Christopher Swenson

There's been some hubbub going around the web about Wordpress potentially suing a developer for breaching the GPL.

The quick run-down: Wordpress is licensed under GPL2. Thesis is a premium Wordpress theme.

The debate really boils down to: does the GPL require Thesis to be also licensed under the GPL?

The answer: almost not, but maybe.

I'll save you some reading. Clause 2 of GPL2:

… If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate work. …

IANAL, but this says, quite clearly, if it is not derived from GPL code and can be reasonably considered independent, then the GPL does not apply.

The question is, what does "independent" mean in this sentence. Does it mean independent in the sense that it can run without it? Or does it mean the code does not have any code in common with the GPL code?

It's unclear. I am inclined to the second viewpoint, because the first has a lot of nasty ramifications. However, some people, including the FSF, appear to believe in the first viewpoint (roughly speaking).

Ugh. Software licensing sucks. This is why I use the MIT License. Mostly because I like putting some kind of license on the code, and this seems one of the least restrictive ones.

I'm a sucker for programming contests, and have been since high school.

I thought I would post here about one ongoing contest and one upcoming one.

First, the Intel Threading Challenge has already started. Essentially, it a little programming contest that is supposed to test your ability to program effectively for a large multi-threaded task. The "Master" section this year is writing a program to compute a simple and laborious graph theoretic property.

Second, the annual ICFP programming contest is right around the corner. Although nominally a functional programming contest, anyone can enter in any language. It's an super-fun, intense 72-hour competition. If you want to try to place, I recommend having a group of about 2–4 strong programmers. I won't be able to compete this year because of a scheduling conflict. :(

sliderepl is a really neat Python presentation tool for demonstrating code, live, in a slide-like format. Essentially, you organize your code into "slides", which you can then scroll through (though you can't go back, really). The tool was written originally by Jason Kirtland.

I wanted to see if I could use it for Sage code as sort of a GUI-less notebook thing. Kind of. Unfortunately, sliderepl is full of hacky magic, involving embedding an interpreter and introspection. Sage is too, and so they don't like each other very much.

Through some more magic, I figured out how to get them to work together anyway, and released the code on Github as sage_sliderepl.

I recently discovered task, a powerful, yet simple, command-line to-do and task management tool. Up until now, I hadn't found any way to manage to-do lists that felt "right". But task has changed that for me.

One feature I feel is missing (though I think they are planning on fixing this) is the lack of email notifications. I would really like to know what I have to do today, and I may not always remember to login and check, especially in my current transition period of getting used to using it everyday.

So, I set up cron on my system to email my current list (that is due today) every day. For those of you following along at home, you can do the same with something like so added to your crontab (crontab -e):

SHELL=/bin/bash
1 0 * * * task list due:today | mail -s "Due `date '+\%A, \%m/\%d/\%Y'`" your@emailaddress.com

(Note that you have to escape the percent signs in a crontab line.)

Just a quick update — trying to get back into the habit of posting.

One thing I am constantly thinking about is programming languages: implementing them, designing them, using them. The latter two are just fun, but implementing languages is a tricky business, and can be difficult and time-consuming.

There are some tools for helping you implement a language, such as the classical lex and yacc lexical analyzer and parser generator, respectively, or the more modern ANTLR, a combination of both.

However, learning how to even use these tools, or when to, is also difficult. Enter Language Implementation Patterns. This book, by Terence Parr (inventor of ANTLR, no less), attempts, quite successfully, to introduce the common patterns that you will use in implementing a language, with or without a parser-generator like ANTLR.

Most of all, I say that it is about freaking time for a book like this to come out. Compiler books have been mostly stagnating these past few years, and while this doesn't cover some of the more advanced optimization techniques and the like, it does a thorough job of showing how modern compilers are built. Bravo, Terence.

When I was constructing my own websites, for myself or for clients, I was always bothered by one thing:

I didn't have an SSL certificate for any of my domains.

This is due to many reasons: SSL certificates are tied to a single domain, they cost a lot of money, and they are tied to an IP address, which can make shared hosting hard. Furthermore, I don't feel that shelling out money for some SSL authority to issue me a certificate really means anything – why are they qualified to say anything (good or bad) about my website.

Unfortunately, there are only two alternatives: don't use SSL, or use a self-signed SSL certificate.

