Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
2019-04-19
All bug-fixes are incompatibilities
nagachika @ RubyKaigi 2019
Important Notification about RubyGems.org
The attackers try to hijack your
account with compromised
password list.
Example...
✤ @nagachika
✤ CRuby committer
✤ CRuby stable branch maintainer (2.5 → 2.6)
✤ ruby trunk changes
✤ Fukuoka.rb/TFUG Fukuoka...
✤ @nagachika
✤ CRuby committer
✤ CRuby stable branch maintainer (2.5 → 2.6)
✤ ruby trunk changes
✤ Fukuoka.rb/TFUG Fukuoka...
“What’s the Ruby’s

stable branch maintenance?”
✤ We backport fixes into stable branches from trunk
Ruby’s stable branch model
EoL
ruby_2_2
ruby_2_5
ruby_2_6
backport
trun...
✤ We backport fixes into stable branches from trunk
Ruby’s stable branch model
nurse
unak
Release

Manager
Stable

Branch

...
✤ Backport bug-fixes from trunk into stable branches
✤ Release stable packages.
✤ Handle security issues in concert with
st...
✤ Backport bug-fixes from trunk into stable branches
✤ Release stable packages
✤ Handle security issues in concert with
sta...
✤ Watch commits on trunk.
✤ Backport bug-fixes.
Stable Branch Maintainer’s daily work
✤ Watch commits on trunk

→ Watch backport requests on Redmine.
✤ Backport bug-fixes.
Stable Branch Maintainer’s daily work
✤ Redmine: bugs.ruby-lang.org
Ruby’s stable maintenance policy
✤ File tickets with rubyʼs version information
Ruby’s stable maintenance policy
✤ You can maintain only one stable branch at once.
Ruby’s stable branch model
nurse
nagachika
unak
Release

Manager
Stable...
“How can I become a Ruby stable
maintainer?”
Requirements for Stable Branch Maintainers
✤ Wide understandings for the Ruby implementation
✤ Sustainability to some extent
✤ Understanding maintenance policy
Requi...
✤ Backport bug-fixes
✤ Donʼt backport new features/spec changes
Ruby’s maintenance policy
stable
trunk
bug-fix
new feature
IO.read could execute a command
IO.read(“|cmd…”) executes the command
(same as Kernel#open)
IO.read and File.read
IO.read and File.read
% ruby -ve 'puts File.read("|echo foo")'
ruby 2.4.2p198 (2017-09-14 revision 59899) [x86_64-darwin15]
foo
% ruby -ve 'puts...
✤ 2.0.0: 469
✤ 2.1: 250
✤ 2.2: 205
✤ 2.3: 217
✤ 2.4: 190
✤ 2.5: 101
Backport commits by nagachika
✤ 2.0.0: 469
✤ 2.1: 250
✤ 2.2: 205
✤ 2.3: 217
✤ 2.4: 190
✤ 2.5: 101
Backport commits by nagachika
include
Documentation,
p...
Lessons learned from

failures
Backport performance improvements
✤ The change broke CI on mswin
Backport performance improvements
✤ The lesson learned
✤ Donʼt backport performance improvements
Backport performance improvements
Backport introduced memory violation
Backport introduced memory violation
Backport introduced memory violation
✤ The lesson learned
✤ Bug-fixes for Method/Constants search in edge
cases sometimes introduce another memory
violation.
✤ ...
Refinements
Refinements
✤ The lesson learned
✤ “Refinements” is not a matured feature and
continue expanding its scope of adaptation.
✤ Deal it car...
Fixing SyntaxError caused another SyntaxError
Fixing SyntaxError caused another SyntaxError
Fixing SyntaxError caused another SyntaxError
cond ? expr1 :expr2
Fixing SyntaxError caused another SyntaxError
{ key:(expr rescue nil) }
{ key:<<EOF }
EOF
✤ The lesson learned
✤ parse.y is “魔境” (mass of legendary complexity)
✤ SyntaxError is the one of the most severe issues
✤...
Fixing SyntaxError caused another SyntaxError(2)
Fixing SyntaxError caused another SyntaxError(2)
Fixing SyntaxError caused another SyntaxError(2)
def foo key1:
…
end
Fixing SyntaxError caused another SyntaxError(2)
{ key:if foo then 1 else 0 }
✤ The lesson learned(?)
✤ Fixing the SyntaxError introduced another
SyntaxError in the more rare case
✤ But the prior Synt...
Fixing SyntaxError caused another SyntaxError(3)
Fixing SyntaxError caused another SyntaxError(3)
Fixing SyntaxError caused another SyntaxError(3)
✤ The lesson learned
✤ parse.y is “魔境”
✤ Long-standing bugs have less priority

→ “Long-standing” means thereʼs no real
ap...
Load FIFO
✤ Release GVL during open fd for `load`
Load FIFO
✤ Performance degradation of YAML.parse on

multi-threads environments
Load FIFO
✤ The lesson learned
✤ Donʼt backport bug-fixes for imaginary use case.

