HALtheWise (u/HALtheWise)

HALtheWise commented on The Evolution of Caching Libraries in Go maypok86.github.io/otter/... · Posted by u/maypok86

awenix · 2 months ago

groupcache[https://github.com/golang/groupcache] has been around for some time now.

HALtheWise · 2 months ago

The original groupcache is basically unmaintained, but there's at least two forks that have carried on active development and support additional nice features (like eviction), and should probably be preferred for most projects.

https://github.com/groupcache/groupcache-go

HALtheWise commented on Jjui – A Nice TUI for Jujutsu github.com/idursun/jjui... · Posted by u/Curiositry

bjackman · 3 months ago

> No GitHub PR sync for stacks

FWIW, I think the fact that you need client support for this is a bizarre shortcoming of GitHub.

If GitHub just let you review individual commits like Gerrit does, the concept of "PR stacking" would be unnecessary (as it is with Gerrit).

The model of "a PR is just a blob of changes" is a weird baby's toy version of a code review tool IMO!

HALtheWise · 3 months ago

I highly recommend revup, it allows managing and uploading stacked (or arbitrary trees of) PRs to Github, including adding a comment that shows approximate revision-to-revision diffs if you want it to. I don't actually think that per-commit reviewing obviates the desire for stacked PRs, for example I often have some PRs in my stack that are not yet ready for review or merging.

https://github.com/Skydio/revup

HALtheWise commented on Raspberry Pi Lidar Scanner github.com/PiLiDAR/PiLiDA... · Posted by u/Venn1

dheera · 5 months ago

It's not obvious what the heck this is without reading into it. A full 4pi steradian scanner? a 360 degree 1 channel LIDAR? A fisheye camera plus some single channel LIDAR plus monocular depth estimation networks to cover everything not in the plane of the lidar?

It would be great to clarify what it is in the first sentence.

HALtheWise · 5 months ago

I believe it's a 360deg planar lidar mounted on a vertical plane, with a motor to rotate it around and slowly cover a full 4pi sphere. There's also a fisheye camera integrated in. This is a pretty common setup for scanning stationary spaces (usually tripod mounted)

HALtheWise commented on Raspberry Pi Lidar Scanner github.com/PiLiDAR/PiLiDA... · Posted by u/Venn1

Aspos · 5 months ago

GY-521 in particular and MPU6050 in general make quite poor IMUs. Why do you use them? And what for in this particular case? What do they do in this set up?

HALtheWise · 5 months ago

Do you have other sensors in the same price range that you'd recommend instead for most uses? How much accuracy improvement would you expect?

HALtheWise commented on Ask HN: Who is hiring? (April 2025) · Posted by u/whoishiring

HALtheWise · 5 months ago

AutoPallet Robotics (YC S24) | ONSITE | San Francisco | Full-Time and Intern | Robotics Software (Rust), Mechatronics Engineer, ML Intern, ??

We’re building novel robots for case picking in warehouses, a huge unsolved automation opportunity for a very labor-intensive, critically important and sh*tty human job in the thin-margin industry of logistics. Our software is all Rust/Pytorch, embedded dev through research-frontier applied algorithms and an integrated development iteration time measured on a watch, not a calendar.

There’s more than enough fun problems to go around, and we’re looking to grow the team with a couple more great-to-work-with folks, including generalists or job descriptions we haven’t realized we should be hiring for. We’re also specifically looking for a summer applied ML intern for robotic perception and controls. There’s a lot more cool stuff we can’t share publicly just yet. To apply, email a resume to <the-two-letters-of-this-site>@autopallet.bot, and include the role you’re looking for in the subject line, and we’ll take it from there. Bonus points if you include a link or photo of something cool you’ve made.

HALtheWise commented on Tj-actions/changed-files GitHub Action Compromised – used by over 23K repos stepsecurity.io/blog/hard... · Posted by u/varunsharma07

deathanatos · 6 months ago

I've said this before, but in my mind the central problem in supply chain issues is this. Choose one:

1. You fix what version you're using to a fixed, immutable package. You receive no updates, no bug fixes, no security patches.

2. You follow a pointer to something like a API-compatible version, "latest" (#yolo) or ^5.0.0. You get bug fixes, security patches, but someone can push malicious updates.

Security types, IME, invariably want both: fix that package to a hash, so that we can't have a take over attack. But also we need to stay on top of updates, because we don't want to find out we have a decades old struct4j CVE buried in our codebase just waiting to be exploited.

So to accomplish "both", then we get into schemes like "fix the hashes … but we'll have a bot¹ update our dependency tree automatically". So like, #2, with more steps. Is anyone actually vetting that that update hash isn't going to compromise stuff? Hell no, no company is hiring that level of engineers; I'm lucky to have decent staffing for our primary concerns, reading the code in the dependency tree is out of the question.

