Updating VS 2008 today I noticed something take took me back to the day.
See that "\" beneath and to the right of the installer progress bar? Yep! That's part of an old school text "spinning" progress indicator! Seeing the slowly spinning \ | / - makes me happy. Nevermind the 2 graphical progress bars already on the screen!
Author of Torture Memos Pranked in Classroom | Threat Level | Wired.com
Topic: Miscellaneous
2:32 pm EDT, Jul 23, 2009
John Yoo, a former deputy assistant attorney general who has faced intense criticism for authoring constitutionally-questionable memos justifying torture and the government’s warrantless wiretapping program, was confronted last week during a lecture he was giving on international law at Chapman University School of Law, a private school in Southern California.
After Yoo mentions the Constitution during his lecture, and asks the students if they have any questions, an Australian comedian from the show Chaser’s War on Everything is seen wearing a black-hooded robe and standing on top of his desk with his arms outstretched, recalling one of the most iconic images of U.S. torture captured in the now-infamous Abu Ghraib photos.
The comedian says, “Actually, professor, I’ve got one question. Uhm, how long can I be required to stand here ’til it counts as torture?”
Yoo cuts his lecture short and replies, “Unfortunately, I’m going to have to end class,” as he packs up his lecture notes.
As Yoo apologizes to the class for the interruption, the comedian replies, “If this is awkward for you, it’s very uncomfortable for me, I can tell you…. I’d love to move but every time I do my balls get buzzed.”
Yoo tells the comedian that he’ll give him “a certain amount of time” before he reports him to security, after which a stern woman is shown entering the class and ordering any non-students to leave, saying, “This is a private classroom.”
The comedian, still wearing the black hood, says, “OK. I’ll just go to the human rights class down the road, professor. I think you probably won’t be teaching there.”
Our goal in TraceMonkey is to compile type-specialized code. To do that, TraceMonkey needs to know the types of variables. But JavaScript doesn’t have type declarations, and we also said that it’s practically impossible for a JS engine to figure out the types ahead of time. So if we want to just compile everything ahead of time, we’re stuck.
So let’s turn the problem around. If we let the program run for a bit in an interpreter, the engine can directly observe the types of values. Then, the engine can use those types to compile fast type-specialized code. Finally, the engine can start running the type-specialized code, and it will run much faster.
There are a few key details about this idea. First, when the program runs, even if there are many if statements and other branches, the program always goes only one way. So the engine doesn’t get to observe types for a whole method — the engine observes types through the paths, which we call traces, that the program actually takes. Thus, while standard compilers compile methods, TraceMonkey compiles traces. One side benefit of trace-at-a-time compilation is that function calls that happen on a trace are inlined, making traced function calls very fast.
Second, compiling type-specialized code takes time. If a piece of code is going to run only one or a few times, which is common with web code, it can easily take more time to compile and run the code than it would take to simply run the code in an interpreter. So it only pays to compile hot code (code that is executed many times). In TraceMonkey, we arrange this by tracing only loops. TraceMonkey initially runs everything in the interpreter, and starts recording traces through a loop once it gets hot (runs more than a few times).
Tracing only hot loops has an important consequence: code that runs only a few times won’t speed up in TraceMonkey. Note that this usually doesn’t matter in practice, because code that runs only a few times usually runs too fast to be noticeable. Another consequence is that paths through a loop that are not taken at all never need to be compiled, saving compile time.
Finally, above we said that TraceMonkey figures out the types of values by observing execution, but as we all know, past performance does not guarantee future results: the types might be different the next time the code is run, or the 500th next time. And if we try to run code that was compiled for numbers when the values are actually strings, very bad things will happen. So TraceMonkey must insert type checks into the compiled code. If a check doesn’t pass, TraceMonkey must leave the current trace and compile a new trace for the new types. This means that code with many branches or type changes tends to run a little slower in TraceMonkey, because it takes time to compile the extra traces and jump from one to another.
If you use a bookmarklet on Facebook and it calls window.alert(), it doesn't quite do what you expect. They've re-defined the entire alert() method - it will pop up a box, but it will also behind the scenes send what you tried to pop up to the server!?! Look at Facebook's alert code (shown in an appropriate setting, of course):
More non-malicious use of function clobbering, though not sure why this is in production code.
This example amuses me. In our book Ajax Security we clobber the alert() function as an example and show it in Opera to prove it works on the strictest of browsers.
