Ask HN: What source code is worth studying?
This is one my favourite questions, asked by idlewords: https://news.ycombinator.com/item?id=879101
But its been a long time since then, and with a new set of programming languages, I believe there are new code bases that's worth studying about and learning from.
So, which code-base should I be reading about to improve myself?
175 comments
[ 0.33 ms ] story [ 262 ms ] threadLooking at their GitHub now I must admit that the source code and comments look pretty good.
I was mostly looking for Python, Javascript, Haskell and C#. Any help regarding that?
Also, as I believe this thread will also help others, you can go ahead and post about any other code-bases for other languages.
Here is a link to cpython 2.7 libraries: http://hg.python.org/cpython/file/70274d53c1dd/Lib
Those that are implemented in C are in the "Modules" folder from the top level.
I think you [OP] will get the most benefit from reading libraries that you use often because it will give you some direction.
If there are 3rd party libraries you use heavily those will be interesting too.
It is very very difficult to just pick up megabytes of code and start reading them and find it useful. You will be able to pick up style and conventions but not really high-level engineering decisions.
My suggestion is to take software that you use regularly and run it through a debugger. Since you use it you know the problem domain. And with the debugger the code you're reading gets real context. I've done this with Git for example.
And also look at the design documents for big OSS projects.
If you do dive into merb, one of the contributors started a handbook on internals long time ago (https://github.com/michaelklishin/merb-internals-handbook), although, it died with the merb itself.
You could read some of the code-bases he reviews, and then read his review. You'll be able to compare and contrast your opinions with his, and if there's interesting variation you can blog about it ;)
One of the best and clear-cut defined ways of managing source with documentations.
I never seem to get enough motivation to read deeply into random "grand" code bases like Lua or SQLLite, but some months ago I got into the habit of always studying a bunch of projects that use a given technology before I use this technology, and it greatly decreased the amount of time it takes me to get to a "idiomatic" coding style. So instead of diving in a random, I would recommend making researching existing code-bases related to what you are currently doing an integral part of your workflow.
Perhaps I overestimate how much risk there is in learning idiomatic practices from a project which is not actually all that idiomatic. I like the assurance that what I read is quality, especially with frameworks or languages I'm very new to where it can be tough to tell.
C -> sqlite3 (well written, with a extensive test suite.
C++ -> Nmap and MongoDB.
python -> scons
http://piumarta.com/software/maru/
[0] http://aosabook.org/en/index.html
[0] https://github.com/aosabook/500lines
Just pick one and force yourself to use it to the exclusion of other editors. Future you will thank you later, because you'll still be using it 20 years from now. "We are typists first, programmers second" comes to mind. You need to be able to move chunks of code around, substitute things with regexes, use marks, use editor macros, etc.
== 6.824: Distributed Systems ==
http://pdos.csail.mit.edu/6.824-2013/ Do each lab. Read the discussion and rtm's course notes.
== Tarsnap ==
https://www.tarsnap.com/download.html How to write C. Study the "meta," that is, the choice of how the codebase is structured and the ruthless attention to detail. Pay attention to how functions are commented, both in the body of the function and in the prototypes. Use doxygen to help you navigate the codebase. Bonus: that'll teach you how to use doxygen to navigate a codebase.
== xv6 ==
http://pdos.csail.mit.edu/6.828/2012/xv6.html
http://pdos.csail.mit.edu/6.828/2012/xv6/xv6-rev7.pdf
http://pdos.csail.mit.edu/6.828/2012/xv6/book-rev7.pdf
Read the book. Force yourself to read it in its entirety. Use the source code PDF to study how to turn theory into practice.
== Arc ==
http://ycombinator.com/arc/arc3.1.tar
You're not studying Arc to learn Arc. You're studying Arc to learn how to implement Arc. You'll learn the power of anaphoric macros. You'll learn the innards of Racket.
