ellipsix informatics

On compiler warnings (and off them, too)

Quick, what's wrong with this C++ program? #include int test(int arg) { cout << arg << endl; } int main(int argc, char** argv) { test(5); } Did you guess _nothing at all_? Because that's what GCC says: $ g++ -o funnyprogram funnyprogram.cpp $ WTF. Pretty much every other programming language that makes you explicitly identify a function's return type will also make you _actually return something_ from that function. C and C++ don't, and furthermore GCC doesn't even warn you that anything is wrong. This can occasionally lead to serious bugs, as I discovered today in [this real-world example](https://github.com/diazona/SOLO/blob/a97ea2eae111e5971970c0d8b9fd957e957237a9/src/hardfactor.h). I had a function that checks the name of an object and returns an `enum` value based on that name. virtual const HardFactorOrder get_order() const { // relies on a particular convention for get_name() // but can be overridden for hard factors where that convention doesn't apply std::string name = get_name(); if (name.compare(0, 3, "H01") == 0) { return MIXED; } else if (name.compare(0, 2, "H0") == 0) { return LO; } else if (name.compare(0, 2, "H1") == 0) { return NLO; } }; That was all good when all the objects involved had names conforming to the convention, but my latest batch of updates to the code involve objects with totally different names, and I forgot to override `get_order()`. So the default implementation above was getting used. Instead of failing with an error when none of the patterns matched, it was just not returning anything, and the variable that I set the return value to was getting assigned some random binary nonsense. Something like 2692389, where the legal values were 0, 1, and 2. Needless to say, if GCC had complained about this from the start, I wouldn't have spent at least an hour staring at tiny text in a debugger. ![tiny text in a debugger](http://www.ellipsix.net/uploads/IF_A/console-gdb.png) There are [over a hundred warnings](https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html) that GCC can be configured to emit. Some of them are relatively useless, but most probably should be enabled if you want to save yourself a lot of debugging time. I pored through the manual and came up with the following set of warnings, at least for myself (but it may work for you too, if you have a workflow like mine): -Wall -Wextra -Wformat-security -Wmissing-include-dirs -Wuninitialized -Wtrampolines -Wconversion -Wuseless-cast -Wjump-misses-init -Wlogical-op -Wstrict-prototypes -Wctor-dtor-privacy -Wold-style-cast -Wno-reorder -Wno-unused-parameter -Werror=delete-non-virtual-dtor -Werror=return-type -Werror=implicit That's quite a mouthful, though a build system like Cmake can handle it easily; just copy and paste into the appropriate spot in the configuration file. For times when you invoke GCC manually, you can put those options in a file, perhaps `~/Wreally-all`, and then run g++ @~/Wreally-all -o program program.cpp ... which will include the contents of the file as if you had specified it on the command line.


I'm having a little too much fun with my newly-discovered ability to embed Twitter widgets. Enjoy these scientific twists on popular movie titles.


Another Mathematica bug

Math is hard.

Not for Barbie, but for Mathematica.

I ran into a weird Mathematica bug while trying to evaluate the sum

\sum_{k=1}^{\infty} \biggl[-\frac{\pi^2}{6} + \psi'(k + 1) + H_k^2\biggr]\frac{z^k}{k!}

Split this into three parts. The first one is the well-known expansion of the exponential function

-\frac{\pi^2}{6}\sum_{k=1}^{\infty} \frac{z^k}{k!} = -\frac{\pi^2}{6}(e^z - 1)

The second is not the well-known expansion of the exponential function.

\sum_{k=1}^{\infty} \psi'(k + 1)\frac{z^k}{k!} \neq \frac{\pi^2}{6}(e^z - 1)

Obviously not, in fact, since if two power series are equal, \sum_i a_n z^n = \sum_i b_n z^n, for an infinite number of points, each of their coefficients have to be equal: \forall n,\ a_n = b_n. (You can show this by taking the difference of the two sides and plugging in a bunch of different values of z.)

I guess Mathematica doesn't know that.

