< August 2007 >
    1 2 3 4
5 6 7 8 91011
Wed, 29 Aug 2007:

Sometimes discussions go offtopic. The starting points don't matter, neither do the goals (as if they exist !) - but it is the path it takes that needs to be recorded for posterity. One such philosophical debate happened yesterday, ending up rather more off-track than usual. Repeated here, from memory (i.e mostly what I said) & in condensed form.

S:  An argument for the sake of itself actually diverts away from the 
    original opinion to merely counter the other argument (no, not opinion).

Me: No, but an argument is actually productive in the sense that it feeds 
    the internalized argument inside you by offering new arguments 
    for/against your own bias.

Me: There are no convictions bereft of argument, but those that have 
    completed a debate with yourself about the pros and cons of itself,
    to arrive at a conclusion with both residing in the same mind at the 
    same time.

And since the discussion started off about patriarchal meddling, it went on into some more interesting topics.

S:  How will people learn if they don't make their own mistakes

Me: You *can* learn from other people's mistakes.

S:  No, you learn to avoid them - not to deal with them. Ending up
    in the established beaten path of safety which leads nowhere 
    in particular. Making mistakes and experiencing it first hand
    is an important part of growing up.

Me: Experience is not learning. Learning is when you internalize it,
    analyze it.

Me: Learning is not a goal by itself. What's important is to develop
    good judgement so that you can make smart decisions based on 
    lessons from past experience.

To put it mildly, it was enlightening for me to have to think that hard and come up with words for abstract concepts which I assume have always been there in my head. I just had to write them down somewhere before it all evaporated from my memory. I would've never done this without help - on the other hand, I've never had to explain anything to myself with the poor tool that is the English language.

After all, what is the sound of one hand clapping?

In most instances, all an argument proves is that two people are present.

posted at: 03:12 | path: /philosophy | permalink | Tags: ,

Sun, 26 Aug 2007:

Ratatouille was a funny movie, no doubt. But what set the tone to the hilarity that was to ensue was the Pixar short 'Lifted'. If you've watched Taken & E.T, take five minutes off and watch it on youtube.

Exquisitely animated, with amazingly clear graphics. the movie is a masterpeice of picture perfect pixels. But the story sort of drags in the middle, after a rather interesting few minutes in the beginning. The whole premise of the movie is somehow flawed at some level, but still it is peppered with a few one liners to remember (like the "what dad doesn't know could fill a few books; And they did, which is why I read them").

Still, the voice of Anton Ego (the food critic) deserves special mention. Somehow it redeems the entire movie by giving it a villain where there really isn't one - Skinner (the short chef) just doesn't cut it. If he had to have a nickname it would be the 'Grim Eater'. Ego's final article about being a critic is a masterpeice in itself.

But this movie doesn't even compare to Monster's Inc, Finding Nemo or Toy Story and has a more forgettable Disney quality rather than pure Pixar magic. Still, there are moments to remember - though maybe not a full movie.

Being a food critic is all about dishing it out - literally

posted at: 22:54 | path: /movies | permalink | Tags: , ,

Fri, 24 Aug 2007:

Nearly every year, I'm usually with my entire joint family for nearly the entire half of the ten day Onam celebrations. But this year, since I'm in mourning, I hadn't thought much about going home and by the time I had gotten back from the US, it was too late to do anything. Thankfully, the office has a significant enough malayalee population to actually make a good friday out of it.

Kudos to all the folks who did all the fantastic floral work ... makes me feel right at home here :)

The worst feeling in the world is the homesickness that comes over a man occasionally when he is at home.
        -- Edgar Watson

posted at: 14:52 | path: /yblr | permalink | Tags: , ,

Mon, 20 Aug 2007:

Some movies are so bad they're good. And there are none which explore this area of beyond-badness than the highschool movies. But the average highschool movie has become a complet cliche. I mean, if you've seen one you've seen 'em all. And if you've seen 'em all, you need to pick up Not Another Teen Movie. And once in a while a movie comes out which falls slightly further from the tree, I think that's SuperBad this year.

Characters: The movie sticks to my favourite combination of characters - the befuddled hero, self-confident heroine, weirdo side-kick and a couple of reverse stereotypes. The very same mix which makes me love H2G2 (Arthur, Trillian, Ford, Zaphod & Marvin), Coupling (Steve, Susan, Jeff, Patrick & Jane) or even Futurama (Fry, Leela, Bender, Prof. Farnsworth & Zoidberg).

