Sunday, December 23, 2007


Now I'm the only one in the cubicle. I have to come to Sigma because my laptop has been down for months.

riki arrived at Beijing on Friday from New York. He should be enjoying sunshine at Haikou. Have a good time, dude. :-) nowhereman said he would be back in Jan or Feb for vacation, after his visit to Stanford.

I have to wait for a while and further plan my vacation for the Chinese New Year in Feb. Frankly speaking, I don't feel good about the CCTV New Year's Gala. They would usually say that "we Chinese would eat Jiaozi at Chinese New Year eve; we Chinese would bla bla bla...", but I'm afraid it's nothing for a southerner. It's even worse for the ridiculous words and artificial smiles that pervade.

Some wild thoughts.

While writing some text processing scripts in Python, I was again annoyed by the poor performance due to the stupid global interpreter lock on a multi-core server. The threading problem is painful for scripting languages like Python and Ruby. I cannot believe that scripts could only be executed in such an inefficient way, just for compatibility with C libraries, even if it's claimed by some famous language designer. If it would not be, why not make something to be?

I have been trying to dive into program analysis for some time, only getting some initial ideas. It looks to me that graph reachability presents a general framework in reasoning about program behaviors, while modelling and solving the constraints in a graph would be fun. Maybe I should focus on mining the high-level systems semantics that can be manifested from the constraints. It has been a fairly long time since I shot photos. I didn't even take any photo this fall, the best season in Beijing, instead busy with coding, debugging, writing, which never ends.

Friday, December 21, 2007

Two Papers Accepted

Both my hang analysis paper submitted to EuroSys 2008 and the online predicate checking paper submitted to NSDI 2008 have been accepted. I'm so grateful for my friends and colleagues at Tsinghua and Microsoft. Bin and Lex's VOD work has also been accepted to EuroSys. Congrats!

Tuesday, December 11, 2007

What gold saint are you?

Well, sometimes it works...

What gold saint are you?
Your Result: Gemini Saga

You are the golden saint of Gemini. Very powerful but inwardly perturbed. You seek to do the right thing but your inner ambitions will often get the best of you. You are always two minds about everything but always do the right thing in the end.

Aries Mu
Aquarius Kamus
Virgo Shaka
Aiolia Leo
Libra Dohko
Scorpio Milo
Capricorn Shura
What gold saint are you?
Create MySpace Quizzes

Saturday, December 08, 2007

Break Changes in VC9

I've been using VC9 (Orcas, or 2008) for a couple of weeks. Well, let's just say maybe newer is better. Here lists some break changes in VC CRT. The list is not complete, at least in my experience of building a number of open source packages. VC CRT misses a bundle of POSIX headers (e.g. stdint.h) and functions (too many!), and it's likely sticking to this tradition. Er, I'd rather say it's also improving. Some packages using libxml may fail to compile on VC9 due to one of the improvements: libxml defines a macro vsnprintf to _vsnprintf for VC (why adding the underscore!), but VC9 provides both functions while previous versions only provide the latter. So the macro redefinition would cause trouble on VC9.

It's said that the next VC release will start using Phoenix as the backend engine. That's good news. But I don't really feel good about the Phoenix IR. Why is it so complicated as most other Microsoft products are? It's ugly. It's hard to analyze and understand. It's even not complete; much important information remains missing in current release. Though it might be a better choice to evaluate analysis algorithms on Java code, I'd rather take C/C++ code as the first choice because most systems are still written in C/C++. I just wish next release of Phoenix SDK targeting on VC9 backend would come up soon, though I could build it from scratch myself.

Friday, November 02, 2007

VCBuild on x64

I was making my static analysis programs as an easy-to-use tool. It's a little weird that VCBuild seemed not work on x64: it did not take the right include/lib path. Even using the /u option, it might fail to link, and the unicode set did not function (it tried to link with the ANSI version of Windows API). So now I use the x86 version rather than the native x64 version. Someone got the similar problem long ago.

