jcranmer (u/jcranmer)

jcranmer commented on Developer sentenced to prison for activating “kill switch” to avenge his firing arstechnica.com/tech-poli... · Posted by u/Volundr

happyopossum · a day ago

> actual damage

Damage is a funny word here. Yes - money was lost, but no building were destroyed, nor people physically harmed. “Actual damage” makes it sound like a lot more than lost time and a few extra contracts paid out.

jcranmer · a day ago

I think Terry Pratchett laid it out best:

> “Do you understand what I'm saying?" shouted Moist. "You can't just go around killing people!"

> "Why Not? You Do." The golem lowered his arm.

> "What?" snapped Moist. "I do not! Who told you that?"

> "I Worked It Out. You Have Killed Two Point Three Three Eight People," said the golem calmly.

> "I have never laid a finger on anyone in my life, Mr Pump. I may be–– all the things you know I am, but I am not a killer! I have never so much as drawn a sword!"

> "No, You Have Not. But You Have Stolen, Embezzled, Defrauded And Swindled Without Discrimination, Mr Lipvig. You Have Ruined Businesses And Destroyed Jobs. When Banks Fail, It Is Seldom Bankers Who Starve. Your Actions Have Taken Money From Those Who Had Little Enough To Begin With. In A Myriad Small Ways You Have Hastened The Deaths Of Many. You Do Not Know Them. You Did Not See Them Bleed. But You Snatched Bread From Their Mouths And Tore Clothes From Their Backs. For Sport, Mr Lipvig. For Sport. For The Joy Of The Game.”

jcranmer commented on Io_uring, kTLS and Rust for zero syscall HTTPS server blog.habets.se/2025/04/io... · Posted by u/guntars

pornel · 2 days ago

This can be done with exclusively owned objects. That's how io_uring abstractions work in Rust – you give your (heap allocated) buffer to a buffer pool, and get it back when the operation is done.

&mut references are exclusive and non-copyable, so the hot potato approach can even be used within their scope.

But the problem in Rust is that threads can unwind/exit at any time, invalidating buffers living on the stack, and io_uring may use the buffer for longer than the thread lives.

The borrow checker only checks what code is doing, but doesn't have power to alter runtime behavior (it's not a GC after all), so it only can prevent io_uring abstractions from getting any on-stack buffers, but has no power to prevent threads from unwinding to make on-stack buffer safe instead.

jcranmer · 2 days ago

Yes and no.

In my case, I have code that essentially looks like this:

   struct Parser {
     state: ParserState
   }
   struct Subparser {
     state: ParserState
   }
   impl Parser {
     pub fn parse_something(&mut self) -> Subparser {
       Subparse { state: self.state } // NOTE: doesn't work
     }
   }
   impl Drop for Subparser {
     fn drop(&mut self) {
       parser.state = self.state; // NOTE: really doesn't work
     }
   }

Okay, I can make the first line work by changing Parser.state to be an Option<ParserState> instead and using Option::take (or std::mem::replace on a custom enum; going from an &mut T to a T is possible in a number of ways). But how do I give Subparser the ability to give its ParserState back to the original parser? If I could make Subparser take a lifetime and just have a pointer to Parser.state, I wouldn't even bother with half of this setup because I would just reach into the Parser directly, but that's not an option in this case. (The safe Rust option I eventually reached for is a oneshot channel, which is actually a lot of overhead for this case).

It's the give-back portion of the borrow-to-give-back pattern that ends up being gnarly. I'm actually somewhat disappointed that the Rust ecosystem has in general given up on trying to build up safe pointer abstractions in the ecosystem, like doing use tracking for a pointed-to object. FWIW, a rough C++ implementation of what I would like to do is this:

  template <typename T> class HotPotato {
    T *data;
    HotPotato<T> *borrowed_from = nullptr, *given_to = nullptr;

    public:
    T *get_data() {
      // If we've given the data out, we can't use it at the moment.
      return given_to ? nullptr : data;
    }
    std::unique_ptr<HotPotato<T>> borrow() {
      assert(given_to == nullptr);
      auto *new_holder = new HotPotato();
      new_holder->data = data;
      new_holder->borrowed_from = this;
      given_to = new_holder;
    }

    ~HotPotato() {
      if (given_to) {
        given_to->borrowed_from = borrowed_from;
      }
      if (borrowed_from) {
        borrowed_from->given_to = given_to;
      } else {
        delete data;
      }
    }
  };

jcranmer commented on Io_uring, kTLS and Rust for zero syscall HTTPS server blog.habets.se/2025/04/io... · Posted by u/guntars

Seattle3503 · 2 days ago

> For example when submitting a write operation, the memory location of those bytes must not be deallocated or overwritten.

