SlideShare une entreprise Scribd logo

Mozilla Research Party Talk

Brendan Eich
Brendan Eich

The document discusses Mozilla's history and contributions, including its origins as an "escape pod" from Netscape in 1998. It summarizes Mozilla's efforts to build an open-source browser and mail applications, the growth of its volunteer community, and its use of techniques like code review, testing, and fuzzing to improve quality. More recently, Mozilla has focused on projects like the Rust programming language, the Servo browser engine, and formal methods research through its Mozilla Research group.

Technologie
1  sur  33
Télécharger pour lire hors ligne
Mozilla Memories, and Thoughts on Research Brendan Eich <brendan@mozilla.org> mozilla 1 Tuesday, April 2, 13
Agenda • Problem statement • Mozilla’s history and contributions • The big picture • Where we are all headed mozilla 2 Tuesday, April 2, 13
Problem statement • Software, especially “in the large”, remains quite challenging • “Fast, Slim, Correct”. Pick any two, so long as one is “Correct”. Not to mention done anywhere near on time! • “I do not know of any other technology covering a ratio of 10^10.” - Dijkstra • “By evoking the need for deep conceptual hierarchies, the automatic computer confronts us with a radically new intellectual challenge that has no precedent in our history.” - Dijkstra again • “Science is knowledge which we understand so well that we can teach it to a computer; and if we don’t understand something, it is an art to deal with it.” - Knuth mozilla 3 Tuesday, April 2, 13
mozilla 4 Tuesday, April 2, 13
The scale problem is worse over time • Path dependence in any large codebase creates “lock-in” (see sunk cost fallacy) • Rewriting is both a beginner’s error and something experienced programmers can defer for far too long... • “Code by itself almost rots and it’s gotta be rewritten. Even when nothing has changed, for some reason it rots.” - Ken Thompson mozilla 5 Tuesday, April 2, 13
Mozilla’s history: 1998 • An “escape pod” jettisoned by Netscape, the first big commercial open source conversion attempt - an act of desperation, a bit of executive legacy vanity • 1998-2003 mozilla.org was a "virtual organization" with no legal independence • staff@mozilla.org drawn from part- and full-time employees at several companies • Mitchell Baker (MPL creator): governance and process • Brendan Eich: technical architecture and oversight • March 31, 1998: all contributors were @netscape.com mozilla 6 Tuesday, April 2, 13
The beginner’s error: rewrite! • October 1998: I declared it time to rebuild almost all of the code using: • A new, cross-platform XML-based user-interface widget-set and front end, customizable similar to how web pages can be customized • Gecko, a new, C++, standards-oriented HTML/CSS engine from Netscape, not nearly done but able to load pages and do basic layout • A scriptable C++ component model, complete with IDL, IDL-derived type libraries, automatic JS <=> C++ type and method bridging • Big gamble to bring in new developers attracted by green-field development and a new focus on correctly implemented Web standards mozilla 7 Tuesday, April 2, 13
2000 • Netscape 6 - “Black and Blue”, circular buttons, slow, crashy, AOL IM built in... • Based on “Mozilla 0.6” - our view was that the code was not nearly “1.0” mozilla 8 Tuesday, April 2, 13
2001-2002 • After Netscape 6 flopped, Mitchell and I leveled the community playing field: • New Netscape hires had to prove merit before getting “commit access” • Mozilla binaries (available to testers who did not have a compiler or time to do their own builds) became competitive with Netscape releases • A roadmap plan of milestone releases leading up to “Mozilla 1.0”, running from 2001 into 2002, independent of any Netscape product release plans • The community of volunteers and contributors employed by other companies than Netscape grew in strength and numbers from 2000 to 2002 mozilla 9 Tuesday, April 2, 13
2002-2003 • Mozilla 1.0 released in June 2002 • mozilla/browser, to be renamed Phoenix, then Firebird, was created • Dave Hyatt and I wrote a new roadmap advocating unbundling the “Mozilla suite” into browser, mail, and other apps, each doing one thing well, with fewer features and an “add-ons” architecture so users could customize at will • Mozilla downloads were at least as popular as Netscape product downloads • July 2003: AOL laid off almost all Netscape employees and created the Mozilla Foundation, giving it initial funding, trademarks, and the project’s infrastructure • Mozilla Foundation initial headcount: 10, with money for ~1.5 years mozilla 10 Tuesday, April 2, 13
