Most active commenters
  • swiftcoder(3)
  • phplovesong(3)

←back to thread

Brimstone: ES2025 JavaScript engine written in Rust

(github.com)
239 points ivankra | 20 comments | 16 Nov 25 11:41 UTC | HN request time: 1.322s | source | bottom
1. cluckindan ◴[16 Nov 25 13:15 UTC] No.45944902[source]
Memory safety is one of Rust’s biggest selling points. It’s a bit baffling that this engine would choose to implement unsafe garbage collection.
replies(5): >>45945042 #>>45945421 #>>45945492 #>>45945613 #>>45945847 #
2. swiftcoder ◴[16 Nov 25 13:36 UTC] No.45945042[source]
The whole point of unsafe is to be able to circumvent the guardrails where the developer knows something the compiler isn't (yet) smart enough to understand. It's likely that implementing a high-performance GC runs afoul of quite a few of those edge cases.
3. scratcheee ◴[16 Nov 25 14:34 UTC] No.45945421[source]
The obvious use-case for unsafe is to implement alternative memory regimes that don’t exist in rust already, so you can write safe abstractions over them.

Rust doesn’t have the kind of high performance garbage collection you’d want for this, so starting with unsafe makes perfect sense to me. Hopefully they keep the unsafe layer small to minimise mistakes, but it seems reasonable to me.

replies(1): >>45945615 #
4. nicoburns ◴[16 Nov 25 14:45 UTC] No.45945492[source]
Even using something as simple as Vec means using `unsafe` code (from the std library). The idea isn't to have no `unsafe` code (which is impossible). It's to limit it to small sections of your code that are much more easily verifiable.

For some use cases, that means that "user code" can have no `unsafe`. But implementing a GC is very much not one of those.

5. jeroenhd ◴[16 Nov 25 15:04 UTC] No.45945613[source]
Rust also has some nice language features. Even unsafe rust doesn't have the huge "undefined behaviour" surface that languages like C++ still contain.

If I were to write a toy JS runtime in Rust, I'd try to make it as safe as possible and deal with unsafe only when optimization starts to become necessary, but it's not like that's the only way to use Rust.

replies(1): >>45945781 #
6. amelius ◴[16 Nov 25 15:04 UTC] No.45945615[source]
I'm curious if it can be done in Rust entirely though. Maybe some assembly instructions are required e.g. for trapping or setting memory fences.
replies(1): >>45945697 #
7. nicoburns ◴[16 Nov 25 15:14 UTC] No.45945697{3}[source]
If it comes to it then Rust has excellent support for inline assembly
replies(1): >>45945703 #
8. amelius ◴[16 Nov 25 15:16 UTC] No.45945703{4}[source]
But how well does it play with memory fences?
replies(1): >>45945837 #
9. LtdJorge ◴[16 Nov 25 15:26 UTC] No.45945781[source]
That’s the philosophy. Use the less constrained (but still somewhat constrained and borrow checked) unsafe to wrap/build the low level stuff, and expose a safe public API. That way you limit the exposure of human errors in unsafe code to a few key parts that can be well understood and tested.
10. steveklabnik ◴[16 Nov 25 15:34 UTC] No.45945837{5}[source]
You don’t even need inline assembly for those https://doc.rust-lang.org/stable/std/sync/atomic/fn.fence.ht...
11. the__alchemist ◴[16 Nov 25 15:35 UTC] No.45945847[source]
IMO the memory safety aspect is overblown by enthusiasts and purists. Rust is an overall nice fast imperative language.
replies(1): >>45946021 #
12. phplovesong ◴[16 Nov 25 15:58 UTC] No.45946021[source]
Rust WAS really nice before it got mangled with syntax like we never seen before. Graydon did not imagine rust as what it is today. Rust core wo. async is ok, but in practice rust projects tend to have hundreds of deps and really slow compiles. Its just like javascript with npm.
replies(3): >>45946339 #>>45946744 #>>45947876 #
13. swiftcoder ◴[16 Nov 25 16:33 UTC] No.45946339{3}[source]
> in practice rust projects tend to have hundreds of deps

That's really just any language with a built-in package manager. Go somewhat sidesteps this by making you vendor your dependencies, but very few other languages escape the ballooning dependency graph.

replies(1): >>45946721 #
14. phplovesong ◴[16 Nov 25 17:22 UTC] No.45946721{4}[source]
Go has probably more packages than Rust, but i rarely see Go projects that use as many as rust. In Go the usuals are depending on the app, possibly some db drivers, a simple router and maybe some crypto related thing. Most projects do fine with just the stdlib. In rust i tend to see 100 deps, and 1000 transient deps. Compile times are not in seconds, but minutes.
replies(1): >>45947415 #
15. the__alchemist ◴[16 Nov 25 17:24 UTC] No.45946744{3}[source]
This is a concern when viewing the Rust experience. It can be avoided by judiciously choosing dependencies that you need, and that have shallow trees of their own. I like to distinguish the rust lang from The rust OSS community. They overlap, but can be treated separately if you exercise case.
16. swiftcoder ◴[16 Nov 25 18:54 UTC] No.45947415{5}[source]
You can do that just fine in Rust too, for example the Makepad[1] developers take a pretty extreme non-invented-here stance, and builds a full UI toolkit with no external dependencies (and a major focus on clean-build compile times).

However, it isn't really part of the Rust OSS culture to operate like that. The culture typically values safety over compile times, and prefers to lean on a deep stable of battle-hardened abstractions.

[1]: https://makepad.nl, https://github.com/makepad/makepad

replies(1): >>45951047 #
17. VerifiedReports ◴[16 Nov 25 19:52 UTC] No.45947876{3}[source]
"like we never seen"?
replies(1): >>45979083 #
18. hu3 ◴[17 Nov 25 05:25 UTC] No.45951047{6}[source]
It's still hundreds of functionalities that they have to maintain themselves instead of leveraging a much more battle tested stdlib.
19. phplovesong ◴[19 Nov 25 13:01 UTC] No.45979083{4}[source]
Yes. Rust syntax is aweful for no real reason.
replies(1): >>46041499 #
20. VerifiedReports ◴[25 Nov 25 01:47 UTC] No.46041499{5}[source]
Appalachian++