Slashdot Mirror
Cox on Torvalds and Linux Kernel Development
sebFlyte writes "Alan Cox' speech at FOSDEM sounds like it was interesting... according to this ZDNet report on it he has some interesting views. For one, he says: 'Linus is a good developer, but is a terrible engineer.' He also has a few digs at Torvald's methods surrounding security fixes, and some other interesting insights in the kernel development process: 'Sometimes you see a fix and think "this is perfect, move my fix into the kernel tree." Later you think, "I must have been drunk. Don't apply that patch."'"
An Interview with Linus himself
I'm willing to be if such things continue, some entity, perhaps IBM, will set down their foot and use pressure put maintenance of the kernel project under the jackboot of a truly dictatorial manager, making Linux more an open source Cathedral than a bazaar.
- - - - - Fear not the reaper, but my shiny white teeth.
I'm not trolling, and am a little ignorant of kernel development - so bare with me, but surely Linus isn't the be-all-end-all overseer of what ends up in the kernel? Why target him exclusively?
Mongrel News all the news that fits and froths
Linus probably keeps all the secret fixes under his security blanket.
no they are not.
programmer = code monkey
developer = higher level design and algorithms.
engineer = full system design, makes the important decisions.
"Linus has this bad habit of fixing security holes quietly," said Cox. "This is a bad idea as some people read all the kernel patches to find the security holes."
I wouldn't advertise my mistakes eitherThe article paints Linus as the typical Flawed Hero of contemporary literature. He's good and yet he's not perfect - at least that's what comes out of it for me. (and no digs on BitKeeper .. hmmm..)
Quidquid latine dictum sit, altum videtur
Cox may have had a good point on Linus' methods for security patches, but fortunately the community has spawned sites such as this http://www.securityfocus.com/ to publicly announce when people find security flaws from poking through the patch code.
Even if Linus tries to keep these things secret, they'll get out quite quickly.
Are they? I know some "programmers" who definitely do not practice "software engineering" all the time...the engineer who needs a quick tool to plug and chug some calculations isn't really going to care so much about code reuse as someone who's writing a word processor...
Why thank you. Don't mind if I do. :)
That Linus is a person, and not a GOD as some people worship him as.
;P
Its actually pretty damned nice to see a bunch of people get together and make something as big as the Linux Kernel. Linus started it, but we all will finish it.
Still, I fail to see how some bugs would be super-bad, as the article seems to say. Id rather have a crash bug, rather than a SUID change bug.. STill, not all security comes from the Kernel. Some security comes from network filter drivers, some com from the application, which many hackers target, and whatnot. Though, the kernel is a great place to attack if you have that guest acct and "want" root
the /. headline makes it looks like there's quite a bit of fued between cox and torvalds, which isnt really the case if you RTFM.
different people have different working styles, no matter whether it's kernel coding, software apps, or ASIC designs. if either group/individuals are too giving to the other group, there can never be enough feedback/ constructive critisisms between them. having yes-men surrounding you isnt the best thing. and it's not like that they're arguing so much they've halted any soft of development progress.
[offtopic]
gives me an idea though, maybe when job interviewers start asking me those behavioural questions about "a time when you've had disagreements and a way of resolving them", there's no need to bring up something too dramatic.
[/offtopic]
my blog
That was quite funny, and I see that you managed to fool somebody into giving you an "Insightful" mod.
Mods take note, the parent post is deliberately nonsensical. For example, "It's been shown that creating working kernel based on a register machine like most modern microprocessors is NP hard".
(forgive the funny subject, I'm refering to tracking the dynamic elements of a piece of code):
I've written some code, and try to visualize how my code will run, stepping through each section in order.
The question I have is, is it still possible for these kernel gurus/hackers to effectively have the kernel and all its nuances inside their head, fully functional at a theoretical/experimental level? Or does development at this point consist of sub groups that are specialized and don't require a level of understanding to 'run the kernel in your head'?? If this is a fantasy of the past due to current complexity, when did the change occur?
-thanks
Silly Rabbit: tricks are for kids.
...at least it didn't say "Cox IN Torvalds"
Life is hard, and the world is cruel
So fork the kernel. Unless I'm missing something, OSS is rife with opportunity to make something else happen. Lord knows, there are plenty of branches of the kernel that are available.
