1. 5

    I kind of disagree on the compile errors. IMO, the compile errors in Rust generally tend to be much more clear and helpful than other compiled languages. The worst-case messages when doing complex things with generics can get pretty ugly and indecipherable, sure. I suppose it’s better to be able to do complex things with types and suffer the errors when you get it wrong then to be forbidden from doing complex things at all.

    I mostly agree on the async. I just finished updating a few of my basic projects to async/await, and I still find it confusing exactly what it’s doing. Though most of my projects are at the scale where I’d rather just run whatever it is synchronously, since they’re just simple CLI tools that don’t really do anything else. It seems like the way to work now is just sprinkling async/await everywhere like magic pixie dust, and it’ll all work somehow, but you have no idea what it’s really doing.

    Definitely agree on package management. It’s very disappointing that Go package management is still kind of a mess, mostly as a result of many projects not having really bought into the mod system yet, since Go existed for many years with either no module system or like 5 competing ones to choose from.

    Also result and option. They’re great, and so is the built-in ? pattern. IMO, Go could really stand to have some syntax sugar around the if err != nil { return err } pattern.

    I also don’t understand the complaint about switches needing to be exhaustive. You can easily set a default case with _. You just have to create it explicitly and define exactly what happens there. Seems like a good thing to me.

    I haven’t had much trouble with the borrow checker and lifetimes lately either. Maybe I’m just writing simple things, or maybe I’ve come to a more rust-y way of thinking that makes it easier to avoid those kinds of errors before they happen.

    1.  

      The compile errors are generally good, but complex generics will make compilation errors in any language incomprehensible.

      Exhaustive switches are really a small issue for me, just a difference. I understand why they need to be exhaustive and why that can be good. That‘a why they were in the middle category.

      Async started making more sense to me once I started putting stuff in Arcs, but because everything gets moved into async blocks, it can be painful to copy everything in. Especially if the goal is to just run something like the DB in a different thread pool. You have to clone all values you need to use for lookups (and the DB handle) outside the async block then queue up the task to await on it… this can be fairly painful if you need to run multiple queries, doing this multiple times… maybe I’m missing something

      1.  

        The compile errors are generally good, but complex generics will make compilation errors in any language incomprehensible.

        Agreed. Just ran into some of those when working with some Typescript. All of the generics and inference everywhere tends to make things messy.

        Async started making more sense to me once I started putting stuff in Arcs, but because everything gets moved into async blocks, it can be painful to copy everything in. Especially if the goal is to just run something like the DB in a different thread pool. You have to clone all values you need to use for lookups (and the DB handle) outside the async block then queue up the task to await on it… this can be fairly painful if you need to run multiple queries, doing this multiple times… maybe I’m missing something

        Now I’m not completely sure about this - like I said, I don’t feel like I really understand async that well, and I don’t know your DB library. But I think that async is meant to fix that exact problem. Full threads generally need things to be moved into them, because the compiler can’t prove that they end at a particular time. It should be possible to borrow when calling an async function that you’re awaiting though, because now the compiler does know that the task will end before the rest of your function.

        1.  

          At least with tokio, I believe when you try to use something like spawn_blocking, it requires you to use an async move block meaning you can’t pass borrows, even if you await on that spawn_blocking because it requires that the async block is 'static as well.

          EDIT: with additional research, I’ve stumbled across block_in_place which doesn’t have the static requirement and should still pass control back. Just need to figure out how to best clean up the API and I think that will be enough of an improvement.

          1.  

            Note that I was advised to not use any of the block methods from Tokio in an async/await application. Seems you’re just supposed to await a Future in an async function, and let Tokio worry about how to handle the execution.

    1. 3

      This is a great article!

      I loved both the C part (which did not surprise me at all) and the Rust part (where everything was new to me). I am left with the somewhat strange feeling that I actually prefer the C way of doing things. The “simple” Rust program does too many things under the hood and this makes me uncomfortable.

      1. 8

        you prefer the subtly broken implementation that half works on latin-1 left-to-right text? Imagine this on japanese or korean, or in a right to left script like arabic or hebrew. You can still use OSstring in rust or access the raw bytes if you need to, but why not use the safe version by default?

        1. 1

          The thing is that both implementations may be broken, but the C code is more explicit. When it fails, or it receives bad input, I can look at the code that I have in front of me and understand why it fails, and maybe how to solve it. Let us say that the rust code receives a malformed argument string, where an invalid utf sequence contains a byte with the value ’ ’. What will happen? Will the iterator break? Or the upper case conversion? Or will my program break before even the first line of my program? I always get this kind of anguish about the inevitable impredictability when working in “high level” languages.

          1. 11

            Let us say that the rust code receives a malformed argument string, where an invalid utf sequence contains a byte with the value ’ ’. What will happen?

            if I’m understanding your question correctly it’ll panic when it attempts to put it into a string, which is what the example in the article shows. What it won’t do is happily continue until it reads outside its buffer or causes some other error by corrupting memory.

            When it fails, or it receives bad input, I can look at the code that I have in front of me and understand why it fails, and maybe how to solve it.

            you may be able to, I don’t think I can. I don’t think I’m particularly inept, but this is incredibly subtle and complicated work that people get wrong all day every day

            1. 8

              The nice thing about Rust here is that “breaking” will usually consist of the program panicking and exiting without doing anything unexpected or dangerous. Most of the time, such panics are caused by unwrap or expect statements where you didn’t think an error case could happen, but it infact did.

              What seems to be very common with the C bugs, and almost, but not quite entirely, unheard of in Rust (and other safe languages) is memory unsafety issues, including leaking, corruption, disclosure, and even RCE based on coding errors.