In[1] = Sum[PolyGamma[1, k + 1] z^k/k!, {k, 1, Infinity}]
Out[1] = 1/6(-1 + E^z)Pi^2

I had my hopes up for about two days that these two terms would cancel out, but I should have gone with my instinct that something was fishy about that result.

Apparently we have to go all the way back to version 7 to get a correct answer.

I'm still working on the rest of it.

Can you trust your calculator?

This is actually emblematic of a big problem that is on many people's minds right now because of a recent article in the Notices of the American Mathematical Society, (PDF) "The Misfortunes of a Trio of Mathematicians Using Computer Algebra Systems. Can We Trust in Them?" In this paper, the authors construct some fairly simple mathematical expressions for which Mathematica gives egregiously wrong results. (The expressions may not look simple to us, but they're polynomials with integer coefficients, pretty much the easiest mathematical objects for computers to handle.)

Forget math, it's programming that's hard!

What all this shows is that relying on the results of a computer program is dangerous without some kind of independent verification that it does what you think it does. Anyone who's ever written a program should understand that. But it's all too easy to forget; we get lulled into a false sense of security by the 90% of the time that programs do work, plus the 9% of the time that they seem to work because whatever errors they produce are buried in a giant pile of output.

I think sometimes we could all do with a reminder like this not to get too trusting.


The future of science online without Science Online

Join the Google group mailing list to stay informed or help with planning!

It's been a little more than a month since Science Online, the organization famous for its annual series of conferences (and infamous for the sexual harassment promulgated by one of its founders) announced that it was disappearing for good.

As a result of our state of insolvency, the ScienceOnline board of directors voted on Oct. 6 to proceed with a plan for dissolution, which we will implement over the coming weeks.

One unfortunate but necessary consequence of this decision is that we have to cancel the ScienceOnline Together 2015 conference scheduled for Atlanta in February. We have notified those who have already registered for ScienceOnline Together 2015 and will be fully refunding registration fees.

The decision took a lot of people by surprise, since the organization had been in the middle of planning their 2015 conference in Atlanta. But all of a sudden, with no warning, it was all over.

When the news broke, a lot of former attendees took to Twitter to share their favorite memories of past conferences.

My time at last year's conference, as a first-time participant, was pretty close to being the best three days of my life.

I'm not ready to give up on that.

I'm not the only one, either.

Science Online had some great aspects that were worth preserving. The "unconference" format of moderated discussions, in particular, did an amazing job of drawing new people into the community. And the half-hour coffee breaks between sessions, organized lunches, evening activities, really emphasize the idea that networking is the most important part of an event like this. I want future generations of science communicators to be able to experience that inclusiveness too.

A new conference?

At the moment, I don't see anyone else making serious plans for a successor to Science Online Together, so I'm going to push for this myself.

There are a few things that need to be done before a new conference series can take Science Online's place.

  1. Put together a steering committee with people who have expertise in organizing, and who are also legitimately committed to seeing the legacy of Science Online continue. Goodness knows I don't have any idea how to organize a conference, especially not from halfway around the world, but I do know it takes a lot of work from many, many people.

  2. Figure out why Science Online failed in the first place, and how to avoid making the same mistakes. Everyone seems to have their own ideas, ranging from the cost of the conference and travel, to the change in location, to the fact that many "regulars" were taking a break this year. Most people probably suspect that Bora's sexual harassment scandal and the organization's inadequate handling of it at Science Online 2014 played a role.

  3. Decide whether there is enough interest to hold a conference at all, and if so, how large it should be. Right now the dominant attitude in the community seems to be that Science Online was nice while it lasted, but now it's dead and gone and that's all there is to it. If that's really the case, then it's pointless trying to start a new conference series. But I don't think that's the case. You don't sell out registration spots in an hour year after year unless you have a really committed audience.

