Most active commenters
  • keybored(4)
  • low_tech_love(3)
  • tcfhgj(3)
  • kreetx(3)
  • acdha(3)
  • gpm(3)

←back to thread

OpenVMM – A New VMM for Windows and Linux, Written in Rust

(github.com)
171 points g0xA52A2A | 64 comments | 17 Oct 24 05:42 UTC | HN request time: 0.452s | source | bottom
1. low_tech_love ◴[17 Oct 24 09:40 UTC] No.41867927[source]
I find it interesting that every single piece of software that was ever written in Rust always mentions that very proudly in its title. It's not something I see often with other programming languages (most software is just software and doesn't necessarily advertise the language it was built with). I do not know anything about Rust, so I'm just curious, does this confer a kind of underlying trustworthiness or quality to the application?
replies(23): >>41867986 #>>41867995 #>>41868011 #>>41868016 #>>41868179 #>>41868202 #>>41868225 #>>41868314 #>>41868501 #>>41868526 #>>41868534 #>>41868587 #>>41868610 #>>41869045 #>>41869046 #>>41869095 #>>41869111 #>>41869302 #>>41869373 #>>41869409 #>>41869596 #>>41869606 #>>41869834 #
2. trumpeta ◴[17 Oct 24 09:52 UTC] No.41867986[source]
It's meant to imply that it's as performant as, but safer than c/c++.
replies(1): >>41869184 #
3. sirwhinesalot ◴[17 Oct 24 09:52 UTC] No.41867995[source]
Due to Rust's safety guarantees there's a perception that software written in Rust is automatically safer than software written in its direct competitors C and C++.

This is not necessarily true, you can write unsafe Rust code and you can write safe C++ code, but it does seem to hold in practice that the guardrails imposed by Rust help quite a bit in stopping devs from making really stupid mistakes.

That would be the "thrustworthiness" implied by the use of Rust.

replies(2): >>41869017 #>>41871340 #
4. pjmlp ◴[17 Oct 24 09:55 UTC] No.41868011[source]
Yes we do, just look at the years following up the introduction of XYZ language, be it on BBS, Compuserve, Prodigy, Usenet, Dejanews, or whatever is the main communications channel of the day.
5. Y_Y ◴[17 Oct 24 09:56 UTC] No.41868016[source]
Do you not remember ten years ago when this was a thing with Python? It's an effective evangelism tactic. Super annoying, but it "works" in some sense. I consider it like "YouTube face", I tolerate it because even good projects or creators have to play the game to some extent or get washed away in the crapflood.
replies(2): >>41868494 #>>41868553 #
6. doublerabbit ◴[17 Oct 24 10:24 UTC] No.41868179[source]
I wait for the day when someone adds "Written in COBOL" to their HN project title.
replies(1): >>41868595 #
7. INTPenis ◴[17 Oct 24 10:28 UTC] No.41868202[source]
I don't think it's any secret that Rust is a very hyped up language, has been for 5 years already.

I've been saying for years now that if Rust was a stock, I'd be investing. Meaning, if I was a young programmer I would probably take the time to learn Rust, because it's going to be in high demand.

8. netbsdusers ◴[17 Oct 24 10:33 UTC] No.41868225[source]
It's the in-thing at the moment so it certainly attracts attention. Make sure to claim to be "Blazing fast [Rocket Emoji]" in the README too for good measure.
9. ordu ◴[17 Oct 24 10:51 UTC] No.41868314[source]
> It's not something I see often with other programming languages

Lisp software also presented with "Lisp" in the title. Lisp programs are rarer, so you see "Lisp" in titles less frequently than "Rust" but I believe that any Lisp program proudly claims that it was written in Lisp.

10. Klonoar ◴[17 Oct 24 11:19 UTC] No.41868494[source]
HN in particular has a long history of this kind of thing, e.g “Written in Ruby”.

(Or if you’ve been around super long, “written in Lisp”.)