              1. 5

                Let us say that the rust code receives a malformed argument string, where an invalid utf sequence contains a byte with the value ’ ’. What will happen?

                That depends on how you retrieve the arguments. If you want the user to pass only valid Unicode, you’d retrieve the process arguments with std::env::Args(), which will panic if any of the arguments are not valid Unicode. This enforces argument validity at the boundary of your program.

                If arbitrary byte sequences make sense, too, you’d retrieve the process arguments with std::env::ArgsOs.

                If you want valid Unicode arguments, but want to handle malformed input gracefully rather than panic, you’d retrieve the process arguments with std::env::ArgsOs, try to parse them to UTF-8 with OsStr::to_str, and handle success and failure of the parsing attempt.

                match arg.to_str() {
                    Some(arg) => println!("valid UTF-8: {}", arg),
                    None => println!("not valid UTF-8: {:?}", arg),
                }
                

                All of this is set out more elaborately in the article, starting at Now for some Rust.

              2. 1

                C strings are null terminated arrays of bytes, as they are defined in the standard. Sometimes those bytes represent text, sometimes they do not. Some text is encoded in ASCII, some in UTF-8, and some in other encodings. Some Unicode encodings, like UTF-16, can’t even be stored in a C string, because they contain null bytes.

                This isn’t “subtly broken”, it’s just a different level of abstraction to Rust.

              3. 4

                Understandable take. What kind of under-the-hood manipulation of raw strings do you imagine needing? (Rust does provide ready access to the bytes of a String as needed, just in case.)

              1. -6

                As usual with Rust articles about this sort of thing it started off quite well (really well!!) and then turned into a “write some obviously incorrect C code then point at it and say C code is incorrect”.

                Of course C doesn’t have UTF-8 strings built in. Why would it? There are a great many C programmes running in the wild on systems with less memory than the size of the tables you need for Unicode support. Comparing over and over and over again that you can do string things easily in a few lines of Rust is really boring, especially when you’re not comparing to, say, ICU, but to your own bad C Unicode implementation that you purposefully implemented badly to make a point.

                Of course C isn’t memory safe. This isn’t news to anyone. You don’t have to spend pages and pages and pages going on about it.

                You know what Rust doesn’t in fact prevent you from having to deal with? Proprietary libraries that do malicious things. Malicious functions that cast their inputs to nonconst pointers and modify them are possible in malicious Rust libraries too. The solution is free software, it’s not using proprietary libraries you can’t inspect.

                If you’re going to compare Unicode, compare ICU to Rust. You can still make all the same points about memory safety, if that’s what you’re actually concerned about. But it seems all this article is concerned about is to find reasons to criticise C unthinkingly.

                1. 16

                  If this article’s problem is that it criticizes C unthinkingly, then surely, the numerous links to the various CVEs demonstrate that many people are using C unthinkingly. According to you, I suppose we should blame those people for using C unthinkingly and for missing “obviously incorrect” C code. It should be manifestly obvious that the entire point of Rust is to reject this way of thinking and instead improve on the tools to prevent the need to detect “obviously incorrect” code in the first place. That’s also one of the points this article made several times over, albeit with a thick layer of snark at pretty much exactly the attitude you are repeating here.

                  You know what Rust doesn’t in fact prevent you from having to deal with? Proprietary libraries that do malicious things. Malicious functions that cast their inputs to nonconst pointers and modify them are possible in malicious Rust libraries too. The solution is free software, it’s not using proprietary libraries you can’t inspect.

                  Classic. Because Rust isn’t a panacea we can’t compare its effectiveness at preventing bugs that keep reoccurring with other tools? Nevermind the fact that said malicious functions in Rust must be clearly demarcated somewhere with an unsafe annotation. So even then, Rust is going to make auditing said problems easier than other languages where the default is unsafe.

                  1. 0

                    If this article’s problem is that it criticizes C unthinkingly

                    If the article had compared how easy it is to get code using Rust’s strings right using the ICU crate for Rust vs how easy it is to screw up when using ICU, that would be a fair comparison. In both cases you’re writing code that uses a comprehensive Unicode library to do some basic string munging, and I wouldn’t be even a bit surprised if the end result was that the Rust code was shorter, simpler, easier to write, easier to read and safer.

                    If the article had compared actually implementing the Unicode support in Rust on top of raw bytes in a naive way vs doing the same in C, and shown how Rust helps you avoid the problems you encounter when you try to do things naively, that would have been a really valuable article showing how Rust helps you avoid problems in C code. I’d be interested to know how many uses of unsafe there are in the Unicode string handling bits of Rust’s standard library. How many places is it necessary for good performance? How many could you eliminate with only small performance loss (unnecessary bounds checking, for example).

                    Instead the article compares implementing UTF-8 string handling in C with just using the built-in UTF-8 string handling in Rust, which doesn’t seem fair to me. It’s like saying Rust is a worse language than Python because Python has HTTP built in and the author’s implementation of HTTP in 10 lines in Rust has some serious issues. That’s what I’d expect! Different languages are different levels of batteries-included and in C’s case, the battery that’s included is arrays of bytes, anything else is up to libraries.

                    So yes I do think that the criticism of C in the article is pretty unthinking.

                    Classic. Because Rust isn’t a panacea we can’t compare its effectiveness at preventing bugs that keep reoccurring with other tools? Nevermind the fact that said malicious functions in Rust must be clearly demarcated somewhere with an unsafe annotation. So even then, Rust is going to make auditing said problems easier than other languages where the default is unsafe.