If microkernel is the way to go, then write the code, and we'll see what happens in the OSS marketplace. I'm not going to say "best technology wins," as that's rarely been the case historically.
There is, after all, a reason that the HURD hasn't taken over yet. I might well be missing something, as this isn't really my area.
ceci n'est pas un sig.
Linux has become much bigger than Linus now. The kernel alone has its parts maintained by other people, many of whose patches are applied without much checking to the main tree because they're 'responsible' for it, like certain architectures, driver trees etc.
Apart from the name, Linus currently has the final say of what goes in. Thats just officially. In real life it seems far more is delegated to others for different parts of the kernel, and Linus is one of the developers, far from the most active, and not really exercising his right to block patches against the majority's will.
"Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
from TFA: "Cox revealed that although Linus is good at developing code, he does not enjoy some of the other jobs that go along with software development such as bug fixing and beta testing."
Note that Linus and Microsoft are both being accused of the same thing.... some purists are arguing that they don't focus enough on the bug fixing. The reality is, that no matter what focus you will NEVER have a bug free system. All software makes such feature/stability tradeoffs perhaps the most important challenge of any software project is balancing the tradeoffs of perfectionism vs. time-to-market of bleeding edge features that is best for their market. Other operating systems that do focus excessively on security for their "core" offering tend to fall behind in features (like the old mainframe software banks use, etc). Sure such software has its place; but it's not the mainstream market.
Note that for the security consious customer, though, Red Hat and SuSE both have higher-security releases of their own (like the Common Criteria vesrions like this one; and releases like Debian Stable that also focus on security and bug fixes only. By people who don't understand that those releases are targeting a different market, those branches are often criticised for being filled with obsolete software.
It doesn't have to be Linus's job to handle the most conservative customer's needs.
I was going to mod, but decided to jump in, instead... I don't know Linus, I'm not a kernel-demigod, and you may know a lot more about him than I do. And while I'm a linux-enthusiast (and therefore an admirer of all the work that goes into it), I'm not a groupie who automatically jumps up to defend the Order of the Penguin. With that said, I don't see how "contemporary ideas" have anything to do with his ability to manage and guide the development of an OS. I've read correspondence about kernel issues (as I've come across them), and it always seems to me that he tries to keep it simple and direct. "Does it work?" and "Will it screw things up later?" appear to be the underlying themes...very admirable ones, in my opinion. Even more to the point: Why should anyone care if he has little or know knowledge outside his project? (And it appears to me that he has a lot of experience...but I can't/won't try to rattle off his resume. See above.) If I have to have brain surgery, I don't give a damn whether or not my surgeon knows how to do an appendectomy; he's got one job to do, and that's all I care about. Well-rounded educations, backgrounds, etc. are great when your project has to cover a wide range of issues. (Ever get involved in a government software project? It's a nightmare!) But if your needs are specific, then the more of an expert you are in that one area, the better off you'll be. To me, he's a smart guy doing a pretty good job of herding cats. 'Nuff said.
Never confuse movement with action. --Hemingway
The article is yet another clear piece of filler that pretends to build antagonism between two important figures of the kernel project. How does this stuff keep getting accepted by Slashdot?
Is this the way Slashdot supports open source, fostering internal divides in exchange of ad eyeballs?
HAD
Oh you have asked him about "OO" yourself, "PimpDawg"?
Have you ever even looked at the Linux kernel source? The VFS is a better OO abstraction than anything you will ever come up with in your lifetime.
How did this get modded above -1?
Linus isn't running the show. He's not paying anybody, he can't fire anybody, he can't make anybody drop one project or idea to work on another.
He can direct some developers to do something and they can tell him to take a hike, or they can do it because they think it's a good idea.
More often, though, there are just many ideas (patches, development threads, what have you) to choose from and Linus "rules" by choosing which goes into his kernel.
The cathedral is about direction. That isn't what Linus does -- he just selects what is best from what the bazaar has produced.
(Sure, he may also make suggestions and remarks that indicate what his selection criteria are, and that may in turn influence kernel developers, but that doesn't prevent someone from coming up with an even better idea that Linus hadn't considered before and changing Linus's mind. That doesn't happen in a cathedral -- do you think some workmen with a brilliant but different idea for St. Paul's would have been paid attention to by Christopher Wren?)
