Dual videocards without SLI

Posted on September 22, 2009 by Bob Somers

I just recently upgraded my workstation to a quad monitor setup, because you can never have enough screen real estate. I originally had a dual-monitor setup on a single videocard, an nVidia GeForce 8800 GT.

A friend of mine sold me 2 older 19″ flat panels for just $50, but I needed a second videocard to drive the extra displays. Although I absolutely detest shopping there and I avoid it at all costs, I picked up a GeForce 9800 GT from Best Buy. Don’t worry, it was on sale so I was getting screwed slightly less than usual.

Interestingly enough, the 9800 is practically identical to the 8800. The two biggest differences are the move to the smaller manufacturing process (55nm from 65nm) and an updated BIOS on the card. This particular model is made by PNY and is tagged with an “EE” at the end to denote that it’s an “Energy Efficient” edition. Basically it means that it doesn’t require the standard 6-pin PCI-E graphics card power connection from your PSU. It draws all of it’s power (only 66 watts under full load!) from the PCI-E bus. Thankfully my 550 watt power supply is beefy enough to drive both cards without breaking a sweat.

Installation was simple enough. Getting Windows XP to recognize the second card was another story, though.

See, what you’re supposed to be able to do is just drop the card into the second slot and when you reboot, Windows will happily say “Wow, cool, nice new videocard! Lemme install those drivers for ya so you can get started experiencing multi-monitor bliss!” In fact, my copy of Windows just said “New videocard? Huh? Nobody tells me nutin’.”

And thus the issue debugging begins. I really hate this part.

First up was checking that the card was seated correctly. In the process of reseating the card, I noticed a small daughter card between my videocard slots that allowed you to specify if you were using single or dual videocards. “Sweet,” I thought, “this is the problem right here. I swapped the daughter card around to “dual videocards”  and booted up the rig.

No dice.

Next I thought perhaps the nVidia drivers only detected new cards when they were installed. I wiped off the current nVidia drivers and downloaded the latest copy. After reinstalling the video drivers, Windows still had no idea the second videocard was even there.

As I was double checking my motherboard manual to make sure dual videocards without SLI was indeed supported, I noticed that when one card is installed it runs at 16x speed. When two cards are installed, however, it splits the PCI-E bus and runs both cards in x8. “Perfect,” I thought, “I’ll just check the bus speed to see if the motherboard even sees the card.”

After locating the window in the nVidia control panel that shows you the PCI-E bus stats, I verfied that indeed, my single card (the 8800 GT) was running in x8. The motherboard was detecting the second card.

By this point, you’re probably wondering why I was using the 9800 GT (the newer card) as my secondary graphics card and the older 8800 GT as the primary card.

The only negative comment I found when looking through reviews of the PNY 9800 GT EE was that for some reason the fan seemed locked to 45% speed. Normally the fan spins up as necessary to cool off  the card under higher load, but this card didn’t seem to do that. You can adjust the fan speed manually through the nTune software, but I didn’t particularly feel like adjusting this every time I played a game, or have my computer sound like a Harrier jet 24/7. (It already sounds like a idling tractor.) Since the cards are practically identical performance-wise, I figured I’d leave the 8800 pulling gaming duty while the 9800 only had to push out the pixels to the 2 new monitors.

Since the 9800 wasn’t being detected by Windows, I then figured that maybe I’d try swapping the cards. After installing the 9800 in the primary slot and the 8800 in the secondary slot, I was greeted to a driver installation of my 9800, but my 8800 was nowhere to be found. At this point, I was seriously worried that somehow my motherboard’s second PCI-E slot was unusable.

I gave it one last hurrah and swapped the cards back. As soon as I booted up, I was greeted by nVidia’s multi-monitor setup wizard and Windows dutifully installing the 9800 drivers again. All four monitors were working.

Moral of the story: If your secondary card isn’t getting detected, install it in the primary slot and give Windows a chance to see it and install the drivers. Then swap it back to the secondary slot.

Lastly, this post couldn’t possibly be complete without pictures!

Four monitors means I can get my LCD tan 4 times quicker. I better get some more sunscreen!

Four monitors means I can get my LCD tan 4x quicker!

Playing Team Fortress 2 across three screens is only one of many uses!

Playing Team Fortress 2 across three screens is only one of many uses!

If you’re feeling particularly brave, check out these screenshots to see what I’m seeing when I play Team Fortress 2. Thanks to the SoftTH utility, I can get triple head gaming without the Matrox hardware adapter!

plr_pipeline as Pyro with SoftTH

plr_pipeline as Pyro with SoftTH

plr_pipeline as Soldier with SoftTH

plr_pipeline as Soldier with SoftTH

Posted in Gaming, Hardware | Leave a comment

Awesome regex test tool

Posted on September 4, 2009 by Bob Somers

So I’m working with a friend to develop a regex that matches something out of an API response, when we really wish we could quickly prototype a regex. Now, there are plenty of tools to do this, some are even freeware, but all them need to be downloaded and installed. I realize it sounds pathetic to say that I was too lazy to download and install a tool, but to be honest I really don’t need more tiny, rarely-used apps cluttering up my system. There’s got to be a web-based tool to do this, I thought.

