@mgeisler@ohai.social avatar

mgeisler

@mgeisler@ohai.social

#Google engineer working on #Rust in the #Android Platform. I love open-source and have maintained small and and big projects for years. Originally from Denmark, but I'm now enjoying the cheese and chocolate in beautiful #Switzerland.

Opinions are my own.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

hds, to rust
@hds@hachyderm.io avatar

I came across this article the other day, titled “Why Rust cannot replace C++”.

I feel that the author completely fails to understand the opposing argument. The article claims that with “new” C++ features like smart pointers, you can write safe code in C++, therefore Rust is unnecessary.

But I don’t want a language where I can write safe code, I want a language where I must write safe code.

https://medium.com/@pepitoscrespo/why-rust-cannot-replace-c-but-quite-the-contrary-5577e1f5af0a

mgeisler,
@mgeisler@ohai.social avatar

@hds I worked 3 years in a C++ team at Google. To my surprise, memory errors were not a problem — when everybody follows https://google.github.io/styleguide/cppguide.html, things actually work very well. Even multi threading was was easy. The base libraries (such as https://abseil.io/) all follow this style and so things work consistently.

I recognize many of the style guide patterns from Rust and I completely agree with you that it has less cognitive overhead to let the compiler remind you than a style guide.

mgeisler,
@mgeisler@ohai.social avatar

@hds True! Statically enforced correctness is amazing. However, I think the Rust community should keep in mind that there exist C++ teams who don't struggle with endless memory safety issues.

The code of my old team was not perfect... we did have mysterious crashes and I remember a crash that Rust would have caught: a stack-allocated value created in one thread was used in a longer-lived thread. Wrapping it in std::shared_ptr fixed that — equivalent to wrapping it in Arc in Rust.

mgeisler,
@mgeisler@ohai.social avatar

@hds I think the context of your code is very important: if it's client-facing or if it parses untrusted data, then C and C++ are really dangerous languages. This has been widely reported: https://www.whitehouse.gov/oncd/briefing-room/2024/02/26/memory-safety-fact-sheet/ This is why is investing so much into : a phone is a high-value target these days.

I liked the keynote by Lars at @Rustnationuk where he focused on how Rust can make teams more productive: https://youtu.be/QrrH2lcl9ew

fasterthanlime, to random
@fasterthanlime@hachyderm.io avatar

Does Google use the same version of Kubernetes as everyone else or do they have their own private version of it, like the bazel/blaze split?

mgeisler,
@mgeisler@ohai.social avatar

@fasterthanlime Yes, Borg is used internally for all production workloads. I would not call Kubernetes an external version of Borg — instead it's a new system inspired by Borg.

mgeisler, to github
@mgeisler@ohai.social avatar

Awesome! doubles the number of CPU cores in the machines we use for our Actions! It's for free for public (typically ) repositories.
https://github.blog/2024-01-17-github-hosted-runners-double-the-power-for-open-source/

mgeisler,
@mgeisler@ohai.social avatar

@mo8it You're not wrong about the lock-in... it's a pain to move this kind of infrastructure around because it's so custom. They also for sure get a lot of data to look at this way — though I suppose others could read the public repositories as well? Though it might be against the terms of conditions to mass-clone all the repositories (not sure).

mgeisler, to android
@mgeisler@ohai.social avatar

My teammake Chris published a blog post describing how the toolchain on Android has become 24% faster thanks to use of a single codegen unit, link-time optimization (), profile-guided optimization (), and the tool. See https://android-developers.googleblog.com/2023/12/faster-rust-toolchains-for-android.html.

The rustc you get via rustup is optimized similarly, Chris writes that the main difference is the compilation targets supported by the Android Rust toolchain.

mgeisler, to python
@mgeisler@ohai.social avatar

I wrote my first match statement today — it was nice! I was unpacking a JSON response and wanted to distinguish between a message with a success key and an invalid key:

match json.loads(stdout):  
 case {"invalid": err}:  
 parser.error(err)  
 case {"success": _}:  
 pass  
 case _:  
 parser.error(f"Unexpected value: {stdout}")

See https://peps.python.org/pep-0636/ if you're not familiar with the new syntax (added in 2021).

mgeisler,
@mgeisler@ohai.social avatar

@benc Yeah... I remember how it was when I was doing a lot of Python. Now I've been writing more Rust and there large parts of the ecosystem is using a 12-18 week old compiler. Quite a different experience 🙂

mgeisler,
@mgeisler@ohai.social avatar

@benc Note that the experience is not necessarily better, it's just different.

Trying to recompile Rust code with an old compiler generally doesn't work unless you keep a Cargo.lock file around.

Why not? Because people bump the minimum supported Rust version (MSRV) liberally, even in patch versions.

mgeisler, to rust
@mgeisler@ohai.social avatar

I've you've taken a Comprehensive Rust class somewhere (at Google, with @timClicks, @mo8it, or elsewhere), then remember that we're glad to hear feedback about the course material. See the GitHub discussions: https://github.com/google/comprehensive-rust/discussions/100.

I'm especially curious to hear about the new 4-day version that @djmitche recently landed! We're teaching it internally at Google right now, but others can join in too 😄

mgeisler, to rust
@mgeisler@ohai.social avatar

I'm thrilled to announce that Comprehensive has received a major rewrite and reshuffle! We've been calling this "v2" because of the size of it: https://github.com/google/comprehensive-rust/pull/1073. Thanks @djmitche for the enormous effort!