-- Alastair
"A language that doesn't affect the way you think about programming, is not worth knowing" - Alan Perlis
He's a hacker with a lack of experience in projects outside his own.
Are you sure? I thought he works pretty closely with Linux-related projects, when the need arises. For example, look here.
Note that Linus was the top poster for that week.
The question I have is, is it still possible for these kernel gurus/hackers to effectively have the kernel and all its nuances inside their head, fully functional at a theoretical/experimental level? Or does development at this point consist of sub groups that are specialized and don't require a level of understanding to 'run the kernel in your head'?
in short, it's the latter. However, keep in mind that, in a well designed system that's properly modularized, with neatly spec'd interfaces between components, it isn't always necessary for someone to have the entire picture, with all the nitty-gritty details, in their head. Instead, one need only grasp how the system operates at a high level, from a component-oriented standpoint, where each of the components themselves conforms to a particular contract.
Put another way, while Linus may not understand how the driver for a particular digital camera works, he probably does understand the interface that driver exposes, and how that interface ties in with the rest of the system.
I don't know what other people think of this, but I think it's funny!
I'm not a coder. The cosest I get is some bash scripting, which I haven't had to do in a while. But hearing that even some of the greatest coders (who aren't bound to a company policy to keep mum) sometims screw up, makes me feel good... It just cracks me up that there are those moments in life where even Alan Cox and Linus Travolds say 'What the $#@%! was I thinking?'
And the best part? It's all visable to all the other developers. Thank goodness. I'd hate to know what kind of hairballs are in other complex, closed source software... that never get looked at by more than the core developers.
GPL + True dictator = much greater chance of code fork
I think, therefore I am. I think?
Engineers make thing from whats avaiable to produce the best design for the end result Developers create new ideas and methods that seem really cool Programmers code the idea's into a working product It's even better when you can get a person who good at all 3, more likly there good at 1 and 3 or 2 and 3
I'm sure everyone who doesn't bother to RTFA will now think, "Oh, no, Linus and Alan are bitching each other out in public." That's nothing like what's going on here. For one, the submitter quotes only half of one particular line from the article:
So it sounds like Alan and Linus have discussed this particular difference in their talents before, either over beers at a pub, or over email or something.
Second, the article makes clear that part of what's going on is that Alan and Linus each have very different responsibilities in keeping Linux going, and so they necessarily focus on different things. Alan points out that as the dev tree maintainer, Linus is trying to keep the code maintainable, while Alan's trying to keep it stable.
And both of these things are necessary. It sounds to me like rather than being "at loggerheads", or "ready to call off the working relationship", instead Linus and Alan are a very well-matched and complementary team, both of whom contribute enormously to Linux's success and quality.
Each of them has strengths that make up for the other one's weaknesses, and it sounds like they have a good enough working relationship to give each other constructive criticism when needed.
Kai MacTane: Web developer for hire in San Francisco
The VFS is a better OO abstraction than anything you will ever come up with in your lifetime.
Uh, what? The VFS is hardly a brilliant concept, but rather the sort of abstraction that any good designer will come up with. It's also not an original Linux invention (Sun OS has had it since 1985, I think). The kernel developers also seem to have a perpetual problem with defining an interface once and defining it well. It happened to me more than once that FUSE broke during a supposedly minor kernel upgrade. For all its virtues, the Linux kernel is hardly a case study in good software engineering.
That's good, because I'm perfectly comfortable defending myself.
That said, groupies (the female kind) are always welcome.
'Sometimes you see a fix and think "this is perfect, move my fix into the kernel tree." Later you think, "I must have been drunk. Don't apply that patch."'
Nothing has changed. In 1983 one cause of coding (programming) errors had been described as a misfit of perceived and actual reality (Zemarek in Psychologie des Programmierens, S. 111-129, Hrsg. H. Schauer, M. Tauber, R. Oldenbourg, Wien, 1983).
CC.
TaijiQuan (Huang, 5 loosenings)
I see through your trick question!
(D) None of the above.
