Wednesday, May 05, 2021

Once More Unto the Breach

I'm going to make a certain subset of my readership’ eyes widen and their ears perk up: the largest stock price that the NASDAQ stock exchange software can represent is $429,496.7295.

See? I wasn't wrong, was I? Many of you are laughing.

So now we know that the NASDAQ software represents a per share stock price as a 32-bit unsigned integer number in units of one-hundredths of a cent. If we convert the $429,496.7295 into units of one-hundredths of a cent (or ten-thousandths of a dollar), we get 4,294,967,295 (or 0xFFFF_FFFF in hexadecimal, for those of you into that sort of thing). That value is 232-1: the largest unsigned integer number you can fit in thirty-two bits.

This is just another example like the Y2K issue, or the UNIX epoch issue, what my embedded colleagues and I have generically referred to as the counter rollover bug. I have encountered this class of bug many times in my career, and written about its occurrence more than once. (See the bibliography below.)

The problem was revealed when the price of one Class A share of Warren Buffet's company Berkshire Hathaway started trading at $421,000. NASDAQ is rushing to complete a software upgrade, hoping to get it tested and installed before the price goes much higher.

This problem affects even those stocks (like Berkshire Hathaway) that are traded on other exchanges. NASDAQ has a stock price quoting service that reports on stocks that they themselves don't trade. In fact (I had to look this up) NASDAQ originally stood for "National Association of Securities Dealers Automated Quotations" and was merely a quotation service.

https://www.forexlive.com/news/!/berkshire-hathaways-stock-price-is-too-high-nasdaq-temporarily-suspended-prices-20210505

Bibliography

C. Overclock, Time Flies, 2015-05-09

C. Overclock, Time Flies Again, 2019-07-27

C. Overclock, 32,768, 2019-11-27

C. Overclock, Meet the new bug, same as the old bug., 2020-04-04

Acknowledgement

Thanks to my old friend and colleague John Meiners for the correction.

Wednesday, April 21, 2021

Small Talk

Despite the fact that I rate off the scale on introversion on every personality test I've ever taken, I am skeptical about the the Work From Home and Remote Learning trends. As necessary as they are during these Plague Times, I don't think we have any idea of the long term effects on our corporate culture, our productivity, our innovation, or on our and our children's emotional maturity and communications skills. We are a species that evolved to live and work in tribes.

This morning I read two articles that I liked on this topic.

In "What a Year of WFH Has Done to Our Relationships at Work" (Baym et al., HBR, 2021-03-22), three Microsoft researchers analyze ginormous datasets to determine how communication between team members have changed. Hint: they've become much more siloed.

In "I've lost my conversational mojo - can I relearn the art of small talk?" (Samadder, The Guardian, 2021-04-17), actor and columnist Rhik Samadder talks - socially distantly - to experts in the art of small talk, including to the neuroscientist for which the "Dunbar Number" is named. Upshot: the experts think we'll adjust back to being social again more readily than we might think.

I am concerned about limiting our interpersonal communications to those channels moderated by technology. It's not just about the loss of body language and other social cues. Or the lack of the productive backchannel that is the spontaneous hallway conversation. Or the magic that happens when you get a few smart people in the same room in front of a whiteboard.

It's also about the way in which I turned from being a socially awkward introvert to being - I am told, anyway - skilled at collaborating, teaching, public speaking, and giving executive briefings (while still being a little socially awkward). Being a strong introvert - some might even say a nerd - those skills didn't come naturally to me; they were learned through years of hard-won, and sometimes even painful, experience. Experience that we are eliminating in the WFH and RL world.

I hear a lot of folks talk about how much they prefer WFH and RL. And a lot of those preferences are totally legitimate. But for some of those folks, the strong introverts, I fear that they prefer it because it gives them an excuse not to grow and learn and exercise important social skills.

I also fear this is just another facet of late-stage capitalism, in the form of another cost - the cost of providing adequate infrastructure - that corporations can push off onto their employees, while the resulting hidden expense to the organization remains largely unaccounted for.

I don't think we appreciate what we're giving up. And we have little understanding for the possible long term consequences.

Update (2021-04-22)

Laurie Kenley, a cloud security wrangler, made these insightful remarks in another forum, and kindly gave me permission to reproduce them here verbatim.

I am off the scales in extroversion and I have been working from home for 2 1/2 years. I had to re-create my life around the fact that I would not be getting social interaction in my job well before the pandemic. I had it all figured out. And when the plague hit, all of that collapsed. It took a lot of figuring out how to be OK. Not great but OK.

One thing I will say that has been “better“ during the pandemic as a remote worker, is that everyone is remote now and it’s a level playing field. I have been able to be more effective and more plugged in to my coworkers than ever before in this remote job. To use a Hamilton reference, "the room where it happens" is now a virtual room. It has democratized decision making in a way I don't necessarily expect to last in the coming months.

Tuesday, April 06, 2021

Ghidra 9.2.2

 Ghidra is an open source graphical tool produced by the U.S. National Security Agency (NSA) to analyze binary (compiled) software images for a wide variety of hardware targets and compiler platforms. Amongst its many capabilities are generating a disassembly listing and (remarkably) generating a decompiled listing back into C. This latter case requires that the tool recognize idiomatic instruction sequences produced by common compilers like GNU C, as well as deal with some special cases in which assembler code is inserted inline by the C developer, e.g. for memory barriers, low level synchronization primitives, and accessing special hardware registers.

The NSA released version 9.0 of Ghidra to the public just about two years ago. I wrote a couple of articles (see references below) here about using it to reverse engineer compiled code from my Diminuto, Hazer, and Scattergun projects. I did find a couple of bugs - multiple symbol tables in shared objects confusing the disassembler, and inserted memory barrier instructions confusing the decompiler - reported them, and got useful feedback from one of the developers.

Yesterday I installed the latest public release of Ghidra, 9.2.2, and tried two of the specific cases that were problematic that I wrote about in my two blog articles. Casual perusal of the Ghidra 9.2.2 disassembled and decompiled output for ARM7 binaries suggests both of these issues have been resolved. I updated both articles with remarks to this effect, and included screenshots of the updated output.

Reverse engineering has a lot more applications than just cybersecurity. Analyzing deliberate malware isn't typically my area; but debugging proprietary embedded software, and integrating my and my clients' new code with legacy systems, is an integral part of what I do for a living. Tools like this can be crucial for dealing with undocumented or under documented legacy systems. Reverse engineering tools like Ghidra should be in the toolkits of embedded and other low level systems developers.

References

C. Overclock, "Ghidra", 2019-03-25

C. Overclock, "Decoding Special Machine Instruction Sequences with Ghidra", 2019-03-26