How Our Rust-to-Zig Rewrite Is Going

(rtfeldman.com)

147 points | by jorangreef 4 hours ago

13 comments

  • steveklabnik 55 minutes ago
    I think this is a fine post. But one comment:

    > remember that for compilers which emit machine code, like roc and rustc, doing memory-unsafe things is a big part of the job

    I don't really think that this is true, in the way that it's written.

    I think that for the hot binary patching / code reloading features, yes, that is going to need unsafe. But for regular old "producing an executable" compilation? Emitting machine code isn't the part that requires unsafe. The language's runtime is a more likely site to find unsafe.

    • rtfeldman 5 minutes ago
      > I think that for the hot binary patching / code reloading features, yes, that is going to need unsafe. But for regular old "producing an executable" compilation? Emitting machine code isn't the part that requires unsafe. The language's runtime is a more likely site to find unsafe.

      Agreed! Emitting machine code is not unsafe, since it's just writing bytes down - it's only once you execute that machine code that there's potentially unsafety. The reason I said "a big part of the job" is that in practice a lot of compilers both emit machine code and execute it - but you're totally right that it's not a requirement that a compiler do both.

      In addition to the examples you gave, others would be things like evaluating userspace code at compile time (e.g. const fn in Rust, or in Roc any expression that could be hoisted to the top level), running tests and inspecting their output to decide what to display to the user, etc.

      Those are the types of things I had in mind when I wrote that.

    • orlp 10 minutes ago
      I think if you interpret it charitably it means that any bug in the emitted machine code is already a likely memory-unsafe miscompilation if it is ran.

      The compiler itself might be perfectly "memory safe" but the generated binary fundamentally is always at risk (besides WebAssembly I suppose).

      I'm fully aware of the separation of compiler and binary, and being able to compile untrusted code safely is nice, but a perfectly safe compiler that generates vulnerable binaries isn't that much better.

    • EPWN3D 27 minutes ago
      Yeah that is definitely 1000% wrong. A compiler can do its job with totally abstract data structures. If anything would need to do unsafe stuff in memory, it would probably be a linker.
    • Aurornis 28 minutes ago
      That line confused me, too. What parts of their compiler require memory-unsafe operations to produce machine code?
    • paulddraper 46 minutes ago
      Agreed, that’s disturbingly incorrect.

      If anything, compilers are perfect models of trees and well formed programs.

  • arthurbrown 50 minutes ago
    Interesting that OCaml was flexible and expressive enough to be used as a prototype testbed but not chosen as the implementation language, especially given the maturity of both. I would be surprised if Zigs incremental builds could be meaningfully faster than dune's.

    Cross compilation is great, but not mentioned in the "why Zig" section. Is memory control that crucial for a compiler?

    Rust itself was originally written in OCaml, same with WASM. I'm curious about what milestone gets reached where the maintainers collectively decide to transition away.

    • steveklabnik 47 minutes ago
      Rust moved away from OCaml when it decided to be re-written in Rust. The post alludes to this as being a usual time for a wholesale re-write, and I'd agree.
    • grayrest 42 minutes ago
      One of the primary goals for the Roc project is compiler speed. I presume OCaml is out of the running because it's not a systems language.
      • satvikpendem 38 minutes ago
        OCaml compiler is incredibly fast. I wonder how it'd fare with Jane Street's extensions for the borrow checker etc in OxCaml, if it's good enough for their HFT I'm sure it's good enough for a new language.
        • antonvs 14 minutes ago
          I wrote a toy Scheme implementation in OCaml by using the Camplp4 preprocessor. In benchmarks, it was faster than Gambit Scheme, which compiles through C.
  • onlyrealcuzzo 1 hour ago
    Zig's incremental builds are DEFINITELY a killer feature. In the short term, I could see why you'd make a switch to get it. But, in the medium term, can we really not expect to see this in Rust in the somewhat near future?

    I want to go fast, but I don't want to go fast just to shoot my foot off.

    If only somehow we could get Rust's safety with all of Zig's features and Go's runtime without GC...

    That's what I'm working on building [=

    • dabinat 12 minutes ago
      This is being worked on: https://rust-lang.github.io/rust-project-goals/2026/roadmap-...

      Most of the goals on this page are targeted for this year.

    • Hinrik 1 hour ago
      Layperson here: what is special about Go's runtime, aside from the GC?
      • onlyrealcuzzo 59 minutes ago
        It's literally the most sophisticated scheduling engine in the world.

        In practice, Go can typically outperform Rust in throughput (using more memory), despite having a mountain of disadvantages against it in theory.

        That's how good the Go scheduler/runtime is.

        • zacmps 4 minutes ago
          What benchmarks are you referring to?

          Rust itself doesn't have a scheduler of course, I assume this is comparing against tokio or one of the other async executors?

