Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
Posted Mar 15, 2024 16:33 UTC (Fri) by paulj (subscriber, #341)In reply to: Herb Sutter on increasing safety in C++ by khim
Parent article: Herb Sutter on increasing safety in C++
This was some guy's own project. He had nothing to do with core Rust. His project wasn't some core Rust project. He was some guy who'd written something for himself. He put it on Github. Others found it useful, evidently. And then, simply cause he just didn't want to dance to the tune of the self-entitled, toxic whingers that - unfortunately - like to go out of their way to belittle and demean people who have done nothing to them but *generously* _given them and everyone the fruits of their hard labour_, he /really/ got belittled, demeaned, insulted and attacked by said toxic crowd.
Really, the lesson here is Rust has some toxic people around it.
Posted Mar 15, 2024 16:36 UTC (Fri)
by paulj (subscriber, #341)
[Link]
However, arguments predicated on "Rust has a better community" might not be well-founded if they depend on that particular example.
Posted Mar 15, 2024 16:49 UTC (Fri)
by mb (subscriber, #50428)
[Link] (63 responses)
Maintaining something that people depend on is a responsibility. It does not matter, if it's for free or not. If he doesn't want to be criticized for his work or can't handle it, he should not publish it.
That's how free software works.
And yes: "I don't care, please fork my project, if you don't like my decision to use unsafe code" is a legitimate answer to such feedback.
Posted Mar 15, 2024 17:06 UTC (Fri)
by Wol (subscriber, #4433)
[Link] (24 responses)
> Publish something and get feedback. That includes positive and negative feedback.
Agreed - what do you expect?
> And yes: "I don't care, please fork my project, if you don't like my decision to use unsafe code" is a legitimate answer to such feedback.
Except. According to paulj that's NOT what happened. They didn't fork his project, they stole it. Strong words, maybe? But they SHOULD have forked it. Quite probably with the guy's blessing. They shouldn't have expelled him from his own project. That's just "not nice" (TM).
Cheers,
Posted Mar 15, 2024 17:28 UTC (Fri)
by mb (subscriber, #50428)
[Link] (23 responses)
Maybe you want to read this?
To me that reads more like: "One driver on the wrong side of the road? No! Thousands!"
Posted Mar 15, 2024 23:41 UTC (Fri)
by Wol (subscriber, #4433)
[Link] (22 responses)
How else would you describe driving the original author out?
> I guess many people then also stole my old projects that I don't maintain anymore and I stepped back from.
There's a big difference between taking over an abandoned project, and muscling in on a project that the creator is actively working on.
Even your own quote supports paulj's claim that the author was "driven out". This project does NOT appear to be an abandoned project.
I've been there done that - I had a project taken over by someone else. Okay, I couldn't find time to work on it, this other guy did, and while I didn't like what he did I abide by "he who writes the code, calls the tune". But if it was this guy's project, and he was actively working on it, then I don't think "stealing" is wrong word for forcing him out.
Cheers,
Posted Mar 15, 2024 23:55 UTC (Fri)
by mb (subscriber, #50428)
[Link] (1 responses)
Renewal.
Posted Mar 16, 2024 22:11 UTC (Sat)
by Wol (subscriber, #4433)
[Link]
Cheers,
Posted Mar 16, 2024 0:28 UTC (Sat)
by khim (subscriber, #9252)
[Link] (19 responses)
No one ever did that. The author refused to play by rules. And when pressure have reached the boiling level, instead of doing the sensible thing, he decided to destroy everything. Later he acquiesced and instead of pulling QB64-style collapse just transferred maintainership to the people who do play by rules. It was abandoned at some point. By it's author. Only after that happened discussion about continuing maintainership by other people started. The hope was always that he would decide to take rules seriously, not that he would abandon it's own (and quite successful) project, but, apparently, for him benchmark games were more important than safety.
Posted Mar 16, 2024 10:57 UTC (Sat)
by paulj (subscriber, #341)
[Link] (18 responses)
That you and mb think that kind of behaviour is acceptable, indeed you appear to be _celebrating_ it, suggests the "Rust community" has learned _nothing_ from that episode - so far as your comments are representative.
Posted Mar 16, 2024 11:06 UTC (Sat)
by mb (subscriber, #50428)
[Link] (12 responses)
I just disagree with you whether this case *is* abuse or bullying.
Posted Mar 16, 2024 22:15 UTC (Sat)
by Wol (subscriber, #4433)
[Link] (9 responses)
That is quite clear that he was bullied - words like "unsafe shitstorm"?
Classic troll behaviour - to argue thing, and claim articles support you when in fact they say the complete opposite.
The fact other people found his project useful, does not give them the right to demand he change his priorities to suit them. If they want to fork it to achieve their personal objectives, then fine. That they think it acceptable to abuse him for disagreeing with them is not.