> The io-uring crate doesn’t help much with this. The API doesn’t allow the borrow checker to protect you at compile time, and I don’t see it doing any runtime checks either.

I've seen comments like this before[1], and I get the impression that building a a safe async Rust library around io_uring is actually quite difficult. Which is sort of a bummer.

IIRC Alice from the tokio team also suggested there hasn't been much interest in pushing through these difficulties more recently, as the current performance is "good enough".

[1] https://boats.gitlab.io/blog/post/io-uring/

jcranmer · 2 days ago

There is, I think, an ownership model that Rust's borrow checker very poorly supports, and for lack of a better name, I've called it hot potato ownership. The basic idea is that you have a buffer which you can give out as ownership in the expectation that the person you gave it to will (eventually) give it back to you. It's a sort of non-lexical borrowing problem, and I very quickly discovered when trying to implement it myself in purely safe Rust that the "giving the buffer back" is just really gnarly to write.

jcranmer commented on The contrarian physics podcast subculture timothynguyen.org/2025/08... · Posted by u/Emerson1

cycomanic · 2 days ago

She has close to 2M subscribers, puts out several videos per months with 10s of thousands to millions of views and wrote a (or more) popular science book i suspect she would be on 6 to 7 figures. But that's a reasonably uniformed guess.

jcranmer · 2 days ago

Ad revenue runs around $1/1000 views, and her output looks roughly daily with a few hundred K views per video on average. That means she's grossing maybe a few hundred K/year. But that's gross, not net; she still has to pay for all of her expenses out of it, and converting that to a net income... I suspect the average Bay Area tech worker has a higher take-home pay than she does.

jcranmer commented on How does the US use water? construction-physics.com/... · Posted by u/juliangamble

lxe · 3 days ago

> Average per-capita domestic water use in the US is 82 gallons per day. By comparison, German homes use around 33 gallons per person per day, UK homes use around 37 gallons, and French homes use around 39 gallons.

I want to know way more information about these figures... like, are there significant outliers? Drastically different usage profiles?

jcranmer · 3 days ago

When I worked at a water treatment plant, we produced about 160 million gallons/day of water in the summer time, and only about 80 million gallons/day in the winter time. Now ask yourself what water-consuming activities happen in summer that don't happen in winter.

Primarily, lawns. It's lawns. Most of the international difference in water consumption I would chalk up to lawns, given that the US has much larger average lot sizes and a much larger proportion of detached single-family houses (i.e., houses sitting in the middle of a lawn) than European countries have.

jcranmer commented on Modern CI is too complex and misdirected (2021) gregoryszorc.com/blog/202... · Posted by u/thundergolfer

nlawalker · 4 days ago

>CI offerings like GitHub Actions and GitLab Pipelines are more products than platforms because they tightly couple an opinionated configuration mechanism (YAML files) and web UI (and corresponding APIs) on top of a theoretically generic remote execute as a service offering. For me to consider these offerings as platforms, they need to grow the ability to schedule arbitrary compute via an API, without being constrained by the YAML officially supported out of the box.

I wish the author gave more concrete examples about what kinds of workflows they want to dynamically construct and remotely execute (and why a separate step of registering the workflow up front with the service before running it is such a dealbreaker), and what a sufficiently generic and unopinionated definition schema for workflows and tasks would look like as opposed to what a service like GitHub Actions defines.