                    If you’re linking to an arbitrary closed-source Rust library then you can’t tell where they wrote unsafe. The article, remember, says:

                    This would pass unit tests. And if no one bothered to look at the len function itself - say, if it was in a third-party library, or worse, a proprietary third-party library, then it would be… interesting… to debug.

                    Which is a good point: proprietary third-party C libraries can do anything, really. It’s not unreasonable to point out that there’s nothing stopping a proprietary third-party Rust library from doing anything either, including unsafe code that you can’t even find with grep, and it would be just as interesting to debug. But also the whole actix-web situation shows that a community attitude that unsafe should be treated with suspicion doesn’t hold for every Rust library author. Large amounts of unnecessary unsafe isn’t necessarily audited just because it can be audited, just like large amounts of C isn’t necessarily audited just because it can be.

                    I didn’t say that Rust was bad, or that it shouldn’t be compared to other languages. I merely said that it’s unreasonable to compare intentionally-poorly-written-and-incomplete code in one language with the standard library of another regardless of language. If the whole point of the article is just ‘C isn’t memory safe, Rust is’ then good job, I guess? Probably doesn’t require that the article is quite so long though. But of course it isn’t. The point of the article is closer to something like ‘string handling in C is primitive compared to string handling in Rust using the Rust standard library and thus C is worse than Rust’.

                    According to you, I suppose we should blame those people for using C unthinkingly and for missing “obviously incorrect” C code. It should be manifestly obvious that the entire point of Rust is to reject this way of thinking and instead improve on the tools to prevent the need to detect “obviously incorrect” code in the first place.

                    But Rust doesn’t prevent you from writing incorrect code, does it. It prevents you from writing memory-unsafe code that isn’t explicitly marked as unsafe. You can implement UTF-8 string handling poorly in Rust, just like you can in C. The difference is that if you do so in Rust, and you don’t write unsafe in any of your code, then the result will be a panic or incorrect behaviour and not a buffer overflow.

                    Is that a valuable property? Yes. Rust’s memory safety guarantees are valuable. I bolded that so it’s clear I’m not saying Rust is bad or useless because it isn’t a panacea, which seems to be how you’ve interpreted my comment.

                    It’s also a well known property. A much more interesting property that Rust may or may not have (I do not know) is ‘helps write low-level string handling code correctly’. C does not help you do this correctly, as shown by the incorrect string handling code in the article written in C. But does Rust have this property? We don’t know, because the author doesn’t tell us. All it tells us is that someone’s written good string handling in Rust, and the well known fact that Rust gives memory safety guarantees. A lot of text for not much.

                    That’s also one of the points this article made several times over, albeit with a thick layer of snark at pretty much exactly the attitude you are repeating here.

                    I think it’s really very rude of you to ascribe my attitude as the tired old ‘C is fine just write correct code, thus Rust is pointless’. That’s not my view and not at all what I said or implied.

                    1. 0

                      Personally, I think you’ve completely missed the point of the article.

                      But now that I realize you are milesrout, I’m just going to go back to ignoring you. It’s just not a productive use of my time to talk to you. I wouldn’t have responded to you originally if I had known who you were. But you had changed your username (and have since changed it back).

                      1. -4

                        You’re a childish troll. I make multiple constructive comments and you purposefully misinterpret them then make personal attacks.

                        Lobsters is obviously not a good place for you to be. I suggest you go back to your horses of uncritical adoring fans on leddit who assume everything you say is good and true and correct just because you wrote ripgrep. Leave the serious discussion to people that can act like adults.

                        The only other logical explanation is that you didn’t understand my comment somehow.

                        1. 1

                          Perfect example of why I ignore you on this site. It was going well. I’ll just have to make sure I check user accounts now before responding to an unfamiliar username.

                          1. 0

                            It was not going well. Both comments you made are as if you didn’t even read the comments you were responding to.

                            1. 0

                              Oh, no, it was. I have successfully avoided interacting with you for quite some time. There have been times where I’ve started writing a comment reply to you before seeing the username, after which I would delete what I wrote before responding. But you changed your username and I managed to get sucked into your bullshit. So I’ll be more careful in the future.

                              1. -2

                                Just stop. You’re embarrassing yourself. Anyone can see that you can’t handle being wrong and just resort to personal attacks and mindless flaming as soon as someone says something you can’t come up with a snappy reply to.

                                “Personally, I think you’ve completely missed the point of the article.” Do you state what you think the point of the article is? No, of course not. Because that could actually be responded to. That could actually be discussed. Instead you just resort to personal attacks and trolling. You should be ashamed of yourself.

                  2. 10

                    Of course C doesn’t have UTF-8 strings built in. Why would it? There are a great many C programmes running in the wild on systems with less memory than the size of the tables you need for Unicode support.

                    People have already addressed the other points. But this is suggests that you can’t support UTF-8 without large unicode tables, which is false. One can do many useful things with UTF-8 data and UTF-8 strings without unicode tables, such as:

                    • Validating that a byte stream/array is valid UTF-8, which only requires looking at the leading bits.
                    • Determining code point boundaries, which again only requires at leading bits. This results in many useful things, such as being able to: count the number of code points, indexing into code points, iterating over code points, etc.
                    • Re-encode to another unicode encoding (UTF-16, UTF-32).
                    1. 1

                      I totally agree, those would be some really nice very useful library functions to have standardised. I suspect they won’t be, just because they’re not especially difficult to implement correctly and portably already compared to the effort required in standardising them, but it would be nice.

                    2. 6

                      The solution is free software, it’s not using proprietary libraries you can’t inspect.

                      I think the evidence is clear at this point that free software (whether we mean free as in beer or speech) in and of itself does nothing to help security or reliability. Witness Heartbleed. Present in open-source software for years. The “bazzar” didn’t find it. Volunteer developers didn’t find it.