Questions to ask yourself: Why did Racket as a platform make it easier to implement Arc than, say, C/Golang/Ruby/Python? Now pick one of those and ask yourself: what would be required in order to implement Arc on that platform? For example, if you say "C," a partial answer would be "I'd have to write my own garbage collector," whereas for Golang or Lua that wouldn't be the case.
The enlightenment experience you want out of this self-study is realizing that it's very difficult to express the ideas embodied in the Arc codebase any more succinctly without sacrificing its power and flexibility.
Now implement the four 6.824 labs in Arc. No, I'm not kidding. I've done it. It won't take you very long at this point. You'll need to read the RPC section of Golang's standard library and understand how it works, then port those ideas to Arc. Don't worry about making it nice; just make it work. Port the lab's unit tests to Arc, then ensure your Arc version passes those tests. The performance is actually not too bad: the Arc version runs only a few times slower than the Golang version if I remember correctly.
== Matasano crypto challenges ==
http://www.matasano.com/articles/crypto-challenges/ Just trust me on this one. They're cool and fun and funny. If you've ever wanted to figure out how to steal encrypted song lyrics from the 70's, look no further.
== Misc ==
(This isn't programming, just useful or interesting.)
Statistics Done Wrong http://www.statisticsdonewrong.com/
A Mathematician's Apology http://www.math.ualberta.ca/mss/misc/A%20Mathematician's%20A...
> There are at last count something like twelve thousand people who have reached out to us for our free crypto challenges [...] Every damn one of those people is an email exchange that me, Sean, or Marcin had to have directly, on our own time, with no compensation.
I imagine the response time can vary quite a bit.
It got better when I remembered we're a Matasano client so I shouldn't feel so guilty about harassing them. But it's an awesome free thing they're doing, so I still do feel a little guilty.
Yet every single programming job post these days is basically looking for someone with X years of experience in a long enumeration of specific technologies. The usual reason being "They need to be productive. Now."
Any place worth working isn't looking for the absolute best candidate for X at any cost. A good fit with someone with a good work ethic who wants to learn always works out better than just raw expertise. And a reference from someone you both respect is the fastest most reliable place to find them.
That's so true. If they absolutely need the best candidate, they are about to run a very risky project.
Good management means, among others, to ensure that new people have the opportunity to learn and to "get into" the project. If management requires the "best" developers, it really means that the management is bad and the developers are supposed to make up for that.
(Having said that, there are also people who are simply a sunken cost. That is, managing them requires more resources than the value they produce. However, that's the other end of the scale, and a separate topic.)
I have found user groups meetings a great place to network though. Everyone is helpful when someone says they are looking, even if it is that persons first time at a meeting.
However, I've noticed over this same time period that these screeners stumble into the office for a follow-up interview like giant toddlers: disheveled, incoherent, and totally self-involved. I wish this stereotype of the socially-awkward-yet-brilliant hacker would die in flames because it is not reality (or at best 2% of the community). Instead, this cultural delusion is convincing the socially awkward masses to seek out a job that is mostly about working closely with others, communicating constantly, and continuous compromise.
I have children in their 20's and I've seen how hard it can be to find your calling in life, but just because 99% of douche-bags earn a spot on reality tv that doesn't mean all stereotypes are true. Don't choose a job that you think fits your personality but that actually requires you to behave differently because you'll be miserable.
How to read the discussions? I think it's not publicly available. Btw, thanks a lot for the great post.
Fortunately, if the way MIT uses Piazza is anything like the way my school does you aren't missing much. Usually people just use Piazza to clarify something that was glossed over in lecture or to get help on some aspect of the homework.
> How to write C. Study the "meta," that is, the choice of how the
> codebase is structured and the ruthless attention to detail. Pay
> attention to how functions are commented, both in the body of the
> function and in the prototypes.
I just had another look at the tarsnap source code, and while I know Percival is a great guy, and I can't imagine him suing over "mis-use", the bulk of the code is under a pretty restrictive lisence:
"Redistribution and use in source and binary forms, without modification, is permitted for the sole purpose of using the "tarsnap" backup service provided by Colin Percival."
