logo

drewdevault.com

[mirror] blog and personal website of Drew DeVault git clone https://hacktivis.me/git/mirror/drewdevault.com.git

Rust-is-not-a-good-C-replacement.md (7463B)

    

  1. ---
  2. date: 2019-03-25
  3. layout: post
  4. title: Rust is not a good C replacement
  5. tags: ["philosophy", "rust", "c"]
  6. ---
  8. I have a saying that summarizes my opinion of Rust compared to Go: "Go is the
  9. result of C programmers designing a new programming language, and Rust is the
  10. result of C++ programmers designing a new programming language". This isn't just
  11. a metaphor - Go was designed by plan9 alumni, an operating system written in C
  12. and the source of inspiration for many of Go's features, and Rust was designed
  13. by the folks at Mozilla - whose flagship product is one of the largest C++
  14. codebases in the world.
  16. The values of good C++ programmers are incompatible with the values of good C
  17. programmers[^1]. Rust is a decent C++ replacement if you have the same goals as
  18. C++, but if you don't, the design has very similar drawbacks. Both Rust and C++
  19. are what I like to call "kitchen sink" programming languages, with the obvious
  20. implication. These languages solve problems by adding more language features. A
  21. language like C solves problems by writing more C code.
  23. [^1]: Aside: the term "C/C++" infuriates me. They are completely different languages. Idiomatic C++ looks nothing like idiomatic C.
  25. I did some back of the napkin estimates of the rate at which these languages
  26. become more complex, based on the rate at which they add features per year. My
  27. approach wasn't very scientific, but I'm sure the point comes across.
  29. - **C: 0.73 new features per year**, measured by the number of bullet points in
  30.   the C11 article on Wikipedia which summarizes the changes from C99, adjusted to
  31.   account for the fact that C18 introduced no new features.
  32. - **Go: 2 new features per year**, measured by the number of new features listed
  33.   on the Wikipedia summary of new Go versions.
  34. - **C++: 11.3 new features per year**, measured by the number of bullet points
  35.   in the C++17 article which summarizes the changes from C++14.
  36. - **Rust: 15 new features per year**, measured by the number of headers in the
  37.   release notes of major Rust versions over the past year, minus things like
  38.   linters.
  40. This speaks volumes to the stability of these languages, but more importantly it
  41. speaks to their complexity. Over time it rapidly becomes difficult for one to
  42. keep an up-to-date mental map of Rust and how to solve your problems
  43. idiomatically. A Rust program written last year already looks outdated, whereas
  44. a C program written ten years ago has pretty good odds of being just fine.
  45. Systems programmers don't want shiny things - we just want things that work.
  46. That really cool feature $other_language has? Not interested. It'll be more
  47. trouble than it's worth.
  49. With the philosophical wish-wash out of the way and the tone set, let me go over
  50. some more specific problems when considering Rust as a C replacement.
  52. **C is the most portable programming language**. Rust actually has a pretty
  53. admirable selection of supported targets for a new language (thanks mostly to
  54. LLVM), but it pales in comparison to C, which runs on almost *everything*. A new
  55. CPU architecture or operating system can barely be considered to exist until it
  56. has a C compiler. And once it does, it unlocks access to a vast repository of
  57. software written in C. Many other programming languages, such as Ruby and
  58. Python, are implemented in C and you get those for free too.
  60. **C has a spec**. No spec means there's nothing keeping rustc honest. Any
  61. behavior it exhibits could change tomorrow. Some weird thing it does could be a
  62. feature *or* a bug. There's no way to know until your code breaks. That they
  63. can't slow down to pin down exactly what defines Rust is also indicative of an
  64. immature language.
  66. <iframe
  67.   src="https://cmpwn.com/@sir/100437209244243864/embed"
  68.   class="mastodon-embed"
  69.   style="max-width: 100%; border: 0; margin: 0 auto; display: block;"
  70.   width="400"></iframe>
  71. <script src="https://cmpwn.com/embed.js" async="async"></script>
  73. **C has many implementations**. C has many competing compilers. They all work
  74. together stressing out the spec, fishing out the loosely defined corners, and
  75. pinning down exactly what C is. Code that compiles in one and not another is
  76. indicative of a bug in one of them, which gives a nice extra layer of testing to
  77. each. By having many implementations, we force C to be well defined, and this is
  78. good for the language and its long-term stability. Rustc could stand to have
  79. some competition as well, maybe it would get faster![^2]
  81. [^2]: Rust does have one competing compiler, but without a spec it's hard to define its level of compatibility and correctness, and it's always playing catch-up.
  83. **C has a consistent & stable ABI**. The System-V ABI is supported on a wide
  84. variety of systems and has been mostly agreed upon by now. Rust, on the other
  85. hand, has no stable internal ABI. You have to compile and link everything all in
  86. one go on the same version of the Rust compiler. The only code which can
  87. interact with the rest of the ecosystem is unidiomatic Rust, written at some
  88. kind of checkpoint between Rust and the outside world. The outside world exists,
  89. it speaks System-V, and us systems programmers spend a lot of our time talking
  90. to it.
  92. **Cargo is mandatory**. On a similar line of thought, Rust's compiler flags are
  93. not stable. Attempts to integrate it with other build systems have been met with
  94. hostility from the Rust & Cargo teams. The outside world exists, and us systems
  95. programmers spend a lot of our time integrating things. Rust refuses to play
  96. along.
  98. **Concurrency is generally a bad thing.** Serial programs have X problems, and
  99. parallel programs have X<sup>Y</sup> problems, where Y is the amount of
  100. parallelism you introduce. Parallelism in C is a pain in the ass for sure, and
  101. this is one reason I find Go much more suitable to those cases. However, nearly
  102. all programs needn't be parallel. A program which uses poll effectively is going
  103. to be simpler, reasonably performant, and have orders of magnitude fewer bugs.
  104. "Fearless concurrency" allows you to fearlessly employ bad software design 9
  105. times out of 10.
  107. **Safety**. Yes, Rust is more safe. I don't really care. In light of all of
  108. these problems, I'll take my segfaults and buffer overflows. I especially refuse
  109. to "rewrite it in Rust" - because no matter what, rewriting an entire program
  110. from scratch is *always* going to introduce more bugs than maintaining the C
  111. program ever would. I don't care what language you rewrite it in.
  113. ---
  115. C is far from the perfect language - it has many flaws. However, its
  116. replacement will be simpler - not more complex. Consider Go, which has had a lot
  117. of success in supplanting C for many problems. It does this by specializing on
  118. certain classes of programs and addressing them with the simplest solution
  119. possible. It hasn't completely replaced C, but it has made a substantial dent in
  120. its problem space - more than I can really say for Rust (which has made similar
  121. strides for C++, but definitely not for C).
  123. The kitchen sink approach doesn't work. Rust will eventually fail to the "jack
  124. of all trades, master of none" problem that C++ has. Wise languages designers
  125. start small and stay small. Wise systems programmers extend this philosophy to
  126. designing entire systems, and Rust is probably not going to be invited. I
  127. understand that many people, particularly those already enamored with Rust,
  128. won't agree with much of this article. But now you know why we are still writing
  129. C, and hopefully you'll stop bloody bothering us about it.