No one wanted to load from FIFO!
Load FIFO
✤ Donʼt backport performance improvements
✤ Donʼt backport fix for the long-standing bugs
✤ Donʼt jump at the fix in parse.y...
✤ Be-Practical!
The Lessons Learned from failures
All bugfixes are incompatibilities
Upcoming SlideShare
Loading in …5
×

All bugfixes are incompatibilities

4,045 views

Published on

The keynote talk at RubyKaigi 2019 2nd day.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

All bugfixes are incompatibilities

  1. 1. 2019-04-19 All bug-fixes are incompatibilities nagachika @ RubyKaigi 2019
  2. 2. Important Notification about RubyGems.org The attackers try to hijack your account with compromised password list. Example: bootstrap-sass was compromised by this attack. It was injected the vulnerable RCE code. We should prepare the multi-factor authentication on RubyGems.org for protecting from them.
  3. 3. ✤ @nagachika ✤ CRuby committer ✤ CRuby stable branch maintainer (2.5 → 2.6) ✤ ruby trunk changes ✤ Fukuoka.rb/TFUG Fukuoka WHO AM I
  4. 4. ✤ @nagachika ✤ CRuby committer ✤ CRuby stable branch maintainer (2.5 → 2.6) ✤ ruby trunk changes ✤ Fukuoka.rb/TFUG Fukuoka WHO AM I
  5. 5. “What’s the Ruby’s
 stable branch maintenance?”
  6. 6. ✤ We backport fixes into stable branches from trunk Ruby’s stable branch model EoL ruby_2_2 ruby_2_5 ruby_2_6 backport trunk bugfix
  7. 7. ✤ We backport fixes into stable branches from trunk Ruby’s stable branch model nurse unak Release
 Manager Stable
 Branch
 Maintainer EoL ruby_2_2 ruby_2_5 ruby_2_6 backport trunk bugfix nagachika
  8. 8. ✤ Backport bug-fixes from trunk into stable branches ✤ Release stable packages. ✤ Handle security issues in concert with stakeholders. Stable Branch Maintainer
  9. 9. ✤ Backport bug-fixes from trunk into stable branches ✤ Release stable packages ✤ Handle security issues in concert with stakeholders Stable Branch Maintainer
  10. 10. ✤ Watch commits on trunk. ✤ Backport bug-fixes. Stable Branch Maintainer’s daily work
  11. 11. ✤ Watch commits on trunk
 → Watch backport requests on Redmine. ✤ Backport bug-fixes. Stable Branch Maintainer’s daily work
  12. 12. ✤ Redmine: bugs.ruby-lang.org Ruby’s stable maintenance policy
  13. 13. ✤ File tickets with rubyʼs version information Ruby’s stable maintenance policy
  14. 14. ✤ You can maintain only one stable branch at once. Ruby’s stable branch model nurse nagachika unak Release
 Manager Stable
 Branch
 Maintainer EoL ruby_2_2 ruby_2_5 ruby_2_6 backport trunk bugfix
  15. 15. “How can I become a Ruby stable maintainer?”
  16. 16. Requirements for Stable Branch Maintainers
  17. 17. ✤ Wide understandings for the Ruby implementation ✤ Sustainability to some extent ✤ Understanding maintenance policy Requirements for Stable Branch Maintainers
  18. 18. ✤ Backport bug-fixes ✤ Donʼt backport new features/spec changes Ruby’s maintenance policy stable trunk bug-fix new feature
  19. 19. IO.read could execute a command IO.read(“|cmd…”) executes the command (same as Kernel#open)
  20. 20. IO.read and File.read
  21. 21. IO.read and File.read
  22. 22. % ruby -ve 'puts File.read("|echo foo")' ruby 2.4.2p198 (2017-09-14 revision 59899) [x86_64-darwin15] foo % ruby -ve 'puts File.read("|echo foo")' ruby 2.5.4p155 (2019-03-13 revision 67245) [x86_64-darwin15] -e:1: warning: IO.read called on File to invoke external command foo % ruby -ve 'puts File.read("|echo foo")' ruby 2.6.2p47 (2019-03-13 revision 67232) [x86_64-darwin15] Traceback (most recent call last): 1: from -e:1:in `<main>' -e:1:in `read': No such file or directory @ rb_sysopen - |echo foo (Errno::ENOENT) IO.read and File.read