2004 • The new roadmap split the community, with a bare majority supporting separate browser and mail apps • Firefox (renamed from Firebird) started rapid gains in market share and buzz • Focus on end-user usability, Windows integration over Linux, unusual for open source software • June 2004: Mozilla, Opera, and (not announced at first) Apple founded the WHATWG to create HTML5; I blogged about it and against the W3C • The rest is perhaps better-known history... mozilla 11 Tuesday, April 2, 13
mozilla 12 Tuesday, April 2, 13
Mozilla’s contributions: community • In the modern Firefox era, 30-40% of patches come from volunteers • ~700 volunteers contributing patches over a year (outsize impact) • Firefox 4 available in 82 locales and 74 languages, the work of many volunteers • ~50,000 nightly build testers • 5M beta testers in the Firefox 4 release cycle • 450M users mozilla 13 Tuesday, April 2, 13
mozilla 14 Tuesday, April 2, 13
mozilla 15 Tuesday, April 2, 13
Bugzilla mozilla 16 Tuesday, April 2, 13
Tinderbox, now “tinderboxpushlog” mozilla 17 Tuesday, April 2, 13
Code review and testing • Code review before commit is required, in general • Large new modules may plead for post-commit review • No formal design review; important to catch design mistakes early • Code review of more, smaller patches landing early and often is best • Tests are required as part of the patch • Previously we lacked this rule and suffered lack of test coverage and (prior to 2006) even test automation mozilla • Valgrind [Nethercote, Seward] automated build test coverage 18 Tuesday, April 2, 13
Fuzz-testing • jsfunfuzz, Jesse Ruderman’s JavaScript travesty generator, has been enormously productive • More productive than static analysis frameworks (Coverity, e.g.) • Knows JS syntax and some semantics, bends and break rules, nests constructs in evil ways • Extremely effective when steered by an expert who tracks new code and language features, senses soft spots and attacks them with targeted fuzzer logic... • Variations perform random DOM manipulation, markup generation, etc. mozilla 19 Tuesday, April 2, 13
Automatic program analysis • Collaboration with UCB project Oink, ultimately forked as Mozilla Pork, for: • experiments with automatic patch generation • Second-generation analysis tools based on the GNU C Compiler (GCC): • dxr, a semantic source code cross-referencer • Dehydra, a scriptable static analysis tool (GCC plugin) • Treehydra, heavy-duty static analysis version of Dehydra (binds to JS reflection of GCC’s GIMPLE AST representation) mozilla 20 Tuesday, April 2, 13
Brian Hackett’s Sixgill mozilla 21 Tuesday, April 2, 13
Mozilla Research founded in 2009. 2010 for sure! • "Distrust any enterprise that requires new clothes." - Thoreau • I met Andreas Gal in 2006. New clothes came in time for Firefox OS (2013) • mozilla 22 Tuesday, April 2, 13
Rust and Servo mozilla 23 Tuesday, April 2, 13
Blast from the past mozilla 24 Tuesday, April 2, 13
nbody.rs mozilla 25 Tuesday, April 2, 13
Rust performance results (nbody) mozilla 26 Tuesday, April 2, 13
Latest and greatest mozilla 27 Tuesday, April 2, 13
mozilla 28 Tuesday, April 2, 13
Mozilla Research in 2013 mozilla 29 Tuesday, April 2, 13
The big picture • We at Mozilla like formal methods and invest in them, but incrementally. • Fielding a competitive browser/OS entails use of unsafe languages such as C and C++. • Being safe but so slow you lose users does not help. • Manycore and security challenges motivate pragmatic and hybrid methods • Art + Science require many hands at all layers of the system. Not all are ready for formal methods • “Ruby is not used for software engineering reasons”, rather for aesthetic and programmer productivity reasons. A human thing, so a software thing mozilla 30 Tuesday, April 2, 13
Where we are all headed • When Mozilla began, CVS was the state of the art in open source version control • Since then (see http://revctrl.org/), distributed peer-to-peer version control systems have emerged and gained widespread use • 15 years ago, forking was a dire thing, to be avoided; “branches” were costly and unmaintainable in parallel for very long • Now with DVCSes such as Git and Mercurial, forking is not always a bad thing, and often a good thing • We are increasingly using http://github.com/, for “social hacking” wins mozilla 31 Tuesday, April 2, 13
Closing thoughts • Open source and distributed development on the rise. Unsound humans FTW! • Formal methods for verifying correctness are coming along, but I see two large gaps to close: • Between the github.com world of JS, Ruby, etc., and Mozilla’s C++ and Rust systems programming languages. Contracts, gradual typing, compilers such as TypeScript? • Between kernel languages we use at large scale, and the sound but hard-to- scale verification systems used on, e.g., device drivers (SLAM) -- never mind the metalogical frameworks! mozilla 32 Tuesday, April 2, 13
Thanks, and keep Researching! mozilla 33 Tuesday, April 2, 13

