Google says replacing C/C++ in firmware with Rust is easy
Google says replacing C/C++ in firmware with Rust is easy
Not so much when trying to convert coding veterans
Google recently rewrote the firmware for protected virtual machines in its Android Virtualization Framework using the Rust programming language and wants you to do the same, assuming you deal with firmware.
In a write-up on Thursday, Android engineers Ivan Lozano and Dominik Maier dig into the technical details of replacing legacy C and C++ code with Rust.
"You'll see how easy it is to boost security with drop-in Rust replacements, and we'll even demonstrate how the Rust toolchain can handle specialized bare-metal targets," said Lozano and Maier.
Easy is not a term commonly heard with regard to a programming language known for its steep learning curve.
Nor is it easy to get C and C++ developers to see the world with Rust-tinted lenses. Just last week, one of the maintainers of the Rust for Linux project - created to work Rust code into the C-based Linux kernel - stepped down, citing resistance from Linux kernel developers.
"Here's the thing, you're not going to force all of us to learn Rust," said a Linux kernel contributor during a lively discussion earlier this year at a conference.
You're viewing a single thread.
Here's the thing, you're not going to force all of us to learn Rust
That seems like a poor attitude imo.
A valid point tho. Generally it is difficult to ask everybody to learn a new language.
I mean, I work as a software engineering and if I'm not doing continuing ed, be it about architecture, storage, or new languages, I'm going to be of less value in the marketplace. I've learnt languages I didn't particularly want to in the past for work (though I generally came to tolerate or even like some of them. Not lua, though; lua can go to hell).
If Rust truly is the better, safer option, then these people are holding everything back.
"learn Rust" in this case is learn it to a level where all of the little behaviour around cross language integrations are understood and security flaws won't be introduced. Expert level.
It's not "I did a pet project over the weekend".
You are correct and I am aware of that. However, it also seems that they both refuse to learn it and refuse to work with people at that expert level based on the recent drama, which seems very much like holding things back to me.
If you mean the drama I'm thinking off, that seemed to me to be a guy taking on a role that was always going to be 90% political because people are resistant, and sometimes downright hostile, to change and then flouncing off when it was 90% political.
He spent four years as the project maintainer. That's hardly "flouncing off."
Flouncing off is about the drama of leaving, not the time served before doing so. You can be in a role for decades and then flounce off!
Oh. Well, in that case, his resignation message was pretty matter-of-fact, not dramatic. He did link, in a note at the end of the email, to the now-infamous "the fact is, you're not going to force everyone to learn Rust" video, and the drama was more or less self-manufacturing from there. But to be honest, I think it's a good thing that more people are seeing that video than otherwise would have, and I can't really blame him for linking to it.
And isn't it somewhat concerning that bringing Rust to the kernel is still so controversial and highly "political", several years after initial approval by Linus and Greg KH?
That's a lot easily than learning the C to the same level and they "force" everyone to learn C.
Sure for newcomers to a project like the Linux kernel they have to learn C , because that is what the project is currently written in, but trying to transition the Linux kernel to rust forces people who already are contributing to go and learn rust to be able to continue what they were already doing. And sure you can argue that it's being done so not everything has to go over at once, but there is a level of rust knowledge required at the interface between the two languages, and that burden is as far as I've seen being forced on those long term contributors.
It's not the same thing.
and that burden is as far as I’ve seen being forced on those long term contributors.
This is not what is happening. The current long term contributors were asked to clarify semantics about C APIs, so the Rust maintainers could take it from there. At no point were the C maintainers asked to help maintain the Rust bindings.
Sure, but it's very similar. The point is that those people didn't get to choose the language they're using and now someone is forcing them to use a specific language. They've always been forced to use a specific language.
I guess it just think "I don't want to learn" is a lame excuse.
How about "To learn it to that level will take 10,000 hours I don't have"? Does that make more sense to you?
No because it doesn't remotely take that long.
C/C++ is the bedrock of our modern civilization in some ways more fundamental than actual bedrock, the first step in getting any OS running is making it run C and after that you are basically done, it’s not surprising that developers resist, if nothing else it’s a common language, and standards are hard to change on the best of days. This isn’t just learning a language, it’s a complete paradigm shift.
The bedrock of modern civilizations is expensive to develop, buggy and unergonomic though.
If you make C run, you probably (I'm not sure, would have to verify) can make rust run. And if there isn't yet, there will probably soon be a C compiler written in rust, so you can choose to bootstrap from wherever you prefer.
C's ABI will probably last longer than C, since there is not a stable rust ABI though.
