[OT] Safer C
Gregor Mückl
gregormueckl at gmx.de
Tue Nov 26 17:06:51 UTC 2024
On Saturday, 23 November 2024 at 18:44:55 UTC, Paulo Pinto wrote:
> On Saturday, 23 November 2024 at 01:11:46 UTC, Gregor Mückl
> wrote:
>> On Thursday, 21 November 2024 at 18:43:51 UTC, Kagamin wrote:
>>>>"I was actually interim chairman of the Rust committee at the
>>>>Motion Picture Academy last summer," he said. "And it's an
>>>>interesting language and I enjoyed playing with it, but I was
>>>>like, I just can't imagine having to rewrite all my software
>>>>in this."
>>>
>>> Quote of the day, lol.
>>
>> I think that there is a quite common sentiment these days that
>> (a) rust solves a few painful problems nicely, but (b) is too
>> impractical to use at scale.
>>
>> My prediction right now is that rust won't overtake any of the
>> major languages. Here's why:
>>
>> - There is a genuine drive to build a successor that interacts
>> much more nicely with existing code in C and C++. Especially
>> C++ seems to be in this weird spot where it is at the same
>> time a major improvement over C to be worth using, but also
>> starting to overstay its welcome in many teams.
>>
>> - Nobody is going to rewrite the world just to get more
>> control over memory bugs. Old code that works is perfectly
>> fine and mostly not a liability in that regard (caveats apply).
>>
>> - People want good interop with their existing code when
>> introducing a new language. This isn't a big issue with C, but
>> any more advanced C++ library, for example, is hard to bind to
>> other compiled languages. Some features can't be bound at all
>> unless the target language makes special provisions to enable
>> it (see C++ interop in D and Swift, also C++/CLI).
>>
>> Rust will probably have its lunch eaten the moment a language
>> comes along that
>> - is as fast as rust or C++,
>> - has memory guarantees on par with rust (not necessarily a
>> carbon copy of the rust borrow checker),
>> - and can interop with more modern languages than C with less
>> friction than rust can.
>>
>> I assume that there are enough dev leads out there that would
>> literally throw money at such a solution with both hands, so
>> it's bound to happen eventually.
>>
>> [Also, stupid pet peeve: "memory safety" is the wrong name for
>> what rust accomplishes in my head. I associate "safety" with
>> functional safety, which rust doesn't solve at all.]
>
> That language will arrive too late for what is already
> happening at Google, Microsoft, Apple, Amazon, Cloudflare,
> Vercel, Facebook, Activision, Capcom,....
I doubt that. First off, even though you list a couple of big
names, they cover only a tiny fraction of the software
development that is happening in the world. Also, the decisions
they make are highly bespoke to their internal needs -
ludicrously big teams and their highly monolithic and sprawling
codebases. My experience is that their tooling and decision
making is so warped by this that it is foolish to apply (almost)
any of that to a project with less than ~100 developers.
This still leaves a world full of "brownfield" projects that
can't easily accommodate a second language as different as rust
for all kinds of reasons. They would gladly take anything that
gives them the same level of results with less friction than rust
would. There is heap of real money lying on the table here.
Developers don't care much about how these better guarantees are
achieved in detail under the hood (e.g. borrow checking). They
just want guardrails on what they are doing that catch more
mistakes that would be costly, but also with the least
intrusiveness on what they do.
Rust is on the very extreme end of a spectrum, mostly because of
design decisions that do not concern memory management. The
proponents are good at selling it. But there are certainly other
sweet spots between C and rust that aren't as radical. People are
searching for it (see thread starter for examples - there are
more) and at least one of these attempts will be successful. If
you want to find true successor languages to C or C++, it will
appear in that space.
More information about the Digitalmars-d
mailing list