Cheers,
Posted Mar 16, 2024 22:34 UTC (Sat)
by mb (subscriber, #50428)
[Link] (8 responses)
I actually read the article and also the communication he did on github.
Posted Mar 17, 2024 0:40 UTC (Sun)
by paulj (subscriber, #341)
[Link] (7 responses)
Also, given this was a personal project of his, and (AFAIK) he was doing this for his own enjoyment and fun, how can you characterise it as "unprofessional"?
You are projecting your own notions of what /you/ like for /your/ projects, onto the _personal_ time of other authors of Free Software, and you are _inventing_ obligations for said other Free Software authors that do not exist. They _do not exist_ in the licence, nor is it in any way sane to think that someone publishing some of their work as Free Software somehow encumbers them with /obligations/ to write the code the way /random others/ _demand_.
If you want to call the tune, pay the piper. Get a support contract. Pay them money. Put food on their table. _Then_ you have a _small_ and /limited/ right to expect something in return.
Posted Mar 17, 2024 0:43 UTC (Sun)
by paulj (subscriber, #341)
[Link]
That user has an *obligation* to be _polite_, and thankful. Especially if they havn't contributed a thing to said author.
Posted Mar 17, 2024 7:30 UTC (Sun)
by mb (subscriber, #50428)
[Link] (5 responses)
Has already been posted here.
> If you want to call the tune, pay the piper.
So people who contribute their free time for the removal of unsafe code must pay money so that their pull request gets handled professionally?
> onto the _personal_ time of other authors
Do you realize that this is also true for the rejected contributors and the users?
Posted Mar 17, 2024 12:09 UTC (Sun)
by paulj (subscriber, #341)
[Link] (4 responses)
See? Just fork, and be thankful. How is that hard? How _anything but that_ the right answer?
In particular, how is "Launch a campaign of abuse, to pressure the author into withdrawing from their own, personal project" acceptable?
What khim calls "ostracism" is implementable only through online bullying in an online world.
Posted Mar 17, 2024 12:29 UTC (Sun)
by mb (subscriber, #50428)
[Link] (3 responses)
>Launch a campaign of abuse, to pressure the author
Please read the authors responses to the PRs.
Posted Mar 17, 2024 12:33 UTC (Sun)
by paulj (subscriber, #341)
[Link] (2 responses)
Posted Mar 19, 2024 22:10 UTC (Tue)
by ms-tg (subscriber, #89231)
[Link] (1 responses)
2019 - Originally rejected fix PRs that explain and remove UB or other soundness issues
2018 - Original response to "why 100 uses of unsafe without clear documentation of safety"
I make no guarantee that these are the best examples, just a few I turned up.
Also please note, for contrast, the many fixes that went in just after the maintainer transition on Jan 20 2020, e.g.
Posted Mar 20, 2024 10:37 UTC (Wed)
by paulj (subscriber, #341)
[Link]
Anyway, let's leave it.
Posted Mar 17, 2024 0:34 UTC (Sun)
by paulj (subscriber, #341)
[Link] (1 responses)
However, the author's own characterisation of matters is that he received "abuse". Even summaries of what happened by /critics/ of the author that I find on reddit suggest "some" of the other criticisms (e.g. in reddit discussions) went too far. There is a suggestion that there were even "death threats" - by 2nd or 3rd hand sources I have read, I don't know how true.
Just in this LWN discussion - long after the fact, in a much more sober and considered and forum than reddit - the author has been described as an "offender", as "someone who refuses to follow the rules", and that "to do something about that". Admittedly just one commentator here, though it seems you also approve of the notion that "something" must be done to ostracise such people and expel them.
Again, we are talking about a guy who just published his /own/ software, to his /own/ Github account - who had nothing to do with any core Rust group. Who did nothing but give the world a high-performance web framework. And, events since (the author still maintains the code, now under another name, and it apparently beats the pants off the "community" [neutered?] version) suggest that this author actually knows something about making code perform.
I think the bullying was totally unacceptable, and I think some of the views being posted in this article in support of the campaign to "ostracise" an author of free software - i.e. effectively condoning abuse and bullying, even if you claim to be against it - are a stain on Free Software.
Posted Mar 17, 2024 15:45 UTC (Sun)
by marcH (subscriber, #57642)
[Link]
Comparing his _personal_ project to the city of Athens is indeed way beyond ridiculous. If the core Rust group wants to "ostracize" disrupting people then great. But policing the entire Internet is not ancient Greece; it's the KGB.
Having to share space and live together is hard. The beauty of "forking" and the Internet in general is: there is an infinite amount of space and freedom available. No need to artificially import limitations from the real world.
BTW this is why the decision to remove "thumbs down" on social media and other sites is so good. If you don't like something, explain why and create something better in _your_ space and try to convince users and get more "thumbs up". Don't come and pollute other people's space.