In fact Michael Cera plays the befuddled teenager (Evan) to a T. The co-dependent pairing with Seth and the complicated issues around their separation for college brings in some funny dialogues, especially towards the end. Their chemistry is paired into the two girls they are chasing (mm... Becca). Now, add two cops spouting Star Trek & Star Wars one liners. and a nerd pretending to be 25 year old McLovin. But of all the caricatures in the movie, the the cops came out of it more real than anyone else when he says "When I was your age, I hated cops too".

Combine them all up and you've got all the laughs you want. Mindless though it is at the surface, somehow the dillemmas of Evan sprinkles a non-preachy moral editorial in between the laughs. Even the ending seemed appropriate, almost coincidental, yet not final in any way.

Watch the trailer, you just might McLuv it.

Where humor is concerned there are no standards -- no one can say what is good or bad, although you can be sure that everyone will.
                -- John Kenneth Galbraith

posted at: 04:12 | path: /movies | permalink |

I recently ran into a fairly generic XSS vector which didn't seem to be on the XSS cheatsheet. It seems to be a quirk of the way the DOM parser handles <script> tags and well, a broken JSON encoder. The vulnerability (or at least gotcha) exists when properly quoted strings are printed out inside a <script> node. A simplified exaple looks somewhat like this.

var a = "</script> <script> alert('XSS !'); </script> <script>";

For some strange reason, Firefox picks up the script closing tag in the quoted string and then proceeds to process the remaining script tags as code. Try it for yourself.

I discovered this problem inside a large/deep block of JSON. Thankfully, the php JSON encoder escapes the forward slash, but the JSON spec doesn't require that explicitly AFAIK. For instance, the standard python-json module which came with Ubuntu generates bad code to embed in a script segment (so, start using "import simplejson as json").

Quoting strings anywhere is complicated enough and if you ever need to dump stuff into a javascript segment, use a json encoder - a good one & not reinvent your own.

If I do not want others to quote me, I do not speak.
          -- Phil Wayne

posted at: 01:12 | path: /insecurity | permalink | Tags: , ,

Thu, 16 Aug 2007:

The "internet" is a series of tubes. So I decided to play plumber and hook up a few pipes the wrong way. What has been generally stopping me from writing too many web mashups has been the simple hurdle of making cross-domain data requests. While poking around pipes, I discovered that I could do cross-domain sourcing of data after massaging it into shape in pipes.yahoo.com.

After that blinding flash of the obvious, I picked on the latest web nitpick I've been having. Since I'm already hooked onto "The Daily Show", I've been watching (or trying to) it online from the Comedy Central website. But it is a very slow application, which shows a very small video surrounded by a lot of blank space - not to mention navigation in flash. A bit of poking around in HTTP headers showed a very simple backend API as well as an rss feed with the daily episodes. Having done a simple implementation as a shell script, I started on a Y! pipes version of it. The task was fairly intutive, though the UI takes some getting used to. Eventually, I got a javascript feed that I could just pull from any webpage, without requiring XMLHttpRequest or running into cross-domain restrictions.

You can poke around my pipe which has been used to create J002ube (say YooToobe ... so that j00z r l33t) to play the Daily Show videos. The player has zero lines of server side code and uses the Y! hosted pipes or client side code to accomplish everything.

More stuff coming up these pipes ...

Whoever pays the piper calls the tune.

posted at: 16:00 | path: /hacks | permalink | Tags: , , ,

The hustle and bustle of real life is a killer. But there's no reason for it to be a silent killer, so here's one of those mental kicking & screaming thoughts which was dragged through my head as I was wasting time in Hongkong Airport. My flight called for me before I finished this, but the time has come to acheive some closure.

To: y-blr <...>
Subject: Cubicle for Rent (rates negotiable)

One premium corner cubicle in M G Road available for rent. The cube is 
surrounded by conference rooms, fully furnished with a laptop dock,
a comfortable chair. Extensive table space, entire sixteen foot carpet
area with easy access to sofas, coffee and the pool table. 24x7 
internet access enabled, fully packed bookshelf and with neighbours used
to loud music after 7 PM.

Available for occupancy for a month and at negotiable rates.

Since it is too late to actually send that mail, I guess this is its home now. But sing with me - My cubicle ... it doesn't have a view.

If money can't buy happiness, I guess I'll just have to rent it.

posted at: 08:20 | path: /fun | permalink | Tags: , ,

Tue, 14 Aug 2007:

Ever notice how hard it is to get something when you exactly know what you want ? Especially when you had it once and lost it ? Ever notice how hard it is to settle for whatever's available and you keep looking & looking, getting more depressed about the lack of choices ?