                      Not to mention the constant stream of 0-days popping up and getting fixed in major browsers, all of which are open source, and basically none of which have security bugs found and fixed by community volunteers AFAIK.

                      It seems clear that, based on evidence, neither being open to a world full of possible inspectors or having dozens of specialized testing tools and hundreds of highly paid experienced engineers can prevent software in C from exhibiting memory unsafety errors. Rust seems to show much more potential so far.

                      1. 6

                        You know what Rust doesn’t in fact prevent you from having to deal with? Proprietary libraries that do malicious things. Malicious functions that cast their inputs to nonconst pointers and modify them are possible in malicious Rust libraries too. The solution is free software, it’s not using proprietary libraries you can’t inspect.

                        Rust’s implementation is F/L/OSS, the most conveniently-accessible libraries in Rust (the ones on crates.io) are all source-available, and, since Rust has no stable ABI, the best way to provide a first-class Rust library experience is to make its source available. Obviously the Rust core team can’t make all the proprietary libraries not exist, but they’ve thoroughly optimized in favour of free software ones.

                        Nobody’s going to ask you to choose between free software and Rust. The obvious best option is both.

                      1. 5

                        For such a vague question, beats me. I’d first want to research the problem domain some more. What systems will I have to interact with, and what protocols do they support? Is it all normal, common stuff with good lib support in every popular language, or is it a niche thing where the only really good lib is in one particular language/framework? For ex, if you have to work with SQL Server and ActiveDirectory and deploy on a Windows server, you’re setting yourself up for a world of pain and misery if you use anything but MS stuff, ideally C#.

                        Are you an in-house developer, or an external consultant, expecting to build something and then leave it to in-house team to run? You should probably pick whatever the company team knows best, absent a strong reason to use some other thing. Or at least something that’s reasonably easy to hire in, instead of some cool super-niche thing that you’re playing with this week.

                        Is it web stuff, or mobile, or desktop? That’ll inform a lot. I’m fairly sure from what I’ve read lately that, if you’re doing mobile, you’re best off using the platform’s primary language - Kotlin for Android, Swift for iOS, or else just stick to the web. For desktop apps, getting things to work and look right in anything but the primary language can be a real drag - hello Swift, Obj-C, C++/MFC, C# with WinForms or WPF. Or just go Electron and eat the extra app size.

                        I will say that for web, I’m inclined to pick Ruby on Rails first, absent some strong reason to use something else - perhaps there’s an awesome lib for something critical I need to do in Python. There’s just such nice support built-in for common standard stuff in Rails, and a huge pile of battle-tested gems to do most anything else.

                        Most other languages have their well known domains. Python with Pandas and other such things seems to be quite popular for hardcore data analysis stuff, so I think I’d need to look at that closer if that’s what the project is all about. I’m feeling rather fond of Rust lately for CLI stuff where speed and real multithreading is important. Still overall, you should be able to take what you know about the language ecosystem and the problem you’re dealing with, and make a choice.

                        1. 2

                          I didn’t know Vim started on Amiga, that’s neat. Personally, I hate vimacs and use Sublime, VSCode and Idea, but neat still.

                          1. 4

                            I literally can’t use a text editor if it doesn’t have a solid Vim extension of some kind. I even struggle to use GUI word processors. Thankfully pretty much every programming editor in existence has Vim emulation :-)

                            1. 3

                              But I haven’t found one vim emulation without bugs. All of them get the basics right but even things like undo are sometimes acting very strange.

                              1. 3

                                ideavim (with vim-surround, the only vim plugin I personally really really need) for intellij, and evil mode in emacs both work for me. That’s from someone who used to rely on a lot of vim plugins (https://github.com/chelmertz/dotfiles/blob/master/.vimrc) but now enjoy java through an IDE (!) at work.

                                1. 2

                                  I’ve noticed this too. Some are that real Vim just has so many freakin’ features that nobody has time to implement all of them. Some seem to be fundamental incompatibility with the host editor. In most GUI editors, window splits are top-most elements, and each has their own tab collection, while in Vim, tabs are top-most, and each one can have any number and configuration of window/splits showing any combination of files.

                                  Still, even basic Vim navigation and editing feels so much more productive than GUI editors.

                                  1. 2

                                    I think this depends upon your level of VIm mastery. I’ve been using Vim for years but may not plumb its depths as much as you folks since I use and love both IdeaVim and the VSCode Vim extension and find them to be fabulous for the work I do.

                                2. 1

                                  I didn’t know Vim started on Amiga, that’s neat.

                                  The Amiga ecosystem created a number of seminal applications that have descendants still being used today.

                                  As a for-instance Lightwave 3D is a direct descendant of Videoscape 3D, the first 3D rendering package I ever used :)

                                1. 1

                                  Feels funny to have this story on the frontpage directly above the story with this line

                                  1. 1

                                    I think Chrome and Firefox still have the CAs for Google and Facebook pinned?

                                    1. 1

                                      IIRC, they do, but it’s hard-coded in the browser, and can’t be activated for other sites by HTTP headers or anything.

                                    1. 3

                                      After thinking about this post for a while, I wanted to note another point of view on some of the complaints. He complains that there’s a lot of process around making changes. I’d say that’s just the cost of making decent quality software that is used by billions of people around the world, in hundreds of languages, in tens of thousands of different configurations, weird workflows, unusual hardware combinations, etc. Yes, somebody needs to thoroughly test it for all of the weird edge cases. Yes, somebody needs to translate and internationalize all of your text and such to all of the supported locales. Yes, you really do need to fix all of those edge cases that those testers found. Yes, you really do need to find and fix any security holes it has or creates. Ditto writing user manuals and developer documentation, updating any docs that are related to the change, etc.