    • This probably involves getting a message out to all those who would have attended Science Online Together 2015, and others in the science communication community. I intend to ask the board whether they would be willing to pass along a message, or share the contact information that people made public when they registered.
  4. Decide on a time. Moving the conference from the traditional February-March time slot to another time (summer?) might improve people's ability to attend. Besides that, though, does an annual conference make sense? If the cost is prohibitive, moving to every 18 months or every two years might help keep the series strong.

    • This would also be something to ask potential Science Online attendees about.
  5. Decide on a location. The Science Online people already had Atlanta selected, but I heard some complaints about it, so is it really the best choice? Would it be better to rotate between different locations, as a lot of other conference series do?

  6. Check for interested sponsors. Some of the existing Science Online sponsors might be willing to continue funding a new conference series, but I bet that gets less likely the longer we wait to ask them. This is also a prime opportunity to bring new sponsors into the fold. I'm sure there are companies that are involved in online science communication that would love a chance to advertise themselves to an interested and influential audience.

  7. Come up with an awesome name. The obvious choice is to try to get the rights to use the Science Online trademark (it is a trademark, right?). But I think, given the organization's history, it may make more sense to come up with something new to distance the new conference series from the shortcomings of the old one.

    Actually, I've got this one covered. The Science Communication Initiative Online eXchange. It's descriptive and sounds modern and dynamic, and was definitely not just the first thing I could think of that would let us keep the #sciox hashtag.

Originally I had considered trying to take over the conference center booking, the existing event planning, and other preparation that had already been done by Science Online for the 2015 Atlanta conference. But that would have required acting very quickly, and also knowing that the full complement of 400 people would show up to the new conference. That's probably not realistic.

At this point, I'm thinking of planning a small, informal meeting in 2015, perhaps still in March, as a planning session for a full conference in 2016. It could be held on the same days as the original Science Online conference was scheduled, or it could be done in conjunction with the Atlanta Science Festival March 21-28, as discussed on the planning Facebook page.

What do you think?

I've created a Google group (just an email list) for planning the future of this conference series. If you want to help or just want to see how it's going, head to Google and sign up! You do not need a Google account, any email address will do. (Any problems, email me or Tweet at me.)


How one line in one file made me reinstall Gentoo

Hey, internet. Long time no see.

(It's often claimed "long time no see" is a literal translation from Chinese "好久不见", "hǎo jiǔ bú jiàn", but actually nobody knows for sure.)

On Thursday, my computer crashed. Not just that it crashed, but it somehow corrupted itself so that I couldn't even boot it. It survived for two seconds after being turned on, before bailing out with this error:

Linux crashes after two seconds

init[1]: segfault at 0 ip 00007ff10ea3fe05 sp 0007ffff7cb49148 error 4 in libc-2.19.so[7ff10e919000+19e000]
Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b

This is so early in the startup process that nothing is running. It's pretty much just the kernel and init (which, if you don't know, is the very first program to run when a Linux system starts, the one that runs all other programs).

So of course I recompiled (it's Gentoo) and reinstalled both the kernel and init, as well as libc, several times, as well as several other programs that I'm pretty sure didn't even get a chance to start, so how could they have anything to do with this crash? Still, better safe than sorry I guess.

None of it made any difference. After replacing every program that could possibly be running at the time of the error, init still crashed. This is probably the most frustrating error I've seen in 15 years as a Linux user.

So I spent my weekend reinstalling everything on my computer.

Verifying downloads before GPG

One of the easy ways a nefarious group could hack into my computer is by intercepting the source code I download when I'm installing a program and modifying it to do, well, whatever they want. China's government tries to maintain pretty strict control over the internet in their country, so I wouldn't put it past them to do this. (To be fair, I wouldn't put it past the US government either.) One way I could get around that is to download everything from a trusted server in the US or some other country, but the internet access here is kind of slow, especially going in or out of the country. It'd be a lot quicker to download all my source code within China, and I need all the time I can get.

The alternative is to use cryptography. Gentoo already does this, to some extent: whenever I install a program, the installer first checks the SHA256 hash of the source code against an internal database to make sure the source code hasn't been tampered with. But that internal database is also something I need to download, and how do I know that hasn't been tampered with?