That is, except the code under "libcperciva" which appears to be under a traditional 2-clause BSD license.
So, for example using the bsdtar.c file to teach yourself how to handle command line arguments might be a bit dicey, as it's entirely unclear which part of that file is under the BSD license, and which part you're not allowed to distribute.
It's one of the reasons why I'd which Percival made the entire thing available under a dual license (eg: BSD) and simply required people to use the official client for the tarsnap service.
Then again, I'm not used to audit closed source software, and therefore probably extra scared of what might happen if I accidentially learn something from reading said source... ;-)
On the other hand, Percival does publish quite a lot of stuff that's [ed: entirely free], such as spiped https://www.tarsnap.com/spiped.html .
Anyway, illegal is illegal, and copy-pasting from Tarsnap would be illegal. I didn't know Tarsnap was under a restrictive license. It's a shame that people will have to be so careful when learning from Tarsnap, as it's a paragon of modern C best practices, but maybe the license is shrewd.
Though I wish the mentality of "my competitors might steal the code!" will die its deserved death, since evidence thus far suggests it's just paranoia. For example, the codecombat guys open sourced everything and have been fine: https://news.ycombinator.com/item?id=7015126 (But of course that's easy for me to say when I have no competitors to worry about!)
IANAL, but if this were me it seems safe enough that I'd be willing to do it and fight Colin in court if need be. :)
But one quickly realizes that the concept of software license restrictions is a fundamental reason for the strength and momentum of open source software. Therefore, it must be true that a central tenant of being a good developer is to respect software licenses. Not merely respect them to the letter of how they're written, but to respect their spirit as well. If an author wishes you don't do something with their code, then you don't do it. There are plenty of reasons why this should be the case, but the most compelling for me is that it'd be lame to ignore the author's wishes while using their work, even if the author won't ever know about it.
If people are still feeling tempted to lift code, well... Remember that you only get to destroy your reputation once.
Well, Tarsnap is online backup for the truly paranoid... ;-)
Seriously though: I never thought this was likely to be a problem, but given that I was spending a significant chunk of my life on this, I wanted to eliminate obvious risks to my livelihood. I like not starving.
But I've done my best to put the "reusable for a purpose other than building Tarsnap" code into the separate libcperciva tree. And I'm sure that merely reading code to learn from it is not a copyright violation -- there are no laws about copying information into your brain, thankfully. So please, read the code, and email me if you see any bugs; I wouldn't be offering bug bounties if I didn't want people to look at the code!
I took SICP a long time ago... all the pure functional stuff was great and elegant. I never really got how you can program "real world" / stateful stuff like distributed systems in Lisp dialects. When I look at Lisp code with hash tables and so forth it just looks horrible to me.
(Note: These html pages are rendered incorrectly on mobile. In particular, the spacing is wrong due to vimscreenshot not inserting instead of actual spaces. Sorry about that. Try viewing these links from a desktop computer instead.)
https://dl.dropboxusercontent.com/u/231528979/arc/html/index...
Lab 1 in Go:
client.go https://dl.dropboxusercontent.com/u/231528979/arc/html/locks...
server.go https://dl.dropboxusercontent.com/u/231528979/arc/html/locks...
tests https://dl.dropboxusercontent.com/u/231528979/arc/html/locks...
output https://dl.dropboxusercontent.com/u/231528979/arc/html/locks...
Lab 1 in Arc:
client.arc https://dl.dropboxusercontent.com/u/231528979/arc/html/locks...
server.arc https://dl.dropboxusercontent.com/u/231528979/arc/html/locks...
tests https://dl.dropboxusercontent.com/u/231528979/arc/html/locks...
output https://dl.dropboxusercontent.com/u/231528979/arc/html/locks...
Git commit log: https://dl.dropboxusercontent.com/u/231528979/arc/html/log.h...