11. hypeatei ◴[17 Oct 24 11:19 UTC] No.41868501[source]
I find it interesting that every single post which has "written in Rust" also has someone in the comments asking why every single Rust project advertises it was written in Rust.
replies(4): >>41868632 #>>41870400 #>>41872635 #>>41876473 #
12. ◴[17 Oct 24 11:22 UTC] No.41868526[source]
13. dijit ◴[17 Oct 24 11:23 UTC] No.41868534[source]
I agree, but if we tried to reason why: I would argue that it's because writing rust code that compiles is harder.

We tend to ascribe significance to things that are percieved as difficult, back in the day for example a book was hugely important, so authors were revered, but now with the advent of easier access to printing presses an author is not similarly revered.

Making small modules here and there, even if hard, is deemed less effort, and similarly gluing small modules together is deemed even less significant of an achievement, so what you're solving becomes much more important than how, since significance in the process is diminished.

Since Rust is harder than C++ (making compiling software is easier, even if there's runtime errors after all) - we ascribe significance to the fact that it was used.

14. tcfhgj ◴[17 Oct 24 11:25 UTC] No.41868553[source]
I doubt that a GitHub README is used for language evangelism. If at all, it's project promotion.

Also, I don't find it annoying, but helpful, because I care - amongst other things - about the language of open source software projects.

replies(1): >>41868667 #
15. tupolef ◴[17 Oct 24 11:30 UTC] No.41868587[source]
It may seem proselite and overly highlighted, but personally I find it very practical.

Whenever I review a tool, or look for an alternative, I always look at the state of the maintenance and the choice of programming language, mainly to eliminate, as much as possible, the many tools written in Javascript and Python when it is not suitable.

I will not necessarily prefer a tool written in Rust, but at least it is rarely a flaw.

16. garblegarble ◴[17 Oct 24 11:32 UTC] No.41868595[source]
Technically somebody already has: https://news.ycombinator.com/item?id=24370792
replies(1): >>41868917 #
17. oguz-ismail ◴[17 Oct 24 11:33 UTC] No.41868610[source]
It's usually the only selling point.
18. felbane ◴[17 Oct 24 11:36 UTC] No.41868632[source]
It's fascinating to me that every post which has "written in Rust" includes a comment pointing out the fact that someone in the comments always asks why every single Rust project advertises it was written in Rust.
replies(2): >>41868695 #>>41868719 #
19. Y_Y ◴[17 Oct 24 11:41 UTC] No.41868667{3}[source]
> I doubt that a GitHub README is used for language evangelism.

Perhaps you should reconsider this. OpenVMM split up its docs and there isn't much in the actual README, but a few seconds investigation led me to https://github.com/microsoft/openvmm/blob/main/Guide/src/dev... , for example.

> Also, I don't find it annoying, but helpful, because I care - amongst other things - about the language of open source software projects.

Come on, this is not even a good strawman. It's very easy to find out the language of you want to know, and it's possible to inform without evangelism.

replies(1): >>41870171 #
20. keybored ◴[17 Oct 24 11:47 UTC] No.41868719{3}[source]
(term simplification, halt loop) It’s fascinating that a forum full of technical people make comments that lampoon the meta commentary by making an nth-order meta comment.
replies(1): >>41870724 #
21. roetlich ◴[17 Oct 24 12:15 UTC] No.41868917{3}[source]
Also: https://news.ycombinator.com/item?id=23189918 Not literally "in Cobol" in the title, but almost. And in both cases the primary novelty is that it's written in Cobol.
22. bitexploder ◴[17 Oct 24 12:28 UTC] No.41869017[source]
And a VMM is going to require a lot of unsafe rust code. There are strategies to minimize it to make that surface easier to audit, but it is not a panacea for systems programming gremlins.
replies(4): >>41869197 #>>41869220 #>>41869321 #>>41869496 #
23. diego_moita ◴[17 Oct 24 12:33 UTC] No.41869045[source]
I take it as tribalism.

Rust culture is a lot like socialism, libertarians, fundamentalist religions, vegans, etc. They see themselves apart from the "mainstream", as rebels, revolutionaries, etc.