                                      All of that stuff is not terribly fun and exciting to do, and may hit some other team’s budget in a way they don’t like. Maybe there’s some room to optimize things so that this isn’t quite so hard of a sell to those other teams, I don’t know. I do know that it’s hard to call yourself an operating system that’s ready for worldwide use if you aren’t doing those things for every single change. How well do Linux and the related project do those things? I honestly don’t know. If they are supposedly getting some kind of efficiency gain by not doing those things, then Linux doesn’t belong on the desktop.

                                      1. 52

                                        nine-to-five-with-kids types

                                        God forbid people have children and actually want to spend time with them.

                                        As someone with kids, I’m reasonably sure I’m pretty good at what I do.

                                        1. 40

                                          The second statements includes a retraction of sorts:

                                          P.S. I have no problem with family people, and want to retract the offhand comment I made about them. I work with many awesome colleagues who happen to have children at home. What I really meant to say is that I don’t like people who see what we do as more of a job than a passion, and it feels like we have a lot of these people these days. Maybe everyone does, though, or maybe I’m just completely wrong.

                                          I disagree with them that it’s wrong to see your work as a job rather than a passion; in a system where it’s expected for everyone to have a job, it’s bullshit (though very beneficial for the capitalist class) to expect everyone to be passionate about what they’re forced to do everyday. Nonetheless, the retraction in the second statement is important context.

                                          1. 14

                                            Owning stock was supposed to fix this, rewarding employees for better work towards company growth. However the employees are somehow not oblivious to the fact that their work does not affect the stock price whatsoever, instead it being dependent mostly on news cycle about the company and their C-level execs (and large defense contracts in the case of Microsoft).

                                            1. 7

                                              Your appeal to our capitalist overlords here is incorrect. It’s a symptom of capitalism that you have people at work who are just punching in and don’t have a passion for it. If we weren’t bound by a capitalist system, people would work on whatever they’re passionate about instead of worrying about bringing home the bacon to buy more bacon with. Wanting people to be passionate about their work is a decidedly anti-capitalist sentiment, and wanting people to clock in, do their job, clock out and go home to maintain their nuclear family is a pretty capitalist idea.

                                              1. 2

                                                I agree with you.

                                                in a system where it’s expected for everyone to have a job, it’s bullshit (though very beneficial for the capitalist class) to expect everyone to be passionate about what they’re forced to do everyday.

                                                That’s true I think, undoubtedly. You can “fix” it by accepting people who aren’t passionate, or by replacing the system where people need a job to survive. I’d definitely prefer to fix it by replacing the system, but in any case, blaming 9-to-5-ers is wrong - they’re victims more than anything, forced to work a job they’re not passionate about instead of going out on whatever unprofitable venture captures their heart.

                                                1. 1

                                                  or by replacing the system where people need a job to survive

                                                  How do you propose we do that, without literally enslaving people? And without causing necessary but often necessarily low-passion jobs (like sorting freight in a courier company, at 1AM - one of my jobs as teenager) to simply not get done?

                                                  I mean, what you’re really proposing is that some people get to go on ‘whatever unprofitable venture captures their heart’ while … what? Someone else labours to pay their way?

                                                  I personally think that it’s entirely reasonable to accept people whose passion isn’t their job, provided they’re professional and productive. There’s nothing here to fix, really, beyond rejecting the (IMO) unrealistic idea that a good employee has to be passionate about their work.

                                                2. 1

                                                  Every time we’ve tried an alternative at scale it’s led to mass murder, or mass starvation, or both.

                                                  You’re also ignoring the fact that some jobs are just plain unpleasant. I’ve worked some in my youth. It’s reasonable not to be passionate about those; they’re either high paying because they’re unpleasant but skilled, or the lowest paying job because they’re work you do because your labour isn’t valuable in any other way.

                                              2. 9

                                                As another kind of beef against that line, in my experience, people working crazy long hours on a consistent basis generally aren’t doing it out of some kind of pure passion for the project, implementing a cool amazing design, etc. They’re usually pounding out ordinary boring features and business requirements, and are working long hours because of poor project management - unrealistic promises to customers, insufficient resources, having no idea what the requirements actually are but promising a delivery date anyways, etc. IMO, anyone with any wisdom should get out of that situation, whether or not they have kids.

                                                Also IME, those who do have genuine passion to build some cool new thing often don’t work long hours at all, or only do so for a short time period.

                                                1. 7

                                                  Someone I know could easily be working for Google or such, but he works for a smaller, non-tech, local company as a developer, so he can spend his free time building the projects he likes (or the luxury of not having to at all), instead of some absurd scale megacorp thing which will drain all the free time he has. (Or specifically, build the great thing you want to, and not be subject to what say, Facebook wants.) IMHO, it’s pretty smart…

                                                2. 7

                                                  The anonymous author apologizes about this specifically in their follow-up.

                                                  1. 4

                                                    The apologies sound like something between a sincere apology for just blindly ranting at it all and an apology for apologies’ sake. It looks to me like the author actually feels (felt) closer to the way he described in the first message then the second. Not all the way, but somewhat.

                                                    1. 1

                                                      The apology is also written in an entirely different style. It’s not clear there’s strong reason to assume it’s the same person.

                                                      edit: reading through the comments, the blog’s owner says: “I won’t reveal how the anonymous poster contacted me, but I am 99.9% sure that unless his communication channel was hacked, he is the same person.” So, ok, it’s the same person.

