Archive for December 16, 2015

Wednesday, December 16, 2015 [Tweets] [Favorites]

OSSpinLock Is Unsafe

John McCall (via Peter Steinberger):

Spin locks are, unfortunately, illegal on iOS, which does not guarantee progress in the face of priority inversion.

Greg Parker:

OSSpinLock is unsafe unless you can guarantee that all users have the same priority.

David Smith:

also applies to the new MacBooks since they will depress priority and throttle in thermal overload situations.

to compensate, pthread mutexes are 2-2.5x faster than they used to be on new OSs

It’s a shame that this is not documented. But how great is it to see Apple engineers discuss these sorts of details in public?

Update (2015-12-31): Kevin Ballard:

The reason for this comes back to the thread scheduler and QOS. You remember how I said low-priority threads will eventually execute? That’s no longer true with QOS. More specifically, threads in a higher QOS class will never decay to a lower QOS class, and the scheduler will always prioritize runnable threads in a given QOS class before threads in lower classes. And since threads spinning on a spinlock are always runnable, this means that if there’s enough high-QOS threads waiting on a lock held by a lower-QOS thread, the thread that owns the lock will never execute.


The Obj-C runtime switched to a handoff lock algorithm, where the spinlock is the size of a word and the owning thread actually stores its thread ID in the lock. Threads that block on the lock can then temporarily donate their priority to the thread that owns the lock, which fixes the priority inversion. There’s potential issues when multiple locks are involved, but in practice it works. The only problem with this solution is it relies on private API, and the spinlock implementation itself isn’t public, so there’s no way for third-party code to use these locks.

precondition vs. assert in Swift

Erica Sadun quotes Dave Abrahams:

The two functions have distinct roles:

  • assert: checking your own code for internal errors.
  • precondition: for checking that your clients have given you valid arguments.

It’s actually important to distinguish these two cases because the second one demands public documentation while the first does not.

A Domain Move Disaster

Paul Ingraham (via Hacker News):

Bing handled the transition exactly like Google should have. My rank on Bing never even changed: it just went from indexing URLs to URLs. It was agonizing to behold such good behaviour from a search engine with about 5% of the clout of Google.

Lightbulb DRM

Tim Cushing (via Seven Swans-a-Sarah):

The world of connected devices is upon us and things have never been better. Criminals can access your email account by breaking into your fridge. Your child’s toys and your television record your conversations and send them to manufacturers’ servers, where criminals are (again) able to access them. Your home thermostat goes HAL 9000 and attempts to set your house on fire. And, now, your lightbulbs won’t do the one thing you expect them to do: produce light.

Purchasers of the Philips Hue “smart” ambient lighting system are finding out that the new firmware pushed out by the manufacturer has cut off access to previously-supported lightbulbs.

See also: Hacker News, MacRumors.

Swift Type Constrained Extensions

Matt Long:

One of Swift’s most expressive and powerful features is type constrained extensions. If you’re new to Swift coming from Objective-C, think of it as a category in Objective-C yet with the ability to specify type criteria so that your category (extension) only applies to the class if it conforms to a certain type. For example, if you have an array of your own custom objects, you can create functions that are specific to an array of your objects.

His JSON example seems like a bit much, but I like the idea of extending collections with helpers for particular types. Because of the type system, this doesn’t pollute the namespace, and you will get relevant code completions from the IDE. In Objective-C, I would use a free function (with the type in its name) or a class method, both of which are more cumbersome.

MacKeeper Exposes Data on 13 Million Customers

Juli Clover:

As shared in a reddit post, Chris Vickery (via Forbes) was able to download the records simply by entering an IP address, with no username or password required to access the data, a major security oversight on MacKeeper’s part.

MacKeeper was also using MD5 hashes for passwords, a weak algorithm that’s easily bypassed using an MD5 cracking tool.

John Gruber:

It’s bad enough they were ripping people off in the first place — now they’ve exposed their passwords.

Previously: MacKeeper.