The coreutils Rust rewrite story is pretty funny.
-
The coreutils Rust rewrite story is pretty funny.
Coreutils are tools like rm, mv, mkdir, etc. Unlike binutils, this isn't a fertile ground for memory safety bugs. But, the rewrite was completed, and in the spirit of progress, Canonical decided to switch.
But do you know what coreutils are a fertile ground for? Race conditions around file creation, deletion, permission setting, and so on. The original code accounted for decades of hard-learned lessons in that space. The Rust rewrite did not:
PS. I'm not dunking on Rust. It's just that... starting over from scratch has its hidden costs.
@lcamtuf Yeah, not a good situation - even doing it in "safe C++" or somesuch would have had the same result. Decades of hard-learned lessons should be encoded in decades of well-written unit tests.
-
The coreutils Rust rewrite story is pretty funny.
Coreutils are tools like rm, mv, mkdir, etc. Unlike binutils, this isn't a fertile ground for memory safety bugs. But, the rewrite was completed, and in the spirit of progress, Canonical decided to switch.
But do you know what coreutils are a fertile ground for? Race conditions around file creation, deletion, permission setting, and so on. The original code accounted for decades of hard-learned lessons in that space. The Rust rewrite did not:
PS. I'm not dunking on Rust. It's just that... starting over from scratch has its hidden costs.
@lcamtuf Welp. Got rent for next month covered.
-
@lcamtuf and it's very worth remembering that while the design of rust _does_ prevent many bugs, it's not a get-out-of-bugs-free card. there are many ways to write code wrong, not just memory safety issues!
-
@lcamtuf
I learned C++ after Modula-2 and before C.
I learned programming earlier.Learning a programming language isn't learning programming (extracting requirements, specification, design, coding, test etc).
I looked at Rust. C++ certainly has got too complicated since 1987, but I wonder does Rust *only* help with memory safety?
Main memory safety in general relates to using pointers that are invalid, accessing arrays out of bounds and past the end of strings.
Partly bad libraries & design.@raymaccarthy
well allegedly its types are meant to aid in type driven design and better domain modelling; but i dont know if this is actually seen in practice in better code structure. same could be said of cxx + its classes
@lcamtuf -
The coreutils Rust rewrite story is pretty funny.
Coreutils are tools like rm, mv, mkdir, etc. Unlike binutils, this isn't a fertile ground for memory safety bugs. But, the rewrite was completed, and in the spirit of progress, Canonical decided to switch.
But do you know what coreutils are a fertile ground for? Race conditions around file creation, deletion, permission setting, and so on. The original code accounted for decades of hard-learned lessons in that space. The Rust rewrite did not:
PS. I'm not dunking on Rust. It's just that... starting over from scratch has its hidden costs.
@lcamtuf Et tu, TOCTOU
-
@lcamtuf ........ouch
I'm shocked they didn't account for any of that -
@raymaccarthy
well allegedly its types are meant to aid in type driven design and better domain modelling; but i dont know if this is actually seen in practice in better code structure. same could be said of cxx + its classes
@lcamtuf -
@lcamtuf Rustaceans are the problem, not Rust itself. theyre like a lobbing group trying explicitly to boost their future employment demand much more than prioritized on doing the right thing as engineers or for the community. much like the AI VC are "talking up their book" even if its poison for the rest of us
@synlogic4242 Uutils started as someone’s personal project to learn rust, and “write a system utility” is frequently used as a basic exercise for learning. Uutils is doing exactly what it set out to do.
It’s not the fault of uutils that Canonical is dumb.
-
The coreutils Rust rewrite story is pretty funny.
Coreutils are tools like rm, mv, mkdir, etc. Unlike binutils, this isn't a fertile ground for memory safety bugs. But, the rewrite was completed, and in the spirit of progress, Canonical decided to switch.
But do you know what coreutils are a fertile ground for? Race conditions around file creation, deletion, permission setting, and so on. The original code accounted for decades of hard-learned lessons in that space. The Rust rewrite did not:
PS. I'm not dunking on Rust. It's just that... starting over from scratch has its hidden costs.
@lcamtuf There's also that human habit of getting complacent about all bugs when _some_ types of bugs are either impossible or very very hard to make because of language structure and tooling.
-
The coreutils Rust rewrite story is pretty funny.
Coreutils are tools like rm, mv, mkdir, etc. Unlike binutils, this isn't a fertile ground for memory safety bugs. But, the rewrite was completed, and in the spirit of progress, Canonical decided to switch.
But do you know what coreutils are a fertile ground for? Race conditions around file creation, deletion, permission setting, and so on. The original code accounted for decades of hard-learned lessons in that space. The Rust rewrite did not:
PS. I'm not dunking on Rust. It's just that... starting over from scratch has its hidden costs.
@lcamtuf a related observation would probably be: why did important, security-critical edge cases get handled without enough documentation to prevent them from reoccurring?
-
The coreutils Rust rewrite story is pretty funny.
Coreutils are tools like rm, mv, mkdir, etc. Unlike binutils, this isn't a fertile ground for memory safety bugs. But, the rewrite was completed, and in the spirit of progress, Canonical decided to switch.