                                                  2. 11

                                                    I know what people the author means though–not all these people have kids though, they’re just the ones who punch a clock from 9-5 and want to remain comfortable and don’t want push themselves to make great things. It’s not that these people want to make bad things, or don’t want to make great things, or aren’t capable of doing great work, they just don’t receive any self-fulfillment from work. I don’t blame these people for acting this way, I’d just rather not work with them.

                                                    The best dev on my team (by a long shot) is a 9-5 worker who never finished college, but accomplishes more in one day than most devs accomplish in a week or more. He aspires to do incredible work during his time and he exceeds every day.

                                                    1. 9

                                                      Once organizations get to a certain threshold of complexity, though, you need to be thinking much more about the incentives that are offered rather than the micro-level of which people want to do excellent things. You have to make it easier to do the excellent thing than not, and that can be difficult, or, in an org the size of Microsoft’s Windows kernel groups, basically, impossible.

                                                      1. 5

                                                        The comment was directed at the author’s “9-5 with kids” comment since the author is referring to the contributions of those people. Organizational structure produces different effects on products based on the personalities and abilities of those people within the organization.

                                                        In general, the bigger the organizational, the less risk-tolerance, but most actions incur some sort of risk. Also, staying with the crowd and doing what you’re told is safest, so inaction or repeating previous actions often becomes the default.

                                                        1. 2

                                                          Good point. It never makes sense to innovate and take risks in a large organization. If your gamble pays off, the pay off will invisibly pump up some vaguely connected numbers that will look good for some manager higher up. If it doesn’t pay off, it’s your fault. So, regardless of how good a gamble it was based on risk-reward ratio, it’s never favorable for you personally. Don’t expect your immediate superior to appreciate it either, even if the gamble pays off, because that person is also facing the same odds.

                                                      2. 7

                                                        As an anecdote, the eventually worst workplace I’ve been had a deeply ingrained culture of being passionate about work, and about being part of “a family” through the employer. It’s not entirely a healthy stance.

                                                        1. 4

                                                          I don’t blame these people for acting this way, I’d just rather not work with them.

                                                          Why not?

                                                          You said they want to make good things, great things, and can do great work. Why does someone else’s opinion of their job matter to you?

                                                          1. 5

                                                            It’s when people’s opinions affect the work they do. My point is they can do great work, but many don’t. Sometimes it manifests as symptom fixing rather than problem solving because it’s “whatever gets me out today by X, screw consequences later.” Other times it manifests as “I wasn’t told to do this, so I won’t”. When I’ve seen it, it’s often pervasive short term thinking over long term thinking.

                                                      1. 3

                                                        Too big a question to have a general answer. Note that some very large and popular languages still don’t have some of the listed requirements. I’m not sure why you would call out logging systems specifically at this level either - there are hundreds of features at this level that most would consider desirable for production software.

                                                        I’m sure a bunch of companies have created DSLs for various purposes that are probably in production, and solve a problem for them, despite having none of those, and barely even being a real language at all.

                                                        Meanwhile, I don’t think C++ has a package manager or index, and well that’s huge. And what does “IDE Support” mean? Any made-up language can be opened up in Sublime Text or something. If it means useful auto-complete, most dynamic languages, including Javascript, Python, Ruby, etc, still don’t really have that and pretty much fundamentally can’t.

                                                        1. 2

                                                          Nice achievement for sure. I wold caution against the general point though. IMO, adding a module in a second language to an open-source project is a last resort, as it will make it much harder for people to contribute. You should make very sure that there’s just no way to achieve your requirements through optimizations in the first language first, and then try to make the alternate-language bit a separate project, included through the usual package management systems.

                                                          1. 7

                                                            Saw this comment on HN

                                                            Good lord, this long-winded writing style is maddening to read! Here’s what he changed:

                                                            Set aSet = new HashSet();

                                                            to:

                                                            Set aSet = new HashSet(0);

                                                            His explanation:

                                                            “Most of these sets were empty for the entirety of their life, but each one was consuming enough memory to hold the default number of entries. Huge numbers of these empty sets were created and together they consumed over half a gigabyte of memory. Over a third of our available heap.”

                                                            I’m not sure he ever got around to explaining how it saved “half a million dollars”, though.

                                                            1. 5

                                                              Do you agree with this quoted comment, or are you critical of it?

                                                              Because to me it’s the worst of HN - an attempt at a TL;DR that’s simultaneously wrong and snarky.

                                                              There’s no mention of the discussion about how and when to optimize, no mention of the circumstances of the fix (old legacy code written in old Java), and it implies that anything longer than a tweet is not worth anyone’s time.

                                                              I was going to ask for a link to the quote but now I’m glad to let the author of this comment languish in obscurity.

                                                              1. 5

                                                                I kind of agree with the meat of the comment, though the tone seems a bit harsh. It’d be nice IMO to start with the change itself, then go onto why it was a huge boost, and then go into the discussion on how and when to optimize etc.

                                                                1. 3

                                                                  My bad, I should have given some more context

                                                                  Link to the original comment:

                                                                  https://news.ycombinator.com/item?id=21937783

                                                                  I commented it here because I found it pretty odd. As a non-developer guy who is pretty into tech, I think that HN community (also /r/programming on reddit) people are too critic towards other community members

                                                                  1. 2

                                                                    Thanks for clarifying, and I’m not going to interact with that comment on HN ;)

                                                                    I do hope that the discussion here is held to a higher standard. I enjoyed the linked post, and found it insightful.