Of course, the Gentoo Release Engineering Team (the people who maintain this internal database) have thought about this, and they cryptographically sign the database files. I'll skip the details, but through the "magic" of public-key cryptography, I can check that the SHA256 hashes I download are the same ones they upload by checking one single 40-letter key fingerprint, just once.

Here's the catch: to verify the hashes, I need to have GPG installed, and to install GPG, I need to verify the hashes of its source code and all the other code it depends on. My bright idea to get around this was to define this little function, a fake version of GPG:

echo "gpg invoked: gpg $*"
echo "please do this manually and press ok if successful"
read -n 2
if [[ "$REPLY"=="ok" ]]; then
    return 0
    return 1

That goes into /usr/local/bin/gpg in the system I'm trying to install. This way, when I run emerge-webrsync to download the hashes, and it gets to the point where it's going to check the file's signature, it will pause so I can manually check the signature.

I spent way too much time coming up with that.

About that crash

I did eventually figure out the problem. It turned out to be a line in /etc/ld.so.preload, which is a file specifying libraries of code that the system should preload for every new program it starts up. Essentially you're patching extra computer code into the program when it runs. Extra code that it probably wasn't written to deal with. That makes an environment ripe for conflicts between the preloaded code and the original code. (The fact that this feature exists is shocking, most of the time, but it does have a few legitimate uses.)

I had tried to install the Astrill VPN client, which as part of its installation adds this line to /etc/ld.so.preload:


I'm guessing liblsp.so is Astrill's way of intercepting everything that a program tries to send or receive over the internet. It might work for most programs (might; I'm not going to keep it around to find out), but clearly, it has a major conflict with init (which doesn't even need to access the internet anyway).

It wasn't easy to find the culprit, actually; I had to boot my computer using the System Rescue CD (on a USB drive, despite the name) and find all files that were modified at the exact time I installed Astrill:

find /mnt/gentoo -mmin 537 -mmax 539

This finds all files which were last modified 538&pm;1 minutes ago. There were about 50 of them, and it wasn't hard to pick out the one that could affect how the very first program on the computer starts up.

Still, I can't believe I reinstalled my entire operating system because of one line in one file... life of a Gentoo user, I guess. :-P


There are two kinds of textbooks...

...those written in binary and — wait, that's not right!

Actually, the two kinds of textbooks, at least in physics, are educational books and reference books.

  • Educational books are good for learning a subject for the first time. They're written in a way that makes it easy to read a whole section or chapter without getting overwhelmed. They have clear summaries, walk you through simple examples, and put their topic in context to keep you interested. These books are almost telling a coherent story as much as they are imparting information.

    Examples include David Griffiths' books on quantum mechanics, electromagnetism, and particle physics, Daniel Schroeder's thermodynamics book, James Hartle's book on general relativity, and Barton Zwiebach's book on string theory.

  • Reference books are good for looking up the details of a specific procedure or situation. They're densely packed with information, but that makes it very hard to read a large section at a time, the way you would read other books. Instead, a reference book is most useful when you need to know one particular fact and can look up just the part of the book that deals with that fact. In these books, the individual sections should be more self-contained because you don't want to read through the whole book to get the information you need.

    Examples include Cohen-Tannoudji, Diu, and Laloë on quantum mechanics; Jackson on electromagnetism; Misner, Thorne, and Wheeler on general relativity; and Green, Schwartz, and Witten on superstring theory.

One of the biggest mistakes a textbook author can make is failing to decide which kind of book they want to write. While most textbooks have some features of each type, no single book can adequately fill both roles. Trying to do it just makes your book bad at both.

Of course, one of the biggest mistakes a textbook reader can make is expecting an educational book to be good as a reference, or vice-versa. A lot of trained physicists do this when they complain about Griffiths' books being insufficiently rigorous, for example. Those books aren't meant for trained physicists, they're meant for undergraduates, who would just be confused by "sufficient" rigor.