But do you know what coreutils are a fertile ground for? Race conditions around file creation, deletion, permission setting, and so on. The original code accounted for decades of hard-learned lessons in that space. The Rust rewrite did not:
PS. I'm not dunking on Rust. It's just that... starting over from scratch has its hidden costs.
@lcamtuf Why do we keep calling uutils coreutils a rewrite?
-
@synlogic4242 Uutils started as someone’s personal project to learn rust, and “write a system utility” is frequently used as a basic exercise for learning. Uutils is doing exactly what it set out to do.
It’s not the fault of uutils that Canonical is dumb.
-
The coreutils Rust rewrite story is pretty funny.
Coreutils are tools like rm, mv, mkdir, etc. Unlike binutils, this isn't a fertile ground for memory safety bugs. But, the rewrite was completed, and in the spirit of progress, Canonical decided to switch.
But do you know what coreutils are a fertile ground for? Race conditions around file creation, deletion, permission setting, and so on. The original code accounted for decades of hard-learned lessons in that space. The Rust rewrite did not:
PS. I'm not dunking on Rust. It's just that... starting over from scratch has its hidden costs.
@lcamtuf Hey, would you care to elaborate or point me to resources explaining why the coreutils aren't fertile ground for memory safety issues? It's the first time I heard of this
-
The coreutils Rust rewrite story is pretty funny.
Coreutils are tools like rm, mv, mkdir, etc. Unlike binutils, this isn't a fertile ground for memory safety bugs. But, the rewrite was completed, and in the spirit of progress, Canonical decided to switch.
But do you know what coreutils are a fertile ground for? Race conditions around file creation, deletion, permission setting, and so on. The original code accounted for decades of hard-learned lessons in that space. The Rust rewrite did not:
PS. I'm not dunking on Rust. It's just that... starting over from scratch has its hidden costs.
@lcamtuf Not only that, some of the utils were not command line-compatible with their non-Rust counterparts.
Honestly, I don't understand why these utils were rewritten. They didn't need rewriting.
-
The coreutils Rust rewrite story is pretty funny.
Coreutils are tools like rm, mv, mkdir, etc. Unlike binutils, this isn't a fertile ground for memory safety bugs. But, the rewrite was completed, and in the spirit of progress, Canonical decided to switch.
But do you know what coreutils are a fertile ground for? Race conditions around file creation, deletion, permission setting, and so on. The original code accounted for decades of hard-learned lessons in that space. The Rust rewrite did not:
PS. I'm not dunking on Rust. It's just that... starting over from scratch has its hidden costs.
@lcamtuf yeah it's frustrating because in some sense we all had the opportunity to learn this lesson, a long time ago
we remember when we were kids, after Netscape went bankrupt trying to re-write their software from scratch, there were some good essays analyzing what went wrong and advocating for refactoring instead so as not to lose the knowledge that's in the code
and then there's the ATC system
like... there's so many past instances to learn from
-
@lcamtuf yeah it's frustrating because in some sense we all had the opportunity to learn this lesson, a long time ago
we remember when we were kids, after Netscape went bankrupt trying to re-write their software from scratch, there were some good essays analyzing what went wrong and advocating for refactoring instead so as not to lose the knowledge that's in the code
and then there's the ATC system
like... there's so many past instances to learn from
@lcamtuf and then there's... well, there's a persistent feeling that starting over without regard for the past will make things better, rather than just repeating the same fundamental mistake that happened the first time
we've felt it too. it's a powerful pull.
we wrote a bit about that feeling, a while back https://irenes.space/leaves/2024-09-29-technology-community-idealism
-
@lcamtuf and then there's... well, there's a persistent feeling that starting over without regard for the past will make things better, rather than just repeating the same fundamental mistake that happened the first time
we've felt it too. it's a powerful pull.
we wrote a bit about that feeling, a while back https://irenes.space/leaves/2024-09-29-technology-community-idealism
@ireneista @lcamtuf
I guess that could work if you really investigate all the fundamental mistakes, as well as the regular bugs/pitfalls, from the first time and try your best to avoid them.Assuming that "it was written in a less safe language" was the only or even most important issue is.. not that useful
-
@ireneista @lcamtuf
I guess that could work if you really investigate all the fundamental mistakes, as well as the regular bugs/pitfalls, from the first time and try your best to avoid them.Assuming that "it was written in a less safe language" was the only or even most important issue is.. not that useful
@Doomed_Daniel @lcamtuf yeah, exactly
-
@Doomed_Daniel @lcamtuf yeah, exactly
@Doomed_Daniel @lcamtuf we firmly believe, for ourselves, that code is communication
and one very big thing it's communicating is: hey, future maintainer, this detail is important
-
@Doomed_Daniel @lcamtuf we firmly believe, for ourselves, that code is communication
and one very big thing it's communicating is: hey, future maintainer, this detail is important
@ireneista @lcamtuf
Additional fun thought: I can imagine they avoided looking at the GNU coreutils C implementation because they are using MIT license instead of GPL.