Posted Mar 16, 2024 11:12 UTC (Sat)
by khim (subscriber, #9252)
[Link]
Actually Rust community have learned which things work and which things don't work. Which means it has a chance to survive. But I guess the majority of people in the first world just don't understand how things work. Well, coming collapse of EU, rivers of blood in Europe and smaller pools of the same substance in US would reeducate them… I just wish there was an easier way to teach people… but it looks like nothing else works. If you portray the demands not to disable security alarms and to keep fuses functional “abuse” then I don't even know what to say. The analogue to what Kim did would be creation of bridge without safety rails or building major mall without regard to regulations which demand that it should survive an eathquake. If you do that in real world you may easily go to jail, in virtual world Kim just had to step down and he still got keep it's own fork which he may still play with… how is that “abuse”?
Posted Mar 16, 2024 11:20 UTC (Sat)
by atnot (subscriber, #124910)
[Link] (3 responses)
I feel like this sort of thing is an area where there is a huge disconnect between people actually involved with the rust project or any projects of note (like e.g. Steve Klabnik, who condemned this strongly in the blog post linked) and a certain genre of poster especially prevalent on places like reddit, where this kicked off. It's really the usual contept culture stuff we see all day in all programming communities[1], but it's really disheartening to see from a community that I feel should be able to do better. It doesn't help that people feel emboldened and righteous by how genuinely important of a cause memory safety is either.
[1] If anyone hasn't read it yet: https://blog.aurynn.com/2015/12/16-contempt-culture/
Posted Mar 16, 2024 12:19 UTC (Sat)
by khim (subscriber, #9252)
[Link] (2 responses)
How do you know there's a disconnect? I'm pretty sure that Steve is genuine in his grief. He is just not the person who would do things like that. I don't think he ever objected to what Kim is doing, publicly or privately. But how do you know what others are thinking? I know for the fact that many of them would be fired if they would say what Redditers easily say… and you want to say that people placed in this position are the ones words of whom we should trust? I consider Reddit posts closer to what people actually think: on Reddit people may say things without fear of retaliation because Reddit doesn't give others an easy way to use DIE department of speaker's company to silence said speaker. Yet Reddit does give an option to silence people who stray out of the line. And if you go against the majority you would be silenced. But that wouldn't be because one person who hates your guts used the evidence that your are not “tolerant enough” against you. Thus that easy threat: be nice even to the guys who may destroy your community or else you would be fired? That's not possible on Reddit. Or LWN for that matter. But that's only not possible for people who keep their real identity separated from your Reddit (or LWN) identity. Once someone knows who you are… DIE departments are always watching. These are the real uncontrollable Inquisition that accelerate the downfall of the modern society that they supposedly serve. You couldn't trust a word of anyone who is under threat to DIE from his words. P.S. That's why I celebrate what Rust achieved there. 20 or maybe even 10 years ago it wouldn't have been an achievement. But today, when voices of everyone who may act as authority and stop language abuse easily are forcibly silenced… to do what Rust community managed to achieve is not easy.
Posted Mar 16, 2024 22:23 UTC (Sat)
by Wol (subscriber, #4433)
[Link]
So you're happy celebrating a witch hunt. The ONLY thing this guy did wrong was to publish his pet project in the hope that other people would find it useful. And he got loads of abuse from people who thought what he was trying to achieve was conpletely unacceptable. I sure as hell hope you enjoy being a witch-finder. Because hell is where witch-finders are likely to end up.
Unfortunately, this is just the "me me me" politically correct and toxic side of Free Software. I just wish we could kick that out ...
Cheers,
Posted Mar 17, 2024 6:29 UTC (Sun)
by corbet (editor, #1)
[Link]
Posted Mar 15, 2024 17:51 UTC (Fri)
by pizza (subscriber, #46)
[Link] (6 responses)
Wow, that's some serious victim blaming entitlement BS.
> That's how free software works.
*ahem*
"[the work is provided] on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE."
The author owes everyone else precisely *nothing*. Anyone using that work is not entitled to support, fixes, updates, or anything more than the completely-as-is bits they already have in front of their faces.
> And yes: "I don't care, please fork my project, if you don't like my decision to use unsafe code" is a legitimate answer to such feedback.
The fact that the "Rust Community" didn't accept that "legitimate answer" is the *entire point* of this sub-thread. Indeed, many consider this piled-on grief to be a laudable feature of "Rust Culture".
Posted Mar 15, 2024 18:01 UTC (Fri)
by mb (subscriber, #50428)
[Link] (5 responses)
That was not necessary, because he left the project before that was necessary.
>The author owes everyone else precisely *nothing*.
Yes. It's his right to step down.
Where's the problem?
Posted Mar 15, 2024 20:42 UTC (Fri)
by pizza (subscriber, #46)
[Link]
"stepping down" is a deliberate act of removing yourself from some position (or otherwise giving up some sort) of power.
