video, MJPEG, and MP3; new sources for MP4, 3GP, MPEG2-TS, and AVI; and new file sinks for MP4, 3GP, and MP3.”
• “In Windows Vista, Media Foundation exposed a relatively low-level set of APIs. These APIs are flexible, but may not be appropriate for performing tasks. Windows 7 adds new high-level APIs that make it simpler to write media applications in C++.”

The Sydney Morning Herald has a great piece on a computer malfunction that showed up during the 2008 Olympic opening ceremony in Beijing. The dreaded “Blue Screen of Death” (BSOD), familiar to Windows XP users, was projected on the stadium ceiling when one of the display computers crashed. Here’s one of the images:

It seems that Lenovo (the PC supplier for the games) chose Windows XP instead fo Vista. From the article:

Lenovo chairman, Yang Yuanqing, was quoted as saying that because of the complexity of the IT functions at the Games, it was decided to not use the the more recent operating system. “If it’s not stable, it could have some problems,” he said.

Ironically, former Microsoft CEO Bill Gates was in the crowd (he can run but he can’t hide).

Gizmodo has some more images and links to the incident.

The SDTimes has an article up about a new operating system Microsoft is working on called “Midori”. It is based on their “Singularity” OS, with everything being written in managed code then natively compiled.  Rumor has it that this is the follow-on to the Windows platform… we’ll see if it ever materializes commercially. SDTimes bases the article on some internal documents they got access to, which may be why we haven’t seen this level of detail before (see the entry in Wikipedia). From the article:

According to the documentation, Midori will be built with an asynchronous-only architecture that is built for task concurrency and parallel use of local and distributed resources, with a distributed component-based and data-driven application model, and dynamic management of power and other resources.

The Midori documents foresee applications running across a multitude of topologies, ranging from client-server and multi-tier deployments to peer-to-peer at the edge, and in the cloud data center. Those topologies form a heterogeneous mesh where capabilities can exist at separate places.

In order to efficiently distribute applications across nodes, Midori will introduce a higher-level application model that abstracts the details of physical machines and processors. The model will be consistent for both the distributed and local concurrency layers, and it is internally known as Asynchronous Promise Architecture.

…operating system services, such as storage, would either be provided to the applications by the OS or be discovered across a trusted distributed environment.

Read the rest…

This is too good not to post:

Picture source

Overview

When writing a shared library, it is sometimes useful to have a set of functions that get called when the library is loaded and unloaded. In Windows, this is done by implementing the DllMain function. This function is called by the loader whenever a DLL is loaded or unloaded into the address space of a process (and also when the process creates a new thread, but it is less common to handle this case). A value is passed in as an argument to the DllMain function that indicates which event is occurring: DLL load or unload.

On Linux, one must use the GCC __attribute__((constructor)) and __attribute__((destructor)) keywords (double underscores before and after) to explicitly declare functions to be called on load and unload. These keywords cause the compiler/linker to add the specified functions to the __CTOR_LIST__ and __DTOR_LIST__ (”ConstrucTOR LIST” and “DestrucTOR LIST” respectively) in the object file. Functions on the __CTOR_LIST__ are called by the loader when the library is loaded (either implicitly or by dlopen()). The main purpose for this list is to call the constructors on global objects in the library. Conversely, functions on the __DTOR_LIST__ are called when the library is unloaded (either implicitly or by dlclose()). By adding initialization and clean-up functions to this list, one can effectively replicate the DllMain functionality on Linux.

NOTE: There are many ways to “shoot yourself in the foot” with these methods (on both Windows and Linux) because certain things aren’t available to your library until loading is complete. Don’t use these methods unless you have a real need… just export an Initialize() and Destroy() function instead, and force the consuming application to call them. Please read the “Gotcha’s” section below.

Read the rest…

Inside Windows Vista User Account Control (TechNet)

Here are some links to 3 great articles by Mark Russinovich about new features in the Windows Vista kernel (Ntoskrnl.exe).

Inside the Windows Vista Kernel: Part 1

Inside the Windows Vista Kernel: Part 2

Inside the Windows Vista Kernel: Part 3

The Washington Post is reporting about how Microsoft enlisted the National Security Agency’s help in securing the next version of Windows. Sounds good, huh? Looks like Microsoft is doing everything is can to secure Vista. The NSA is the best-of-best when it comes to this stuff, so who better to turn to, right?

Well, there’s a subtle reason why this is not good, and I believe Bruce Schneier offers a good summary as to why this is:

It’s called the “equities issue.” Basically, the NSA has two roles: eavesdrop on their stuff, and protect our stuff. When both sides use the same stuff — Windows Vista, for example — the agency has to decide whether to exploit vulnerabilities to eavesdrop on their stuff or close the same vulnerabilities to protect our stuff. In its partnership with Microsoft, it could have decided to go either way: to deliberately introduce vulnerabilities that it could exploit, or deliberately harden the OS to protect its own interests.

So, which choice did they make? We’ll probably never know, but given the current administration’s feeling about privacy and warrentless eavesdropping, this whole thing doesn’t make me feel any better about Vista security.

The real irony of the whole thing is that this could make Vista seem more secure, when actually the opposite is true. There’s an old saying in the security field: “No security is better than poor security.” When there’s no security, at least people are cautious with their data. With the “illusion” of security, people tend to act as if they are truly secure.

As a side note, this is an example of why security is so hard to get right. In many ways, true security is counter-intuitive… that’s part of what makes this field so interesting.