Another headache was about Phoenix. I tried to integrate it with Orcas, and finally it worked (VS 2008 beta 2 frontend with a nightly build Phoenix backend) with my own plug-ins. But the compiling performance was really terrific. No idea what was going, it was rolled back to VS 2005.

Friday, September 07, 2007

Visual Studio 2008 Shell

It seems to be alternative RCP solution to Eclipse: Visual Studio IDE serves as a general platform for building client applications. Maybe I'll try it for my next toy:-)

When can we use Ribbon GUI that appears in Office 2007?

Friday, August 03, 2007


It took about two-hour drive from Shenyang to Dandong, a small and quiet city. Maybe it's most famous for the Yalu River and the Korean War.

There is a new bridge on the river, and an old bridge bombed by the US in the Korean War.

There are people in a faraway country we never know.

Changbai Mountain

Since we always went wrong way, it took me almost a whole day's drive to the Changbai Mountain from Shenyang. Heaven Lake is so splendid, so are the valleys, the falls, the rivers, the springs and the flowers. It's really really a great place to enjoy.

Wednesday, August 01, 2007


Shenyang is not far from Beijing, only four-hour train or one-four flight. Since it is not a big city, I mobbed the city last Friday just as planned, starting from Wulihe and ending at Mukden Palace. Later I took a drive to Liutiaohu and Beiling (the tomb of Huang Taji). The next day I visited Yongling (tombs of Ancestors of Nurhaci) in Fushun, a nearby city.

There are many amazing Manchu characteristics. For example, the Mukden palace resembles Manchu tents, rather a different style from that of the Forbidden City.

Besides, loongs/dragons are usually flying in Chinese culture. However, I saw some sitting loongs in Yongling, which were said to have evolved from dogs.

Here are some snapshots.

Thursday, July 26, 2007

APR 1.2.9 on Vista

It fails to compile on Vista again due to inappropriate orders of Windows headers.

Open misc/win32/rand.c, and change

#include <windows.h>
#include <wincrypt.h>
#include "apr.h"
#include "apr_private.h"
#include "apr_general.h"
#include "apr_portable.h"
#include "apr_arch_misc.h"


#include "apr.h"
#include "apr_private.h"
#include "apr_general.h"
#include "apr_portable.h"
#include "apr_arch_misc.h"
#include <windows.h>
#include <wincrypt.h>

Friday, July 20, 2007


It's been out for over a week in Beijing. Got some time to watch it this Saturday morning. It's gorgeous, really really amazing, especially the awesome animation that recalls childhood memories of the cartoon: friendship, power, speed, whatever we were looking for years ago. Bumblebee is pretty cool that I love most in the movie:-) Though the plot was as confusing as most Hollywood movies. Anyway, it's good for the weekend. There's a bunch of things to do.

Btw, Harry Potter and the Deathly Hallows has been released. It seems not bad.

Wednesday, July 18, 2007

China Map

It is a web page to generate a map of areas that you've been in China. Pretty cool!

Here's my status.

I'm planning a trip to Jilin or Hunan in late July or early August. I wish I could fill more in the map before graduation:-)

Monday, July 02, 2007

The Same Deep Water As You

Got some time to watch the first episode of Season 4 of One Tree Hill. I just like the words that Lucas was typing on his laptop at the end of the episode.
Tree Hill is just a place somewhere in the world. Maybe it's not like your world. Maybe it's nothing like it. But if you look closer, you might see someone like it.

Someone trying to find their way.

Someone trying to find their place.

Someone trying to find their self.

mystery is now at Boston. superhog's home and preparing his new life at Los Angeles. riki's leaving for Tibet. For me, maybe it'll get a little busier than expected this month.

Saturday, June 23, 2007

Stanford T-Shirts

riki is back again. He's just graduated from Stanford and will continue his happy life in New York this autumn. He bought me a Stanford T-shirt, but I really didn't know if I dare to wear it...