Saying he(?) "has the right to step down" already presupposes something that was never a given; namely that he owed anyone anything to begin with.
> Where's the problem?
The fact that he was expected (if not outright demanded) to take _any_ sort of action or effort for someone else's benefit to begin with.
Posted Mar 15, 2024 23:45 UTC (Fri)
by Wol (subscriber, #4433)
[Link] (3 responses)
But it should have been his FREE CHOICE to step down.
> Where's the problem?
He didn't WANT to step down.
Cheers,
Posted Mar 16, 2024 0:03 UTC (Sat)
by mb (subscriber, #50428)
[Link] (2 responses)
No. It absolutely should not.
If this is a project that many people depend on, then the author should not have the free choice to continue the project at his own choice and force, if the majority disagrees.
It is his free choice to fork the project.
Just the the "stupid majority" go. What's the problem?
Posted Mar 16, 2024 22:32 UTC (Sat)
by Wol (subscriber, #4433)
[Link] (1 responses)
If this is a project that many people depend on, then they were bloody idiots to depend on a project by someone who did not share the same values they did.
If you fnd a project that does 90% of what you want, and that extra 10% is unacceptable to the project owner then it on YOU to FORK it, not seize it by force.
At the end of the day, the very Register article you pointed us at said it was mob rule. The behaviour shown here was completely unacceptable, made even worse by the fact there was a perfectly acceptable, friendly, alternative.
Cheers,
Posted Mar 17, 2024 2:21 UTC (Sun)
by paulj (subscriber, #341)
[Link]
If someone wrote some code, and lets you use it for free, and you think it should be written differently, or some things could be done different or added: Suggest it, very nicely, as a "might be nice...". And if they disagree, well, say "Thanks for the code!". Your choices after that (if you're a not self-absorbed, toxic, ingrate) are to see if you can /pay/ the author, or fork and do it yourself (or pay someone else).
Don't be the self-absorbed, toxic, ingrate, who thinks that there are some holy coding rules, passed down from the great bearded hacker in the sky, the transgression of which justifies against a (non-profit, coding for fun) transgressor a campaign of "ostracism" - which the recipient is very likely to perceive as abusive.
Especially when these rules are not even in the damn compiler. Hell, the "transgressor" is explicitly /conforming/ to the rules of the language, as checked by the compiler.
Posted Mar 15, 2024 18:15 UTC (Fri)
by paulj (subscriber, #341)
[Link] (27 responses)
In particular, you need to reflect to what extent your thinking _enables_ the toxicity that many Free Software authors and maintainers are subjected to, that I have in mind in my comment above.
Posted Mar 15, 2024 18:36 UTC (Fri)
by mb (subscriber, #50428)
[Link] (26 responses)
Being responsible to your users does *enable* toxicity? Really?
And yes, I think that I as a free software maintainer am responsible for delivering a good product to my users.
So, very clearly: Yes. Publishing a free software project that has many users depending on it comes with a maintenance responsibility.
Even if they don't pay me a Dime.
Posted Mar 15, 2024 20:46 UTC (Fri)
by pizza (subscriber, #46)
[Link] (12 responses)
No. What is toxic is users *demanding responsibiity* when it's been *explicit* from the beginning that they do not have any grounds to expect it.
What is toxic is fostering a culture that says that making those demands (without appropriate compensation) is somehow okay.
Posted Mar 15, 2024 20:53 UTC (Fri)
by mb (subscriber, #50428)
[Link] (11 responses)
Just stop publishing things, if you don't care about users. It really is that simple.
Posted Mar 15, 2024 21:57 UTC (Fri)
by pizza (subscriber, #46)
[Link] (10 responses)
You keep assuming that users are somehow owed "care" by some sort of divine right. [1]
If you want "care" then you must supply equivalent "compensation" [2]
And it really is that simple.
> And most important, don't complain, if all users tell you that you are wrong. Because most likely you are wrong.
You've been in this field far too long to truly believe that.
(And just in case you are actually serious, if the user has a different use case or expectations to what the author claimed to the software would provide, then yes, the user is *wrong*. But remember, this particular bruhaha was about the *style of implementation* of completely legal Rust code.)
[1] I've written software to sovle a problem my partner was having. That was the only user I "cared" about.
Posted Mar 15, 2024 22:46 UTC (Fri)
by mb (subscriber, #50428)
[Link] (9 responses)
You know what? The longer I have been in this field, the more I care about code correctness and about what other people say. I want to learn from other people. I know that I am wrong most of the time.
>if the user has a different use case or expectations to what the author claimed to the software would provide, then yes, the user is *wrong*.
That is something I absolutely disagree with.
I as the author do reserve the option to not do anything about it and keep the project as-is.
In free software there is no immediate "wrong" or "right". It's just that the "right" solution will continue to live. If I am actually right and 1000 people are wrong, then at the end I will succeed.