Recommandé

MSR Talk
MSR TalkMSR Talk
MSR Talk
Brendan Eich
 
ES.next
ES.nextES.next
ES.next
Brendan Eich
 
JSLOL
JSLOLJSLOL
JSLOL
Brendan Eich
 
Preserving access
Preserving accessPreserving access
Preserving access
National Library of Australia
 
Introducing Plan9 from Bell Labs
Introducing Plan9 from Bell LabsIntroducing Plan9 from Bell Labs
Introducing Plan9 from Bell Labs
Anant Narayanan
 
Glendix: The Why and the How
Glendix: The Why and the HowGlendix: The Why and the How
Glendix: The Why and the How
Anant Narayanan
 
Fork Yeah! The Rise and Development of illumos
Fork Yeah! The Rise and Development of illumosFork Yeah! The Rise and Development of illumos
Fork Yeah! The Rise and Development of illumos
bcantrill
 
Txjs talk
Txjs talkTxjs talk
Txjs talk
Brendan Eich
 

Recommandé

MSR Talk
MSR TalkMSR Talk
MSR Talk
Brendan Eich
 
ES.next
ES.nextES.next
ES.next
Brendan Eich
 
JSLOL
JSLOLJSLOL
JSLOL
Brendan Eich
 
Preserving access
Preserving accessPreserving access
Preserving access
National Library of Australia
 
Introducing Plan9 from Bell Labs
Introducing Plan9 from Bell LabsIntroducing Plan9 from Bell Labs
Introducing Plan9 from Bell Labs
Anant Narayanan
 
Glendix: The Why and the How
Glendix: The Why and the HowGlendix: The Why and the How
Glendix: The Why and the How
Anant Narayanan
 
Fork Yeah! The Rise and Development of illumos
Fork Yeah! The Rise and Development of illumosFork Yeah! The Rise and Development of illumos
Fork Yeah! The Rise and Development of illumos
bcantrill
 
Txjs talk
Txjs talkTxjs talk
Txjs talk
Brendan Eich
 
Free Libre Open Source Software - Business Aspects of Software Industry
Free Libre Open Source Software - Business Aspects of Software IndustryFree Libre Open Source Software - Business Aspects of Software Industry
Free Libre Open Source Software - Business Aspects of Software Industry
Frederik Questier
 
Mozilla + Rust at PCU Manila 02 DEC 2016
Mozilla + Rust at PCU Manila 02 DEC 2016Mozilla + Rust at PCU Manila 02 DEC 2016
Mozilla + Rust at PCU Manila 02 DEC 2016
Robert 'Bob' Reyes
 
Dynamic Languages in Production: Progress and Open Challenges
Dynamic Languages in Production: Progress and Open ChallengesDynamic Languages in Production: Progress and Open Challenges
Dynamic Languages in Production: Progress and Open Challenges
bcantrill
 
Anthropological fieldwork in Ubuntu Linux
Anthropological fieldwork in Ubuntu LinuxAnthropological fieldwork in Ubuntu Linux
Anthropological fieldwork in Ubuntu Linux
Andreas Lloyd
 
The dream is alive! Running Linux containers on an illumos kernel
The dream is alive! Running Linux containers on an illumos kernelThe dream is alive! Running Linux containers on an illumos kernel
The dream is alive! Running Linux containers on an illumos kernel
bcantrill
 
Yocto Project - OSCON 7-17-2012
Yocto Project - OSCON 7-17-2012Yocto Project - OSCON 7-17-2012
Yocto Project - OSCON 7-17-2012
Jeffrey Osier-Mixon
 
P05-slides
P05-slidesP05-slides
P05-slides
Isaac (.ike) Levy
 
Linux shell scripting_v2
Linux shell scripting_v2Linux shell scripting_v2
Linux shell scripting_v2
Avinash Jagarlamudi
 