Friday, June 15, 2007

Recursive Destruction and Stack Overflow

Here's something stupid for C++. I was testing an algorithm using a trie implemented by std::list on some data today, which resulted in a very deep tree. At exit the program crashed, due to recursive destruction: std::list destroyed all its elements, which were also tries. There is a similar vulnerability in PHP, though they use C rather than C++. I'm still wondering how to do this in C++. Pool design may be much better in such cases, especially for parse trees. I think I have discussed this with Nirvana when we were implementing a bencode parser several months ago.

Sunday, June 03, 2007

Building PCRE on Windows

My environment is Visual Studio 2005 on Windows Vista for PCRE 7.1. Since PCRE is written in ANSI C, just follow instructions in the doc NON-UNIX-USE. Remember to turn off some macros in config.h such as HAVE_UNISTD_H.

Two weird things here:

1. Define macro NO_RECURSE in config.h if necessary; otherwise running test on data "testinput2" would fail with stack overflow. The current GnuWin32 PCRE 7.0 suffers from this problem.

2. Add a call to _set_printf_count_output(1) at the beginning of main in pcregrep.c; by default VC CRT does not support the format "%n" and the program pcregrep.exe using such format would crash.

Wednesday, May 30, 2007

Google Map's Street View

It's awesome! It looks much cooler than Virtual Earth. See how Google Campus looks. Enjoy exploring the street view of the bay area, Las Vegas, Denver, Miami and the New York city. Maybe some day we could construct such virtual environments to play Counter-Strike in.

Monday, May 28, 2007

Program Analysis using Phoenix

For C/C++, writing a C2 phase plug-in may be the best choice. I prefer to put the analysis phase after the "Type Checker" phase. On the other hand, reading from PE executables requires .pdb (linking with /debug and /profile). A more serious problem is that LIR cannot be raised to HIR in such case, which makes it hard for further analysis. Besides, the alias algorithm seems too conservative, and the SSA algorithm is sometimes a little confusing.

For C#/.NET, writing an analysis tool (stand-alone .exe) is quite simple: set FunctionUnit.HighLevelIRFunctionUnitState for RaisePhase in the generated code. Remember to skip function units with !functionUnit.AliasInfo.IsComplete since they are unmanaged code.

Missing information in Phoenix IR is still a headache, as well as not-so-canonical IR forms. There's a talk with Open64 guys on Wednesday. I'm wondering if Open64 IR or LLVM IR would be better for program analysis. However, Visual C++ is always the ultimate front-end on Windows: other compilers could even hardly parse Windows.h as Microsoft-specific grammars keep growing.

Saturday, May 26, 2007

Ray War

Ray war is some kind of Counter-Strike in real, using laser guns and wearing military uniforms with sensors. We played the game in a hotel near Badaling (Google Map, taking the break at Shuiguan on the Badaling Expressway) on Friday morning, an hour drive north of Beijing. It's organized by the system research group, about 25 people divided into two teams: Fox of Desert and Hunter. We had 4 battles, in all of which the defender fell. Maybe it's because of the rules. Well, the game is pretty cool. However, even leaves could block the laser so we cannot enjoy it in jungles.

Tuesday, May 22, 2007


Niobe: I remember. I remember when you used to dance. I remember you were... pretty good.
Morpheus: There are some things in this world, Captain Niobe, that will never change.
Commander Lock: Niobe.
Morpheus: Some things do change.

Sunday, April 08, 2007

Towers in Beijing

Bicycling around the city of Beijing is always a nice sport:-) It's a pity that only a few gates and almost none walls have survived, leaving only ugly concrete jungles.