But unnecessary unsafe code won't succeed, IMO.
Posted Mar 16, 2024 22:40 UTC (Sat)
by Wol (subscriber, #4433)
[Link] (1 responses)
> That is something I absolutely disagree with.
Screw. Meet hammer.
Just because many users think Excel is a database, just because clueless idiots think that F1 racing cars would be an excellent fast delivery vehicle, doesn't make them right.
Actually, that F1 example is pretty apt. The project was designed for SPEED, not heavy lifting. Just because idiots want to use a racing car to deliver 44-tonne loads, words fail me ...
Cheers,
Posted Mar 16, 2024 22:43 UTC (Sat)
by mb (subscriber, #50428)
[Link]
That is not a base for further discussion.
Posted Mar 17, 2024 14:40 UTC (Sun)
by anselm (subscriber, #2796)
[Link] (6 responses)
If the user thinks they're “right” but the maintainer of the code disagrees, it is the user's privilege to fork the code. The user is not entitled to have the maintainer change the code, at no charge, to conform to the user's wishes, and the user most certainly does not get to hijack the original project by driving away the original maintainer.
The principle of free software is, you scratch your own itches. Scratching other people's itches, particularly for free, is entirely optional (even though some free-software maintainers take satisfaction from that, and if that happens, good for those other people). In fact, the whole idea behind free software in the first place is putting other people in a position where they can scratch their own itches and don't need to rely on anyone else to scratch those itches for them.
Posted Mar 17, 2024 14:52 UTC (Sun)
by mb (subscriber, #50428)
[Link] (5 responses)
Popular projects don't live in a vacuum. If a maintainer of a popular project makes decisions that many users disagree with, then the maintainer will have to live with the feedback.
Please go and take a look at the code. Some uses of unsafe were completely ridiculous.
>The principle of free software is, you scratch your own itches
That is only a very small part of it.
Posted Mar 17, 2024 16:45 UTC (Sun)
by paulj (subscriber, #341)
[Link] (4 responses)
I am sceptical that it is possible for an author to leave responses to PRs/CRs made on their own personal project that could justify a campaign of negative comments against them. A campaign apparently that included "death threats" and which the author felt included "abuse". How can an unreasonable response by an author to PRs on their own project justify anything _else_ but "Thanks for the code, I'll make those changes somewhere else myself"?
You keep saying those responses exist, can you show them?
The level of entitlement that is implied by what you are saying is completely off the scale.
Posted Mar 17, 2024 16:57 UTC (Sun)
by mb (subscriber, #50428)
[Link] (3 responses)
>included "death threats"
You surely have a link to that?
Posted Mar 18, 2024 15:07 UTC (Mon)
by paulj (subscriber, #341)
[Link] (2 responses)
"You alway face with rude and hate, everyone knows better how to build software, nobody wants to do home work and read docs and think a bit and very few provide any help. ... I started to receive complaints that docs are not updated and i have to go fix my shit. Encouraging. ... You felt betrayed after you put so much effort and then to hear all this shit comments, even if you understand that that is usual internet behavior."
https://github.com/fafhrd91/actix-web-postmortem
That is authoritative text on how the author felt. And I think we were all aware of that text before we started this discussion.
Now, your counter to this is that /his/ responses to the criticisms he received were unprofessional. I have asked for an example, twice now I think, but you've not given any, other than to claim I can find it if I look. Well, from reading around forums on this, the most heinous charge I can find levelled against the author is that he called a PoC change in a comment "boring":
http://web.archive.org/web/20200116231317/https://github....
I don't think /any/ response by an author, on their own issue tracker for their own personal project, could justify a campaign of "ostracism" (which in an online comment pretty much implies lots of toxic comments being left on various forums; from the target's own issue trackers, to reddit, etc. - i.e. abuse and bullying). I especially think that "this patch is boring" does not justify it.
The correct response is "Thanks for all your hard work on this code, and your generosity in open sourcing it - appreciate it, and I'll see about making my desired changes in my own version". Always really. At least, for anyone who is not a toxic ingrate.
If you had another comment in mind by the author, feel free to link to it.
Posted Mar 18, 2024 17:16 UTC (Mon)
by mb (subscriber, #50428)
[Link] (1 responses)
So? Maybe they are right?
> "nobody wants to do home work"
Also applies to the author.
> "and read docs and think a bit and very few provide any help."
Also applies to the author.
But it's Ok to have a different opinion.
> I have asked for an example, twice now I think, but you've not given any,
I said twice, that this has been posted already. I am not going to search the discussion threads for you.
> At least, for anyone who is not a toxic ingrate.
Do you realize that your definition of "toxic ingrate" also applies to yourself?
Posted Mar 18, 2024 18:13 UTC (Mon)
by corbet (editor, #1)
[Link]
Posted Mar 15, 2024 20:48 UTC (Fri)
by paulj (subscriber, #341)
[Link] (12 responses)
As a user of another project, you have 0 right to expect its author or maintainer has any responsibility towards you - unless you've some other contract with them.
