George V. Reilly

On Circumnavigating the Aubreyiad Again

At the beginning of 2021, prompted by Russell Crowe’s defense of Master and Commander, I began yet another re-read of the twenty Aubrey-Maturin novels. Or, as the fandom would have it, another cir­cum­nav­i­ga­tion. It’s probably my fifth or sixth cir­cum­nav­i­ga­tion, since I bought the complete boxed set as a Christmas present to myself in the early aughts.

I completed the twentieth book, Blue at the Mizzen, yesterday, and also the few pages of the final, unfinished novel, 21. (I also read about 120 other books in 2021, down from a stupendous 200 books in 2020, but that’s neither here nor there.)

I think I'm due for another re-read of Patrick O'Brian's Aubrey/Maturin novels (all continue.

Review: Crafting Interpreters

Author: Robert Nystrom
Rating: ★ ★ ★ ★ ★
Publisher: Genever Benning
Copyright: 2021
Pages: 640
Keywords: pro­gram­ming, in­ter­preters
Reading period: 10–28 December, 2021

I’ve read hundreds of technical books over the last 40 years. Crafting In­ter­preters is an instant classic, and far more readable and fun than many of the classics.

Nystrom covers a lot of ground in this book, building two very different in­ter­preters for Lox, a small dynamic language of his own design. He takes us through every line of jlox, a Java-based tree-walk in­ter­preter, and of clox, a bytecode virtual machine written in C.

For the first im­ple­men­ta­tion, jlox, he covers such topics as scanning, parsing ex­pres­sions with recursive descent, evaluating ex­pres­sions, control flow, functions continue.

Path Traversal Attacks

I was surprised to read this evening that the Apache Web Server just fixed an actively exploited path traversal flaw.

🚨 Apache has disclosed an *actively exploited* Path traversal flaw in the #open­source "httpd" server. Over 112,000 exposed Apache servers run version 2.4.49, and should be upgraded now!
New fix checks for encoded path traversal characters e.g. /../.%2E/https://t.co/1tLNc3LAul pic.twitter.com/mDHLEU3k9N
— Ax Sharma (@Ax_Sharma) October 5, 2021

Apparently, it was introduced over a year ago.

I’m gobsmacked that Apache didn’t have a robust suite of tests for this.

Directory Traversal attacks have been a problem for web servers since the beginning. OWASP, PortSwig­ger, and Spanning all have ex­pla­na­tions that you can read. The essence is that you make a request continue.

Accidentally Quadratic: Python List Membership

We had a per­for­mance regression in a test suite recently when the median test time jumped by two minutes.

We tracked it down to this (simplified) code fragment:

task_inclusions = [ some_collection_of_tasks() ]
invalid_tasks = [t.task_id() for t in airflow_tasks
                 if t.task_id() not in task_inclusions]

This looks fairly in­nocu­ous—and it was—until the size of the result returned from some_­col­lec­tion_of_­tasks() jumped from a few hundred to a few thousand.

The in comparison operator con­ve­nient­ly works with all of Python’s standard sequences and col­lec­tions, but its efficiency varies. For a list and other sequences, in must search linearly through all continue.

Passphrase Generators

I’ve been using password managers for at least 15 years to keep track of all my passwords. I have separate, distinct, strong passwords for hundreds of sites, and I’ve only memorized the handful that I need to actually type regularly.

I started out with the KeePass desktop app originally, but I switched to the online LastPass app about a decade ago. At work, we use 1Password.

When I register for a site, LastPass generates a random password for me, such as:

tV%5joS$U6^uY5xU
T2oEUY!g70Iv1b&I
8kNHg9*A5GMR9%8D

LastPass securely syncs my passwords between machines and devices. Its browser in­te­gra­tion and its Android and iPhone apps mean that I rarely ever have to actually type any of those ugly messes in.

But when continue.

Punctuating James Joyce

In The Punc­tu­a­tion Marks Loved (and Hated) by Famous Writers, Emily Temple relays a range of opinions from writers such as Tom Wolfe, Elmore Leonard, and Ursula K. Le Guin on periods, semicolons, hyphens and more.

On commas:

Listens to the sound of the sentence, and is always right, Bob: Toni Morrison

[On her editor, Bob Gottlieb, who famously “was always inserting commas into Morrison’s sentences and she was always taking them out”] We read the same way. We think the same way. He is over­whelm­ing­ly aggressive about commas and all sorts of things. He does not understand that commas are for pauses and breath. He thinks commas are for gram­mat­i­cal things. We have come to an continue.

Now You Have 32 Problems

Some people, when confronted with a problem, think “I know, I’ll use regular ex­pres­sions.” Now they have two problems.

— Jaime Zawinksi

A Twitter thread about very long regexes reminded me of the longest regex that I ever ran afoul of, a par­tic­u­lar­ly horrible multilevel mess that had worked acceptably on the 32-bit .NET CLR, but brought the 64-bit CLR to its knees.

Whenever I ran our ASP.NET web ap­pli­ca­tion [on Win64], it would go berserk, eat up all 4GB of my physical RAM, push the working set of IIS’s w3wp.exe to 12GB, and max out one of my 4 cores! The only way to maintain any sanity was to run iisreset every 20 minutes to gently continue.

Weirdest Birthday Ever

When I said that Emma and I would be spending 2020 in Dublin, I could not possibly have an­tic­i­pat­ed what would be happening in Seattle while we were gone.

Today is my 55th birthday and it’s the weirdest birthday ever, in what must be the weirdest week that most of us have lived through. (So far.)

COVID-19 is all that anyone can talk about: where it’s spreading, how it’s being handled, what comes next.

I started working from home on Tuesday, March 10th. Emma’s general health and immune system are not good. My parents, who live nearby, are now both 80 years old and neither is in great health. It seemed prudent to minimize my continue.

Dublin for 2020

I left in the Eighties; I’m going back in the Twenties.

I am trans­fer­ring to a Dublin-based team at Stripe for a one-year rotation. Emma and I will be moving to Dublin just before Christmas. Emma has never lived in Ireland and I haven’t lived there since January 1989. After 30 years in the US, I’m about to spend a year in my hometown.

I grew up in Dublin, earned a Bachelor’s degree in Computer Science at Trinity College Dublin in 1987, and moved to the US in 1989 to get a Master’s degree in Comp Sci at Brown University in Providence, RI. Microsoft moved me to Seattle, WA in 1992, where I’ve continue.

A Use for Octal: Calculating Modulo 36 from Modulo 9

(I posted an earlier version of this in December 2004 on my old technical blog. A discussion at work last week about 36-bit computers at the Living Computers Museum prompted me to write an updated post with improved ex­pla­na­tions and much better typography.)

I’ve been pro­gram­ming in C since 1985 and C++ since 1991, but I’ve never found a use for octal rep­re­sen­ta­tion until [2004], aside from the per­mis­sions argument for chmod. Octal has always seemed as vestigial as a human appendix, a leftover from the early days of computers, when word sizes were often a multiple of three: 6-, 12-, 24-, or 36-bits wide. All modern computers use word continue.

Previous »