Google did not disappoint. I found this awesome web-based regex test tool built on Adobe Flex called RegExr. If you’ve got Flash installed, it runs right in your browser.

Not only does it show you what it’s matching live as you type, what your match groups contain, what each chunk of your regex means, etc., but it’s also got a phenomenal quick-reference sidebar for all those handy meta-characters. You can even save your favorite regexs and browse other people’s favorite submissions.

We need more tools like this. I was able to quickly and easily prototype a regex in no time at all, and the app took about 10 seconds to figure out how to use.

Thanks, gskinner.com! You guys are awesome!

Posted in Code, Tools, Web | Leave a comment

Know your text editor

Posted on July 22, 2009 by Bob Somers

Let’s examine why it’s important as a programmer to really know your text editor, but in a different light that usual. Traditionally programmers are concerned with knowing all the tricks of their editor so that they can make use of them. Instead, let’s look at an example of why you should know what your editor does so it doesn’t screw you over.

Today at work a coworker received a large volume of joke emails telling them how bad their coding style was, with links to example code telling them to “learn how to program”. This was in response to what he thought was a simple 6-line change, but was actually a 22,000-line “oops”.

He opened up a file that’s roughly 25,000 lines (let’s not get into why it’s that long…) to make a simple change. After adding about 6 lines, he saved, quit, and committed the change to the repository. His editor of choice is vim (as is mine).

For those of you unfamiliar with vim, it’s a text-based editor that has a fairly steep learning curve. It takes years to truly master, but the power it offers you is incredible. In vim you start in command mode, which let you enter vim commands much like you would on a command line. You can switch to insert mode to actually insert text into your document, or other modes for formatting and whatnot.

Well in this case, the programmer accidentally brushed the escape key while he was typing, which brought him out of insert mode and into command mode. What he thought was being typed into a comment in his code was actually being typed into the vim command line. He must have brushed some other keys as well, because here’s the unfortunate key sequence that he ended up entering:

:% <<<<<<<<

For those of you not well-versed in vim commands, here’s an explanation. The colon starts a command, and the % symbol is like a wildcard for the command, applying it to the entire file instead of the current selection. Each < character shifts the current selection one tab stop to the left. Similarly, the > character shifts the current selection one tab stop to the right. It’s phenomenally handy for quickly adjusting the level that a block of code is indented.

However, what that above command will do is basically crush every level of indention against the left margin, and then apply that to the entire file. What you end up with is having every line of your beautifully indented code smashed down to column 0. No indention. None.

As vim was updating this change to the swap file (remember, there were 25,000 lines) he saved and quit. The file had been updated, but his screen had not, so he had no idea he’d accidentally just nuked the indention of the entire file.

It was his commit to the repository that threw up the red flag. This was supposed to be a small bug fix. However, the commit email, sent out to the entire mailing list, contained a 22,000 line diff. Woops.

After looking at the changes and chuckling over the fact that the file was completely unreadable now, many people on the coding team sent him joke emails about “what crappy coding style” he had, with links to “learn how to program”.

Now, naturally this took only about 2 seconds to fix, since the code was under source control. But the point still stands. Not only learn your editor, but watch it with a careful eye when you’re working with it, lest all those features that are there to increase productivity turn against you.

Posted in Code, Tools | Leave a comment

Ban programmers, not functions

Posted on July 7, 2009 by Bob Somers

So my daily travels around the intertubes landed me on a very interesting blog post by Microsoft’s Security Development Lifecycle team (which they call SDL, not to be confused with the arguably more useful Simple DirectMedia Layer library). The post centered around them adding memcpy() to the banned functions list in favor of their more “secure” variant, memcpy_s(), which takes and checks the size of the destination buffer.

Before I explain why I think this is another example of Microsoft spending their time doing something incredibly useless instead of innovating, let me explain that all these blasted _s functions are one of the reasons I detest the Windows API so much.

I had the unfortunate “pleasure” of digging rather deep into the Windows API for a project I was working on this past spring quarter. For those of you who haven’t ventured into the Windows API, let me say this: It’s so incredibly confusing that it doesn’t even look like C anymore.

Almost everything uses custom types, even when there’s no logical reason to do so. The Linux API does this to some extent, but not nearly as bad as Microsoft.

Secondly, there seems to be no rhyme or reason as to what these types are named. Some are named as ALL_CAPITALS_TYPE, others _use_this_strange_underscore_prefix, and some use the standard type_t. If you start to use almost any standard library C function, you’ll inevitably be told by the compiler that you’re doing it wrong, and should use strcpy_s(), or _strcpy_s(), or _s_t_r_c_p_y_s_(). Seriously, their API has got more underscores than Bill Gates has dollar bills.