And I'm sure in the coming days, security minded people will stampede in the general direction of #1. Stuff'll get fixed to hash, and stuff'll stop getting security patches.

IDK what the answer is, these seem pretty like fundamentally opposed forces of nature. The staffing problems aren't a technical problem, that's a capitalism problem, mostly in that there is very little to no penalty for a breach, so why would anyone hire the eng required to ensure the software works. There was hardly regulation in 2024, and any fines I did see regulatory bodies award are pittances, without fail. And, what regulation there was is now being actively dismantled.

There is some discussion of signed packages in this thread, and that's a helpful idea, I think, though I don't think it completely eliminates the problem: if the signing key is compromised, we're back to square one. The lay eng struggles with PKI.

¹While there is a bot of such nature (the renovate bot) somewhat tied up in this particular instance, I wouldn't over-focus on that bot, specifically; renovate, in particular, is not that relevant to the point I'm trying to make.

HALtheWise · 6 months ago

It seems like a 24hr delay for auto upgrades would mitigate a lot of this, maybe with some way that a trusted third-party could skip the delay for big-ticket zero day patches?

HALtheWise commented on Why it's so hard to build a jet engine construction-physics.com/... · Posted by u/mhb

chris_va · 6 months ago

I've always wanted to ask...

Why do turbines have a static duct and micron tolerances for the blades (and creep requirements) instead of a rotating (attached to the blades) duct that can be tensioned separately, and (presumably) no creep/micron tolerances?

HALtheWise · 6 months ago

Not an expert here, but afaik a turbine section consists of alternating spinning blades attached to the shaft and stationary vanes attached to the duct, which de-spin the air coming off the blades and prepare it for the next set. I'm not sure why the vanes are often hidden in cutaway views.

If you had a spinning duct, you'd presumably need a stationary shaft in the middle for mounting the vanes, and would have similar tolerance issues between the tips of the stationary vanes and the rotating duct. There's reasons that it might be easier to solve (the duct can be lower temperature) and reasons it's harder (bearings for a giant spinning duct). Not sure if anyone has tried such a design.

HALtheWise commented on FFmpeg School of Assembly Language github.com/FFmpeg/asm-les... · Posted by u/davikr

kierank · 6 months ago

I am the author of these lessons.

Ask me anything.

HALtheWise · 6 months ago

What's your perspective on variable-width SIMD instruction sets (like ARM SVE or the RISC-V V extension)? How does developer ergonomics and code performance compare to traditional SIMD? Are we approaching a world with fewer different SIMD instruction sets to program for?

HALtheWise commented on 0+0 > 0: C++ thread-local storage performance yosefk.com/blog/cxx-threa... · Posted by u/ingve

yosefk · 7 months ago

In what sense should reading the TID be cheap? You would need either a syscall (not cheap) or thread-local storage (the subject of TFA.) Avoiding the use of TLS by reading the TID can't really work

HALtheWise · 7 months ago

It looks like the TID is stored directly in the pthread struct pointed to by %fs itself, at a fixed offset which you can somewhat-hackily compile into your code. [0]

In the process of investigating this, I also realized that there's a ton of other unique-per-thread pointers accessible from that structure, most notably including the value of %fs itself (which is unfortunately unobservable afaict), the address of the TCB or TLS structures, the stack guard value, etc. Since the goal is just to have a quickly-readable unique-per-thread value, any of those should work.

Windows looks similar, but I haven't investigated as deeply.

[0] https://github.com/andikleen/glibc/blob/b0399147730d478ae451...

[1] https://github.com/andikleen/glibc/blob/b0399147730d478ae451...

HALtheWise commented on 0+0 > 0: C++ thread-local storage performance yosefk.com/blog/cxx-threa... · Posted by u/ingve

yosefk · 7 months ago

For a tracing profiler, you want to know which thread a function call or return was made by. LTTng has kernel modules which it can use to trace context switches, and then a per-CPU trace buffer is fine, provided that you get cheap atomic writes which rseq can be used for.

Funtrace on the other hand does support ftrace for tracing context switches (https://yosefk.com/blog/profiling-in-production-with-functio...), but it doesn't require ftrace for tracing function calls made by your threads (the problem with ftrace as well LTTng's kernel modules being, of course, permissions; which shouldn't be a problem in any reasonable situation by my standard of "reasonable", but many find themselves in unreasonable situations permissions-wise, sadly.) So I don't think funtrace can use rseq, though I might be missing something.

HALtheWise · 7 months ago

Presumably you could store the TID in every event, or otherwise check whether the TID has changed since the last time it was logged and push a (timestamp, TID) pair if so. Reading TID should be cheap.