Adventures in China: the bank account

Part of moving to a new country is setting up all the "personal infrastructure" you need in order to live. And when you're starting a new job at the same time, getting paid is pretty close to the top of that list. Which explains how, a couple days ago, I found myself walking into the Bank of China on the CCNU campus to set up a bank account.

No, wait, let me back up.


I found myself walking into the Bank of China on the CCNU campus to set up a bank account. Since it is the Bank of China, after all, everything is written in Chinese. Everyone there speaks Chinese. I would have been totally lost without my host (actually my boss, but he's been so much help getting me settled that I think of him as my host) having come along to translate.

Apparently the idea of being busy with a customer doesn't really exist in China. A bank employee at one of the reception desks, where a Chinese woman was filling out a form, immediately beckoned us over. She and my host talked for a while, and she led us over to the counter where stacks of all the bank's key forms were. Then my host started filling out the form (again: everything written in Chinese), when another guy working at the bank came over to talk to us. Again, he and talked, I stood there and tried not to look bored, they talked... you get the gist.

I'll skip to the point. It turns out that there are about three things for which you need a social security card. Not the number, the actual card. Getting a driver's license, setting up payroll at a new job, and opening a bank account in a foreign country. Due to international banking regulations the US government throwing its weight around, any US citizen opening a foreign bank acount needs to provide a copy of their social security card. Which I didn't have, because, again, there are about three things you ever need a social security card for. Needless to say, I did not expect any of them to be in China.

(TV-style) PRESENT DAY (actually Friday, but who's counting)

It took a couple days, but I was able to get a scan of my social security card emailed from home. So my boss and I headed back to the bank to take another run at opening the account. Again, an employee at the reception desk directed us to the forms and my boss filled out the account opening form, or the little bit of it we needed, anyway. Name, birthday, passport number, phone number, and a couple other things; that still leaves 90% of the form blank.

Then we wait.

Here's one handy fact I learned about Chinese banks: they operate really slowly. There were maybe two or three people ahead of us in the queue, and it still took around 40 minutes until we got our turn at the service counters. Now, my part was easy: I just had to hand over my documents, sign a couple papers, and pose for a picture or two (to make sure I was physically present in the bank). I feel kind of bad for the poor bank employee who had to enter all this information into the computer, and who apparently had never created a bank account for a foreign citizen before. The first time through, (my host told me) she accidentally entered my passport number into the SSN field. Who had the bright idea of making passport numbers and social security numbers both nine digits? And that's not easy to fix either. We had to wait while she called up a central office or something to void the first account request (I was excited to understand when she read some of the digits of my SSN in Chinese), then go through basically the whole process again, from scratch.

So I guess whoever has the social security number that's the same as my passport number probably will not get a fun surprise when they check their credit report....

To top it all off, we spent so long sitting at the counter waiting for the account to be created that the bank actually closed — literally shut and locked the security gates — with us inside. Then we had to step out of the building for about two minutes while they transferred money to an armored truck. Another handy fact: they take armored truck security really seriously here. Two policemen in full body armor with assault rifles stood guard next to the truck while a third carried briefcases of cash out from the bank. And this in a country where gun ownership is forbidden to private citizens, and even the police don't normally carry them.

Eventually I did wind up getting my bank account. Hooray, I'm not on any money laundering watchlists! (Fun story: my roommate shares a name with someone on a watchlist, which caused him no end of trouble when he tried to go through this same process a month ago.) However, I have to do all this again at another bank this week, because thanks to some shady corporate deals with CCNU, part of my salary has to be paid through Bank of China while another part has to be paid through Industrial and Commercial Bank of China (ICBC). I hope it gets easier with practice!


Lessons from my first half-week

Things that don't exist in China:

  • Ubiquitous wireless internet. Not so surprising, really, because Americans do have a rather unhealthy obsession with their wireless, but one would think I'd get wifi in the hotel room. Surprise, nope! Naturally this makes it rather less convenient to put up blog posts.
  • Washcloths. Seriously, China, what's up with that?
  • Dryers. Or, they do exist, but for some reason dryers are considered a luxury item and are pretty rare. The Chinese prefer to stick to the traditional method of line-drying. (Hey, it's environmentally conscious)
  • Smog. The weather has been pretty fantastic since I got here. From what I hear, outside of Beijing and maybe Shanghai, that's actually pretty typical.