"Linus is very keen to have maintainable code, while to have a stable kernel I'm keen to have code that works."
And these things are mutually exclusive?
Mathematically compliment is opposite sides of an angle. if one is acute then the other must be obtuse. They compliment each other like the chinese ying and yang.
They balance one another because they are different or compliment each other. THis is different from the compliment that sings the praise of someone else.
Mahatma is a title meaning something like Great Soul or conveying a respect for their wisdom.
Ghandi's first name was Mohandas; the title was later given to him and it is a common slip to think his non-family name was Mahatma.
Actually, the design of St Paul's and the surrounding area was the result of a complex interplay between Wren, the king, the church and the people:
Wren -- wanted to create baroque-style city center
King -- wanted to save money
Church -- gothic all the way, baybee
People -- wanted convenience and dense business development
In the end, the group that came closest to getting what they wanted was the people; that's why London has no great big boulevards like those of Paris (the people valued lots of living space above ease of riot control). Wren, the man with the 'brilliant but different idea' used the King's negotiating weight to slip change after change past the Church, but he couldn't change the design completely which is why it's a hybrid gothic/baroque.
Thus the design evolved by consensus, negotiation, and balancing bright ideas against established needs. Incidentally, I never used to like St. Paul's, but now that they have cleaned it all up and redeveloped the area north of it with some excellent postmodern work, it's looking really good. Weather still bad though.
Going back to the subject of software, I really don't think this whole Cathedral/Bazaar analogy was well chosen in the first place (especially as gothic cathedrals were striking examples of community efforts, as has been pointed out elsewhere). Major projects and projects that depend on a central authority can be developed in just as fluid a way as small, distributed ones -- if you have the right people. If you don't have people like Wren and the King, if you don't have people who change their minds when they find a brilliant idea, there can be problems.
Whence? Hence. Whither? Thither.
Without GNU's GPL MS would've openly pirated various free implementations of UNIX.
What about the ones that are not released under GPL, like *BSD?
The BSD TCP/IP network stack was openly "pirated" by Microsoft, if by "pirated" one means "used while drowning in hypocracy by decrying the very free movement one is exploiting," which is really the only definition of "piracy" I can imagine would apply to using a Free product in compliance with its license. I suspect that is what the original poster meant.
I wouldn't have chosen the word "pirate" as it implies copyright violation, which is clearly not the case if you're adhering to a license. "Exploited" would have been more appropriate.
Microsoft openly exploited the BSD TCP/IP network stack because of the liberal BSD license, something the authors of FreeBSD have absolutely no problem with, and in fact encourage. As to whether this is strategicly wise of them or not, well, that is a flamefest reserved for typical GPL/BSD arguments. I personally think the GPL is what has made Linux viable and protected it against many of the worst depridations by Microsoft...though of course it won't hold up to a patent assault once Bill Gates finishes ramming software patents down the Europeans' throats (one may speculate on which appendage Mr. Gates is using to do the ramming), but as Apple, OpenBSD, FreeBSD, ogg-vorbis, and numerous other projects have shown, the BSD license has its strengths as well, and can be quite ideal for other projects.
The Future of Human Evolution: Autonomy
it sounds like Cox words were twisted a bit.
I don't know because i'm not there BUT. it seems like AC is talking about people in general when he is talking about kernel bugs, not Linus approach.
earlier in the article he does say they have different approaches. But the article on slashdot splices quotes together to appear to make controversy where none may exist.
Here is the whole paragraph.
These early issues can be easy to fix as they are often obvious bugs. "Early problems you get are normally very easy to fix," said Cox. "As soon as the release comes out bug reports say 'You've broken this'. Almost immediately you go, 'Whoops, that's my mistake'. Ten minutes later the fix is in the development tree."
"He's a real midnight golfer"
try here, for a start
The most probable reason for this might be code portability. If you force yourself to write code on a PPC machine then the odds are much better that you'll end up with portable code (as you already know a bazillion x86 users will be testing your code anyway.)
No, using only a PPC does not really help you write portable code. It is pretty much the same as using only an x86. To write portable code you have to use more than one architecture during development. If you write on PPC and wait for x86 users to find problems you are not writing portable code, you are fixing the non-portable code that you wrote and distributed.