In their beginning, Java and Python were like that, too. Lua, Haskell and Kotlin also do the same. Golang is more discrete.

replies(1): >>41869269 #
24. rascul ◴[17 Oct 24 12:33 UTC] No.41869046[source]
> It's not something I see often with other programming languages

Search HN stories for "written in", sort by date, and in the past couple weeks there are of course a number of "written in rust" but also c, python, ruby, go, c++, lisp, java, javascript, flutter, crystal, and react. Rust has the most instances currently but it's also common enough here with other languages.

https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu...

replies(1): >>41869343 #
25. flanked-evergl ◴[17 Oct 24 12:39 UTC] No.41869095[source]
I saw this for go all the time a couple of years back.
26. kreetx ◴[17 Oct 24 12:41 UTC] No.41869111[source]
It seems as if the implementation detail is the feature. Can't the program stand for itself?
replies(1): >>41869753 #
27. bboozzoo ◴[17 Oct 24 12:49 UTC] No.41869184[source]
But not necessarily less buggy or more useful than the counterparts (if there even are any).
replies(1): >>41871374 #
28. sirwhinesalot ◴[17 Oct 24 12:51 UTC] No.41869197{3}[source]
No question, just pointing out where the *perceived* trustworthiness comes from. If it helps for something like a VMM it's a whole other story. Marketing gimmick.
29. monocasa ◴[17 Oct 24 12:53 UTC] No.41869220{3}[source]
A paravisor actually doesn't really need that much.
30. monocasa ◴[17 Oct 24 13:01 UTC] No.41869269[source]
I feel like "written in Go" is the at least the second most likely language to be pimped in an hn title.
31. osigurdson ◴[17 Oct 24 13:06 UTC] No.41869302[source]
"Written in Rust" is a brand that confers fast and safe. Like any brand, there is some truth to it but no rigorous guarantees. If Rust becomes more widely used that brand will likely start to fade.
replies(1): >>41869331 #
32. nicce ◴[17 Oct 24 13:08 UTC] No.41869321{3}[source]
It is manager, not runner. Does it require that much unsafe?
replies(1): >>41870291 #
33. throwup238 ◴[17 Oct 24 13:09 UTC] No.41869331[source]
It also confers “cargo install” if it’s an app.
34. ericyd ◴[17 Oct 24 13:11 UTC] No.41869343[source]
This is interesting and clearly a true claim, but anecdotally I feel like the combination of 1) lands on HN homepage and 2) includes "written in" in the title is heavily biased towards Rust. I don't know how to search for those two qualifiers to prove or disapprove my feelings though.
replies(2): >>41869954 #>>41874798 #
35. justmarc ◴[17 Oct 24 13:14 UTC] No.41869373[source]
One thing is for sure, it's going to help it be a more stable, robust piece of software, that's already a big deal.
36. jeroenhd ◴[17 Oct 24 13:19 UTC] No.41869409[source]
I've also seen this done for C and modern C++. I believe it's done to suggest something (i.e. Rust is memory safe, C is usually fast, modern C++ is used to distinguish from the terrible old C++, Java runs on the JVM so it's relatively easy to use cross platform, Kotlin is for Java software that doesn't throw random null pointers every week, etc.)

The same tokens are also used for stuff that is designed to run on bare metal/containers/kubernetes/"""serverless""".

37. Ygg2 ◴[17 Oct 24 13:30 UTC] No.41869496{3}[source]
It's not unsafe that causes unsafety, it's how you wield it.

- Do you know your invariants?

- Have you documented them?

- If using unsafe block, have you asserted them or guaranteed that they hold for any input?

Granted, Rust is kind of mediocre at teaching you this. It raises warning for unsafe fn without safety documentation block, but not when omittin safety comments in unsafe blocks.

replies(1): >>41870384 #
38. evanjrowley ◴[17 Oct 24 13:42 UTC] No.41869596[source]
Promotional PR tactics benefit programmers of non-mainstream languages by raising awareness, interest, the labor market, and hopefully professional jobs working on the particular technology.
39. ravenstine ◴[17 Oct 24 13:43 UTC] No.41869606[source]
When something needs to be constantly emphasized, it makes me suspicious. The more I read "[...] in Rust", the less I will be surprised if Rust is considered harmful in another 5 to 10 years.
40. acdha ◴[17 Oct 24 13:59 UTC] No.41869753[source]
It is a useful feature. We’ve had tons and tons of bugs caused by C/C++ misfeatures which is both why Rust was invented and why users are looking for more stable alternatives after decades on the patch of the week treadmill. A tool like this is aimed at a technical audience who will see the appeal of a tool which is safer and easier to work on.
replies(1): >>41870181 #
41. mrweasel ◴[17 Oct 24 14:08 UTC] No.41869834[source]
That was Go a 10 years ago, now it's Rust. Some people feel the need to talk loudly about their tools, which can be annoying, but also helps put it on the radar for the rest of us. Once we're aware of something we can assess it for ourselves and maybe we stick with it and maybe we go back to what we where doing before, or move on to the next thing.

