https://github.com/actix/actix-web

reddit 上面感觉每一两个月都会有 actix 关于 unsafe issue/pr 跟作者吵架的帖子。这次又是，没过两天，结果昨天作者发推：
https://twitter.com/fafhrd91/status/1218135374339301378
I am done with open source.

reddit 上面有人总结的事件经过：
TLDR:

<unknown> commented: The following code is unsound:

https://github.com/actix/actix-net/blob/7c5fa25b23a802b27e8066caf4e01e3c2cedeb35/actix-service/src/cell.rs#L34-L36

This uses Rc::as_ref() to obtain a reference to the underlying data, which does not guarantee uniqueness. It is possible to obtain several mutable references to the same memory location by calling this function repeatedly:

let mycell = Cell::new(vec![1,2,3]); let ref1 = mysell.get_mut(); let ref2 = mysell.get_mut(); // obtained a second mutable reference; UB starts here

This may lead to arbitrary memory errors triggered from safe code, the most common of which would be use-after-free. These two references do not need to exist in the same function to trigger undefined behavior, they only need to exist at the same point in time.

A proper way to implement Cell:get_mut() would be calling Rc::get_mut() which guarantees uniqueness instead of Rc::as_ref().

fafhrd91 commented: This is internal code. There is no repeated call to get_mut() anywhere in code

fafhrd91 commented: Please, don’t start

Shnatsel commented: These two references do not need to exist in the same function to trigger undefined behavior, they only need to exist at the same point in time.

An easy way to see if this is a problem in practice is replace .as_ref() with .get_mut().unwrap() and see if anything panics.

cdbattags commented: @fafhrd91, I don't think "unsound" was meant to be personal or offensive.

Why close this so quickly?

fafhrd91 commented: I need unit test that shows UB.

...

fafhrd91 commented: this patch is boring

CJKay commented: So is resolving silent data corruption.

bbqsrc commented: @fafhrd91 seriously? Please just stop writing Rust. You do not respect semver, you do not respect soundness, so why are you using a language predominantly based around doing these things right?

JohnTitor commented: @bbqsrc I understand your point, but that doesn't mean you should use offensive words.
--
FROM 122.59.30.*

steve klabnik（the rust programming language 作者）发了一篇文表示遗憾：
https://words.steveklabnik.com/a-sad-day-for-rust

这里有个更完整点儿的事件经过
https://gist.github.com/mafrasi2/debed733781db4aba2a52620b6725adf

其中有一条
Nemo157 commented: As a PoC this patch applied to actix-net passes all tests, and when the second playground is run against it under Miri it soundly fails with thread 'main' panicked at 'already borrowed: BorrowMutError' from within the AndThenServiceResponse. Presumably this requires benchmarking/more exhaustive testing which I don't have time to do, but if someone wants to take the patch and get it merged feel free (I license it under Apache-2.0 OR MIT, though I don't consider it to be creative enough to be copyrightable).

也是醉了，给人提 patch 还 license……后面还有人对 rust 这么著名的一个项目作者说你不配写 rust……

这里也有一帮人搞了一个支持作者的 repo：
https://github.com/actix-support/letter
Dear Nikolay Kim (a.k.a. fafhrd91),

We are users, contributors, and followers of your work in the Rust community. Over the past three years you have worked on Actix, and have had to endure repeated harassment from a small minority for your contributions to Rust and open source. We are extremely disappointed at the level of abuse directed towards you.

Working on open source projects should be rewarding, and your work has empowered thousands of developers across the world to build web services with Rust. It's incredibly tragic for someone who has contributed so much to the community, to be made to feel so unwelcome that they feel that they have no other choice than to leave. This is not the kind of community we want. Everyone should be able to contribute and work on their projects without fear of being harrassed. What happened to you has shown that we still have lot to do to achieve that.

Thank you so much for bringing Actix to the world and your contributions to the Rust community.

Signed,
...

话说回来，如果是我花3年时间搞了一个知名项目，有人这么喷我，估计也坐不住……

【 在 fanci (大葡萄) 的大作中提到: 】
: 哦？从对话上看起来这个fafrhd是个大厦必啊  
--
FROM 122.59.30.*

干掉他就完事了，我现在也比较这样。
开放公平民主讨论这些只适合于致力于同一个目标，有相近能力，同样素质的人。有的人
就是来添乱的。

【 在 eGust (十年) 的大作中提到: 】
: steve klabnik（the rust programming language 作者）发了一篇文表示遗憾：
: https://words.steveklabnik.com/a-sad-day-for-rust
: 这里有个更完整点儿的事件经过
: ...................
--
FROM 180.109.235.*

据说是 Reddit 上反响不好。
  
【 在 lvsoft () 的大作中提到: 】
: 干掉他就完事了，我现在也比较这样。
: 开放公平民主讨论这些只适合于致力于同一个目标，有相近能力，同样素质的人。有的人
: 就是来添乱的。
:
--
FROM 138.19.103.*

老外也会吵这么凶啊，醉了。。。

【 在 eGust (十年) 的大作中提到: 】
: https://github.com/actix/actix-web
: reddit 上面感觉每一两个月都会有 actix 关于 unsafe issue/pr 跟作者吵架的帖子。这次又是，没过两天，结果昨天作者发推：
: https://twitter.com/fafhrd91/status/1218135374339301378
: ...................
--
FROM 139.226.154.*