I passed by the archery tower at Deshengmen (Google Maps) on the way to Houhai. Yu Qian defended the city in 1449 against the Mongol army here, though he failed to defend himself against slander after the triumph.
Deshengmen Archery Tower / 德胜门箭楼

Jingshan (Google Maps), where the last emperor of Ming Dynasty, Chongzhen, hanged himself, is a symbol of the fall of a dynasty and the end of an era.
Jingshan / 景山

There are four gorgeous corner towers of the Forbidden City, one tower at each corner.
Northwest Corner Tower / 紫禁城西北角楼

Northeast Corner Tower / 紫禁城东北角楼

I didn't bring a tripod yesterday since I was alone, so it's really hard to shoot at night. Two boys nearby were quite happy with their equipments, talking and laughing, which reminded me of one evening at Wangfujing last year with TuotuoXP and Weidog.

Here is my route for yesterday.

Houhai Again

I bicycled to Houhai from campus yesterday afternoon. It was really a good day to walk around.

Green and Gray

Prunus triloba / 榆叶梅

Thanks to Jack again for helping with recognizing flowers.

Tuesday, April 03, 2007

The Weekend in Wuhan

This was my third time to Wuhan. Arriving on last Friday morning, fishy met me at the railway station. Then we enjoyed our breakfast, re gan mian, my favorite. Later we took a short walk on the beautiful campus of Wuhan University, which is famous for its cherry blossoms. More photos can be found at fishy's blog.

In the afternoon we bought some cat food for Fuwa (fishy's cat) in Hankou, then hung around the East Lake in Wuchang, the largest lake in a city in China.

It's quite amazing to sit along the lake (right on the path in the middle of the map) and watch the sunset.

We had supper in Jianghan Lu in Hankou. The photo below was shot right here.

I left for Beijing the next day, and hurried to prepare my slides for a whole day on Sunday. That's the end of the story. Many thanks to fishy!

Thursday, March 22, 2007


It's Ayumi Hamasaki's latest album. The defining song of the album is also called `secret', as the ending theme for the movie Confession of Pain. I quite agree with this review. It is so emotional and beautiful. Many thanks to admire for explaining the lyric since I've no idea about Japanese:-)
それ违う少女达 眩しくて目をそらした
无邪気なままの 子供のような

暗暗の向こう侧 光射す场所を求め
ひとつ残った 翼広げても


飞ぶ事に疲れても 羽下ろす勇気もない
もしも愿いが ひとつ也叶うなら


As what Ayu's singing,
Even now, I am as always
Searching for a place to be
I wish at least
You could feel my feelings
There is nothing else I'd rather have

Monday, March 19, 2007

Wrap Vararg Functions

In my mind to wrap a vararg function I have to call its corresponding v-function (e.g. printf and vprintf). For those functions that do not have such counterparts, I intended to use Zhenyu's assembly code to inspect the stack. Last weekend when looking into cURL's source code, I found out that using the va_arg macro and passing the resulting pointer directly to vararg functions worked quite well. It's so easy! Phew!

Monday, March 12, 2007


Two rejections in one week, isn't it perfect?

At least I can listen to Beyond, the band I've been loving since I was a kid. Even Ka-Kui has passed for over ten years, their songs are still uniquely encouraging, inspiring and giving hope to us.

Some things never change, but some things do.

Thursday, March 01, 2007

Hook Unexported Functions

PDB files provide a simple approach to locate and hook unexported functions, especially for those static-linked functions, and usually they can be easily obtained in addition to pre-built release files (e.g. Apache, PHP, Subversion). Moreover, I'm lazy and do not want to modify and recompile a large project such as Subversion to export some internal API functions just for instrumentation. DIA provides a group of convenient interfaces though it is COM:-)

There are some pitfalls as well. First, remember to call the method ISession::put_loadAddress to set the base address of a module before any other invocation, otherwise retrieved function addresses would be invalid. Besides, the documentation of GetModuleInformation which can be used to get the base address of a module is wrong: providing NULL for the first parameter hProcess for current calling process, as is described in MSDN, leads to unexpected failure. Use INVALID_HANDLE_VALUE(-1) or GetCurrentProcess() instead.