Posted Mar 15, 2024 20:59 UTC (Fri)
by mb (subscriber, #50428)
[Link] (11 responses)
Being wrong is fine. But don't blame others.
Posted Mar 16, 2024 0:40 UTC (Sat)
by Wol (subscriber, #4433)
[Link] (10 responses)
NO, NO AND THRICE NO!
The developer is victim (a *real* victim) for having the temerity to disagree with his users about what HE wants HIS code to do.
It comes over quite clearly that those users you are defending didn't give a shit about what the developer was trying to achieve.
The developer wanted the code to be FAST. The users placed safety over speed. That's their right, but it doesn't give them the right to steal someone else's project. As others have said, they have the right to *fork*, not *steal*. You have no right to tell me my priorities for my code are wrong.
Cheers,
Posted Mar 16, 2024 1:02 UTC (Sat)
by khim (subscriber, #9252)
[Link]
Don't publish it, if you don't want it to be looked on. Problem solved. Once again: it wasn't stolen. Kim had enough integrity to leave without making life of everyone who just uses Actix-web miserable. Kudos for him. That's more than authors of many other projects do when the majority of their users and/or codevelopers disagree with some decision: usually original project just dies and fork continues. Think XFree86 or OpenOffice.org. This doesn't make anyone happy, just makes everyone confused. What about Oracle? Is Oracle a victim of unfriendly community which doesn't want, for some reason, to donate their code on terms that Oracle would like, too? I don't like Kim for the games he played (and still plays) for the sake of benchmarks, but I appreciate his willingness not to involve innocents into these discussion (David Dawes-style). It was his decisions whether to continue (and try to cope with stigma, somehow) or quit. How can that be called “stolen project”?
Posted Mar 16, 2024 9:43 UTC (Sat)
by mb (subscriber, #50428)
[Link] (8 responses)
I doubt it. Very much.
>about what HE wants HIS code to do.
He can do whatever he wants to his code in private.
Posted Mar 16, 2024 10:49 UTC (Sat)
by khim (subscriber, #9252)
[Link] (4 responses)
Yes. It's about 30% slower on benchmarks. How much of it is real and how much is Dieselgate-style improvements is hard to say, but the majority of the Rust community vote went to safety and not to 30% speed increase. Simply because most of the time it's better to spend 30% more on hardware then lose millions from outages. Yup. That's precisely what happened here: Kim got his One may argue that “it's not fair” that community got the name, too, but we know from the history that it wouldn't have mattered in the long run anyway. Think gcc/egcs split, think LibreOffice/Apache OpenOffice, etc. The only thing that stubbornness of the developer brings in cases like that is damage for the innocent bystanders. The fact that Kim got enough dignity to accept that is a big plus for his human character IMNSHO, but that still doesn't mean I would like to use ntex instead of actix-web, sorry.
Posted Mar 16, 2024 11:08 UTC (Sat)
by mb (subscriber, #50428)
[Link] (3 responses)
And before the removal of the unsafe code it was this much faster? It was on top of the list?
Posted Mar 16, 2024 11:36 UTC (Sat)
by khim (subscriber, #9252)
[Link] (2 responses)
Yes. It was near the top, often #1. And that was, apparently, primary concern of it's author, his goal and achievment. And it's not as if “bullying” started from nothing. Read this article, e.g. Does it look like a bullying? Just read the whole discussion linked from there. Does this “car shouldn't have a seatbelts coz good drivers don't have accidents” or “bike helmets are for sissies, I wouldn't look cool if I would wear them” sound like a something you would want in an important project or library? The problem was always not the number of What you have if you program like that is not Rust, that's C++ in the Rust skin! That was the issue, not number of And when Kim started adding safe functions which exported unsafe behavior to bring down number of AFAICS Rust community dealt with it in the only way that actually works: try to educate, but if that doesn't work then expell. C/C++ community is full of such persons and it doesn't look as if any “safety plan” for C++ even acknowledges their existence.
Posted Mar 16, 2024 11:58 UTC (Sat)
by mb (subscriber, #50428)
[Link] (1 responses)
Ok, that is quite unusual then.
>The problem was always not the number of unsafe in Actix-web but the attitude that removal of unsafe needs a justification
Yes, I agree adding unsafe needs a justification. Not the removal.
Unsafe code is Ok, if it is carefully documented and thought through. The safe API to it must always be sound. Most of the time that means the unsafe code is down somewhere inside of a safe wrapper. But of course, that's not always easy to do and requires some serious engineering.