    View from on the CCNU campus

  • English speakers. Which, again, is not that surprising; China has its own language, so why would they speak English? Nevertheless, you'll hear in a lot of places that lots of people in China speak English, even to the point that foreigners don't actually need to learn Chinese! Nope, not in Wuhan.

Things that do exist in China:

  • Toilets, by which I mean something that Americans would recognize as a toilet. In hotels and international dorms, at least. Public restrooms still tend to have the Asian-style squat toilets.
  • Toilet paper. The piece of advice I got probably more than any other was to bring my own toilet paper. Well, not to worry; they have toilet paper here. (Which is good because I actually forgot to bring any.)
  • Really good noodles. I include this not because it's characteristic of China in general, there's just this one restaurant off campus that makes really good noodles.
  • Cooked whole animals. Nothing enhances the experience of eating fish like staring down its lifeless eyes as you munch on its flesh...

    A mostly-eaten fish

  • Good coffee. Or at least decent coffee. The particle physics group has their own $1500 coffee machine in the lounge. Let's see how long I can hold out before becoming addicted.


New Adventures in China

The blog has been pretty quiet the last few months, because I've been getting ready to move to Wuhan, China, where I'll be starting work as a postdoc at Central China Normal University.

It turns out that moving to another country - in fact another continent - takes a lot of preparation. Shocker, huh. Airlines put pretty restrictive limits on both the amount and type of things you can take, so I had to pack light. I'll basically be living out of a couple of suitcases for the next six weeks. But at the same time, shipping things to China is unreliable, expensive, and impossible until I find out where I'll be living, so I had to make sure to take everything I needed. It took some planning to figure out how to fit the essentials into those two suitcases. My old habit of making a checklist of what to pack really came in handy!

Then there's the whole issue of getting permission to enter the country in the first place. Officially, to work in China, I need a work visa. For that I need a work permit from the university. For them to give me the work permit, they need to see a copy of my PhD diploma. (No, that doesn't make sense to me either. Copies are not hard to fake.) To get the diploma I had to submit my dissertation and all the accompanying paperwork. One of those papers was a signature form that had to be signed by all members of my dissertation committee. To get them to sign the paper, I had to revise my dissertation according to their directions, which I only got after my defense at the beginning of August.


Wait, there's more! Since I defended my thesis in August, I don't officially get to graduate until December. But Penn State doesn't actually mail out diplomas for people who aren't there until a month later (mid-January). So, based on that schedule, once I get to send a copy to the people at CCNU, they probably wouldn't finish the paperwork until after the Chinese New Year in February, which is a pretty major holiday from what I hear. So I might not be officially employed until nearly a full year after getting the offer!

Anyway, for now I'm going as a visitor, on a temporary business visa. This plan works around the visa rules, and reportedly they can still pay me, which is the important thing.

Coincidentally, this trip comes just as National Novel Writing Month starts, or in my case, National Blog Writing Month. I'm going to try again to go for my goal of 30 non-trivial blog posts in 30 days. And I'm probably going to fall short again, but at least I do have a bunch of good science ideas saved up, and there will be a lot of updates about life in China. Maybe this will be the year, who knows?

Just to be safe, I'm counting this as one.


A return to blogging

It's been three months since my last blog update. Writing a dissertation really doesn't leave time for anything else! Thankfully, it's now done, so I can get back to posting cool physics stuff any day now.

In other news, this fall is the 10th anniversary of ellipsix.net! I started this site a decade ago, just after starting college, because I wanted a little project to tinker with building dynamic websites. Hopefully I'll have time to put some special content up to commemorate the occasion.

For now, I'll be at the meeting of the Mid-Atlantic Section of the American Physical Society this weekend. I'll be posting updates on Twitter if you want to follow.