I'm not talking about true love, as much as these things might be be applicabl,e but just about an mp3 player. My needs were simple. It had to have at least 4 gigs of space, an enqueue feature, decent battery life, a standard USB cable and for less than 150 USD. My last mp3 player had all that and looked cool while doing it - a black Creative Zen Neeon2. It survived several long walks on rainy days, had no front controllers which meant I could operate while it was still in my pocket. But one weekend I left it at my office desk and come monday it was missing.

So, four months later, I started looking for a replacement - but they don't sell Zen Neeon2 in the US anymore. And every other player I found had a proprietary adapter - the iPod, the new Sansa e2xx, even the new Creative vision stuff. Nearly after a week of crawling through specs & window shopping, I finally discovered that the Creative Zen V plus had nearly everything I wanted (looks cheaper and *is* cheaper than an equivalent iRiver).

Bought one, plugged into my laptop and zilch happened. As it turns out, it uses a crappy MSFT protocol called MTP - so much for open interfaces. But that's where Amarok came to the rescue ! Amarok incorporates libmtp5, which lets me just drag & drop between Amarok collections and the mp3 player. Except, I had to apply the following patch to make it plug'n'play (launchpad bug #132392).

But the effort is worth it. Even Album art transfer from Amarok is completely taken care of. Mtp sort of sucks because it does the file transfer in user mode (freezing amarok) rather than kernel buffering that usb-storage gives. But on the flip side is that that unlike the usb-storage players, the usb charging will work even if the player is playing (as long as it is not mounted on Amarok). I'm sort of building a hack to submit my play counts to my last.fm account from the statistics returned by the mtp-tracks commandline client, but it doesn't give last played time to sort of fake an offline update for the correct time - the spam filter in last.fm blocks a bulk update of tracks at the same time.

Now that it's working, time to play with my next new peice of hardware ...

The real trouble with reality is that there's no background music.

posted at: 14:34 | path: /hardware | permalink | Tags: , ,

Sat, 11 Aug 2007:

Yak Shaving: So you start out with that simple problem. But half-way through fixing it, it explodes into this whole exercise in pointless dependencies. It is a rather recent wordification (never heard of that word ? it's a perfectly cromulent word). But considering the fate of the "pre-shaved yaks" guy, who ended up saying "It's a band.", I'd say it is not quite popular enough ... yet.

Now. before I start onto the real topic - let me first say that the next release of APC will be the last release compatible with PHP 4.x. Now, what is wrong with just letting the #ifdefs stay ? That's where this snippet of code comes into play.

  apc_store("a", array(new stdclass()));

It doesn't work. Now, the problem is very simple - the original patch by Marcus only checks for objects in a very shallow way. It will detect & serialize objects which are passed to apc_store - but the check does not extend deeper into the recursive copy functions.

Symmetry: But the zval* copy functions were written to be beautifully symmetric. A copy into cache is nearly the same as copying out of it. And when I say "nearly", I actually mean that until the *_copy_for_execution() optimisations were thrown in, they were actually symmetric - in & out. But objects don't play nicely with that - because they are much more than just data.

In & Out: Objects require assymmetric caching. Storing into cache is a serialize operation, while retrieving from storage is a deserialize. This ensures that they end up with the right kind of pointers, class object initialization and that the resources they hold in their opaque boxes are properly handled. The objects have to implement their appropriate magic persistance methods.

And thus begins the Yak Shaving. I need to rewrite most of the cache copy-in and copy-out functions to handle the basic assymetry. But consider this, most of the code in there has been limited for months because of the fact that I cannot optimize on PHP data structures without breaking the symmetry.

A couple of years ago, I sat through a full hour talk by Rusty Russell about talloc(). Built on top of the trusty old malloc() calls, it simplifies memory management a lot for Samba4. So bear with me as I take a brain dump of my idea - for my very intelligent reader to poke holes in (gopalv shift+2 php net).

APC's allocation strategy is a little brain dead. To allocate 4 bytes of data, it actually requires 24 bytes of space. But much more than the space wastage, I'm more concerned about the number of lock() calls required to cache a single php file - a hello world program takes about 22 lock operations (11 locks, 11 unlocks). Yes, that's actually 22 syscalls just to cache echo "hello world";.

I've previously tried to fix it with partitioned locks. The problem with that was actually cleaning up the locks, because the extension code would have to have special cases for every SAPI - because of some bugs in PHP 5.x. So, the "if you don't succeed, destroy all evidence" principle made me throw out that idea. But the cache-copy, zend-copy separation should help me revive another approach to this.