Posted Mar 16, 2024 12:26 UTC (Sat)
by khim (subscriber, #9252)
[Link]
The issue it that at certain point you reach the state where you have to make a choice. You may achieve, typically, about 50% of theoretical maximum performance while keeping architecture “safe and fast” bit at some point you hit the limit of what can be done that way. Axum is developed independently and it's very close to Actix-web on benchmarks (currently 5% fater, but that changes over time, it was 5% slower year ago). Beyond certain point you have to either do some hard choices or accept significant (though rarely critical) performance loss. Things like the decision of Windows NT 4.0 to move graphics drivers into the “microkernel”.
Posted Mar 18, 2024 14:42 UTC (Mon)
by pizza (subscriber, #46)
[Link] (2 responses)
Incorrect; the fact that this code is explicitly conformant with the language shows that Rust does indeed work this way.
If the programmer wants to do something "unsafe" to gain some speed (or any other reason!) then they are free to do so. It is, after all, their own code.
....congratulations, Rust is finally beginning to have to grow up and face the harsh fact that in the real world, developers will write crappy [1] code that violates any number of "cultural norms" or "best practices" [2] and there is *nothing* that can be done about it!
Rust-the-project has no legal (or moral!) ability to ostracize or otherwise exclude anyone from writing software in Rust, putting it online with a warranty disclaimer, and random third parties incorporating/using it. After all, that's how Rust itself continues to exist. Indeed, any exclusionary actions will likely lead to some expensive legal trouble.
[1] in the eye of the beholder
Posted Mar 18, 2024 15:02 UTC (Mon)
by khim (subscriber, #9252)
[Link]
Except the whole discussion started with example which directly contradicts your assertion. Yes, developers will write crappy code, but that's not a problem by itself. It only becomes a problem when crappy code becomes popular and is starting to affect other people while developer ignores the issue. And that can be fixed. It was done pretty successfully, or else we wouldn't have had this discussion at all. Seriously? When was Kim reinstated as the lead of Actix-web and his opponents were sent to jail? Indeed. But that doesn't mean that “nothing can be done”, as you assert. People are people, they find a way to achieve their goals. And if simple and obvious way doesn't work they find a roundabout way.
Posted Mar 18, 2024 15:10 UTC (Mon)
by Wol (subscriber, #4433)
[Link]
And the assumption that "users of Rust" are "members of the Rust community" is tenuous, in itself ...
> [2] The parallels here with TFA's "voluntary practices to improve safety in C++" are richly ironic
The important thing with Rust - and what the REAL Rust community presumably say - is that you cannot write unsafe code BY ACCIDENT.
Either (a) you have to wrap your own code in "unsafe" markers, or (b) you should KNOW whether or not you trust other peoples' code you're importing. Assuming the library author isn't lying (and in general, why should they) then you should KNOW whether their code contains unsafe blocks, and more importantly WHY.
After all, if it's acceptable to call out to C/C++, surely a bit of unsafe Rust is a drop in the ocean :-)
Cheers,
Posted Mar 17, 2024 17:10 UTC (Sun)
by marcH (subscriber, #57642)
[Link] (2 responses)
Yes, and if the maintainer is "responsible" enough then the only, extremely well tested fix is to fork.
> It does not matter, if it's for free or not.
It very much does: most countries have laws that apply to business transactions. They obviously don't apply to random software you download from the Internet.
> If he doesn't want to be criticized for his work or can't handle it, he should not publish it.
Criticism is fine. Ignoring valid criticism is bad but it's perfectly legal. Repeating criticism that is legally ignored is called harassment. It's illegal in many places.
Posted Mar 17, 2024 17:14 UTC (Sun)
by mb (subscriber, #50428)
[Link]
Wow. I'm speechless.
Posted Mar 17, 2024 18:32 UTC (Sun)
by marcH (subscriber, #57642)
[Link]
I forgot: there's also a quote about doing the same thing over and over again and expecting different results.
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
Publish something and get feedback. That includes positive and negative feedback.
Herb Sutter on increasing safety in C++
Wol
Herb Sutter on increasing safety in C++
They "stole" and open source project. How? By making the original author step back? Oh pardon, by "expelling" him?
I guess many people then also stole my old projects that I don't maintain anymore and I stepped back from.
https://www.theregister.com/2020/01/21/rust_actix_web_fra...
Herb Sutter on increasing safety in C++
Wol
Herb Sutter on increasing safety in C++
Obsolete opinions die.
Herb Sutter on increasing safety in C++
Wol
> There's a big difference between taking over an abandoned project, and muscling in on a project that the creator is actively working on.
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
I have *never* said that abuse and bullying is acceptable. Abuse and bullying is never acceptable, if course.
Herb Sutter on increasing safety in C++
Wol
Herb Sutter on increasing safety in C++
That all confirmed that he is not a victim but rather a very unprofessionally acting person, to say it mildly.
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
The author is not the victim.