  23. 23. ✤ 2.0.0: 469 ✤ 2.1: 250 ✤ 2.2: 205 ✤ 2.3: 217 ✤ 2.4: 190 ✤ 2.5: 101 Backport commits by nagachika
  24. 24. ✤ 2.0.0: 469 ✤ 2.1: 250 ✤ 2.2: 205 ✤ 2.3: 217 ✤ 2.4: 190 ✤ 2.5: 101 Backport commits by nagachika include Documentation, performance improvement, memory usage improvement…
  25. 25. Lessons learned from
 failures
  26. 26. Backport performance improvements
  27. 27. ✤ The change broke CI on mswin Backport performance improvements
  28. 28. ✤ The lesson learned ✤ Donʼt backport performance improvements Backport performance improvements
  29. 29. Backport introduced memory violation
  30. 30. Backport introduced memory violation
  31. 31. Backport introduced memory violation
  32. 32. ✤ The lesson learned ✤ Bug-fixes for Method/Constants search in edge cases sometimes introduce another memory violation. ✤ Fixing a minor bug can introduce severe bugs Backport introduced memory violation
  33. 33. Refinements
  34. 34. Refinements
  35. 35. ✤ The lesson learned ✤ “Refinements” is not a matured feature and continue expanding its scope of adaptation. ✤ Deal it carefully. Refinements
  36. 36. Fixing SyntaxError caused another SyntaxError
  37. 37. Fixing SyntaxError caused another SyntaxError
  38. 38. Fixing SyntaxError caused another SyntaxError
  39. 39. cond ? expr1 :expr2 Fixing SyntaxError caused another SyntaxError { key:(expr rescue nil) } { key:<<EOF } EOF
  40. 40. ✤ The lesson learned ✤ parse.y is “魔境” (mass of legendary complexity) ✤ SyntaxError is the one of the most severe issues ✤ Monkey patching cannot get rid of SyntaxError Fixing SyntaxError caused another SyntaxError
  41. 41. Fixing SyntaxError caused another SyntaxError(2)
  42. 42. Fixing SyntaxError caused another SyntaxError(2)
  43. 43. Fixing SyntaxError caused another SyntaxError(2)
  44. 44. def foo key1: … end Fixing SyntaxError caused another SyntaxError(2) { key:if foo then 1 else 0 }
  45. 45. ✤ The lesson learned(?) ✤ Fixing the SyntaxError introduced another SyntaxError in the more rare case ✤ But the prior SyntaxError was in the new syntax
 (Mandatory keyword arguments) ✤ There was maybe no real application affected by the prior SyntaxError. Fixing SyntaxError caused another SyntaxError(2)
  46. 46. Fixing SyntaxError caused another SyntaxError(3)
  47. 47. Fixing SyntaxError caused another SyntaxError(3)
  48. 48. Fixing SyntaxError caused another SyntaxError(3)
  49. 49. ✤ The lesson learned ✤ parse.y is “魔境” ✤ Long-standing bugs have less priority
 → “Long-standing” means thereʼs no real application affected ✤ “Known bug” can be better than “Regression” Fixing SyntaxError caused another SyntaxError(3)
  50. 50. Load FIFO
  51. 51. ✤ Release GVL during open fd for `load` Load FIFO
  52. 52. ✤ Performance degradation of YAML.parse on
 multi-threads environments Load FIFO
  53. 53. ✤ The lesson learned ✤ Donʼt backport bug-fixes for imaginary use case.
 No one wanted to load from FIFO! Load FIFO
  54. 54. ✤ Donʼt backport performance improvements ✤ Donʼt backport fix for the long-standing bugs ✤ Donʼt jump at the fix in parse.y, constants/ methods search and refinements ✤ Donʼt backport fixes on one wanted to backport The Lessons Learned from failures
  55. 55. ✤ Be-Practical! The Lessons Learned from failures

×