You cannot, today, build a Rust compiler directly from C, but you're right that people are working on it. See this recent post: https://notgull.net/announcing-dozer/
Edit: you can certainly bootstrap Rust from C via C++, as the article covers. I misinterpreted the comment above.
Currently it's a long chain from an early version of GCC to the latest one, then mrustc (in C++) which can compile rustc 1.54.0.
To be fair, in that article mentions the way to get rust from C. Sure, there is not a compiler written in C, but C is down there in the list of compilers needed for rust, so "just" need to compile some other compilers in the middle.
Ah, sorry, I misinterpreted your comment somehow. Yes, Rust is bootstrappable today, it's just a much longer process than it would be if there were a compiler written in C.
It's not a question of what's the better option. In reality we have a lot of software that already exists and works, and you can't replace it all in bulk at the same time. So the question is whether the implementation of Rust makes logistical sense, given the difficulties of maintaining currently existing software while replacing some parts of it.
Fortunately, they aren’t being asked to do that. All the rust team was requesting was metadata about the call signatures so that they could have a grasp on expected behavior.
It would be a valid point if he weren't literally speaking over the people trying to tell him that they're not demanding he learn Rust: https://youtu.be/WiPp9YEBV0Q?si=b3OB4Y9LU-ffJA4c&t=1548
It isn't unreasonable to ask someone to learn a new language, if they currently only speak Sumeric.
Oh jeeze, you have no idea. You can watch it yourself: https://youtu.be/WiPp9YEBV0Q?si=b3OB4Y9LU-ffJA4c&t=1548
That timestamp is about where the audience member (a maintainer of ext4 and related utilities) starts speaking. The "here's the thing" quote is around 28:40.
Wow what an absolute dick
I mean aren't they forcing everyone else to learn C/C++ otherwise? If we follow that logic, at least
I guess you can argue it's already written in C. So that was always a requirement.
That way we'll just find maintainers went near extinct over time, just like COBOL developers that are as rare as they are expensive. Only Linux kernel isn't a bank, and maybe will not have as much money to pay to rare developers capable of maintaining C codebase
That way we’ll just find maintainers went near extinct over time, just like COBOL developers that are as rare as they are expensive.
Care to take a shot at figuring out why COBOL is still used today?
I mean, feel free to waste your time arguing for rewrites in your flavor of the month. That's how many failed projects start, too, so you can have your shot at proving them wrong.
But in the meantime you can try to think about the problem, because "rewrite it in Rust" is only reasonable for the types who are completely oblivious to the realities of professional software development.
It's used because the ones who use it have enough money to pay for any problems that may arise from it's use, and known problems are deemed better than unknown ones.
It is a viable model when you have enough money and resources, but a conservative one
It’s used because the ones who use it have enough money to pay for any problems that may arise from it’s use, (...)
That's laughable. Literally the whole world uses it. Are you telling me that everyone in the world just loves to waste money? Unbelievable.
Have you ever worked at large old corporation? Wasting money is a bit of an underestimation on that scale.
Also, not all banks use COBOL, but the ones that don't are usually much younger.
Besides, Ada would've been a better example, as it is used by telecoms and seems to be held in high regard, unlike COBOL. The only issue with Ada I heard of is that it's on par with C++ in complexity which is far from being simple.
Have you ever worked at large old corporation?
I'm not sure you understand that it's way more than "large old corporations" that use it. Everyone uses it, from large multinationals to small one-taxi shops, and even guys like you and me in personal projects. This has been going on for years. I really don't know what led you to talk about large old corporations, seriously.
Are we still talking about COBOL?
Yeah, I know, but I meant that that technically forces C on everyone.
If the linux kernel had any real budget to speak of, they could hire rust experts to maintain the rust code. But the "linux" foundation spends 2% of its budget on Linux, this is the situation you end up with.
I believe that's incorrect. The reporter who started this rumor either misunderstood the meaning of the chart or was lying through his teeth. I'll find the original source and share it here later.
This is the actual source. If you simply scroll through it, you'll see they're investing in many things that move the Linux ecosystem forward. Open standards, open hardware, security in the software stack, providing for latest market needs, keeping an eye on legislation that could affect Linux, staying in touch with important entities in the industry, and so on.
Scroll down near the bottom and you'll find where the reporter got their information from. It's an expenditure chart and, sure enough, it says "Linux Kernel Support 2%" Note, however, that it also says:
- Community Tooling 5%
- Training and Certifications 7%
- Project Infrastructure 9%
- Project Support 64% (!)