Not using SSL is not really an option if you are sending sensitive information of any kind over the Internet. For example, the password to login to the backend of any site.

If you have a user-facing website that is selling things, i.e., asking people for their credit card information, you don't have much of a choice. You really need to use SSL, and you have to use a real registered SSL certificate, since you don't want to scare away users.

However, for almost any other case, I think that they are just not necessary. Take this website, for example: the only person who logs into this domain is me. I certainly trust any certificate I sign, so a self-signed certificate makes a lot of sense. I can go ahead and "Accept the risk", as Firefox asks me to, and confirm an exception for my own site. I will then sleep easy knowing that my password is sent encrypted.

Even if I make a site for a client, I would be happy to give them the option: we can use this self-signed certificate for you to login to the backend, or they can front the cost for a "real" SSL certificate. However, nobody likes to waste money, and buying a certificate for only a few people to use a backend is a silly idea.

Creating a self-signed certificate with OpenSSL is easy, and installing it in Apache is also easy.

Don't let you or your clients down by neglecting to give them the option for free SSL.

Extra credit question: why aren't there are any free SSL signing authorities out there?

One of my favorite passions from my teenage days was assembly language programming. Don't laugh.

It embodies a lot of my favorite things about programming: I have total control, it is clean and simple, and it is just and fast and functional as I am capable of making it. The only thing standing in the way of me and world domination is how well I can program.

Well, with some minor exceptions. Having a decent assembler is really key, and for x86 architectures, there are many choices. If you are hacking a small function together to support some higher-level language, then maybe you can get by using MASM (for Windows/DOS), or, if you really hate yourself, gas (for every platform).

But, if you intend to spend some time programming in assembly and not hating every minute of it, then you need to use NASM, probably the best assembler for the x86 family, ever (or possibly Yasm, a NASM clone that I have no experience with).

So, this past week I was interested in playing some more with NASM, and so I thought that I would see how what I could do under OS X (I previously worked primarily in DOS). Unfortunately, assembly language support in OS X is fairly hampered if you want follow its standard calling conventions for 32-bit x86 code. The innocuous-looking statement "The stack is 16-byte aligned at the point of function calls" seems innocent, but is a nightmare if you using external calls.

Basically, this means that you have to keep very close track of your stack size when calling functions. And even worse is that your stack never enters your function correctly aligned: the return address is always 4 bytes long, meaning you are always 12 bytes off when you start.

What this means is that I may have to use a VM with Linux to have any fun with assembly language programming again.

If anyone is interested, here is a quick NASM file I threw together that demonstrates how to use NASM on OS X to call glibc functions. I tested it with the latest NASM (2.07) on Snow Leopard (you'll probably need XCode installed to get this to work). This program prints "Hello World", allocates some memory using malloc, uses that memory to write 10 letters of the alphabet on the screen (using printf), frees the memory, and returns.

;
; Basic OS X calls to glibc
;
; compile with:
; nasm -g -f macho malloc.asm
; gcc -o a.out malloc.o
;
 
; glibc stuff
extern _puts, _printf, _malloc, _free
 
; static data
segment .data
 
hello_world_str db "Hello world!", 10, 0
int_str db "Address %x", 10, 0
 
; code
segment .text
 
global _main
 
_main:
        push ebp ; setup the frame
        mov  ebp, esp
 
        sub  esp, 4 ; align the stack
        push dword hello_world_str
        call _puts
        add  esp, 4
 
        ; malloc 16 bytes
        push  dword 16
        call  _malloc
        add  esp, 4
 
        ; check if the malloc failed
        test  eax, eax
        jz    fail_exit
         
        sub   esp, 0xC ; align the stack
        mov   ebx, eax
        push  ebx
        push  dword int_str
        call  _printf
        add   esp, 8
        add   esp, 0xC
 
        ; print "A\nB\n..."     
        mov   [ebx], dword 0xD41 ; 'A\n'
 
        mov   edi, 10
        push  ebx
_loop:
        call  _puts
        inc  dword [ebx] 
        dec  edi 
        jnz  _loop
 
        add  esp, 4
         
        ; free the malloc'd memory
        push  ebx
        call  _free
        add  esp, 4
        add  esp, 4 ; cleanup the stack 
        pop  ebp
        ret
         
fail_exit:
        mov  eax, 1
        pop  ebp
        ret

The output should look something like this:

Hello world!
 