1 Unix basics. Part 1
1 Unix basics. Part 11 Unix basics. Part 1
1 Unix basics. Part 1
Roman Prykhodchenko
 
Why you should use the Yocto Project
Why you should use the Yocto ProjectWhy you should use the Yocto Project
Why you should use the Yocto Project
rossburton
 
Run containers on bare metal already!
Run containers on bare metal already!Run containers on bare metal already!
Run containers on bare metal already!
bcantrill
 
Leaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guideLeaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guide
bcantrill
 
Intro to open_source
Intro to open_sourceIntro to open_source
Intro to open_source
Shiwang Kalkhanda
 
FLOSS development
FLOSS developmentFLOSS development
FLOSS development
Frederik Questier
 
Linux for everyone
Linux for everyoneLinux for everyone
Linux for everyone
Pradeep Shankhwar
 
Mozilla & Connected Devices
Mozilla & Connected DevicesMozilla & Connected Devices
Mozilla & Connected Devices
Robert 'Bob' Reyes
 
Bringing the Unix Philosophy to Big Data
Bringing the Unix Philosophy to Big DataBringing the Unix Philosophy to Big Data
Bringing the Unix Philosophy to Big Data
bcantrill
 
Unix++: Plan 9 from Bell Labs
Unix++: Plan 9 from Bell LabsUnix++: Plan 9 from Bell Labs
Unix++: Plan 9 from Bell Labs
Anant Narayanan
 
Introduction To Opensource And GNU/Linux
Introduction To Opensource And GNU/LinuxIntroduction To Opensource And GNU/Linux
Introduction To Opensource And GNU/Linux
Sheila Eiffert
 
Update on Memento (IIPC 2011 Plenary)
Update on Memento (IIPC 2011 Plenary)Update on Memento (IIPC 2011 Plenary)
Update on Memento (IIPC 2011 Plenary)
Robert Sanderson
 
Extensible Operators and Literals for JavaScript
Extensible Operators and Literals for JavaScriptExtensible Operators and Literals for JavaScript
Extensible Operators and Literals for JavaScript
Brendan Eich
 
Value Objects, Full Throttle (to be updated for spring TC39 meetings)
Value Objects, Full Throttle (to be updated for spring TC39 meetings)Value Objects, Full Throttle (to be updated for spring TC39 meetings)
Value Objects, Full Throttle (to be updated for spring TC39 meetings)
Brendan Eich
 

Contenu connexe

Tendances

Update on Memento (IIPC 2011 Plenary)
Update on Memento (IIPC 2011 Plenary)Update on Memento (IIPC 2011 Plenary)
Update on Memento (IIPC 2011 Plenary)
Robert Sanderson
 

Tendances (20)

Free Libre Open Source Software - Business Aspects of Software Industry
Free Libre Open Source Software - Business Aspects of Software IndustryFree Libre Open Source Software - Business Aspects of Software Industry
Free Libre Open Source Software - Business Aspects of Software Industry
 
Mozilla + Rust at PCU Manila 02 DEC 2016
Mozilla + Rust at PCU Manila 02 DEC 2016Mozilla + Rust at PCU Manila 02 DEC 2016
Mozilla + Rust at PCU Manila 02 DEC 2016
 
Dynamic Languages in Production: Progress and Open Challenges
Dynamic Languages in Production: Progress and Open ChallengesDynamic Languages in Production: Progress and Open Challenges
Dynamic Languages in Production: Progress and Open Challenges
 
Anthropological fieldwork in Ubuntu Linux
Anthropological fieldwork in Ubuntu LinuxAnthropological fieldwork in Ubuntu Linux
Anthropological fieldwork in Ubuntu Linux
 
The dream is alive! Running Linux containers on an illumos kernel
The dream is alive! Running Linux containers on an illumos kernelThe dream is alive! Running Linux containers on an illumos kernel
The dream is alive! Running Linux containers on an illumos kernel
 
Yocto Project - OSCON 7-17-2012
Yocto Project - OSCON 7-17-2012Yocto Project - OSCON 7-17-2012
Yocto Project - OSCON 7-17-2012
 
P05-slides
P05-slidesP05-slides
P05-slides
 
Linux shell scripting_v2
Linux shell scripting_v2Linux shell scripting_v2
Linux shell scripting_v2
 
1 Unix basics. Part 1
1 Unix basics. Part 11 Unix basics. Part 1
1 Unix basics. Part 1
 
Why you should use the Yocto Project
Why you should use the Yocto ProjectWhy you should use the Yocto Project
Why you should use the Yocto Project
 
Run containers on bare metal already!
Run containers on bare metal already!Run containers on bare metal already!
Run containers on bare metal already!
 
Leaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guideLeaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guide
 
Intro to open_source
Intro to open_sourceIntro to open_source
Intro to open_source
 
FLOSS development
FLOSS developmentFLOSS development
FLOSS development
 
Linux for everyone
Linux for everyoneLinux for everyone
Linux for everyone
 
Mozilla & Connected Devices
Mozilla & Connected DevicesMozilla & Connected Devices
Mozilla & Connected Devices
 
Bringing the Unix Philosophy to Big Data
Bringing the Unix Philosophy to Big DataBringing the Unix Philosophy to Big Data
Bringing the Unix Philosophy to Big Data
 
Unix++: Plan 9 from Bell Labs
Unix++: Plan 9 from Bell LabsUnix++: Plan 9 from Bell Labs
Unix++: Plan 9 from Bell Labs
 
Introduction To Opensource And GNU/Linux
Introduction To Opensource And GNU/LinuxIntroduction To Opensource And GNU/Linux
Introduction To Opensource And GNU/Linux
 
Update on Memento (IIPC 2011 Plenary)
Update on Memento (IIPC 2011 Plenary)Update on Memento (IIPC 2011 Plenary)
Update on Memento (IIPC 2011 Plenary)
 

En vedette

En vedette (18)

Extensible Operators and Literals for JavaScript
Extensible Operators and Literals for JavaScriptExtensible Operators and Literals for JavaScript
Extensible Operators and Literals for JavaScript
 
Value Objects, Full Throttle (to be updated for spring TC39 meetings)
Value Objects, Full Throttle (to be updated for spring TC39 meetings)Value Objects, Full Throttle (to be updated for spring TC39 meetings)
Value Objects, Full Throttle (to be updated for spring TC39 meetings)
 
Value objects in JS - an ES7 work in progress
Value objects in JS - an ES7 work in progressValue objects in JS - an ES7 work in progress
Value objects in JS - an ES7 work in progress
 
Fluent15
Fluent15Fluent15
Fluent15
 
JS Responsibilities
JS ResponsibilitiesJS Responsibilities
JS Responsibilities
 
Capitol js
Capitol jsCapitol js
Capitol js
 
Mozilla's NodeConf talk
Mozilla's NodeConf talkMozilla's NodeConf talk
Mozilla's NodeConf talk
 
Taysom seminar
Taysom seminarTaysom seminar
Taysom seminar
 
My dotJS Talk
My dotJS TalkMy dotJS Talk
My dotJS Talk
 
Fluent14
Fluent14Fluent14
Fluent14
 
Web futures
Web futuresWeb futures
Web futures
 
Paren free
Paren freeParen free
Paren free
 
dotJS 2015
dotJS 2015dotJS 2015
dotJS 2015
 
Always bet on JS - Finjs.io NYC 2016
Always bet on JS - Finjs.io NYC 2016Always bet on JS - Finjs.io NYC 2016
Always bet on JS - Finjs.io NYC 2016
 
Splash
SplashSplash
Splash
 
The Same-Origin Saga
The Same-Origin SagaThe Same-Origin Saga
The Same-Origin Saga
 
3日時間をもらったのでTypeScriptを触ってみた
3日時間をもらったのでTypeScriptを触ってみた3日時間をもらったのでTypeScriptを触ってみた
3日時間をもらったのでTypeScriptを触ってみた
 
Int64
Int64Int64
Int64
 

Similaire à Mozilla Research Party Talk

"The Past Present and Future of the Mozilla Foundation" by Zak Greant @ eLibe...
"The Past Present and Future of the Mozilla Foundation" by Zak Greant @ eLibe..."The Past Present and Future of the Mozilla Foundation" by Zak Greant @ eLibe...
"The Past Present and Future of the Mozilla Foundation" by Zak Greant @ eLibe...
eLiberatica
 
Open source softrware, group 5 final
Open source softrware, group 5 finalOpen source softrware, group 5 final
Open source softrware, group 5 final
bigrouge
 