All diffs between my local codebase and the stock arc 3.1: https://dl.dropboxusercontent.com/u/231528979/arc/html/all-d...
I was interested in seeing how much code can be eliminated by using Arc instead of Go. Turns out: quite a lot. The server is almost 200 lines of Go code, but about 65 of Arc. The client is almost 120 lines of Go, about 35 of Arc. The unit tests are pretty similar in length (~480 vs ~410) but the Arc version is easier for me to read since there's less visual noise.
Anyway it was fun.
OT question, what's up with programmers and "Zen and the Art of Motorcycle"? I usually finish all the books I start reading and this was one of the exceptions. After an idea saying something like "we can't define quality ergo everything is quality" or something of the sorts I had to put it down, nothing made any sense and it all seemed to be a grandiose philosophical scheme based on random half-baked ideas.
Oh well, I should spend less time on HN...
I see this a lot. Do people not realize that the language is called Go, and that 'golang' is just a domain name, like 'ruby-lang', 'scala-lang' etc?
When you're reading this code, be aware that it's a bit of a mongrel -- the code in /libarchive/ and most of /tar/foo (but not /tar/foo/foo) is from the libarchive project and is not mine. So if you're looking to learn "how Colin codes", look at /libcperciva/, /lib/, and /tar/foo/.
s/foo/*/ in the above. Autoitalicization breaks path globs...
https://github.com/tcltk/tcl/blob/master/generic/tclFCmd.c
It's very nicely commented and has a nice, easy to read style throughout (except for the regexp files).
Or you mean trying to find long repeat sequences that are slightly mutated in a way that is low-entropy?
Wrong, see e.g. https://en.wikipedia.org/wiki/Epigenetics
https://code.google.com/p/cocotron/source/browse
It's a free cross-platform implementation of Apple's Cocoa, so there's a lot of stuff there. But the project is well organized, and almost everything is written in a minimalist oldschool Objective-C style.
I've looked at some other cross-platform frameworks, and they are often hard to understand because they have been developed by a large group of developers and include lots of complex optimizations and platform-specific code paths. Cocotron is not as finely tuned as Apple's CoreFoundation (for example), but much more readable.
http://www.lua.org/source/5.2/
[1] http://www.faqs.org/docs/artu/
If you really want to read something by Eric Raymond, you can start here, but you'll need to take a shower afterwards:
http://esr.ibiblio.org/?p=129
"In the U.S., blacks are 12% of the population but commit 50% of violent crimes; can anyone honestly think this is unconnected to the fact that they average 15 points of IQ lower than the general population? That stupid people are more violent is a fact independent of skin color." -Eric S. Raymond
However, does it detract from his technical works? I didn't find TAOUP to be a work of someone that "doesn't know what the hell he's talking about."
One good example of the problem with his "technical" works and his lack of actual experience with the things he likes to talk about so much, is that he makes and promotes outrageously incorrect claims like:
https://en.wikipedia.org/wiki/Linus's_Law
"Given enough eyeballs, all bugs are shallow."
When in fact:
Given ANY number of eye, "all" bugs are NOT shallow.
Some bugs are NEVER "shallow".
And only a FEW eyes are qualified to see some bugs, while MANY eyes are totally unqualified, including his own:
His mouth is certainly not qualified to make sweeping generalizations about "all" bugs, given his lack of experience as a programmer, and his spectacular public failure at auditing code in his pathetic attempt to discredit the now-exonerated scientists whose code predicted global warming (described below).
Neither "enough eyeballs" nor "the right eyeballs" are a GIVEN, even for open source software.
"Not enough eyeballs" (or "ZERO eyeballs" as he loves to claim) are NOT a GIVEN for proprietary software, because you can license much proprietary source code, and some proprietary source code is available for you to read and audit for free, under licenses like Microsoft's "Shared Source" license.
https://en.wikipedia.org/wiki/Shared_source
And qualified eye balls are NOT FREE, and usually very busy being well paid to look at much more interesting things than poorly written buggy code like OpenSSL. I doubt that Eric Raymond has contributed any of the profits from his books or VA Linux stocks to Theo De Raadt or anyone else who actually takes the long time and tedious effort to actually audit code.