        • jcgl 39 minutes ago
          This is the first I've heard anyone claim higher throughput for Go than Rust. Any articles you'd point to to learn more?
        • Aurornis 23 minutes ago
          > n practice, Go can typically outperform Rust in throughput (using more memory), despite having a mountain of disadvantages against it in theory

          This is a huge claim that disagrees with both my real-world experience and everything I've seen from artificial comparisons.

          Every high performance Go system I've worked on has quickly reached the point where we're optimizing memory management and doing things that would have been explicit in a non-GC language like Rust anyway.

          The Go runtime is amazingly optimized, but it comes with overhead over doing the same work directly in a lower level language.

        • jandrewrogers 18 minutes ago
          > It's literally the most sophisticated scheduling engine in the world.

          That seems unlikely regardless of how good it is. This is a domain where state-of-the-art research is not in the public literature. Scheduling is an AI-complete problem.

      • fnord77 59 minutes ago
        Goroutines?
    • dnautics 50 minutes ago
      > if only somehow we could get Rust's safety with all of Zig's features

      i periodically throw my unused codex tokens at this:

      https://github.com/ityonemo/clr

    • lioeters 1 hour ago
      Instead of waiting for faster compiler in Rust, how about from the other direction, adding some kind of borrow checker to Zig? That sounds more within reach and practically achievable, possibly even in userland.
      • veber-alex 8 minutes ago
        It's impossible to add a borrow checker to any existing language.

        The reason Rust has a working borrow checker is because every part of the language from structs, enum, traits, generics and all the way to the syntax itself has been designed to support lifetimes and borrow checking.

        It's is not something you can just tack on to an existing language without fundamentally changing it.

      • onlyrealcuzzo 1 hour ago
        That's sort of what I'm doing...

        I'm writing a language with Affine Ownership that transpiles to Zig and has a built-in FSM-based Green Fiber runtime.

        Affine Ownership gives you memory safety + fearless concurrency + eliminates the need for Go's GC.

        It's obviously going to slow down compilation - since you need to do Rust's borrow checking, etc. But I can do this incrementally as well...

      • dnautics 48 minutes ago
        > how about from the other direction, adding some kind of borrow checker to Zig? That sounds more within reach and practically achievable, possibly even in userland.

        It's doable, and as static analysis. see sibling comment.

        • Ar-Curunir 41 minutes ago
          No, it would fundamentally change how Zig works.
  • landr0id 52 minutes ago
    >ReleaseSafe catches use-after-free errors through runtime checks which panic if the program tries to use freed memory.

    I don't know Zig so maybe they know something I don't, but I have seen no evidence that it catches any type of use-after-free including double-free?

    While writing a blog post (below) I went through the documentation to figure out the possible runtime memory safety checks Zig can insert. The term "use-after-free" or "UaF" never occurs on that documentation page. Searching for "safety-checked" doesn't yield any related hits either.

    Unless maybe they're using the DebugAllocator in release builds? Even that does not reliably surface UaF.

    https://landaire.net/memory-safety-by-default-is-non-negotia...

    • veber-alex 4 minutes ago
      I believe you are correct.

      I think ReleaseSafe just adds bound checking and panics on unreachable code.

      I don't think Zig offers any temporal memory safety.

  • giancarlostoro 22 minutes ago
    One thing I wish Rust would improve over time is the builds. Its one of the biggest sources of wasted storage space on all my computers, builds a ton of libraries can take tens of gigs, it adds up very quickly. Not sure what the best solution is, one I found is to set the global build folder so dependencies get reused across projects, but imho it should be an OOTB default behavior whatever the real solution should be.
    • c-hendricks 8 minutes ago
      I always got a kick out of that, coming from a JavaScript background where people constantly harp on the size of node modules.

      My Tauri project, where the backend is much smaller code-wise than the frontend, has 9gb of rust artifacts (node_modules is 550mb for comparison)

  • dev_l1x_be 47 minutes ago
    Zig is a pre-1.0 language while Rust is post-1.0. This alone is settles which one to pick for may developers. The library support is probably favours Rust too. Rust build times are much slower than Zig, I get that, but I rarely optimize software for build times.
    • drdexebtjl 1 minute ago
      Zig is not pre-1.0 because it’s not ready for production (bugs or missing features), it’s pre-1.0 because they want to be able to make breaking language changes.

      Nowadays when you can just point an agent at release notes and have it update everything, I actually prefer not having to wait through rare major releases to get new language features.

  • KoleSeise1277 1 hour ago
    The 35ms incremental rebuild is the part that sold me. I'd be curious to see the same benchmark on ARM once -fincremental gets there.
  • coffeeindex 2 hours ago
    Didn’t know Roc was still being worked on. I think it’s an interesting concept for a language that I personally haven’t seen elsewhere
  • satyambnsal 27 minutes ago
    is this uno reverse for bun post of zig to rust port ?
  • up2isomorphism 47 minutes ago
    I think there will be soon a wave of rewriting rust to language X coming up.
  • jdw64 2 minutes ago
    [dead]
  • nntlol 51 minutes ago
    [dead]
  • throwaway613746 1 hour ago
    [dead]