（评论）

（评论）
(comments)

原始链接: https://news.ycombinator.com/item?id=40171183

开源 Bun 项目允许用户通过提供预先填写的提交表单来轻松生成崩溃报告，而不是要求他们复制和粘贴控制台文本。尽管获得了麻省理工学院的许可，允许在不共享源的情况下进行衍生作品，但作者主张减少膨胀并保留人类可读的文本以进行有效的压缩。他们提到在符号化过程中仅使用 LC_FUNCTION_STARTS 部分，以便更好地从系统库中发现函数名称。作者对 Bun 表示了热情，因为它的速度以及 JavaScript 运行时和包管理器功能的结合。然而，他们目前更喜欢使用 Dependabot，并正在等待官方 Dependabot 集成。尽管对潜在的好处很感兴趣，但他们对于是否完全转换系统犹豫不决。作者分享了 Bun 最近使用后的积极经验，并承认该项目尽管面临边缘情况和 REPL 和特定 API 等不完整功能的挑战，但仍取得了快速改进。此外，他们还称赞该项目令人印象深刻的速度以及使用 TypeScript 代码启动和运行的简便性。总的来说，虽然令人印象深刻，但由于不断的改进和缺失的功能，作者对生产使用仍然保持谨慎。

So the argument for using this over a regular stack trace is that they don't have to ship megabytes of debug symbols. However they have seemingly just ignored the better option of only including function names in the debug table, which is obviously a much nicer option than having to use a web service to view you stack trace.

This isn't just a theoretical solution either, it's already implemented in LLVM: https://clang.llvm.org/docs/UsersManual.html#cmdoption-gline...

> the argument for using this over a regular stack trace is that they don't have to ship megabytes of debug symbols

No, it’s because almost nobody has enough patience to upload a crash report for a GitHub issue. It has to be easy. Making it a URL that autofills the form with almost everything we need makes it easy. The size matters too, we didn’t want it to have downsides for our users, but the important thing is making this whole process really easy for the user so that enough developers actually upload crash reports.

"they have seemingly just ignored the better option...obviously much nicer"

This comes off a bit presumptuous. I would assume that they are aware this is a possibility.

"having to use a web service to view you stack trace"

This is just not a downside that matters for this usage scenario. It's almost the same story as minifying your frontend JS bundle, uploading source maps to Sentry, then using Sentry to view an unminified stack trace from a user's browser. The user was never going to view that stack trace anyway, and I am not bothered by having to use Sentry to view it - I never would have seen it at all otherwise.

> The user was never going to view that stack trace anyway

Speak for yourself.

The ability to understand and affect what's going on in your own user agent is important not just to users having control over their own devices, it changes the social fabric. You can't get interested in how something works because to you it's an opaque blob whose priests have declared you unworthy. Curiosity suppressed. That's bad for the kids.

Bun is open source, right? If you want the debug symbols then build them. This feature is for the users who don’t want to debug Bun and simply submit a comprehensive report, which will be the majority of users.

Bun is MIT licensed, meaning any derivatives aren't required to give you source code. But it's more about the principle. People do the same thing in web pages and give you minified gibberish "to save bandwidth". Meanwhile the hot garbage is still a megabyte of JS. Maybe cut some of the bloat and keep the human-readable text which is known to be efficiently compressed by ordinary lossless compression algorithms.

> This comes off a bit presumptuous. I would assume that they are aware this is a possibility.

They don't present it here, they justify their solution by claiming that the existing solution is bad because it includes several megabytes of debug symbols.

On the note of awareness of possibilities vs ignorance, I found this thread on HN to be gold: https://news.ycombinator.com/item?id=37592471

The creator of Vue pointed out a new feature for Svelte was a similar feature that Vue had tried and discarded. The creator of Svelte showed up to explain their position; I thought their exchange was illuminating. I was also impressed by Vue's research & experimentation.

> The user was never going to view that stack trace anyway,

Well akchually, I found stack traces useful as a user. It allowed me to pinpoint an issue (SPICE simulator crashing due to inconsistent quote handling in E-sources vs another simulator which did not crash). IDK how else I'd be able to find this other than file a Jira ticket to the simulator team (and then wait 2 days for various people to pass the ticket, as they almost always do)

If you criticize something where you have no context, were not part of the discussions and aware of the trade offs that were made it comes across a bit arrogant to say they should “obviously” “just” do something else.

There’s other ways to suggest an alternative solution.

Maybe it comes off that way a bit, but I can only go off what's in the blog post where they begin by calling the existing solution bloated in order to justify their new solution without ever mentioning that the debug table contains much more than just function names and line number mappings.

I do think it should be obvious that displaying text directly in the console is better than relying on a web service to display that same text.

OBVIOUSLY you haven't read the blog post since it is about a crash REPORTER: making it easy for users to REPORT crashes to the maintainers with all of the relevant info. Offering a link with a pre-filled form is OBVIOUSLY easier than making the user copy-paste console text into a browser.