Wikipedia points out:
>In Facts and Fallacies about Software Engineering, Robert Glass refers to the law as a "mantra" of the open source movement, but calls it a fallacy due to the lack of supporting evidence and because research has indicated that the rate at which additional bugs are uncovered does not scale linearly with the number of reviewers; rather, there is a small maximum number of useful reviewers, between two and four, and additional reviewers above this number uncover bugs at a much lower rate. While closed-source practitioners also promote stringent, independent code analysis during a software project's development, they focus on in-depth review by a few and not primarily the number of "eyeballs".
And then there's the fact that Eric Raymond had the nerve to name and blame the "law" on Linus instead of taking "credit" for it himself.
And of course he also has the nerve to attempt to defend his "law", after we've just gone through three HUGE security holes in open source software that would have been discovered long ago, if only "Linus's Law" were true. On his blog, he constructs a straw man argument that "proprietary software is worse than open source software", which does not in any way support his claim about "all bugs being shallow".
http://esr.ibiblio.org/?p=5665
Nor does he address many of the valid points that people raise, in the wikipedia article itself I just quoted, or that people raised in response to his blog posting.
To quote Theo De Raadt: “My favorite part of the “many eyes” argument is how few bugs were found by the two eyes of Eric (the originator of the statement). All the many eyes are apparently attached to a lot of hands that type lots of words about many eyes, and never actually audit code.”
The little experience Raymond DOES have auditing code has been a total fiasco and embarrassing failure, since his understanding of the code was incompeten...
As an aside, how do you know so much about Mr Raymond? :) That's an awful amount of very specific detail.
Rational Wiki has some pretty extensive stuff about him: http://rationalwiki.org/wiki/Eric_S._Raymond
And then of course there's "Everybody Loves Eric Raymond": http://geekz.co.uk/lovesraymond/archive/show-them-the-code http://geekz.co.uk/lovesraymond/archive/moral-compassed http://geekz.co.uk/lovesraymond/archive/microsoft-censorship http://geekz.co.uk/lovesraymond/archive/sell-out http://geekz.co.uk/lovesraymond/archive/two-one-joke-ponies http://geekz.co.uk/lovesraymond/archive/gun-linux http://geekz.co.uk/lovesraymond/archive/terrorismistic http://geekz.co.uk/lovesraymond/archive/mundane-name http://geekz.co.uk/lovesraymond/archive/the-redhat-package-m... (that last one is about the tantrum I linked to above)
I've known Eric Raymond and Richard Stallman since the 80's, and I can confirm that Raymond has always been that way, isn't anything like the "hacker" he claims to be, and instead of writing or auditing code, he has made his career by self aggrandizing himself and tearing down Richard Stallman, who is and will always be a much better and more successful person than he is.
But the he got even crazier, and went off the deep end after 9/11.
His "many eyes" law that he shamelessly promotes has given many people and organizations a false sense of security in open source software, and that's led to many huge commercial corporations taking the free stuff without contributing any money or time back, and building all kinds of critical internet infrastructure on top of software like OpenSSL. And you know what that led to.
When he claimed that the mean old gays were bullying poor Brendan Eich, and his friend Russell Nelson took up and defended his argument, it made me recognize a pattern that explains their motivation very well:
Eric Raymond and Russell Nelson and Brendan Eich all served as the head of major free open source software companies: Eric Raymond was the first president of the Open Source Initiative, Russell Nelson was the second taking over when he resigned, and then resigned himself shortly thereafter, and Brendan Eich was CEO of Mozilla.
All three of them made bigoted statements and performed bigoted actions, and as a consequence of their own speech and actions, and of their high visibility leadership positions of free open source companies, they each felt compelled to resign from their jobs, and now feel very sorry for themselves because of how other people reacted, not because of how they acted.