Pools: So, now that I'm officially b0rking up APC, I could as well slap on a new pool allocator, right on top of sma_allocate - ala, talloc(). The allocation speed would skyrocket, because the in-pool allocs are sequential and do not have any fragmentation issues due to blocks in the middle being free'd. As much as allocates are important, the real advantage of this would be that I could basically speed up cache expunges by a magnitude or more. The 22 syscall cache expunge for hello world would be reduced to a potential pair of syscalls - because it would be a single free of the entire pool space.

Right now the pool is actually built up to be of the following structure.

struct apc_pool_t {
	int capacity;
	int avail;
	void *head;
	apc_pool_t *overflow;
	unsigned char data[0];

I've yet to run this through an x86_64 build, but an even multiple of int/void* should align data area right into a wordsize. And I think nearly every pool should be around 4k (i.e 4096 - sizeof(apc_pool_t)) for opcode cache and 1k for data cache. I might make the latter a runtime tuneable, just to pad the APC manual up into an entire book (just in case someone asks me to write one .. *heh*).

None of this is included in APC 3.0.15, which will exit out of the gates as soon I'm sure I'm happy with its stability. The new code will probably be an APC 3.1 release, marking the end of php4 compat & opening up the door for php6 compat.

A two line bug report which exploded into nearly two thousand lines of C code - that's just classic yak shaving.

10 If it ain't broke, break it;
20 Fix it.
30 Goto 10

posted at: 09:27 | path: /php | permalink | Tags: , ,

In memoriam - Monday, August 11th 2003.

That makes it four years now, but I remember like it was yesterday.

If we could sell our experiences for what they cost us, we would all be millionaires.
                -- Abigail Van Buren

posted at: 08:30 | path: /me | permalink | Tags: ,

Fri, 10 Aug 2007:

There are some movies so cool that they can exist only as trailers. While trawling the depths of the internets, I ran into a bunch of them - well collected & catalogued. Here are a few interesting clips from collegehumor.com.

First up is an epic tale of a young man's struggle against the burdens of his conscience. Of someone who's entire life is about not getting blown up. Experience the safety of being a minesweeper, with all the danger of playing it on your own computer in - The Minesweeper Movie.

If you are more into crime thrillers, rather than the war kind, you might enjoy Facebook / Off. An excellent combination of the classic Face/Off with online identity theft. As you might have guessed, this won't end well.

And for those of us who grew up playing "Where in the World is Carmen Santiago?" (smuggled into school on multiple floppies), here's a Quentin Tarantino-esque adaptation, aptly titled Where the F*ck is Carmen Santiago. After all, you'd have a tough time finding out even with the help of google maps.

Well, this statistical anomaly is from the Daily Show, as presented by the special correspondent Aasif Mandvi. Somewhat in the same lines as most environmental conservation ads - hopefully the comedy central web-player works for you. It didn't for me - but I found a workable workaround (so to speak).

Apparently, youtube isn't the only place to waste time on the intarweb.

The human race has one really effective weapon, and that is laughter.
                -- Mark Twain

posted at: 12:48 | path: /movies | permalink | Tags: , ,

Driving a car in the US seems to be a complete peice of cake. There's none of the hassles of a stick-shift/clutch system with an automatic shift, the roads are wide and nearly all parking lots are easy to pull a car out of. The new-fangled GPS thingys ensure that I'm never lost and the most reassuring phrase you'll ever hear is "recalculating ...", when you realize you've missed your exit.

So far, I've driven once to San Francisco and a fair bit of the freeway to Mt Diablo. In both of the trips, the hardest thing I had to do was drive up there in the seventy MPH speeds. Driving in India has given me a sort of "expect the unexpected" sixth sense which makes me slow down as I expect merging traffic to cut across my path. Just pure speed does not bother me that much, as I have driven at higher speeds on Indian roads. But that was mostly a dare, combined with suicidal insanity, on home turf - but maybe I'm not that young anymore ?

And then in downtown, I suddenly started driving on the left side of the road. Half a second and screams from premshree & bluesmoon later, I swerved back onto the right. Still have to unlearn a bit of muscle memory that serves as my driving. To actively apply my attention on driving just takes too much effort. The task of getting from point A to point B, possibly passing through point C, can be accomplished with a combination of VTA, caltrain and BArt. And that's the plan, going ahead.

In short - been there, drove that and nearly got a ticket.

Left is right and right is wrong.
          -- Drive-in India

posted at: 11:57 | path: /misc | permalink | Tags: , ,

Thu, 09 Aug 2007:

No, this is totally different from sticking a crayon up your nose, but the results seem frighteningly similar. If I seem a little less than well disposed to people who flaunt an iPhone, want an iPhone or even worse "need" an iPhone, it all begins from the first few minutes I had an iPhone in my hand.