What this gives you is this strange, alien language that vaguely resembles C, but is so ugly and hideous that you’re afraid to touch it. Apple has Objective-C. Microsoft has Franken-C.

So let me back up and explain this blog post I mentioned earlier. I’m a bit behind on this one (I’ll admit I’m not often found venturing into the MSDN blogs) but back in May the SDL announced that they were adding memcpy() to their banned functions list, to join strcpy(), strcat(), strncpy(), strncat(), gets(), and others.

They announced it’s replacement, memcpy_s() (soon to be replaced by _memcpy_s() and _m_e_m_c_p_y_s_() I’m sure), which takes one additional argument: the size of the destination buffer.

This is aimed make usages of memcpy() more secure, by only copying up to the size of the destination buffer bytes, even if that’s less than the length of the bytes you want to copy. You go from using this:

memcpy(dst, src, len);

to using this:

memcpy_s(dst, sizeof(dst), src, len);

This sounds reasonable, except most Windows programmers will just do this:

memcpy_s(dst, len, src, len);

which makes your “secure” version useless.

The problem here is not that memcpy() doesn’t check the size of the destination buffer, but rather that some programmers are using it without thinking. A 50 caliber sniper rifle is a very powerful tool in the hands of a marksman, but in a cage full of chimpanzees, the results could be disastrous.

If nothing else, memcpy_s() makes you think about the size of the target buffer.

I suppose, unless you’re one of the mindless programmers using memcpy() unsafely before, in which case you’ll learn the new and improved mindless version memcpy_s(dst, len, src, len) and continue on your merry way.

My point here is that banning functions that are the common source of security vulnerabilities doesn’t fix the problem, because the problem isn’t with the functions. These functions are well documented and we know exactly how they work and what their dangers are. The problem is with the programmers.

You’ve got to teach your programmers how to use these functions securely, or at least evaluate when they should ask for someone to review their code. If training isn’t an option, there’s a better option than banning these functions.

Ban programmers who use them wrong. Yes, banish them to the land of C# and other fluffy dynamic languages with garbage collectors and infinite buffers. They’ll do far less harm there.

The key to doing memory management correctly (which includes using memcpy(), strcpy(), etc. in safe ways) is to completely engage your brain when you’re doing it. You cannot zone out when writing memory managing code. Although given the quality of code coming out of Redmond, I would not be surprised if most of the programmers have their brains permanently switched off.

As classic-Microsoft as this blog post was, the best line was last one.

I wonder when Larry, Steve and Linus will start banning strcpy() in their products?

Words cannot express the hilarity that ensued when I read this line. Maybe, just maybe, the reason they haven’t found the need to ban them is because they’re using them correctly. Perhaps if Microsoft tried that every once in a while, they would churn out more secure products themselves without having to resort to Franken-C.

Posted in Code, Microsoft, Security | Leave a comment

SSL detection by PHP scripts run through FastCGI on nginx

Posted on July 3, 2009 by Bob Somers

How’s that title for acronym soup?

I ran across this issue when playing around with nginx. I was trying to set up phpMyAdmin for SQL administration, but ran into a rather peculiar issue. To explain the problem, let me give you some context.

I’m running nginx only on port 443, using SSL for everything. As I’m going through the setup for phpMyAdmin, imagine my surprise when it alerts me that I’m not using an SSL connection. In fact, it’s impossible for me not to use SSL, because there’s no regular HTTP server running on port 80. I continued with the setup anyway, checking the ForceSSL option which requires all phpMyAdmin requests to be done over SSL. When I finished installing it and tried to log in, I got a Firefox error that it was stuck in a redirect loop.

Much Google searching later, I still couldn’t find the problem. This was when I remembered that PHP is configured differently on nginx that is typically done with Apache. With Apache, many people use the mod_php module that compiles PHP support directly into the server. With nginx, you generally process PHP requests using FastCGI.

I wondered if perhaps the fact that the connection was taking place over SSL wasn’t being passed through to the FastCGI process. If that was the case, the phpMyAdmin setup script wouldn’t know it was being invoked over HTTPS, and when you tried to log in it would try to forward you to the HTTPS url, which is the same page you had just requested. That would push you into an infite redirect loop.

In fact, that’s exactly what was happening. You can fix this with a simple addition to your nginx.conf file:

server {
    listen 443;
    ... more config here, include SSL ...
    location ~ \.php$ {
        ... FastCGI config here ...
        fastcgi_param HTTPS on;
    }
}

That fastcgi_param HTTPS on; line does the trick. Now the PHP script knows it’s being invoked over SSL and doesn’t try to infinitely redirect you. Awesome.

Posted in Linux, Scripting, Security | 3 Comments