                                                              1. 2

                                                                To my reading, the author puts a bunch of blame on C. I don’t think you can sum it up that simply, because most of the things he cites as limitations of C that CPUs had to work around are shared by basically all other modern languages. Thinking mostly about the micro-parallelism and branch prediction here, I don’t know as much about cache handling and data structure alignment. I think it could be more accurately stated that both programming language authors and CPU designers are still working together around some of the fundamental assumptions of C. There have been many innovations in both, but those assumptions still remain and are key to tying everything together. I’m not even sure what a language designed for maximum CPU efficiency would look like.

                                                                1. 2

                                                                  I don’t think the author blames C, I think the author blames the industry for doubling down on C.

                                                                  How are the described limitations shared by other modern languages? The author claims ILP (instruction-level parallelism) exists to optimize serial code, because C has minimal language facilities for writing explicitly parallel code.

                                                                  For parallelization, C has platform-dependent syscalls. Almost every other modern language has some kind of threading library. Many have abstractions like thread pools. What about Go? Imagine if C had goroutines and channels in 2005 when Sun’s 8 core / 32 thread SPARC was competing with single and dual core chips from IBM / Intel / AMD.

                                                                  The article also describes why the C memory model makes vectorization so hard. Aside from C++, no modern language shares those problems. Most of them don’t vectorize loops simply because everyone writing high performance code is already using C, or using explicitly vectorized libraries written in C (like numpy).

                                                                  1. 1

                                                                    There has been a lot of work towards making threading smoother and easier for developers to work with. All of it, though, seems to work towards higher-level threading, the programmer thinking about which sub-tasks make sense to take the effort to spin off a thread for. Much of the kind of compiler-level optimization I’m talking about is more at a micro level. Like if a function has 5 lines, which translate to 20 CPU instructions, how do we order those 20 CPU instructions so they can be executed by the CPU’s multiple execution units in a mostly-parallel way. Things like that, where the compiler actively works to keep as much of the CPU as possible busy, in ways that the developer in any language I know of can’t practically do.

                                                                    1. 1

                                                                      Compilers already do that. C just makes it extra hard because the C abstract machine has such incredibly weak guarantees. The article favors explicit parallelism, as opposed to parallelism delicately massaged out of the processor by reordering instructions like you describe.

                                                                      I don’t understand your point. Any language with a for…in loop provides opportunities for compiling to explicitly parallel instructions. Almost no one does it, because all the compiler work goes into optimizing C, and all the processors cater to C.

                                                                1. 2

                                                                  The best part about C: You can do absolutely anything in it.

                                                                  The worst part about C: You can do absolutely anything in it, so it’s now 100% on you to make sure you didn’t do anything dumb in your 100k lines of code.

                                                                  Spoiler alert - you probably did do something dumb, and won’t find out until the NSA/Russians/Chinese/North Koreans etc takes over your server with a 0-day.

                                                                  1. 2

                                                                    The best part about C: You can do absolutely anything in it.

                                                                    This is only true if you program alone and your programs are not meant to be used by anyone else. You may not even regard [yourself as a programmer] and [yourself as a user] as two distinct roles. In this extremely implausible scenario, you may say that you can do absolutely anything.

                                                                    As soon as there are two or more people/roles involved, inevitably one person/role will want to restrict what another person/role can do. Because, if you cannot restrict what others do, then you cannot rely on them doing useful things for you. At best, they will accidentally do things that you find useful, and you will have to take it as a gift.

                                                                    Cooperation is agreeing to a set of restrictions that lead to a better result for everyone than just working in isolation. Note that this is precisely what modularity is: The author of a module is not free to do literally what they want to. They have to communicate with other modules through their public interfaces.

                                                                    This is a very steep price that you pay when you use C. You cannot enforce modularity in the language. You can only hope that others will respect your module’s internals, and if they do, you will have to take it as a gift.

                                                                  1. 11

                                                                    Not that interesting to fix, but certainly interesting to find. We had an operation on one of our Ruby process worker servers that would get some data from one service, write it to a file, perform a few brief operations on it, and then send the data to another service. It always worked fine locally and in all development and testing environments, but would occasionally fail on being unable to find the file in Production. Seemed really strange - how in the world would a file get deleted with no explicit delete steps only a few lines of code after it was created?

                                                                    It turned out that we were using the Ruby Tempfile class, creating an instance, and then returning the path of that tempfile to be used by the next step. Turns out that the Tempfile Ruby class silently deletes its file on finalization, and instead of returning the whole object, we were just returning the path from it, and letting the actual object go out-of-scope when the method returned. Most of the time, that object would happen to stick around for a while, and no problem would be seen, but in the tighter memory conditions on Production, the GC would sometimes run between the steps, collect that object, and delete that file before we were done with it. D’oh. Lesson learned - pay close attention to the scope of your Tempfile objects, and don’t pass their paths around separately from the object itself.

                                                                    1. 5

                                                                      Had a similar issue! We learned that Tempfile.create[1] is what we wanted — it doesn’t automatically delete the file.

                                                                      [1] https://ruby-doc.org/stdlib-2.6.5/libdoc/tempfile/rdoc/Tempfile.html#method-c-create

                                                                      1. 2

                                                                        I tend to prefer:

                                                                        Tempfile.create do |file|
                                                                             #do stuff with file
                                                                        end
                                                                        

                                                                        That assures you the file will exist as long as you’re in the block, and that it’ll be disposed as soon as you leave it. Leaking tempfiles in case of errors has caused us problems too.

                                                                    1. 1

                                                                      A thing I thought of about this simulation stuff. If we’re a simulation, and we eventually produce our own simulation of a civilization just like ours, with individuals just as smart as we are, then wouldn’t that simulated civilization produce its own simulation of another equivalent civilization? Which then goes on to produce its own, and so on, until we have an infinite number of simulations just under us. Presumably there would be another infinity of simulations above us too. This seems kind of implausible, like it has to stop somewhere, right?