Note that it doesn't say how any of them is further divided. Remember all the things I mentioned earlier? All of that is value for Linux as a whole.
Software projects aren't just about programming the big thing. Working on a large project will show you this. Could the foundation spend more on Linux? Maybe. But saying they only spend 2% on it is disingenuous.
The reporter doesn't mention this in his clickbait piece, either because he doesn't get it in the first place, or more likely because he just wants to push his views.
This is yet another example why Lunduke isn't a credible source of news.
That seems like a poor attitude imo.
Why do you believe that forcing something onto everyone around you is justifiable? I mean, if what you're pushing is half as good as what you're claiming it to be, wouldn't you be seeing people lining up to jump on the bandwagon?
It's strange how people push tools not based on technical merits and technological traits, but on fads and peer pressure.
It is literally being pushed for its technical merits and traits.
Memory safe code with comparable performance in the kernel seems like an absolute no brainer.
Also if you watch the video all he's asking for is consistent interfaces for the file systems. He's not even trying to get them to use rust. And the guy starts screeching about how he'll code however he wants.
Is it wrong to expect a consistent and well documented interface?
Pretty sure C is actually being pushed against its technical merits here.
It's wrong to force it. Most choices in history don't end up with the best one being used. Beta was better than VHS for example. Rust people are very bad at convincing others to try it, and objectively many people just don't want to or don't like it for various reasons.
Personally I highly dislike the syntax. People like familiar things, and to me it's just too different from C++.
If anything I think Swift will be an easier sell when the speed and cross-platform issues are solved.
I don't think that everyone has to switch to rust or anything but "I dislike the syntax" and "I only want familiar things" are really bad arguments for not using a language. Try something outside of your comfort zone for a bit, it will help you grow as a programmer.
I have, I still don't like it and I have tried several times to get used to it and I just can't. I don't see any problem in avoiding a language because of its syntax that is painful for me to look at all day.
Regardless of whether you think those reasons are subjectively bad or not, it is the current reality for many developers.
If you're hobby programming then do whatever you want obviously but if you're part of some sort of larger project that's trying to decide between Rust and C++ then subjective aesthetic arguments probably aren't going to be considered as heavily as technical ones (and rightfully so), which in Rusts case could be that certain classes of bugs are impossible. That's not to say that it's not possible to make a technical case for C++ over rust but syntax preferences probably aren't going to play a large role in how widely used either languages are, which is good.
I think syntax preference plays an enormous role in convincing people to even try it.
I dunno, CMake has one of the worst syntaxes I've ever seen, and despite that it's one of the most popular languages used for C/C++ build scripting. This is because it has certain technical benefits compared to its competitors. I'm certain that having "bad" syntax is a disadvantage but it's less important than other factors. Also I don't think that Rusts syntax is universally disliked either.
it's one of the most popular languages used for C/C++ build scripting
Unfortunately 😅
Beta was not better than VHS. Anybody could build a competing VHS machine, and it supported feature length films.
I would go so far as to say that yes most choices do end up with the best one being used, because people like nice things. Programmers just aren't persuasive people in general, give it time.
It was better in audio/video quality and being smaller, but not runtimes.
I think the point is they aren't forcing it at all. It's being used with the blessing of Linux Jesus and the others are just throwing their toys out of the pram because they don't want to learn it.
Someone else linked the video on this post. They are rude as hell and the rust dev isn't even asking them to use it.
Again I think that's a bad attitude towards technology. Use the best tool for the job and you'd get used to the syntax pretty quickly.
It's like someone who started on python not wanting to learn a c style language.
It starts with "no, you don't have to learn it",
to "your changes are breaking Rust stuff, let's waste time together to fix it, else I call it 'bad attitude'"
to "you better make your stuff that way if you don't want to break Rust stuff (and waste your time me)"
to "do it my way, Rust is taking longer to fix and I would have to refactor all the code because of the lifetime cancer"
to the original senior kernel dev saying: "fuck it, I quit, the kernel is such a mess with the Rust BS" ... People don't want you at the party, make your own party with your own friends we don't want you here
It's not complicated.
I mean I've still yet to hear a reason not to use rust tbf.
But yes that's what working in a team is like.
I have to do stuff at work so I don't fuck over the frontend team. I don't throw a little tantrum about it.
I mean I've still yet to hear a reason not to use rust tbf.
You can't take NO as an answer, don't you?
That's bad attitude
Linux is not "work"; you surely don't grasp the reality of the situation here.
And "tbf", the incessant pushing of Rust from people like you is a perfectly fine reason to not use Rust...
You're unpleasant to talk to.