It's disgusting how Eric a...
3.0 out of 5 stars Autohagiography with some programming tips, December 24, 2003 By A Customer
The writing style of this book tends to hurt the reading experience, as Raymond trumpets his own minor achievments in the free software community. The work feels like it needed one more rewrite before being released to the public: some related sources Raymond hadn't yet read at the time of writing, and some of his advice gets repetitive.
The exposition itself is not up to par with The Elements of Programming Style. Raymond tries to give a list of programming rules or principles to follow, but it reads more like a list of slogans that should be taken as axioms. While The Elements of Programming Style itself had a list of rules, the rules were well woven with each other, well defended, and they were used as a means of conveying a larger story. In Raymond's case, he relies upon the slogans in absence of such a story.
Thus, the book ends up more like a list of random unrelated tips. Some very profound, like his writings on threads (which he acknowleges Mark M. Miller for his help). Others are very shallow and pointless in a book that supposes to call itself about "Art." Some of the pieces appear only to function to attack Windows, and sometimes the information about Windows is embarassingly inaccurate.
One final criticism is that Raymond does not understand object-oriented programming very well and misses the point in several cases. You just need to see the popularity of Python, Java, C# (Mono), OO Perl and C++ in the Linux world to see that Raymond is off base calling OO a failed experiment. In fact, with almost any matter of opinion in the book you can feel Raymond's bias and be hit in the face with misinformation or dull false dilemmas.
However, given this book's many flaws, I rate this 3 stars instead of 2 stars because it also has valuable information from the many contributors, some of them Gods in the Unix world. These contributors often even disagree with Raymond, or point out other interesting tidbits. For these tips alone, it is worth checking out this book, though I would not recommend you buy it.
To get the true Unix programming philosophy, I recommend Software Tools, by Kernighan and Plauger. It's somewhat dated, and I recommend the Ratfor version of it, but that single book has became very influencial as I grow as a Unix programmer.
[...]
One of the problems with this book is the overly partisan tone it takes - one gets the impression that absolutely nothing Microsoft has ever done is of value, but the other major desktop PC OSes (Apple, Linux) represent different forms of perfection. (At home, I run Mac OSX, RedHat Linux and Windows, and have a reasonable sense of their relative strengths and weaknesses.)
So, be warned: Art of Unix Programming paints a one sided picture. The author is a well-known figure in the open source community, one of its fiercest advocates, and one of Microsoft's most vocal critics, so it might seem to strange to wish for less anti-Microsoft spin from this source. After all, the Raymond brand certainly carries with it an obligatory expectation of Windows-bashing, doesn't it?
One of the only Windows design decision which Raymond doesn't condemn is the (now discontinued) .ini file format. Even the thorough-going support for object-orientation in Windows is given short-shrift: after explaining the many horrors of object-oriented programming (according to Raymond), Unix-programmers are praised as "tend[ing] to share an instinctive sense of these problems." This section ([...]) is particularly illustrative of the one-sided approach that Raymond takes.
[...]
His comments about the Windows registry were a bit distressing, though -- not because they're negative, which I consider fine. Rather, it was obvious he...
I inherited a colleagues work after she left, and it was horrible. But I thought about why it was horrible, and how to make it better. What would it look like if it was done well?
Even with my own code, if I look at something I did 6 months ago, and it doesn't make sense straight away, the it can usually be improved.
That's what comments are for :) It's not only about your future replacement, it's also about your future self.
[1] Douglas Crockford's JSON parser. Worth a look because it is excellently commented and is easily understandable https://github.com/douglascrockford/JSON-js/blob/master/json...
[2] Bouncing Beholder. A game written in 1K of highly obfuscated code, which the author expands upon here. Worth it because it teaches some crazy optimisation techniques that are applicable to all programming, but also includes plenty of javascript-specific trickery. http://marijnhaverbeke.nl/js1k/