The Rust fans are pushing it a bit, I understand why they love the language, but I don't, so the insisting hammering on "written in Rust" can push me away from certain tools. In the end it will die down and the loudest will move on to the next language, once the Rust hype has been tapered out.

42. keybored ◴[17 Oct 24 14:23 UTC] No.41869954{3}[source]
I did a simpler count: the number of comments in this thread that either (without also talking about the content of the submission) (1) only talk about Rust (2) only talk about programming languages (3) talk about how programming language choice impacts the project or the quality of the software (or how it might not be a guarantee of those things) (4) talk about how a VMM being written in Rust/not being written in Rust is good (this last one is the closest to the submission topic but still not about the submission topic).

45/64.

replies(1): >>41870947 #
43. tcfhgj ◴[17 Oct 24 14:46 UTC] No.41870171{4}[source]
> OpenVMM split up its docs and there isn't much in the actual README, but a few seconds investigation led me to https://github.com/microsoft/openvmm/blob/main/Guide/src/dev... , for example.

this is a reason to reconsider my statement why?

> Come on, this is not even a good strawman.

It's not a straw man at all. It's my opinion.

> It's very easy to find out the language of you want to know, and it's possible to inform without evangelism.

Indeed, but nothing makes it more straight forward than the language being mentioned in the HN News title

44. kreetx ◴[17 Oct 24 14:47 UTC] No.41870181{3}[source]
Right, but I suspect people would like to use it to run VMs rather than start developing it. If the indent is to invite developers who "know rust", then that is the wrong measuring bar (IMO, of course), as you'd want developers who are interested in hypervisors instead of a specific language.
replies(1): >>41870501 #
45. gpm ◴[17 Oct 24 14:58 UTC] No.41870291{4}[source]
Out of 413,842 non-empty lines of rust code in the repository (including comments) there are 2006 instances of "unsafe", 255 of which are of the form "unsafe_" (definitely not unsafe blocks, mostly of the form #![forbid(unsafe_code)] which is an instruction to the linter to forbid unsafe blocks in the module) leaving slightly less than 1751 unsafe blocks. (Still counting comments, and type signature annotations on function pointers, and so on, but most of those 1751 will be actual unsafe blocks. A block can of course be multiple lines of code).

I don't really know what a VMM consists of, so I'm mostly surprised that this project is half a million lines of code.

replies(1): >>41870957 #
46. gpm ◴[17 Oct 24 15:08 UTC] No.41870384{4}[source]
For what it's worth, clippy has an optional lint to detect undocumented unsafe blocks: https://rust-lang.github.io/rust-clippy/master/index.html#un...

Edit: And it turns out it's enabled as a warning in this repo.