HIS 2015: Prof. Mark Little - Open Source Challenges in the Enterprise
HIS 2015: Prof. Mark Little - Open Source Challenges in the EnterpriseHIS 2015: Prof. Mark Little - Open Source Challenges in the Enterprise
HIS 2015: Prof. Mark Little - Open Source Challenges in the Enterprise
AdaCore
 

Similaire à Mozilla Research Party Talk (20)

"The Past Present and Future of the Mozilla Foundation" by Zak Greant @ eLibe...
"The Past Present and Future of the Mozilla Foundation" by Zak Greant @ eLibe..."The Past Present and Future of the Mozilla Foundation" by Zak Greant @ eLibe...
"The Past Present and Future of the Mozilla Foundation" by Zak Greant @ eLibe...
 
Web application development - The past, the present, the future
Web application development - The past, the present, the futureWeb application development - The past, the present, the future
Web application development - The past, the present, the future
 
Familiarization with Web Tools
Familiarization with Web ToolsFamiliarization with Web Tools
Familiarization with Web Tools
 
Freifunk Munich - How to scale Jitsi
Freifunk Munich - How to scale JitsiFreifunk Munich - How to scale Jitsi
Freifunk Munich - How to scale Jitsi
 
Future Tense
Future TenseFuture Tense
Future Tense
 
Web Browsers
Web BrowsersWeb Browsers
Web Browsers
 
Open source softrware, group 5 final
Open source softrware, group 5 finalOpen source softrware, group 5 final
Open source softrware, group 5 final
 
.NET, OSS & Mono
.NET, OSS & Mono.NET, OSS & Mono
.NET, OSS & Mono
 
Forking Successfully - or is a branch better?
Forking Successfully - or is a branch better?Forking Successfully - or is a branch better?
Forking Successfully - or is a branch better?
 
HIS 2015: Prof. Mark Little - Open Source Challenges in the Enterprise
HIS 2015: Prof. Mark Little - Open Source Challenges in the EnterpriseHIS 2015: Prof. Mark Little - Open Source Challenges in the Enterprise
HIS 2015: Prof. Mark Little - Open Source Challenges in the Enterprise
 
Celf japan technical_jamboree_20090522
Celf japan technical_jamboree_20090522Celf japan technical_jamboree_20090522
Celf japan technical_jamboree_20090522
 
Getting Started with Meteor (TCF ITPC 2014)
Getting Started with Meteor (TCF ITPC 2014)Getting Started with Meteor (TCF ITPC 2014)
Getting Started with Meteor (TCF ITPC 2014)
 
Contributing to Open Source
Contributing to Open SourceContributing to Open Source
Contributing to Open Source
 
Electronic Publishing 2.0: Reimagining the Publication and Preservation of E ...
Electronic Publishing 2.0: Reimagining the Publication and Preservation of E ...Electronic Publishing 2.0: Reimagining the Publication and Preservation of E ...
Electronic Publishing 2.0: Reimagining the Publication and Preservation of E ...
 
Rust 101 (2017 edition)
Rust 101 (2017 edition)Rust 101 (2017 edition)
Rust 101 (2017 edition)
 
From hello world to goodbye code
From hello world to goodbye codeFrom hello world to goodbye code
From hello world to goodbye code
 
MozillaPH Rust Users Group Kick Off Meeting
MozillaPH Rust Users Group Kick Off MeetingMozillaPH Rust Users Group Kick Off Meeting
MozillaPH Rust Users Group Kick Off Meeting
 
HTML for beginners
HTML for beginnersHTML for beginners
HTML for beginners
 
PyData Texas 2015 Keynote
PyData Texas 2015 KeynotePyData Texas 2015 Keynote
PyData Texas 2015 Keynote
 
The History and Status of Mozilla Korean Community
The History and Status of Mozilla Korean CommunityThe History and Status of Mozilla Korean Community
The History and Status of Mozilla Korean Community
 

Dernier

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Dernier (20)