Address 100130
A
B
C
D
E
F
G
H
I
J

Am I the only one who likes assembly language programming these days?

For the past 6 years or so, Gentoo has been my preferred distribution of Linux on the server side^* for many reasons.

But, that doesn't stop me from laughing uncontrollably at Gentoo's Uncyclopedia entry. Pull quote from the top:

“Stop staring at my output; you have no life!”
  ~ GCC on Gentoo users

I have to admit — Gentoo is Linux at its most pretentious and obnoxious. Maybe I'm an elitist, but I still use and love it.

Why? What keeps me emerge-ing year after year?

• I know Gentoo. I've been working with it for years, and when things go wrong, I know where to look and how to fix it. This is also partially due to the fact that it has (arguable, and in my opinion) one of the simplest overall system designs. I don't need a GUI to fix it, which is really handy for my remote installs where I won't even install a GUI.
• It's fast. The rumors are true — if you know what you are doing and you take some time to do it, you can build a very fast system.
• Upgradeable. The whole system can be easily brought up to speed by resyncing and emerging world. The only thing you ever have to reboot for is a kernel change, and you'll never have to reinstall to upgrade "versions". Gentoo doesn't have versions.
• Up/downgradeable. If I want a custom-built version of, say, apache built, I can easily build such a thing and install it. If it is completely broken, I can easily uninstall it. And, 99% of the time, I won't ever have to open up the source and run ./configure --prefix=/opt/apache2 && make && sudo make install to do it, and I won't have to just hope that it won't clobber my files.

The first point is one primary reason I don't switch: I am locked in. I would maybe try Debian or Ubuntu for a server setup, but I'd be shaking in my boots waiting for something to break and not knowing where to start fixing the problem.

My biggest complaint about Gentoo? It doesn't deal well with bleeding edge Ruby gems. Meaning, Gentoo tries to install Ruby packages like Gentoo packages, but Gentoo packages are not always up-to-date or complete for all of the gems that are out there. So, there tend to be version problems and weird configuration errors if you start maintaining your own gem install somewhere. I'm not really sure whose fault this problem is.

Aside from this minor fault and the reputation that Gentoo gets for being elistist and complicated, I will be sticking to strange, bloated Pacman for the foreseeable future.

---

^* My preferred distribution for desktop? Mac OS X. :) Sorry Linux, you just don't feel as smooth and silky in my hands with a GUI. The slick GUI that OS X gives me beats any minor incompatibility problems I have, or the fact that OS X uses strange broken BSD versions of some command-line tools, like sed.

Often, I like to read articles on particularly insightful programming techniques or algorithms. Sometimes these algorithms are for some fairly mundane things, like searching and sorting. (So mundane, of course, that Knuth wrote a whole book about it.)

Two pieces I have enjoyed recently.

First, timsort – the sorting algorithm used by Python. It describes an interesting approach to mergesort that is stable and incredibly fast, especially for "almost" sorted arrays.

Second is a class: strlen(), from glibc. strlen(), for you non-C programmers, finds the length of a null-terminated string. So, simply, given a location in memory, it finds the next zero byte. Sounds easy? Well, it is, but there are several tricks you can to do speed up the search by quite a bit.

Any other favorite snippets of code out there?

Recently, I desired to have a simple Python function I could call with as little fuss as possible that would start up some kind of server that I could use to tell what is going on inside my program at a later date, without resorting to some kind of logging system or console output.

Behold, a simple Python Remote Debugger.

Well, it's not really a debugger (yet). It's more of a "Current State of the System".

There are two servers shipped with it: a plain, pickle-based server (meant to be used to develop richer applications, though it may be abandoned in the future), and a simple web server, based on CherryPy.

It's still in beta, but has many neat features, including:

• Listing of all currently running threads. Each entry includes a snapshot of the values of all of their local and global variables, as well as the current stack trace.
• Listing of all loaded modules
• sys.path listing
• SSL support
• Simple username / password authentication

I would be more than happy to take feature requests. Though, the source is available, fairly simple (and hopefully easy to use), and licensed under the MIT license, so you are free to use or modify it as you see fit.

If I have time in the future, I would love to develop some kind of fancy Ajax-based actual remote debugger, with IPython-like functionality, but it probably won't happen for a while.