What is different?

  • The content is reorganized to fix continuity errors.
  • We use value types and only move into memory management on Day 3.
  • More exercises! We now have 20 exercises (we had 11 before).
  • Rust Fundamentals is now 4 days due to the new content.
mgeisler, to rust
@mgeisler@ohai.social avatar

Thanks to @adetaylor, Comprehensive Rust :rust: now has a course on how to add #rust to #chromium!

You can read the new section here: https://google.github.io/comprehensive-rust/chromium.html

If you do the final exercise, you will end up with a browser that speaks funny! 😀

Like the Rust in Android course, this is mostly relevant to the engineers who work on Chromium itself. Others are welcome to play along, but you should already know how to build Chromium.

#google #chrome #memorysafety #security #comprehensiverust

mgeisler, to cpp
@mgeisler@ohai.social avatar

Bjarne Stroustrup on Delivering Safe C++: https://youtu.be/I8UvQKvOSSw at @CppCon 2023.

It's a long talk, nearly 75 minutes plus Q&A. It starts by establishing some background:

  • C++ was always meant to be safe: basic type safety, smart pointers, and RAII are examples of this.
  • Backwards compatibility is a key feature: any improvements must happen via gradual adoption.
  • Guidelines are not good enough: people make mistakes and static checking is needed.

mgeisler,
@mgeisler@ohai.social avatar

@CppCon I'm very glad to hear Bjarne acknowledge that guidelines are not enough: safe C++ needs tooling and static guarantees. Anything else doesn't scale to non-trivial projects.

Rust approaches this from the other end with safe defaults. However, we must acknowledge that we cannot rewrite everything in Rust. Even if we had the time and funding needed, we wouldn't want to since rewrites introduce new and different bugs.

See https://www.joelonsoftware.com/2000/04/06/things-you-should-never-do-part-i/ for some classic advice on this.

mgeisler,
@mgeisler@ohai.social avatar

@CppCon I think Bjarne is correct when saying that "stability over decades matter". When I teach Rust at Google with https://google.github.io/comprehensive-rust/, people are concerned about the rapid release cycle of the compiler: can we trust it to be compatible with code written 5 or 10 years ago?

This matters when you have billion of lines of code which has been worked on for 25 years. Gaining this trust takes time and C++ has a ~30 year head start here.

mgeisler,
@mgeisler@ohai.social avatar

@CppCon Bjarne introduces C++ profiles at https://youtu.be/I8UvQKvOSSw?t=3841. Profiles are sets of composable safety properties:

  • Specified in code to allow tooling to verify and enforce them.
  • Initial set of standard profiles: type_safety, range, arithmetic.

The idea is to "subset a superset": extend C++ with profile annotations, then use tooling to enforce that people use this new safe subset of C++.

SomeGadgetGuy, to tech
@SomeGadgetGuy@techhub.social avatar

Google has a mountain of behavior data on me, and probably knows how viciously anti-diamond I am. Yet these ads regularly pop up in my news feed.
Google charging a client for an ad hit that will never materialize into traffic for their company, and frustrating me to make more money on totally fake metrics.
Both consumers and advertisers are getting squeezed for a more enshittified experience.

#tech #technology #news #geek #google #algorithm #rant

mgeisler,
@mgeisler@ohai.social avatar

@DaefByrns @cundravy @SomeGadgetGuy Interesting, can you point me to the documentation about how much advertisers pay for the impressions only?

Like @cundravy I was also under the impression that Google's interests are aligned with the users: they only make money when they find an ad interesting enough for me to click on it.

mgeisler,
@mgeisler@ohai.social avatar

@DaefByrns @cundravy @SomeGadgetGuy Thanks for the link! I also found https://support.google.com/google-ads/answer/6310 which again talks about a "Cost-per-thousand impressions" strategy (as in your link). It's annoying that this changes the basic incentives of the business.

mgeisler,
@mgeisler@ohai.social avatar

@DaefByrns @cundravy @SomeGadgetGuy Yeah, I'm just a developer but I'm often surprised about the ads I see... I'm logged in when I search on Google and I've used it exclusively for decades now. One would think that the system knows me pretty well, but I still get ads saying "Beginner steps with Python" and similar. It's amazing that it works and can make so much money.

Perhaps I should mention that I work at Google — but in Android, so pretty far removed from the ad business.

mgeisler,
@mgeisler@ohai.social avatar

@SomeGadgetGuy @DaefByrns @cundravy Oh, that's such an important point! Many people talk about Google (or MS or FB or ...) as one big organization when they're really made out of hundreds of smaller groups, each with their own agenda.

I joined four years ago and was surprised with the freedom the individual teams have. It's a more grass-roots than top-down management style.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • rosin
  • InstantRegret
  • khanakhh
  • ngwrru68w68
  • osvaldo12
  • DreamBathrooms
  • mdbf
  • magazineikmin
  • thenastyranch
  • everett
  • Youngstown
  • slotface
  • kavyap
  • provamag3
  • GTA5RPClips
  • Durango
  • cubers
  • modclub
  • tester
  • tacticalgear
  • cisconetworking
  • ethstaker
  • anitta
  • Leos
  • megavids
  • normalnudes
  • lostlight
  • All magazines
    •