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 

Mozilla Research Party Talk

  • 1. Mozilla Memories, and Thoughts on Research Brendan Eich <brendan@mozilla.org> mozilla 1 Tuesday, April 2, 13
  • 2. Agenda • Problem statement • Mozilla’s history and contributions • The big picture • Where we are all headed mozilla 2 Tuesday, April 2, 13
  • 3. Problem statement • Software, especially “in the large”, remains quite challenging • “Fast, Slim, Correct”. Pick any two, so long as one is “Correct”. Not to mention done anywhere near on time! • “I do not know of any other technology covering a ratio of 10^10.” - Dijkstra • “By evoking the need for deep conceptual hierarchies, the automatic computer confronts us with a radically new intellectual challenge that has no precedent in our history.” - Dijkstra again • “Science is knowledge which we understand so well that we can teach it to a computer; and if we don’t understand something, it is an art to deal with it.” - Knuth mozilla 3 Tuesday, April 2, 13
  • 4. mozilla 4 Tuesday, April 2, 13
  • 5. The scale problem is worse over time • Path dependence in any large codebase creates “lock-in” (see sunk cost fallacy) • Rewriting is both a beginner’s error and something experienced programmers can defer for far too long... • “Code by itself almost rots and it’s gotta be rewritten. Even when nothing has changed, for some reason it rots.” - Ken Thompson mozilla 5 Tuesday, April 2, 13
  • 6. Mozilla’s history: 1998 • An “escape pod” jettisoned by Netscape, the first big commercial open source conversion attempt - an act of desperation, a bit of executive legacy vanity • 1998-2003 mozilla.org was a "virtual organization" with no legal independence • staff@mozilla.org drawn from part- and full-time employees at several companies • Mitchell Baker (MPL creator): governance and process • Brendan Eich: technical architecture and oversight • March 31, 1998: all contributors were @netscape.com mozilla 6 Tuesday, April 2, 13
  • 7. The beginner’s error: rewrite! • October 1998: I declared it time to rebuild almost all of the code using: • A new, cross-platform XML-based user-interface widget-set and front end, customizable similar to how web pages can be customized • Gecko, a new, C++, standards-oriented HTML/CSS engine from Netscape, not nearly done but able to load pages and do basic layout • A scriptable C++ component model, complete with IDL, IDL-derived type libraries, automatic JS <=> C++ type and method bridging • Big gamble to bring in new developers attracted by green-field development and a new focus on correctly implemented Web standards mozilla 7 Tuesday, April 2, 13
  • 8. 2000 • Netscape 6 - “Black and Blue”, circular buttons, slow, crashy, AOL IM built in... • Based on “Mozilla 0.6” - our view was that the code was not nearly “1.0” mozilla 8 Tuesday, April 2, 13
  • 9. 2001-2002 • After Netscape 6 flopped, Mitchell and I leveled the community playing field: • New Netscape hires had to prove merit before getting “commit access” • Mozilla binaries (available to testers who did not have a compiler or time to do their own builds) became competitive with Netscape releases • A roadmap plan of milestone releases leading up to “Mozilla 1.0”, running from 2001 into 2002, independent of any Netscape product release plans • The community of volunteers and contributors employed by other companies than Netscape grew in strength and numbers from 2000 to 2002 mozilla 9 Tuesday, April 2, 13
  • 10. 2002-2003 • Mozilla 1.0 released in June 2002 • mozilla/browser, to be renamed Phoenix, then Firebird, was created • Dave Hyatt and I wrote a new roadmap advocating unbundling the “Mozilla suite” into browser, mail, and other apps, each doing one thing well, with fewer features and an “add-ons” architecture so users could customize at will • Mozilla downloads were at least as popular as Netscape product downloads • July 2003: AOL laid off almost all Netscape employees and created the Mozilla Foundation, giving it initial funding, trademarks, and the project’s infrastructure • Mozilla Foundation initial headcount: 10, with money for ~1.5 years mozilla 10 Tuesday, April 2, 13
  • 11. 2004 • The new roadmap split the community, with a bare majority supporting separate browser and mail apps • Firefox (renamed from Firebird) started rapid gains in market share and buzz • Focus on end-user usability, Windows integration over Linux, unusual for open source software • June 2004: Mozilla, Opera, and (not announced at first) Apple founded the WHATWG to create HTML5; I blogged about it and against the W3C • The rest is perhaps better-known history... mozilla 11 Tuesday, April 2, 13