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
https://github.com/actix/actix-web/pull/968
https://github.com/actix/actix-web/pull/822
https://github.com/actix/actix-web/pull/335 (note reverted after merged)
https://github.com/actix/actix-web/issues/289
https://github.com/actix/actix-web/pull/1303
https://github.com/actix/actix-web/pull/1328
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
> That you and mb think that kind of behaviour is acceptable, indeed you appear to be _celebrating_ it, suggests the "Rust community" has learned _nothing_ from that episode - so far as your comments are representative.
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
> I feel like this sort of thing is an area where there is a huge disconnect between people actually involved with the rust project or any projects of note (like e.g. Steve Klabnik, who condemned this strongly in the blog post linked) and a certain genre of poster especially prevalent on places like reddit, where this kicked off.
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
Wol
This post suggests we're reaching (if not going beyond) the point where it might be a good idea to wind down this conversation. I don't think there's much more to be said that might change anybody's mind.
This might be a good stopping point
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
That's what he did.
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
> That's what he did.
The whole point of this thread is that apparently it was NOT his free choice. He was *driven* out.
Wol
Herb Sutter on increasing safety in C++
There is no loss for the maintainer to continue to maintain the project in private or as a separate minor project.
if the maintainer does not care about the users, it should be no problem to maintain a fork.
Herb Sutter on increasing safety in C++
Wol
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
I do my best to avoid unsafe code, because it is risky for my users.
If a user comes and suggests to replace unsafe code with a equivalent safe alternative, I will be grateful. I will apply it.
If there is a vulnerability in my published code, I am responsible for doing my best to fix it ASAP or at least to clearly mark it as vulnerable ASAP if I don't have the time to fix it. Users depend on my work. Users trust me. That makes me responsible.
I do my best to reduce risk for my users.
If I would not care about my users, I would not publish my projects.
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
Therefore, that cannot be the reason for the step down.
He could have just continued with his "me driving in the right direction and 1000 people driving wrong".
And most important, don't complain, if all users tell you that you are wrong. Because most likely you are wrong.
Herb Sutter on increasing safety in C++
[2] Which can include "happy wife, happy life" euphamisms.
Herb Sutter on increasing safety in C++
I think the user might be right.
But that means that I will *have* to leave the project, if the majority of users wants a feature that I reject.
I can still maintain the project without this feature in private or as a fork.
I really don't see the problem.
I would not loose anything.
IMO that is pretty obvious.
But ya know. I might be wrong. Who knows.
Herb Sutter on increasing safety in C++
> I think the user might be right.
Wol
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
I think the user might be right.
Herb Sutter on increasing safety in C++
That has nothing to do with "hijacking".
And so were his responses in the PRs trying to improve that code. Please look at it.
The major part of free software is collaboration, communication and technical improvements. All three of which the maintainer failed at, in the opinion of many users.
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
You see, the author complains about stuff that he does, too.
You are disagreeing with me and instead of going your way and forking this discussion to somewhere else, you keep on "harassing" me (by your definition) by trying to push your opinion onto me.
How rude. I am the victim. (Not really. It's called a discussion.)
It's a discussion that, I think, has run its useful course and beyond; perhaps we could bring it to a close, please?
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
So? That means users can't complain about unsafe code? The developer is a "victim" for defending his unsafe code?
If I feel unhappy about unsafe code in a project that I use, I will complain. That is my right. It is the right of the developer to not listen. If the developer takes it personally, that is the developer's decision. He's not a victim. He's just wrong, from my POV.
Herb Sutter on increasing safety in C++
> So? That means users can't complain about unsafe code? The developer is a "victim" for defending his unsafe code?
Wol
> You have no right to tell me my priorities for my code are wrong.
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
In Rust you almost never trade safety for speed. That's not how Rust works.
If your point is right, the project must be much slower today.
Is it?
But if a developer publishes some code, the developer must be able to live with feedback.
And if a developer publishes code that goes against the fundamental rules of the ecosystem and receives the corresponding answers, then he's not a victim. He should either learn from the answers or step back from the project and continue it in private.
Be responsible for the things you do in public.
> If your point is right, the project must be much slower today.Herb Sutter on increasing safety in C++
Is it?
ntex to play benchmark games, community got something they may trust.Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
unsafe in Actix-web but the attitude that removal of unsafe needs a justification, while using them when pesky compiler complains is fine.unsafe words per see.unsafe code blocks… how do you deal with that?Herb Sutter on increasing safety in C++
I guess they took the other extreme and also removed all unsafe code that made sense? Or is the architecture so broken and it can't work safely and fast at the same time?
> Or is the architecture so broken and it can't work safely and fast at the same time?
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
[2] The parallels here with TFA's "voluntary practices to improve safety in C++" are richly ironic
> ....congratulations, Rust is finally beginning to have to grow up and face the harsh fact that in the real world, developers will write crappy [1] code that violates any number of "cultural norms" or "best practices" [2] and there is *nothing* that can be done about it!
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
Wol
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++
Herb Sutter on increasing safety in C++