Another option on macOS/iOS is to ship just the LC_FUNCTION_STARTS section in the Mach-O binary. This is how symbolication can discover function names from system libraries even without full debug symbols on those platforms.

This is great. Very creative. Many should copy this scheme. The key is the relative-to-executable/shared object base stack trace program counters.

bun is statically linked, yes? In a dynamically linked system one would need to prefix every normalized program counter with a small numeric shared object ID.

It's not really anything new. Very common in environments where you can't ship symbols such as games crashing on player's computers.

For example, the Unreal Engine crash reporter has been capable of sending such a simple format for many years. You can restore a reasonably accurate function/line number from it for each stack frame.

Though minidump is usually preferred as having the stack variables can give additional hints to what happened.

Bun seems really compelling. I tried it out for a couple of small example projects and I like the speed and the fact that it combines package management and a JS runtime. However, I use Dependabot on most of my serious projects. I know work is under way, or at least there is some discussion in a couple of repo issues, for Bun support in Dependabot. I'm kind of holding off on using it until support for it has been rolled out.

We had the same reticence about Dependabot missing before we made the switch, but realised Renovate works with Bun and is a good enough stand in for now until support arrives.

Absolutely zero regrets, the cumulative savings across everything that is faster and the massive step up in DX is worthy of the hype.

Yeah, I had heard about Renovate supporting Bun. I guess I was reluctant to start working with another 3rd party dependency management system when I already knew how to setup and use Dependabot, and I assumed Bun support was coming soon-ish. But maybe the benefits of moving over to Renovate and getting to use Bun now outweighs the costs.

After years following bun, (seen first tweets about from zig) have recently started using it. Stuff just works without any hassle! Thank you

Few people would notice how much attention was put into it. Love it, really tells how much the folks behind bun care about their craft

Microsoft is really good at this BTW. At SQL Server we had mini dumps they were tiny stripped out of personal info and incredibly useful. And a full dump of a production SQL Server even at that time (15 years ago) would be a huge file - too big to move around.

Possibly this was used MiniDumpFilterTriage (from https://learn.microsoft.com/en-us/windows/win32/api/minidump...) and some of other stripping/scrubbing data fields.

This one fills all non-null ptr in the callstack (and other areas?) with 0xAAAAAAAA

I actually had to fix this for us two weeks ago, as our internal tools were crashing on the CI with this, and it wasn't helpful (to us), but at the same time understand how important is for this if shipped to external customers.

Crashdumps are underrated field that needs more eyes to solve the big data problem there.

I believe you had to opt in and it has some legal language before it. All the data pages were stripped and SQL Servers stores all data in the buffer pool. But of course you could find some stuff on the stack and other caches.

Bun is amazing, but I recently tried to make an http/2 server through fastify and was not able to:

     user@host:~/d/temp/server$ bun run index_fastify.js
     14 |   warned.add(feature), console.warn(new NotImplementedError(feature, issue));
     15 | }, $;
     16 |
     17 | class NotImplementedError extends Error {
     18 |   code;
     19 |   constructor(feature, issue) {
                                    ^
     NotImplementedError: node:http2 createServer is not yet implemented in Bun. Track the status & thumbs up the issue: https://github.com/oven-sh/bun/issues/887
      code: "ERR_NOT_IMPLEMENTED"

           at new NotImplementedError (internal:shared:19:27)
           at internal:shared:2:69
           at node:http2:48:53
           at getServerInstance (/Users/user/d/temp/server/node_modules/fastify/lib/server.js:342:16)
           at createServer (/Users/user/d/temp/server/node_modules/fastify/lib/server.js:25:18)
           at fastify (/Users/user/d/temp/server/node_modules/fastify/fastify.js:198:30)
           at /Users/user/d/temp/server/index_fastify.js:4:13

The linked issue is actually about implementing support for http/2 clients, which was already released in v1.0.13 (https://bun.sh/blog/bun-v1.0.13#http2-client-support). The NotImplementedError message should be updated to point to the issue for the server variant: https://github.com/oven-sh/bun/issues/8823

Implementing http/2 server support is in the top few feature requests (https://github.com/oven-sh/bun/issues?q=is%3Aissue+is%3Aopen...). It looks like once they ship this, a lot more people will be able to move over to Bun.

That's just the status of Bun. Wait for implementations -> turns out you need more implementations of other APIs once that's done -> wait some more -> it comes out but will crash at various edge cases -> wait some more -> repeat. Bun is just too early in its lifecycle. Very hopeful for the project though!

I have not used it in production yet, but it's been great for one-off scripts and side projects. Setting up a TypeScript Node environment with ts-node, ts-jest, ESM support, top level await, etc. is more annoying than it should be. More recent Node releases have alleviated some of this pain, but not as trivial as running bun init.

I've enjoyed using the bun shell [1] API.