  • 12. mozilla 12 Tuesday, April 2, 13
  • 13. Mozilla’s contributions: community • In the modern Firefox era, 30-40% of patches come from volunteers • ~700 volunteers contributing patches over a year (outsize impact) • Firefox 4 available in 82 locales and 74 languages, the work of many volunteers • ~50,000 nightly build testers • 5M beta testers in the Firefox 4 release cycle • 450M users mozilla 13 Tuesday, April 2, 13
  • 14. mozilla 14 Tuesday, April 2, 13
  • 15. mozilla 15 Tuesday, April 2, 13
  • 16. Bugzilla mozilla 16 Tuesday, April 2, 13
  • 17. Tinderbox, now “tinderboxpushlog” mozilla 17 Tuesday, April 2, 13
  • 18. Code review and testing • Code review before commit is required, in general • Large new modules may plead for post-commit review • No formal design review; important to catch design mistakes early • Code review of more, smaller patches landing early and often is best • Tests are required as part of the patch • Previously we lacked this rule and suffered lack of test coverage and (prior to 2006) even test automation mozilla • Valgrind [Nethercote, Seward] automated build test coverage 18 Tuesday, April 2, 13
  • 19. Fuzz-testing • jsfunfuzz, Jesse Ruderman’s JavaScript travesty generator, has been enormously productive • More productive than static analysis frameworks (Coverity, e.g.) • Knows JS syntax and some semantics, bends and break rules, nests constructs in evil ways • Extremely effective when steered by an expert who tracks new code and language features, senses soft spots and attacks them with targeted fuzzer logic... • Variations perform random DOM manipulation, markup generation, etc. mozilla 19 Tuesday, April 2, 13
  • 20. Automatic program analysis • Collaboration with UCB project Oink, ultimately forked as Mozilla Pork, for: • experiments with automatic patch generation • Second-generation analysis tools based on the GNU C Compiler (GCC): • dxr, a semantic source code cross-referencer • Dehydra, a scriptable static analysis tool (GCC plugin) • Treehydra, heavy-duty static analysis version of Dehydra (binds to JS reflection of GCC’s GIMPLE AST representation) mozilla 20 Tuesday, April 2, 13
  • 21. Brian Hackett’s Sixgill mozilla 21 Tuesday, April 2, 13
  • 22. Mozilla Research founded in 2009. 2010 for sure! • "Distrust any enterprise that requires new clothes." - Thoreau • I met Andreas Gal in 2006. New clothes came in time for Firefox OS (2013) • mozilla 22 Tuesday, April 2, 13
  • 23. Rust and Servo mozilla 23 Tuesday, April 2, 13
  • 24. Blast from the past mozilla 24 Tuesday, April 2, 13
  • 25. nbody.rs mozilla 25 Tuesday, April 2, 13
  • 26. Rust performance results (nbody) mozilla 26 Tuesday, April 2, 13
  • 27. Latest and greatest mozilla 27 Tuesday, April 2, 13
  • 28. mozilla 28 Tuesday, April 2, 13
  • 29. Mozilla Research in 2013 mozilla 29 Tuesday, April 2, 13
  • 30. The big picture • We at Mozilla like formal methods and invest in them, but incrementally. • Fielding a competitive browser/OS entails use of unsafe languages such as C and C++. • Being safe but so slow you lose users does not help. • Manycore and security challenges motivate pragmatic and hybrid methods • Art + Science require many hands at all layers of the system. Not all are ready for formal methods • “Ruby is not used for software engineering reasons”, rather for aesthetic and programmer productivity reasons. A human thing, so a software thing mozilla 30 Tuesday, April 2, 13
  • 31. Where we are all headed • When Mozilla began, CVS was the state of the art in open source version control • Since then (see http://revctrl.org/), distributed peer-to-peer version control systems have emerged and gained widespread use • 15 years ago, forking was a dire thing, to be avoided; “branches” were costly and unmaintainable in parallel for very long • Now with DVCSes such as Git and Mercurial, forking is not always a bad thing, and often a good thing • We are increasingly using http://github.com/, for “social hacking” wins mozilla 31 Tuesday, April 2, 13
  • 32. Closing thoughts • Open source and distributed development on the rise. Unsound humans FTW! • Formal methods for verifying correctness are coming along, but I see two large gaps to close: • Between the github.com world of JS, Ruby, etc., and Mozilla’s C++ and Rust systems programming languages. Contracts, gradual typing, compilers such as TypeScript? • Between kernel languages we use at large scale, and the sound but hard-to- scale verification systems used on, e.g., device drivers (SLAM) -- never mind the metalogical frameworks! mozilla 32 Tuesday, April 2, 13
  • 33. Thanks, and keep Researching! mozilla 33 Tuesday, April 2, 13