Generally, registering a workflow with the service (putting it in your repo, in the case of GHA) makes sense because you're running the same workflows over and over. In terms of task definitions, GHA is workflows -> jobs -> tasks -> actions, where jobs are tied to runners and can have dependencies defined between them. If you want to use those primitives to do something generic like run some scripts, you can do that in a very bare-bones way. When I look at the Taskcluster task definition they linked, I see pretty much the same thing.

jcranmer · 4 days ago

> I wish the author gave more concrete examples about what kinds of workflows they want to dynamically construct and remotely execute (and why a separate step of registering the workflow up front with the service before running it is such a dealbreaker), and what a sufficiently generic and unopinionated definition schema for workflows and tasks would look like as opposed to what a service like GitHub Actions defines.

Something that comes up for me a lot at my work: running custom slices of the test suite. The full test suite probably takes CPU-days to run, and if I'm only interested in the results of something that takes 5 CPU-minutes to run, then I shouldn't have to run all the tests.

jcranmer commented on FFmpeg Assembly Language Lessons github.com/FFmpeg/asm-les... · Posted by u/flykespice

NullCascade · 6 days ago

What is the actual process of identifying hotspots caused suboptimal compiler generated assembly?

Would it ever make sense to write handwritten compiler intermediate representation like LLVM IR instead of architecture-specific assembly?

jcranmer · 6 days ago

> Would it ever make sense to write handwritten compiler intermediate representation like LLVM IR instead of architecture-specific assembly?

Not really. There are a couple of reasons to reach for handwritten assembly, and in every case, IR is just not the right choice:

If your goal is to ensure vector code, your first choice is to try slapping explicit vectorize-me pragmas onto the loop. If that fails, your next effort is either to use generic or arch-specific vector intrinsics (or jump to something like ISPC, a language for writing SIMT-like vector code). You don't really gain anything in this use case from jumping to IR, since the intrinsics will satisfy your code.

If your goal is to work around compiler suboptimality in register allocation or instruction selection... well, trying to write it in IR gives the compiler a very high likelihood of simply recanonicalizing the exact sequence you wrote to the same sequence the original code would have produced for no actual difference in code. Compiler IR doesn't add anything to the code; it just creates an extra layer that uses an unstable and harder-to-use interface for writing code. To produce the best handwritten version of assembly in these cases, you have to go straight to writing the assembly you wanted anyways.

jcranmer commented on SystemD Service Hardening roguesecurity.dev/blog/sy... · Posted by u/todsacerdoti

vbezhenar · 6 days ago

systemd is very complex software. Alternative is very simple software with complex scripting which will reimplement parts of systemd in a buggy way (and that's not necessarily a bad thing). systemd probably is inspired by Windows and other service managers, while old sysv init is just a tiny launcher for script tree.

Just an example of systemd limitation is that systemd does not support musl, so if you want to build a tiny embedded sysroot, you already have some limitations.

jcranmer · 6 days ago

So you might say that... any sufficiently complicated init system contains an ad hoc, informally-specified, bug-ridden, slow implementation of half of systemd?

jcranmer commented on IQ tests results for AI trackingai.org/home... · Posted by u/stared

pessimizer · 7 days ago

> The way human IQ testing developed is that researchers noticed people who excel in one cognitive task tend to do well in others - the “positive manifold.”

I'm pretty sure that this is not true, and that the tests were developed to measure children's intellectual development, and whether they were behind or ahead for their age. A bunch of people saw them and decided that it was far better than the primitive tests they had devised in an attempt to limit immigration from southern Europe, or to justify legal discrimination against black people, and wished a universal intelligence scalar into existence.

They justify this by saying that the results on this year's test correlate with the results of last years test. They are not laughed at. The thing it most correlates with is the value of your parent's car or cars.

jcranmer · 7 days ago

That's my recollection, too--IQ was developed to judge kids' "mental age" (how far ahead or behind they are compared to their peers in their current grade) and was only later retrofitted onto the g factor model of intelligence.

jcranmer commented on US Wholesale Inflation Rises by Most in 3 Years bloomberg.com/news/articl... · Posted by u/master_crab

hiddencost · 10 days ago

They fired the head of the BLS because they didn't like the numbers. Explicitly. You kinda have to conclude they're going to cook the books. Like they're doing everywhere else.

jcranmer · 10 days ago

Apparently, they've decided to go with "just not report the numbers."

(Source: https://www.foxbusiness.com/politics/trumps-bls-pick-could-p...).