47. efitz ◴[17 Oct 24 15:11 UTC] No.41870400[source]
This comment was written in plain text.
48. acdha ◴[17 Oct 24 15:21 UTC] No.41870501{4}[source]
As a user of VMs, I would value memory safety because hypervisor exploits are nasty and patching is higher risk.
replies(1): >>41870719 #
49. kreetx ◴[17 Oct 24 15:43 UTC] No.41870719{5}[source]
Not disagreeing with you on the memory safety. It's just that the way "written in Rust" is used, it seems like a marketing gimmick to invite anyone who knows (or maybe wants to learn) Rust. Shows (IMO!) the weakness of the project rather than its seriousness.
replies(1): >>41871981 #
50. seanw444 ◴[17 Oct 24 15:43 UTC] No.41870724{4}[source]
Technical people have fun too. I think.
replies(1): >>41870852 #
51. keybored ◴[17 Oct 24 15:56 UTC] No.41870852{5}[source]
This statement relies on self-reported inner state. It is inherently unreliable. ;)
52. estebank ◴[17 Oct 24 16:07 UTC] No.41870947{4}[source]
It wasn't until this comment that made me realize that using "written in Rust" as rage click bait is such a "useful" strategy here, because it will inevitably attract plenty of comments about the mentioning of the language. Ironically, the people complaining end up increasing the post's rank by engaging more.
replies(2): >>41872643 #>>41876494 #
53. estebank ◴[17 Oct 24 16:08 UTC] No.41870957{5}[source]
For this kind of analysis, https://github.com/geiger-rs/cargo-geiger comes in handy.
replies(1): >>41871160 #
54. gpm ◴[17 Oct 24 16:30 UTC] No.41871160{6}[source]
Yeah, I tried that before resorting to just using `rg`, unfortunately this issue prevents it from working: https://github.com/geiger-rs/cargo-geiger/issues/523
55. kstrauser ◴[17 Oct 24 16:50 UTC] No.41871340[source]
For myself only, there's also an implication that perhaps the authors are a bit more concerned with safety and security in general. (Don't reply with counterexamples. I know them already. I mean that as a trend, not a solid rule.) That is, the sort of person who might pick Rust for its features might correlate with the sort of person who cares more about those properties in the first place. That doesn't mean they're experts who can execute the ideas flawlessly, or that someone slogging in C couldn't carefully built the same project. I do think it means they're more likely to prioritize safety (yes, it's not 100% safe; yes, you can write insecure code in Rust; don't "correct" me) as an inherent design goal than maybe someone cranking it out in assembler.
replies(1): >>41872593 #
56. kstrauser ◴[17 Oct 24 16:54 UTC] No.41871374{3}[source]
It does imply there are likely to be different classes of bugs. If the thing compiles at all, someone's done the work to get the types right, and implement all the arms of match expressions, and written at least basic error handling. The errors are more likely to be high-level logic issues that you'd face in any code, not so much trivial implementation mistakes.
57. acdha ◴[17 Oct 24 17:58 UTC] No.41871981{6}[source]
I haven’t observed people taking that as a learning opportunity as opposed to an expression of a modern version of an existing tool which emphasizes safety.
58. hulitu ◴[17 Oct 24 18:50 UTC] No.41872593{3}[source]
> For myself only, there's also an implication that perhaps the authors are a bit more concerned with safety and security in general. (Don't reply with counterexamples. I know them already. I mean that as a trend, not a solid rule.) That is, the sort of person who might pick Rust for its features might correlate with the sort of person who cares more about those properties in the first place

I haven't seen any causation between SW and their creator. A good example: Hans Reiser.

59. hulitu ◴[17 Oct 24 18:53 UTC] No.41872635[source]
Maybe people are sick of promisses.

It is like talking about your car and saying that it is made of titanium and copper and composite materials while not saying anything about actual features (mileage, safety equipment).

60. steveklabnik ◴[17 Oct 24 18:54 UTC] No.41872643{5}[source]
It can harm it too; if a thread here has more comments than upvotes, it's heavily penalized by the algorithm. I have seen good stories sometimes get buried because two early commentors get into a fight, before there's enough time to gain more upvotes.
61. tcfhgj ◴[17 Oct 24 23:19 UTC] No.41874798{3}[source]
is this a problem?
62. low_tech_love ◴[18 Oct 24 04:58 UTC] No.41876473[source]
Sorry for that, I never saw one before. Maybe I should’ve searched before posting. Interesting that my question has caused this kind of response.
63. low_tech_love ◴[18 Oct 24 05:02 UTC] No.41876494{5}[source]
I didn’t mean it as a complaint (that’d be meaningless, it doesn’t hurt me in any way) but merely as an interesting pattern I noticed. I’m happy that it generated interest, even though I got very little to no upvotes at the end!
replies(1): >>41884356 #
64. keybored ◴[18 Oct 24 23:18 UTC] No.41884356{6}[source]
It got ratioed in other words.

In other words: generated more heat than light.