Sometime during OSCON, I dropped onto a sofa in the lounge. And suddenly, the cushion started to vibrate. I put my hand into between the cushions and pulled out a bright shiny iPhone. Despite multiple cries of "that's mine" from various unlikely sources, I was just holding it up for whoever to pick it up.

And then this guy in a suit walks up and says "I'll take that and thanks for not stealing it". I mean, with a self-satisfied tone, assuming I would want it ? And I wasn't the only one indignant about that, in fact, one of the women (rrichards's S.O ?) around actually took offense and pretty much demanded an apology.

And then the guy turns on his heels & walks away.

I mean, I've found phones in all kinds of strange places before. I've returned phones (yes, in plural) which have cost over a thousand dollars (in return for a coffee). I don't ask for any reward, but at least, I don't need to be insulted while I do someone a good deed.

I think one of the php dudes started referring to that particular person from that point onwards as "the guy who had an iPhone up his butt". And the name stuck.

As much as I adore the iPhone's multi-touch zoom UI, the early adopters who have slammed down six hundred big ones for the phone seem to have a large proportion of shallow hipsters, which automatically triggers a smug alert for me.

So, if you have an iPhone & consider this unfair portrayal, blame the guy who "introduced" me to this particular stereotype.

Only the shallow know themselves;
The rest of us have depths to plumb.
            -- Oscar Wilde

posted at: 12:42 | path: /rants | permalink | Tags: ,

I'm re-evaluating my current hairstyle. No, this is not out of any newly acquired fashion sense, but more due to image-mismatch reasons. I've never had a hair style - I've just had hair PERIOD. But leaving my hair as it is has of late become a slight problem. It apparently is a very misleading signpost.

So, a snippet from a portland street car experience. As I sat in there day dreaming, a young punk girl came and sat next to me. With all dyed hair and multiple ear peircings, she looks about 17 or 16. Hardly the type to skip a window seat to sit next to me. And then the conversation follows.

punk chic: what's up ? (*chin up*)
me: uh... just ... *mumble* ... stuff

punk chic: got any cigarettes ? can I lift a smoke ?
me: sorry, I don't have any. I don't smoke.

she: Oh, you don't smoke *tobacco* ?

And this is not the first time this has happened. Maybe the time is ripe for yet another transformation ?

May all your weeds be wild flowers.

posted at: 12:03 | path: /me | permalink | Tags: , ,

Wed, 08 Aug 2007:

Once I had recovered from my jet-lag with the aid of Red Bull, double-shot espressos and a bit of napping, Portland nights were starting to become fun. Just like every other conference I've been to, the fun to be had is after 6 PM in some pub nearby. So I tagged along with the knowledgable crowd, who always know a nice place right around the corner, anywhere in the civilized world.

And then, there was the Oregon beer festival. Despite the fact that I don't drink, I headed out there to lose a bit of my inhibitions, purely by kindred spirit rather than the liquid version. The festival on the waterfront park was an amazing place to just sit down on the grass, chill out with a mug of free "designated driver" root beer.

After the dust settled at OSCON, I had nearly three full days to explore Portland. What really impressed me about the city was the very efficent public transport system. The light rail was my primary mode of transportation and it got me everywhere I wanted to. After wandering around the saturday market, I found myself gravitating towards the waterfront, to just spend the late evening sunshine in.

I spend Sunday exploring the north west and south west of the city, from the Pearl District to Washington park, on foot. Eventually, I ended up at the Rose gardens in the late evening. The roses were in nearly full bloom and spring was literally in the air (unfortunately, so was the pollen).

And then while walking around the Washington Park station, I saw something interesting carved into the wall. Maybe a yellow Post-It could've done the job ?

Portland ... hmm, if it were a house, it would have a doormat with "Welcome" on it.

There is nothing stranger in a strange land than the stranger who comes to visit.

posted at: 06:47 | path: /travels | permalink | Tags: , ,

Finally, I got bored enough to update my inclued extension (as promised at OSCON). The extension now comes with a nearly completely non-intrusive data dumping mode. The new inclued.dumpdir can be used to dump the inclued data onto a temporary file without ever modifying any of your php scripts. Also included is some php code to transform the dump data into graphviz formatted .dot files.

Pick up your free & complementary copy of the source code on your way out. And stay clued-in about your includes.

This quote intentionally not included.

posted at: 04:27 | path: /php | permalink | Tags: , ,