                                                                      1. 7

                                                                        It seems to go against most tech security narratives, but IMO, having a hard-to-crack password is of little to no real value. What’s actually valuable and important is to have a unique password for every site, no matter how trivial.

                                                                        It seems to me that if any attacker gets either a system interface where they can try a huge number of passwords without getting locked out, or retrieve the hash of the password to crack at their leisure, then that system is essentially already compromised beyond the hope of protecting anything on it. There’s no point in worrying whether cracking your password would take a millisecond or a month, on a Raspberry Pi or a ten thousand dollar AWS cluster.

                                                                        1. 2

                                                                          It’s not that unusual. It’s literally another xkcd comic

                                                                        1. -2

                                                                          it’s a clear case of premature optimization

                                                                          What is this whole page of text about then? If the thing you have now is working, you don’t need anything else; why even respond to people who obviously don’t know your requirements or reasoning behind tech choices?

                                                                          these are many times more frustrating to use than an embedded library that uses a flat file.

                                                                          This idea that pgsql or mysql are ‘hassle’ has been spouted a few times recently, with zero backup other than hand wavey statements that they introduce some complexity or are hard to configure. They’re both extremely well supported platforms and the ‘hassle’ is proportional to what you need them to do. For simple usecases there’s no ‘hassle’, unless you call reading a couple of pages of documentation ‘hassle’.

                                                                          1. 15

                                                                            What is this whole page of text about then? If the thing you have now is working, you don’t need anything else; why even respond to people who obviously don’t know your requirements or reasoning behind tech choices?

                                                                            So they’ll stop bothering you with their foolish requests in the future, clearly.

                                                                            1. 11

                                                                              This is a desktop program and its target audience is not people who are necessarily comfortable installing and configuring database servers. The alternative – bundling, or supporting distribution-specific setups for, an external database server – would be considerable hassle for the project. Simply using SQLite reduces any potential hassle, however minimal it would have ended up being in practice, to zero.

                                                                              1. 10

                                                                                I really learned the benefit of minimal runtime dependencies from the length of time I developed and delivered desktop apps. Users don’t want to care about your tech choices. Every dependency is something else you’re on the hook to support.

                                                                                1. 1

                                                                                  Also the benefit of building webapps. If you want some weird dependency, you only have to support it on your servers, where you choose the OS and setup, not on thousands of end-user systems with a huge variety of possible configurations.

                                                                            1. 2

                                                                              This is one that feels satisfying to read, but the position it seems to be arguing against is crazy enough that I have to wonder if anybody is seriously making it.

                                                                              1. 4

                                                                                This is super neat! That said, I think that ASCII/English has been really handy for giving all programmers a lingua franca for working together–I’m not sure throwing that away in the name of local identity is an unalloyed good.

                                                                                1. 7

                                                                                  The author addresses this in their talk at Deconstruct this year (not published yet, but will be eventually), and, in a less compelling way in http://ojs.decolonising.digital/index.php/decolonising_digital/article/view/PersonalComputer/3

                                                                                  Basically - yes, privelaging one language over another is not good, but that goes whether the language is English or Arabic. This is an art project, but a programming language that embodies these ideals would not have any canonical “name” for a given function, and instead would allow the programmer to map a human friendly name in any language onto the computer-friendly identifier (possibly a content-addressable system like unison). This also fixes lots of real problems with linking, etc (you don’t have to do name mangling, for instance).

                                                                                  1. 5

                                                                                    I guess I can see both sides. On the one hand, it’s nice to have as many people using the same programming language as possible, so that there are many libraries for those languages, and many users for them to find and fix bugs. In that point of view, non-English speakers having to learn a little bit of english to find docs and keywords and such is just a cost of doing business.

                                                                                    On the other hand, it’s nice to have a way for non-English speakers to get into programming without having to learn a foreign language. In that point of view, the cost of doing business is that they may get siloed into a small-time language without as much presence for libraries, docs, error message help, etc. But it might help people become interested enough in programming to explore other languages, when they might never bother without a taste from this.

                                                                                    What does all that come down to though? I wouldn’t want to actively suppress it or anything. Maybe just let users know that what the legitimate concerns are, and let them make their own choice on that to learn I guess.

                                                                                    1. 3

                                                                                      The Arabic script is not particularly well suited for use as a symbolic alphabet because of its highly cursive nature and the way that letter forms change based on location within a word. This is relevant to the script’s use as an ASCII-equivalent (and makes font layout rules for Arabic more complicated than for some other scripts), but also means that older technologies like the printing press were harder to adapt to Arabic-script languages.

                                                                                      It’s interesting to think about how an equivalent of ASCII (and precursor technologies like teletypewriters and telegraphs) would’ve been developed with respect to a non-Latin script. That said, I’m not personally particularly fond of the aesthetics of the Arabic script. There’s other alphabets I would be more inclined to see an alternate-world ASCII of - the Mxedruli script used by Georgian and a few other Caucasian languages, for instance, is really pretty and less well known than it should be.

                                                                                      1. 4

                                                                                        The story of typewriter for Hangul (Korean alphabet) is truly fascinating, but unfortunately mostly unavailable in languages other than Korean. For example, typewriters had two keys for “w” because of technical limitation of typewriters (they had difference advance). Modern computer keyboard layout inherited this even if technical limitation no longer applies.

                                                                                        1. 1

                                                                                          Or cunieform!

                                                                                        2. 2

                                                                                          it was a happy accident that the lingua franca for programming is also very well suited. the highly irregular spelling means more short strings are words, so short names can be more expressive.