Thursday, February 22, 2007

Build Apache on Vista

It's reported that APR fails to compile on Vista with the latest SDK. This is due to the new macro MCAST_JOIN_SOURCE_GROUP in Vista. The workaround is quite simple:
1. open the generated apr.h;
2. set _WIN32_WINNT to 0x0600;
3. set APR_HAVE_IPV6 to 1 (or there would be a link error with the function find_if_index).

Btw, just got back to Beijing this morning. Well, there's rather a lot of work to do.

Update1: ASF Bugzilla Bug 40398
Update2: APR 1.2.9 on Vista

Wednesday, February 21, 2007

Chinese New Year

Wow, this is my boy. Why is he always that cute:-)

Lanterns everywhere.

The skyline of Haikou (Google Maps).

Wednesday, February 14, 2007


There is no messenger service in Vista, and I cannot get notifications from the SVN server by "net send". So I use the HTTP Server API in Vista to build a lightweight message delivery service called "Mercury" for receiving notifications (by cURL, for example) and popping up message boxes. It's quite simple, only about 150 lines C++ code. Here are some notes.

1. ATL is of great help for building Windows services.

2. The model of HTTP Server API 2.0 is more flexible, which requires binding handles to URL groups. Notably, HttpAddUrlToUrlGroup returns the error "access is denied" when running as a basic user.

4. I/O cancellation in Vista simplifies the development of asynchronous programs. I've successfully used CancelIoEx to cancel blocking HttpReceiveHttpRequest in another thread; However, CancelSynchronousIo does not work. I'm still trying to figure out why.

4. Services in Vista are running in a separate session so that MessageBox has no effect for user sessions; use WTSSendMessage instead for notifications.

5. The security model in Vista is interesting and sometimes a little boring; set the appropriate privilege level when registering services or attaching processes in Visual Studio.

Friday, February 09, 2007

The Vista Era Begins

I'm on Windows Vista Now. It took me the whole afternoon to migrate all my files from XP to Vista. All applications run well, and my current code also works on Vista: at least the TLS implementation does not change and even low-level instrumentation is fine. It's awesome. Maybe I'll try the new system features later, especially some I/O improvements.

Sunday, January 21, 2007

Orcas Sucks

It crashed my Visual Studio 2005 and took me another afternoon to restore the system. So maybe that's why it's suggested to install on a virtual machine. The shipped SDK headers seemed not up-to-date with Vista, for there're quite a lot of annotations missed as far as I've looked into.

By the way, the program of NSDI '07 is out, where waikok published a paper titled WiDS Checker: Combating Bugs in Distributed Systems. Congrats!

Saturday, January 20, 2007


Orcas (the next generation Visual Studio) January CTP was just released. It took me the whole afternoon to download and find more disk space to install it. I've got little interest in .NET 3.0 development right now, though the new C# features such as LINQ might be attractive. I wish it could be better integrated with Phoenix, especially for the "lost" type information in HIR.

Sunday, January 07, 2007

Start Over

So here is the year 2007.

For the last three months, it is busy and enjoyable. I quite look forward to the subsequent work, which is really challenging and exciting.

I got some time last weekend to review the show One Tree Hill. I've been loving the songs in this show for quite a long time, such as I Don't Want to Be from Gavin DeGraw (the theme song), Overdue from Get Up Kids and The First Cut Is The Deepest from Sheryl Crow, many of which are performed in Karen's Cafe. It is also fascinating that most episode titles are named after titles of songs. I love songs:-)

Well, it is hard to comment about the characters. I do understand Lucas's decision to leave the town and start over at the end of Season 1. In my mind the story ends there. From Lucas's eyes, I can see tiredness: maybe because of either Haley's new life with Nathan or the things messed up with Peyton and Brooke. I cannot really accept some stories in the following seasons such as his disease or Keith's death; their short starting over and immediate coming back is somewhat ridiculous. But it's life, unpredictable and messing.