Motivation seems to be insurance against a trusting trust attack: https://www.reddit.com/r/rust/comments/718gbh/comment/dn90vo1
Really awesome project!
It’ll also be generally useful for bootstrapping without needing a previous Rust binary blob.
I considered doing that if I got resources. My idea was to just port the Rust compiler code directly to C or some other language. Especially one with a lot of compilers. BASIC’s and toy Scheme’s are the easiest if you want diversity in implementation and jurisdiction. Alternatively, a Forth, Small C, Tcl, or Oberon if aiming for something one can homebrew a compiler or interpreter for. Far as certifying compilers, I’d hand-convert it to Clight to use CompCert or a low IR of CakeML’s compiler to use that. Then, if the Rust code is correct and Clight is equivalent, then the EXE is likely correct. Aside from Karger-Thompson attack, CSmith-style testing comparing output of reference and CompCert’d compiler could detect problems in reference compiler where its transformations (esp optimizations) broke it.
rain1 and I got a lot more tools for bootstrapping listed here:
I don’t know much about Rust internals, but I’m wondering: if this compiler produces MIR and then compiles that to C, could it also compile MIR produced by canonical rustc into C?
As I understand, the answer is yes.
One aspect of this is that rustc would have to provide a wrapper so it could be called from non-Rust code, MIR doesn’t have a canonical textual representation.
This is kinda similar to how rustc uses LLVM’s C API to call into it, even though LLVM is written in C++.
I am really excited about this. C++ was sort of my “mother-tongue” going through school, and in the past couple of years I’ve become a part of the Rust Evangelism Strike Force. This is a really cool project and it looks like they’ve put a lot of TLC into it. I’m excited to see where it goes.