[1] https://bun.sh/blog/the-bun-shell

It’s good unless you want a repl (they pretend to have one but it’s miserable: >6s latency all the time when it updates), or you plan to use any native modules. The error messages are also significantly worse than node’s. I used it for a bit, but node with ‘—loader tsx’ does everything I want nowadays with none of the downside. If I was building a simple server, perhaps with websockets, and I was sure it need native modules, I’d consider using Bun. I have several such services live now actually.

I too would use it if the REPL worked properly. JS developers are often used to working interactively - the browser/console workflow - and have come to rely on testing ideas or problems / solutions in the REPL interactively.

It's efficient, as you can test and narrow things down in isolation and figure out what is working or not-working very quickly. It's also a good way to try a new module, and this is reflected in docs that eg, use node's REPL as a demo.

One bizarre problem with bun's REPL at the moment, which can be quite the unexpected "gotcha", is the REPL itself seems to be cached, and it goes stale. It actually expects to be able to update itself online every day or so, or it breaks!

Yeah, well cool - unless you ever work offline. Eg, had you expected to work on a long flight and now half your dev workflow was broken, for no good reason. (And unfortunately bun's "--prefer-offline" flag had no effect.)

I don't want to criticise bun too much - it is incredibly fast, and has made other significant workflow enhancements.

But a REPL is a dealbreaker for some of us. I guess it's similar to hot code-reloading in compiled languages, you don't go back to the minutes-long compile-wait cycle for the kinds of problems that kind of workflow makes instantaneous.

Currently, the REPL is an alias of `bunx bun-repl`, and bun-repl is a community-maintained npm package. We haven't had the time to do our own REPL. Honestly, we really need to hire more engineers. We're a small team and there's so much to do

How did it cut your server costs - increased performance and therefore reduced load?

Bun looks quite promising, but I've heard mixed feedback on it being a "drop in" replacement of node. Any experience with that aspect?

I'm using it for my programming language (~15kLOC) as a dev and test runner and haven't had any Bun specific issues so far.

It still surprises me with its instant startup.

It has been extremely fun to use for personal projects. There are still some things that just do not work, though, like brotli compression which means any library using axios with their default brotli compression setting will crash at runtime. There is also no equivalent to the `npm outdated` command and a few other niceties. It is always little unexpected things, so it would be difficult to recommend for production uses just yet, but things are improving rapidly and I could see it becoming stable enough very soon. The APIs it exposes are so awesome—like giving node an excellent standard library—and the fact that I don’t need a compile step to execute TypeScript code makes it easier to get up and running with Bun than without it. Highly recommend trying for non-production work!

Been using it recently and it’s great, the quality of life stuff is really nice (like, not having to worry about compiling TS) and it’s really fast. Some things are still missing though, but for me it’s already better than Node

oh yeah, it's amazing! The speed is great but just the DX is so much nicer than npm, yarn, or node itself. It took us a few tries to getting it working for our prod environments, but nothing we couldn't figure out within the same day.

I thought having a binary for a lock file was weird (don't know the technical reasons behind it besides maybe speed) but after using it for months now, it never has caused an issue for us.

using it on all my side projects, some of which made it to production. some of which had lots of dependencies in the past and seamlessly switched over

one employer/client has a big project I'm afraid to attempt changing anything on, but I wonder

Strange that it doesn’t include some random bytes so the same report can’t be submitted many times. Does it just assume the base memory address is random enough?

Did you know that bun needs to download 37 packages before the repl becomes available? No internet no repl for you.

    PS C:\Users\anon> bun repl
       bun-repl [6/6]
    error: FailedToOpenSocket downloading package manifest bun-repl
    error: bun-repl@latest failed to resolve

Not a big deal, but I was expecting (and frankly excited) to have a single no-install executable to drop in my PATH and have it just work!

We haven’t prioritized implementing a repl yet. The current repl is a community-implemented bun-repl npm package. `bun repl` internally does the equivalent of `bunx bun-repl`

Unpopular opinion …

Please use the same TLD for all your services.

Don’t do: Bun.sh, and now Bun.report

It’s confusing for users and also a security vector.

Just make it report.bun.sh

I think marketing folks like to send emails from a different domain so they can send transactional and marketing emails from different domains altogether (not just subdomains). Not sure if this is evidence based or just plain voo doo / monkey-see-monkey-do but I’ve read this in multiple places. But of course, that doesn’t apply here.

I just cannot get excited for this VC funded experimental piece of technology. 10 years ago, maybe. Node.js is not going anywhere anytime soon.

> Linux: Use dl_iterate_phdr to iterate over the loaded modules, once you find one that the raw address is contained in, .dlpi_addr on the dl_phdr_info struct will be the base address.

Er, just use `dladdr()`.

> That's why in Bun v1.1.5, I wrote a compact new format for Zig and C++ crash reports.

why did the author use the pronoun I instead of we? isn't it a team work and there is no I in team as they say?

（评论） (comments)

（评论）
(comments)